Why Integrating IBM Z into ServiceNow and Splunk Is So Important
•Download as PPTX, PDF•
0 likes•88 views
Organizations are investing in Splunk and ServiceNow for real-time enterprise-wide visibility for faster identification, mitigation and resolution of issues that can impact the business. However, without the mainframe, these solutions have a glaring blind spot. Applications span multiple platforms and networks, requiring an enterprise-wide view of security, critical incidents and outages that can bring business to a halt. The costs incurred to troubleshoot and remediate performance issues and outages can quickly become a major expense. Learn how leading IT organizations support critical security and operational enterprise initiatives by integrating important mainframe information with these platforms, without disrupting the mainframe, or the teams that support it. Watch this on-demand webinar to discover: · The benefits for including mainframe data in Splunk and ServiceNow · What you can learn with a complete view of your entire IT environment · Best practices for integrating mainframe data
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Why Integrating IBM Z into ServiceNow and Splunk Is So Important
Similar to Why Integrating IBM Z into ServiceNow and Splunk Is So Important (20)
More from Precisely
More from Precisely (20)
Recently uploaded
Recently uploaded (20)
Why Integrating IBM Z into ServiceNow and Splunk Is So Important
- 1. Why Integrating IBM Z into ServiceNow ® and Splunk ® is So Important Ian Hartley | Senior Director, Product Management
- 2. Housekeeping Webinar Audio • Today’s webcast audio is streamed through your computer speakers • If you need technical assistance with the web interface or audio, please reach out to us using the Q&A box Questions Welcome • Submit your questions at any time during the presentation using the Q&A box. If we don't get to your question, we will follow-up via email Recording and slides • This webinar is being recorded. You will receive an email following the webinar with a link to the recording and slides
- 3. Agenda 3 • Why do this? • Benefits of doing it • Best practices when you do it • Q&A
- 4. Why do this? There is a cost of doing nothing
- 5. This is not a plan!
- 6. Fact: It will happen… 6 • 59% of Fortune 500 companies experience at least 1.6 hours of downtime per week, which can cost up to $46 million per year* • Over the last three years, almost all enterprises have experienced an IT “brownout” or outage, 97% and 94%, respectively, according to the report ** * Dunn & Bradstreet survey ** LogicMonitor, The Race to IT Observability white paper
- 7. …and it’s going to be expensive! 7 * Gartner (Blog: The Cost of Downtime, 2014) ** Forrester (The Real Costs Of Planned And Unplanned Downtime, 2019) • $5,600 per minute, which extrapolates to well over $300K per hour* • 98% of organizations say a single hour of downtime costs over $100,000* • Planned and unplanned IT outages are significant costs to enterprises, with unplanned downtime costing up to 35% more than planned downtime**
- 8. Traditional Tools Great, but… • Specialized • Deep-dive & highly technical • Require background knowledge • Often limited to single component • Inaccessible to many
- 9. Got a Mainframe or IBM i You need better, agile visibility and telemetry …in context
- 10. IT Silos Impact Availability, Performance, Services and Security…Your Business • Integrate IBM Z and IBM i systems into IT analytics and operations platforms • Deliver an enterprise-wide view supports your business goals Lack of information for operational analytics No single view of IT infrastructure Health and status of systems is unknown 10
- 11. IT Health is a Requirement for Meeting Your Organization’s Goals Global view Health of all services Improved info access Improve availability of critical services Reduce incident volume and burden on operations staff Accelerate identification & resolution time Zero-in on what matters Leverage modern tools for best advantage Lower cost to results Efficient MTTI/D Lower MTTR Less outage/downtime 11
- 12. True IT operations visibility brings ALL the pieces together Data sources Event sources Application Performance tools APIs Microservices Serverless Cloud Services IBM Z IBM i 12
- 13. IT Operations Analytics and Management Optimize enterprise IT health, meet SLAs, and ensure service availability • Capacity • Performance • Availability monitoring • Log data/predictive analytics • Configuration management (CMDB) • Change management • Event management Secure the enterprise and comply with industry and government regulations • Detect and prevent internal and external security threats • Report on security events • Monitor privileged user activity • Pass security and regulatory audits Today’s IT Analytics tools are essential for: Enterprise Security Surveillance 13 • Distributed • Cloud …and • Mainframe and IBM i
- 14. • Delivers valuable log, machine, event, and configuration data to IT analytics planforms • Automates discovery and mapping of mainframe and IBM i assets and resources • Does the heavy lifting with negligible impact • Lowers need for deep mainframe or IBM i skills The leading solution for integrating: 14 Ironstream • Mainframe • IBM i machine and log data into modern IT Analytics and IT Operations platforms
- 15. Distributed and Cloud environments Mainframe and IBM i systems Mainframe IBM i 15 But… leading IT Analytics & Operations platforms lack native Mainframe and IBM i support
- 16. Ironstream connects Mainframe and IBM i to Modern IT Analytics platforms Mainframe IBM i 360 degree view across the Enterprise 16
- 17. Mainframe integration challenges Many Data Sources Systems Management Facility (SMF), Syslog, LOGREC, Log4j web and application logs, RMF, RACF, USS files and standard datasets Machine Data Formats • Complex data structures • Not necessarily for users • SMF • Headers • Product & data sections • Variable length • Self-describing • Binary flags and fields • EBCDIC not recognized outside of the mainframe world Data Volumes • Millions of log records generated daily • Significant: 10TB+ per day Timely Insights • Not real-time Often hours later or overnight delivery • FTP offload • Lack of control and granularity 17
- 18. Benefits of Integration There are many!
- 19. ServiceNow
- 20. • Discovery • Event Management • Service Mapping
- 21. 21 • Comprehensive mainframe and IBM i CIs Auto-capture configuration items from Z and i • Auto-populate and maintain the CMDB Keep your CMDB fresh, up-to-date, reliable • Capture what you need Easy deployment and filtering • See dependencies and relationships Auto-populate connections and dependencies • Leverage intelligent automation Reliable, fresh, up-to-date CMDB information • Reduces decision times and eliminate guess work • Increases productivity, agility and responsiveness Ironstream for ServiceNow Discovery
- 22. 22 MAINFRAME 1 MAINFRAME 2 Ironstream for ServiceNow Event Management • Monitor mainframe and IBM i output and events Auto-capture configuration items from Z and i • Leverage ServiceNow Workflow Use the power of workflow…integrate with other tools…create incidents…alert teams… • Out-of-the-box Event Rules Mainframe and IBM i-specific rules for fast deployment • Detect and respond ‘See’ something and respond • Two-way Communication Respond to messages, run scripts and programs
- 23. 23 Ironstream for ServiceNow Service Mapping • Complete Service/Application/System Maps Bring mainframe and IBM i into Service Maps • Easily collate CIs into Service Maps Rules auto-collate CIs • Simple Rules, Powerful Results Auto-select and add discovered CIs to maps • Add Mainframe and IBM i Context Complete the map! • Zero-In: Less Guesswork, more Action Agility is key: Find it. Fix it. Faster.
- 24. Splunk
- 27. Starter Packs – Jumpstart your Journey • Splunk apps – mainframe and IBM i • Install and run in minutes • Collection of dashboards & searches • From the field • IT Operations (ITOA) • Security
- 28. Best Practice Put mainframe and IBM i in today’s context - Set IT service delivery goals - Measure before and after
- 29. Best Practice Avoid Downtime Forward Think… • Skills • Tools • Market • Competition • How quickly can you respond? • How can you • Continue to deliver excellent service levels? • Drive further efficiencies? • Save time and money? • Here • Important • Part of larger, complex systems Mainframe and IBM i • EXTREMELY costly • Waste of precious resources • Your competition LOVE your downtime • Tests customer faith and loyalty Get Visibility Be Agile Today’s Context • Critical to identify and respond to situations – FAST • Proactive, not reactive • New kids with new skills • Change to NOC, SOC • 24x7x365 systems 29
- 30. Global Fintech leader integrates mainframe into Splunk with Ironstream Customer • 50,000+ employees • Branches worldwide Solution Requirements • Leverage investment in Splunk • Mainframe central to business • Add mainframe…somehow! • Better visibility and agility • Enable deeper insights • Improve MTTI and MTTR • Fast development time • Be more accessible • More possibilities Use Case • Credit card services • Provide card services to clients • Technology-driven • Common services/facilities • Unique elements • Splunk “control center” for each client 30
- 31. Mainframe In Context and Real-Time • Real-time delivery to Splunk • Mainframe data points • Alongside data from other sources • View of complete system • Available to more users (in a controlled way) • Serve information to • Internal users • External customers SYSLOG Db2 SMF External Internal
- 32. Delivering Exceptional Service • Real-time operational visibility • Better scope and understanding • Monitoring, alerting, trending, health, status, … • Superior insights • Detecting anomalies sooner • Seeing issues before clients • Better agility • Proactive identification (MTTI) • Faster resolutions (MTTR) • Time, efficiency and cost savings 32
- 33. Value for Enterprises Using Mainframe/IBM i Less Complexity Easily collect and correlate mainframe data with other sources. Less deep-dive expertise required! Clearer Security Position Monitor unauthorized access, other security risks; prepares and visualizes key data for compliance audits Healthier IT Operations Real-time alerts identify problems in all key environments View latency, utilization, exceptions, etc. Effective Problem-Resolution Management Real-time views to identify real or potential failures earlier; view related 'surrounding' information to support triage repair or prevention Higher Operational Efficiency Enhanced event correlation across systems; Staff resolves problems faster; “do more with less” Eliminate Your “Blind-Spot” Splunk + Ironstream = 360ᵒ Enterprise IT View 33
- 34. Q & A
Editor's Notes
- Hello everyone… Thank you for joining us today. It’s great to have you here…as I know your time is valuable. With that in mind…I could easily summarize this session by saying....just do it…it just makes perfect sense. But…I suspect you want a little more detail…so let’s dive in
- So…why would you want to integrate elements from your mainframe environment inro platforms such as ServiceNow or Splunk? Well…in short…there is a real cost of doing nothing. If you don’t do this…you could be falling behind.
- No…this is not a picture of me enjoying a beach holiday. This is a picture of you…if you’re not integrating your mainframe with modern tools and ways of working. Unfortunately…there are folks out there that do not see the need. They are good-to-go with their existing setup…their existing practices… …their existing process of elimination when something has gone wrong…their boss bearing down on them when customers are unhappy…again Now is the time to look forward…join the movement…embrace change…and take your head out of the sand
- Because…things DO go wrong. It’s just a fact of life. Hardware goes pop in the middle of your year end processing…a new SQL statement brings database performance to its knees… your customers are not happy…and you need to find out why…NOW…or sooner than NOW When it does happen…it is very costly. 59% of Fortune 500 companies rack up millions of dollars in
- One of the challenges is that IBM platforms generally have great monitoring tools. However…these are typically very specific and specialized Yes…they can give you a very deep dive view of what is taking place…but often this is just a snapshot at the time you press enter on the keyboard Plus…these tools can be focused on a single component or software subsystem And…they are usually in the domain of the systems programmer and unavailable to any one else
- Event Management + Ironstream = insight into your mainframe and IBM i activities and status. Completes the picture and injects agility into your operations if you're reliant on these platforms. Ultimately saves time, money, etc. Improve availability of critical services Gather alerts from all sources, associate to CIs and their related business services, aggregate into one health dashboard Sources include metric data, analyzed by our ML algs to identify what is normal and not normal behavior Make it easy to triage – what’s the most critical service that’s running hot? Fix that first! Reduce volume of incidents Event deduplication and compression into alerts, correlation of alerts into groups to identify primary vs secondary alerts, limit incident generation to alert groups and their primary alerts Alert correlation driven by combination of ML & human learning, leveraging temporal & topological ML algs plus human rules plus learning from human adjustment to ML-correlated groups (semi-supervised) Incidents are assigned more accurately to people/teams, producing less churn and faster results Accelerate resolution time Learner uses causal CMD B relations between elements belonging to a pattern, to determine root cause within a pattern Root cause highlighted on group timeline Associate past alerts, changes & incidents (and their outcomes) on the current resource, as well as on related resources (ones of same time, others that are in the same service, etc) Automatically gather relevant internal & external knowledge Define automation actions on primary alerts, which can be triggered automatically or by a human operator
- At an enterprise-level, you can’t automate and monitor what you can see. Your ITOM Visibility approach needs to fit much like puzzle pieces coming together. You need solutions that are a good fit with your IT environment, is the right fit for your business requirements, and includes your most critical systems like the mainframe and IBM i for enterprise visibility.
- Talk track for this slide – expanded points for each bullet: High performance, cost-effective solution for delivering critical log, machine, event, and configuration data to IT Analytics platforms Enables automated discovery and mapping of mainframe and IBM i machine data resources to populate and update configuration management databases Transforms and normalizes machine data so it can be used by analytics & operations platforms No detailed mainframe or IBM i access or expertise required: Enables quick integration into existing IT Analytics platform processes and GUIs
- The combination of Ironstream and ServiceNow enables enterprises to auto-populate and maintain the Configuration Management Database (CMDB) with all major IBM mainframe and IBM i Configuration Items (CIs) and their relationships.
- And once you get access to this type of information…what can you actually do with it? We see customers putting it to action with many use cases. Monitoring activities…whether that is for things like logon behaviour or data movements Operational Intelligence…looking at trends, performance statistics…leverage things like data patterns to spot anomalies and outliers. Detecting a problem heading your way and being able to do something about it. Ensuring your operations are compliant and adhering to the various protection laws and regulations. And making sure your data and infrastructure is safe from harm.
- In order to get you started on your own journey…we have created what we call Starter Packs. These are apps that you can drop into your Splunk environment and get up and running…literally…within minutes. They really are a launchpad to help you get information out of the machine and log data coming from your IBMi environment. We have one for IT Operational information and one for Security…for both mainframe and IBMi. The contents of each comes from customer input and experience from the field…so should have things you expect and want to see.
- In order to get you started on your own journey…we have created what we call Starter Packs. These are apps that you can drop into your Splunk environment and get up and running…literally…within minutes. They really are a launchpad to help you get information out of the machine and log data coming from your IBM environments. The contents of each comes from customer input and experience from the field…so should have things you expect and want to see. We have packs for IT Operations as you can see here…
- The customer use case we’re looking at today definitively falls into the mission-critical category. This organization offers…amongst many financials services…credit card processing facilities to other businesses. In effect, they act as a central hub and processing powerhouse for many other frontline organizations…who…in turn…deal with card consumers. So ensuring each business customer’s facilities are running smoothly is vital…with major consequences when things go wrong. The use case focuses on intense processing that leverages a lot of technologies….amongst them is a central mainframe environment that is at the core of their card systems. Wrapped around this are layers of other technologies such as off-mainframe Java and .Net applications driving web traffic into this intense environment: new card activations, payments, card declines, balance enquiries…all the typical things you’d expect for card accounts. This all uses a common set of services as well as some unique elements depending of the organization generating the card traffic. So they wanted to find a better way to get to this information. They were already using Splunk within the organization for monitoring Windows and Linux servers… Splunk was giving them great insights into activites and issues…so why could they not simply add the mainframe? Simply put…they wanted the same benefits they were getting from the other platforms as this would leap them forward again …with better visibility over card activities…improved awareness of response times…improved agility around problem identification and resolution They could also present the information in a modern way with fresh tooling with much less effort. And just think if they could get this information delivered automatically…in real-time…without having press Enter…now that would be awesome. So they looked into building something to do just this…but quickly realized it was a daunting task with many complexities. Sounds simple, but there are significant challenges.
- First of all they have brought their mainframe onto a single pane of glass. The data points and metrics they are forwarding into Splunk can now be seen alongside information from other parts of their IT infrastructure…for the first time. So now they can see across the complete system. All the platforms…all the components…greater visibility and greater agility. Its like the watch tower in the forest. The ability to see across the tops of the trees for miles…when a small plume of smoke appears you can react to get ahead of a disastrous blaze. And…using Splunk…it is easy for them to give visibility to many more users in a very controlled way. So now…more have what they need….and so do their customers. Plus there is the full power of Splunk at their disposal to exploit this data even further.
- Now they have real-time visibility Now they have much better scope and understanding of what is actually happening They can leverage Splunk’s ability to monitor automatically…looking for anomalies, outliers and trends…instantly alerting when response times fall…or whatever they need to look for Our customer can get ahead of issues before their customers are even aware of any problem…in effect…there is no problem. This has given them better efficiencies…considerable time savings…and overall cost benefits What’s not to like?