User goals and features

The TrueSight IT Data Analytics product provides you the capabilities for addressing the following business goals:

User goalsDescription and references
Collect and index data

You can collect various kinds of machine data generated by a variety of data sources, and subsequently perform in-depth analysis as a part of your troubleshooting, or understanding the data.

For more information about data collection, see the following topics:

You can automate your data collection process in the following ways:

  • Create collection profiles to use data collector templates for automatic data collector creation.
  • Create hosts to capture host credentials for use when creating data collectors.
  • Create credentials to capture system credentials for use when creating data collectors.
Search and investigate
  • Use the product interface to search and investigate real-time and historical data to troubleshoot problems, perform root-cause analysis, and discover trends and insights in your business operations. 
  • Use search commands to interact with your data in various ways (group, filter, broaden, or limit your search) and perform advanced analysis using statistical and reporting search commands.
  • See your search results represented graphically by the timeline and summarization charts. Use these charts to see data trends and discover spikes or anomalies. Click the bars in the timeline chart to drill down into the search results and focus on meaningful data.
  • Click fields in your search results to add to your search criteria and perform further analysis of your data. View your search results with different levels of detail, for different time ranges, and in different formats. Use the asterisk (*) as a wildcard character either before or after your search string to substitute for words before or after a substring.
  • Filter your search results by changing the time context, using fields and tags in the search criteria, or by using search operators and get more accurate results.
  • Add meaning to your data by specifying fields (when creating data patterns) that must be extracted from your data and adding tags (when creating data collectors) to add to your search criteria and enhance your search results. 

For more information, see Searching for data.

Create data charts

Create custom dashboards to represent data graphically, and monitor trends in your data to track irregularities or abnormalities.

Use dashboards to represent data such that you can correlate events or seemingly unrelated activities or discover data relationships.

For more information, see Creating and managing dashboards.

Generate notifications and log events

Save searches to monitor data for an extended period of time and locate real-time abnormalities or events and then send out alerts via email messages or logging events into supported external systems (via an integration or via scripts). You can also attach PDF reports with the related search results and the summarization chart.

Notifications can be sent in real time, depending on the conditions and thresholds specified.

For more information, see Setting up notifications to create alerts or reports.

Integrate with other products and analyze context-aware data

Integrate with external systems such as ProactiveNet and TrueSight Infrastructure Management to get event data and perform root cause analysis.

You can perform in-depth analysis on events by using the context from these systems, create notifications, and create custom dashboards to monitor these events. You can also log events into the external system for any abnormalities found.

For more information, see Integrating.

Import and export content packs

Content packs are a group of product components such as saved searches, data patterns, and collection profiles.

You can perform the following actions related to content packs:

  • Export content packs in a zipped format to share with others.
  • Import content packs shared by others or stored earlier, and then use the components imported, in the process of data collection and search.

Content packs are also useful for sharing in multiple-server environments or when you have multiple product instances.

For more information, see Creating and managing Content Packs.

Was this page helpful? Yes No Submitting... Thank you