OMS Machine Data
Flapping Network. Log Files. Time-Series Data. Big Data.
Machine data is misunderstood - Traditionally “considered noise”. Why? Scalable SaaS knowledge platforms did not exist to make use of bulk data noise. OMS enables intelligence pro-active advice from the cloud – for large and small clients alike.
Insights across IT and the business are hidden within Machine Data: where things went wrong, abnormal user behavior, how to optimize customer experience, the fingerprints of fraud. Business Insights can be found in the machine data that’s generated by the normal operations in your organization.
Traditional monitoring tools were not designed to absorb machine data from unpredictable formats; nor were they designed to for the variety, volume or variability of this data. This is where you should leverage OMS.
The OMS Platform uses machine data to address big data, IT operations, security, cloud Migration and analytics use cases. The insights gained from machine data can support any number of use cases across an organization and can also be enriched with data from other sources. It’s what we call Pro-Active Operational Intelligence.
Machine Data Sources
Every environment has its own unique footprint of machine data. Here are a few examples.
| Data Type | Where to Find It | What It Can Tell You |
|---|---|---|
| Application Logs | Local log files, log4j, log4net, Weblogic, WebSphere, JBoss, .NET, PHP | User activity, fraud detection, application performance |
| Business Process Logs | Business process management logs | Customer activity across channels, purchases, account changes, trouble reports |
| Call Detail Records | Call detail records (CDRs), charging data records, event data records logged by telecoms and network switches | Billing, revenue assurance, customer assurance, partner settlements, marketing intelligence |
| Clickstream Data | Web server, routers, proxy servers, ad servers | Usability analysis, digital marketing and general research |
| Configuration Files | System configuration files | How an infrastructure has been set up, debugging failures, backdoor attacks, time bombs |
| Database Audit Logs | Database log files, audit tables | How database data was modified over time and who made the changes |
| Filesystem Audit Logs | Sensitive data stored in shared filesystems | Monitoring and auditing read access to sensitive data |
| Management and Logging APIs | Checkpoint firewalls log via the OPSEC Log Export API (OPSEC LEA) and other vendor specific APIs from VMware and Citrix | Management data and log events |
| Message Queues | JMS, RabbitMQ, and AquaLogic | Debug problems in complex applications and as the backbone of logging architectures for applications |
| Operating System Metrics, Status and Diagnostic Commands | CPU and memory utilization and status information using command-line utilities like ps and iostat on Unix and Linux and performance monitor on Windows | Troubleshooting, analyzing trends to discover latent issues and investigating security incidents |
| Packet/Flow Data | tcpdump and tcpflow, which generate pcap or flow data and other useful packet-level and session-level information | Performance degradation, timeouts, bottlenecks or suspicious activity that indicates that the network may be compromised or the object of a remote attack |
| SCADA Data | Supervisory Control and Data Acquisition (SCADA) | Identify trends, patterns, anomalies in the SCADA infrastructure and used to drive customer value |
| Sensor Data | Sensor devices generating data based on monitoring environmental conditions, such as temperature, sound, pressure, power, water levels | Water level monitoring, machine health monitoring and smart home monitoring |
| Syslog | Syslogs from your routers, switches and network devices | Troubleshooting, analysis, security auditing |
| Web Access Logs | Web access logs report every request processed by a web servers | Web analytics reports for marketing |
| Web Proxy Logs | Web proxies log every web request made by users through the proxy | Monitor and investigate terms of service and the data leakage incidents |
| Windows Events | Windows application, security and system event logs | Detect problems with business critical applications, security information and usage patterns. |
| Wire Data | DNS lookups and records, protocol level information including headers, content and flow records | Proactively monitor the performance and availability of applications, end-user experiences, incident investigations, networks, threat detection, monitoring and compliance |
