July 2, 2021 By Charles Comiskey 3 min read

Announcing the new IBM Cloud Activity Tracker and IBM Log Analysis streaming feature as a public beta.

The ability to share data and insights between services is a strength of cloud-architected applications. IBM Log Analysis and IBM Cloud Activity Tracker services on IBM Cloud are expanding their ability to share data with other cloud services and applications, and both services are introducing the ability to stream log and event data to IBM Cloud Event Streams. IBM Cloud Event Streams supports connectors to a wide range of systems, and the Kafka API allows you easily share data and insights within your broader application workspaces.

The new IBM Cloud Activity Tracker and IBM Log Analysis streaming feature is announced as a public beta today and initially available in the Dallas and Frankfurt regions.

This new feature enables and simplifies use cases for your IBM Cloud applications:

  • Forwarding cloud activity event data to a SIEM
  • Forwarding specific log and event data to other corporate tools while maintaining a more complete copy of data within IBM Cloud.
  • Aggregating then forwarding data to data lakes and other analysis tools.

The following diagram is an example of an end-to-end streaming use case:

This new Streaming feature is offered as an alternative to the existing Export API feature. The Streaming feature is an ideal alternative for scenarios where data forwarding needs are continuous, high volume and where the configuration should be managed at the service instance level. Data forwarded is a copy of the data which is processed within the service.

The Export feature continues to be an ideal solution when relying on the service’s template parsing tools defining custom fields. Export processes are activated by the user or programmatically and good for ad-hoc, reporting, and time-range specific use cases.  

Configure Streaming

The Streaming feature is currently accessible from IBM Log Analysis and IBM Cloud Activity Tracker instances hosted in the Dallas and Frankfurt regions. It is a feature offered as part of the 7-day, 14-day, 30-day and HIPAA premium search plans. To configure Streaming, you will first need to define an IBM Cloud Event Streams instance, then, configure your IBM Log Analysis or IBM Cloud Activity Tracker instance to stream the data. The same IBM Cloud Event Streams instance can be used to receive data from multiple IBM Log Analysis and IBM Cloud Activity Tracker instances.

Once a streaming connection has been established, it is next important to configure monitoring of the streaming connection and establish meaningful alerts. The service documentation describes a recommended Cloud Monitoring configuration helping you observe your streaming performance. Set up alerts tailored to your application’s performance to detect if data is streaming as expected.  

Optimize the scope of data to be streamed by setting up conditional streaming filters through streaming exclusion rules. Data streamed is a filtered subset of data retained within the IBM Log Analysis and IBM Cloud Activity Tracker instances.

Over the course of this beta, we will be preparing other regions to support the new streaming feature.

Learn more

If you are new to IBM Cloud Activity Tracker and IBM Log Analysis, we encourage you learn more about the services:

  • IBM Cloud Activity Tracker allows you to capture cloud activity events from your applications and users use of IBM Cloud and its Cloud Services.
  • IBM Log Analysis aggregates application log data from both agents and IBM Cloud services.
  • Both services offer the ability to alert, search and visualize log and event data for operational analysis and insight.
  • Both services offer the ability to archive and maintain compliance with SOC2, PCI and HIPAA.

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters