Z Operational Log and Data Analytics overview
IBM Z® Operational Log and Data Analytics accelerates hybrid incident identification with near real-time operational analytics. It streams near real-time IBM Z operational data to a third-party enterprise analytics platform or to the included operational data analytics platform, or both. The included insights help to quickly visualize and search operational data to reduce the mean time to identify the cause of operational issues.
Overview
In today’s digital environment, users expect their key services and applications to be always available. For enterprises with hybrid applications that include IBM Z, detecting and determining the root cause of hybrid application issues has grown more difficult with rising costs, skill shortages, and changing user patterns.
- It streams IBM Z operational data in near real time to one or more analytics consumers. In addition to enterprise log analytics platforms like Splunk and Elastic Stack, other data consumers include the included Data Receiver (for generating CSV files), Apache Kafka, Humio, and others.
- It includes a log analytics platform that is based on Elasticsearch. The included platform is able to run on Linux® on Z, which provides you complete flexibility to analyze data on Z, as part of your enterprise solutions, or both.
- It includes ready-to-use IBM Z operational insights in the form of data curation, dashboards, and searches to help provide visibility into IBM Z operational data. The insights are available on the included analytics platform, Splunk, and the Elastic Stack.
Benefits
- Advanced data streaming
It provides powerful access to the broadest set of IBM Z operational data in near real time and offers multiple output formats to provide consumers with optimal flexibility.
- Deep insights and accelerated incident identification
Ready-to-use insights combined with modern visualizations help drive confident decisions by operations and business teams. These powerful operational insights enable you to quickly diagnose operational issues and decide on the next course of action, and thus help minimize potential incidents.
- Complete flexibility of analytics platforms
The included data analytics platform runs on IBM Z and enables rapid visualization and searching of operational data. Industry-leading third-party analytics platforms such as Splunk or the Elastic Stack can be used in addition to, or in lieu of, the included platform to provide complete data visibility.
Architecture
This video introduces how different components of IBM Z Operational Log and Data Analytics work together to visualize the once inaccessible mainframe data through flexible data collection, streaming, and analytics.
- Z Common Data Provider
- The Z Common Data Provider is a component in IBM Z Operational Log and Data Analytics that makes IBM® z/OS® data available to your analytics platforms. It gathers data from multiple sources and then streams that data in near real time or in batch to one or more destinations. For a detailed introduction, see Overview of the Z Common Data Provider.
- Problem Insights server
- The Problem Insights server provides insights for a defined set of potential problems in your IT environment; these problem insights can be extended to account for customers' operational requirements. For a detailed introduction, see Overview of the Problem Insights server.
- Z Data Analytics Platform
- The Z Data Analytics Platform is included in IBM Z Operational Log and Data Analytics. It provides the ability to view and search through large quantities of Z operational data on a single-pane view. Dashboards and saved searches provide ready-to-use insights into the operational data and help with early problem detection and problem diagnosis. For a detailed introduction, see Overview of the Z Data Analytics Platform deployment.
- IBM Z Operational Log and Data Analytics application
- To use the dashboards and predefined searches for Z operational insights, you can deploy the IBM Z Operational Log and Data Analytics application (Log and Data Analytics application) on any of the following analytics platforms:
- The Z Common Data Provider provides the single
collection point for all z/OS operational data that is
consumed by Z Operational Log and Data Analytics.
Depending on the configuration, the Z Common Data Provider runs one or multiple collection agents on each z/OS LPAR and feeds the operational data that it collects to Splunk, the Elastic Stack, or the new Z Data Analytics Platform. In addition, the Z Common Data Provider can send operational data to other subscribers, for example, Humio, on or off platform.
- Z Operational Log and Data Analytics provides a rich set of dashboards and predefined searches for Splunk, the Elastic Stack, and the Z Data Analytics Platform to help you gain insights from the operational data.
- The Problem Insights server can be used to automatically search these three target platforms for significant patterns in the operational data and to create event records whenever a pattern is found.
- Event records can be visualized in the Problem Insights GUI or forwarded to an external event management system for further processing.