IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

How Data Analytics Helped a California Police Department Shave a Year Off an Investigation

Law enforcement agencies are discovering how Splunk’s data analytics platform can fast-track digital investigations.

Nearly two-thirds (63%) of law enforcement cases now include digital evidence as part of the investigation, according to the 2021 Digital Intelligence Benchmark Report. Yet, it can take days or weeks for investigators to properly process and analyze the digital breadcrumbs on a single smartphone. Stringing together clues from an individual’s digital accounts and making a case that can stand up in court can take months or even years.

That’s why detectives and attorneys in a California homicide case were stunned when they saw how rapidly a data analytics platform widely used in cybersecurity circles from Splunk was able to dramatically reduce the time it takes to search through and analyze the mountains of digital evidence investigators now face.

“I remember taking our first reports to the district attorney — documenting communications between the suspect and the victim,” recalled Paul Jeffery, a Splunk employee working with a California municipal police department. “And his office immediately called back and said, ‘What is this? How did you get this done so quickly?’”

In the months since Jeffery first teamed up with the police department, he said, “I’ve been told by both the detective and the prosecution attorneys that using Splunk’s platform and applications shaved 12 to 14 months off the investigation, which is massive. They were looking at a three-and-a-half-year gap between the crime and trial — and we knocked just over a year off of that. To them, it was unprecedented.”

Splunk’s platform correlates data, performs advanced analytics on various data sources and applies built-in AI to quickly identify unusual behaviors or anomalies that point to criminal activities.

However, because law enforcement investigators haven’t traditionally had direct access to Splunk’s data analytics capabilities, many are only just becoming aware of its potential to fast-track the work of sifting through vast amount of digital information associated with today’s investigations, according to Jeffery.

Splunk’s analytics platform has lent a significant hand in tackling a variety of criminal cases including:
  • Identifying scammers engaged in defrauding the Paycheck Protection Program.
  • Reviewing troves of data from disparate data sources in connection with the civil unrest in January 2021.
  • Apprehending a child pornography ring operating at Florida State University.
  • Identifying illegal human trafficking activity.
  • Tracing the digital fingerprints tied to ransomware activity.
Contact Splunk to learn how modern data analytics platforms can help police chiefs better determine where to deploy their officers and department resources; and manage a widening array of police department data more effectively despite having limited technical capabilities and resources.

Splunk helps make organizations more resilient. Leading organizations use our unified security and observability platform to keep their digital systems secure and reliable. Organizations trust Splunk to prevent security, infrastructure, and application issues from becoming major incidents, absorb shocks from digital disruptions and accelerate transformation. Splunk helps SecOps, ITOps and DevOps teams deliver these outcomes with comprehensive visibility, rapid detection and investigation, and optimized response, all at the scale necessary for the world's largest digitized organizations.