With IBM Z®'s continued importance in hybrid cloud deployments and business-critical applications, there is a strong requirement to integrate IBM Z with enterprise data analytics platform like the Elastic Stack. IBM Z Operational Log and Data Analytics provides the complete flexibility to
collect data once and stream it to one or more consumers. You can deploy the IBM Z Operational Log and Data Analytics application on the Elastic Stack
platform to use the dashboards and predefined searches to search, visualize, and analyze large
amounts of structured and unstructured operational data across Z systems IT environments.
Flow of source data on the Elastic Stack platform
Figure 1 illustrates the flow of source data among the primary components of IBM Z Operational Log and Data Analytics on the Elastic Stack platform. The step numbers correspond to the numbers that are used in the illustration.Figure 1. Flow of source data among components on the Elastic Stack platform
In each z/OS® logical partition (LPAR), the Z Common Data Provider retrieves operational data from the
configured sources and sends it to the Elastic Stack server.
The source data is processed by Logstash using parsing rules that are provided by IBM Z Operational Log and Data Analytics.
You can see predefined searches and visualizations of the data in Kibana. Insights are provided
for data from the following source types:
z/OS system log (z/OS SYSLOG)
CICS Transaction Server for z/OS EYULOG or
MSGUSR log data
Network data, such as data from UNIX System Services system log (syslogd) or z/OS Communications Server
NetView for z/OS message data
SMF data
WebSphere Application Server for z/OS logs that include
SYSOUT or SYSPRINT log data
