Z Operational Log and Data Analytics overview

IBM Z® Operational Log and Data Analytics accelerates hybrid incident identification with near real-time operational analytics. It streams near real-time IBM Z operational data to a third-party enterprise analytics platform or to the included operational data analytics platform, or both. The included insights help to quickly visualize and search operational data to reduce the mean time to identify the cause of operational issues.

Overview

In today’s digital environment, users expect their key services and applications to be always available. For enterprises with hybrid applications that include IBM Z, detecting and determining the root cause of hybrid application issues has grown more difficult with rising costs, skill shortages, and changing user patterns.

IBM Z Operational Log and Data Analytics, based on the data streaming capabilities provided by Z Common Data Provider and the data insights known from IBM Z Operations Analytics, provides a single solution that helps to accelerate the mean time to identify incidents and provide a hybrid application view of your IBM Z data.
  • It streams IBM Z operational data in near real time to one or more analytics consumers. In addition to enterprise log analytics platforms like Splunk and Elastic Stack, other data consumers include the included Data Receiver (for generating CSV files), Apache Kafka, Humio, and others.
  • It includes a log analytics platform that is based on Elasticsearch. The included platform is able to run on Linux® on Z, which provides you complete flexibility to analyze data on Z, as part of your enterprise solutions, or both.
  • It includes ready-to-use IBM Z operational insights in the form of data curation, dashboards, and searches to help provide visibility into IBM Z operational data. The insights are available on the included analytics platform, Splunk, and the Elastic Stack.

Video

Benefits

IBM Z Operational Log and Data Analytics enables you to rapidly search, visualize, and analyze the vast amounts of structured and unstructured operational data across IBM Z operating environments, including log, event, and service performance metrics in multiple industry-leading analytics platforms. The solution provides the tools you need to accelerate incident identification and significantly increase enterprise visibility of your IBM Z data with a hybrid-application view.
  • Advanced data streaming

    It provides powerful access to the broadest set of IBM Z operational data in near real time and offers multiple output formats to provide consumers with optimal flexibility.

  • Deep insights and accelerated incident identification

    Ready-to-use insights combined with modern visualizations help drive confident decisions by operations and business teams. These powerful operational insights enable you to quickly diagnose operational issues and decide on the next course of action, and thus help minimize potential incidents.

  • Complete flexibility of analytics platforms

    The included data analytics platform runs on IBM Z and enables rapid visualization and searching of operational data. Industry-leading third-party analytics platforms such as Splunk or the Elastic Stack can be used in addition to, or in lieu of, the included platform to provide complete data visibility.

Architecture

This video introduces how different components of IBM Z Operational Log and Data Analytics work together to visualize the once inaccessible mainframe data through flexible data collection, streaming, and analytics.

Video

IBM Z Operational Log and Data Analytics includes the following components:
Z Common Data Provider
The Z Common Data Provider is a component in IBM Z Operational Log and Data Analytics that makes IBM® z/OS® data available to your analytics platforms. It gathers data from multiple sources and then streams that data in near real time or in batch to one or more destinations. For a detailed introduction, see Overview of the Z Common Data Provider.
Problem Insights server
The Problem Insights server provides insights for a defined set of potential problems in your IT environment; these problem insights can be extended to account for customers' operational requirements. For a detailed introduction, see Overview of the Problem Insights server.
Z Data Analytics Platform
The Z Data Analytics Platform is included in IBM Z Operational Log and Data Analytics. It provides the ability to view and search through large quantities of Z operational data on a single-pane view. Dashboards and saved searches provide ready-to-use insights into the operational data and help with early problem detection and problem diagnosis. For a detailed introduction, see Overview of the Z Data Analytics Platform deployment.
IBM Z Operational Log and Data Analytics application
To use the dashboards and predefined searches for Z operational insights, you can deploy the IBM Z Operational Log and Data Analytics application (Log and Data Analytics application) on any of the following analytics platforms:
Figure 1 illustrates the architecture of the IBM Z Operational Log and Data Analytics and the data flow among different components.
Figure 1. Architecture of IBM Z Operational Log and Data Analytics
The illustration shows the architecture of IBM Z Operational Log and Data Analytics.
  • The Z Common Data Provider provides the single collection point for all z/OS operational data that is consumed by Z Operational Log and Data Analytics.

    Depending on the configuration, the Z Common Data Provider runs one or multiple collection agents on each z/OS LPAR and feeds the operational data that it collects to Splunk, the Elastic Stack, or the new Z Data Analytics Platform. In addition, the Z Common Data Provider can send operational data to other subscribers, for example, Humio, on or off platform.

  • Z Operational Log and Data Analytics provides a rich set of dashboards and predefined searches for Splunk, the Elastic Stack, and the Z Data Analytics Platform to help you gain insights from the operational data.
  • The Problem Insights server can be used to automatically search these three target platforms for significant patterns in the operational data and to create event records whenever a pattern is found.
  • Event records can be visualized in the Problem Insights GUI or forwarded to an external event management system for further processing.