Trends like cloud and virtualization and cloud-sourcing and Bring Your Own Device (BYOD) have made it very difficult for IT organizations like yours to monitor dynamic environments and identify operational problems. Often times, IT teams don’t know or can’t control what is in the environment. The problems that may occur in IT today are very different than the ones in the past, and are often unforeseen. In order to debug any type of problem, IT must comprehensively now collect, store and analyze machine data and logs along with the events and performance data that they were already collecting. And of course, sifting through this massive amount of unstructured and structured data can take time and expertise.
Even if you are able to analyze the big data, this can only provide you information about an incident after the fact – after the event has occurred. IT needs to continue to monitor the end-to-end environment and be able to predict and prevent other problems before they occur.
To address this need in today’s complex, dynamic environments, HP Software is introducing Operational Analytics as part of the recently released HP BSM 9.2. OpsAnalytics offers IT organizations a new, unified approach that provides the right intelligence to accurately predict and prevent or resolve any type of problem.
In order to debug or resolve unforeseen types of issues, you may now have to rely on log to see what’s going on. An example is what we heard from a customer – they had issues in production, and their monitoring tools were unable to figure out what the issue was. When they eventually went from machine to machine and looked up all the logs, the found that one server was running with debug logs turned on. This is something that no monitoring solution would’ve caught, and was only possible to determine via logs. But can you imagine how much time it would take if you had to try to analyze the logs of thousands of machines over extended periods of time? This is where HP’s integration of Operation Manager I (OMi) and HP Logger comes into play.
HP Logger is a universal log management solution that allows IT operations to collect, store and analyze structured and unstructured data (such as logs, machine data or events) across their environments. Logger can generate events directly in OMi providing IT with a single console of all IT events. Through the integration, critical information that is discovered by Logger can be displayed as an event in OMi so that IT can be notified immediately and start to take action to remediate the issue. It also provides the intelligence and quick search and analytics tools needed to search through complex data to solve issues faster.
2. Correlate against events and topology
OMi consolidates events from Logger as well as the other performance and monitoring data into a single view. This combined data can be correlated against events and the topology models to identify issues that might be related, speeding the time to resolution.
In the example here, the operational cockpit displays that operational monitoring has identified that the response times of a CRM application is slow. TBEC (Topology Based Event Correlation) automatically correlates the cause of the issue to a CPU bottleneck on a particular server.
The integration of OMi and Logger lets you see all the data in a single place and correlate across it. You can see the log files as well as the event history all within the Logger environment. In this example, there are lots of events around the CRM system. But the performance over time doesn’t look too bad, so it is not a spike in traffic that is causing the issues. The logs the application created indicate very few warning messages, but there are a high number of debug messages on this graph—not something one would typically see in a production app.
By drilling-down further, an operator can use the histogram to identify that there have been multiple debug messages per second. A monitoring tool could not have identified this. This is the kind of information that can only be found in logs.
It is important to point out that IT would not be able to get the correlation capabilities had they been using just Log Management and Intelligence solutions alone. The combination of correlation of logs, machine data and performance data against events and topology is what makes OpsAnalytics so powerful.
3. Gain historical insight
Logger has extremely powerful store and search capabilities. You can easily search through the operational big data to easily see what has occurred in the past. OMi passes events into Logger for long term storage allowing IT to easily be able to search historical events for similar events which may have happened before giving IT insights into commonly reoccurring issues. So if the same issue occurs, IT can search through events to find commonalities. This can also be helpful in improving services, planning and deciding on the best approach that will most benefit IT and the business.
The predictive analytics capabilities of HP BSM leverage the data that is collected in order to detect anomalies, and be able to point out potential problems even before they occur. This allows organizations to prevent problems in the first place.
HP’s OpsAnalytics strategy includes predictive analytics combined with real time as well as historical analysis of logs and performance data along with correlation with events and topology to give IT the complete intelligence needed to prevent or resolve any known or unknown issue.
Collaboration helps accelerate resolution time by allowing siloed teams to work together in the context of the incident. From within OMi, the operator can open a ticket and assign the issue to someone. Or they can team up with an application support person or developer to fix the problem right away.
To see OpsAnalytics in action, check out these two YouTube videos: