Mike Vizard is a seasoned IT journalist, with nearly 30 years of experience writing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, and The VAR Guy. Follow Mike on Twitter at: @mvizard.
Loggly: Is log management becoming more strategic to companies?
Vizard: Companies are experimenting more with Big Data, although so far this is an act of faith more so than a proven methodology. Historically, we were searching for the needle in the haystack; now we are not even sure it’s a needle. There is a sense that there is value and actual insights in that log data. While some companies have a Big Data analyst on board to help in this effort, that’s still pretty rare. Having a good online repository is certainly helpful, but you also really need to know what questions to ask and not everyone has that expertise.
Loggly: Are you seeing certain sizes of companies that are gravitating toward a log analysis strategy?
Vizard: The size of company is not relevant in using logs. It’s more about the data in the business. A small company could have a huge rack of servers in the cloud and be amassing large volumes of data every day. There are three levels of usage with logs: correlating log data from multiple systems to eliminate finger-pointing inside the IT organization is the first. Next, there’s predictive capabilities with logs – using log data to see into the future in terms of what might be about to go wrong in your IT environment. Finally, there’s the use of logs for analyzing and tracking business events. Every business event creates a corresponding set of IT events that in theory can be correlated in a way to act as an early warning system for the business.
Loggly: Can log analytics help support business objectives, not just IT objectives? Is there a business correlation or business story here?
Vizard: I have seen a handful of companies doing this. A big opportunity is to use log data to feed BI tools, but you need to be able to normalize that data first and that remains a technical struggle. Some use cases that are interesting are if you see a sudden spike in abnormal behavior that could be an indicator of a security attack, or a spike in demand for mobile computing services showing greater customer demand for a particular product or service. You need the right metrics in place.
Loggly: How has the big data trend influenced IT performance monitoring tactics?
Vizard: In the future what we’ll see is standardization of containers and repositories. Instead of having 15 different tools and silos, we’ll have it all in one system. Yet the challenge as mentioned before is to normalize that data so that you can analyze it. I can see being able to use the data to look correlate information across the supply chain with external data sources. Companies have many interdependencies that need to be managed. Unfortunately, it’s nearly impossible to merge all this data easily, because the hardware and software platforms out there collect data differently.
Loggly: What’s the most interesting IT trend that you’re tracking right now?
Vizard: The use of APIs in the enterprise. APIs have transformed BtoC companies and the way that companies invoke and use IT resources. Companies are going to expose applications as a REST service, which means that now they can share data across systems, recombine data in different apps, and basically focus on the data instead of managing infrastructure.
Loggly: Which companies are the most important ones to watch right now for infrastructure innovation?
Vizard: There are two trends. First, there’s the emergence of converged systems from Cisco and HP. Then there’s the emergence of the software defined data center, where the intelligence for the integrated systems is in software. The software-defined data center means the underlying hardware is no longer as important as it once was and you don’t have to standardize on one vendor. This will result in less lock-in for IT organizations and the cost of switching between platforms will drop. It will also be much easier to upgrade systems as needed without having to go through a forklift upgrade process.