Information security is a vital issue. Many suspicious attacking traits and proofs are kept in various system logs. Therefore, filtering and identifying these traits and proofs in these logs is critical. However, it is a big challenge for system managers to handle these distributed raw data. Conventionally, they need to browse and filter these data cross devices, platforms and different formats; it is very time-and-labor consuming and error-prone. To solve the issue, we adopt Splunk which provides flexible and scalable architecture to fit various organization architectures and has powerful but easy-to-learn search language to identify key information in big data. This paper discusses our case study of applying Splunk on solving a classical TANET security problem-tracing suspicious TANET packets and locating the devices. Contrary to conventional approach, our approach is more efficient and robust. It not only saves lots of manpower cost but also greatly improves productivity.