BMC Helix Log Analytics overview
Watch the following video (3:36) to understand the core capabilities of BMC Helix Log Analytics to collect and analyze logs from your IT environment:
Product architecture
The Log ingestion service receives logs from various sources, such as Amazon Web Services and Kubernetes and passes it on to the Log Processing service. The Log Processing service enriches the logs, extracts fields from the logs, and generates alerts. BMC Helix Log Analytics identifies anomalies in the incoming logs by using machine learning (ML). If an anomaly is detected, an event is generated in BMC Helix Operations Management.
Product features
The following diagram illustrates the key features and capabilities of BMC Helix Log Analytics:
|
| |
Collect logs from various sources, such as Kubernetes, Amazon Web Services, Linux servers, and Windows servers. Ingest logs by installing connectors on source systems and setting up collection policies. You can analyze the collected logs to get to the root cause of an issue. For more information, see Collecting-logs. | Configure logs to extract key data from logs and add meaningful information to the log messages. By configuring the logs, you can troubleshoot the issues more efficiently and reduce the mean time to resolve (MTTR) an issue. For more information, see Enriching-logs. | |
|
| |
BMC Helix Log Analytics uses machine learning (ML) based anomaly detection to identify unusual log patterns. You can configure alert policies to receive alerts when anomalies are detected. These alerts help proactively identify potential problems before they become problems, improving system reliability and troubleshooting efficiency. When an anomaly is detected, an event is generated in BMC Helix Operations Management. For more information, see Generating alerts from logs. | BMC Helix Log Analytics helps analyze and gain insights from logs by using the Explorer > Discover tab. Logs collected through configured policies appear as log messages, which you can search, filter, and analyze to troubleshoot issues efficiently and reduce the MTTR to solve an issue. For more information, see Deriving insights from logs. | |
| ||
View out-of-the-box dashboards for quick references on log trends and create new dashboards for your specific requirements. The following out-of-the-box dashboards are available in BMC Helix Dashboards:
For more information, see Visualizing logs. | ||
Collect logs
Configure logs
Detect anomalies
Derive insights from logs
Visualize logsProduct roles
The following user roles are available in BMC Helix Log Analytics. Users can perform tasks based on the assigned role.
For information about assigning permissions, see Setting up roles and permissions.
| User role | Description | Tasks |
|---|---|---|
 Administrator | Administrators set up and manage the system by collecting and configuring logs, setting up alerts, managing access control, visualizing data, and archiving logs. |
|
 Operator | Operators analyze logs, visualize data, and track alerts and anomalies to ensure system health and performance. |
|
Roles and permissions in BMC Helix Log Analytics
BMC Helix Log Analytics has Administrator and Operator user roles. Each role has specific permissions that determine the tasks a user can perform, such as log collection, analysis, visualization, and alerting. This section explains the responsibilities and access levels for each role.
| Use cases | Application or Service > Resource > Permission | Description |
|---|---|---|
Analyze logs Create dashboards and visualizations | loganalytics > logs > manage | Administrators and Operators require this permission to access and analyze logs in BMC Helix Log Analytics. |
| Archive and restore logs | loganalytics > log_archival >manage | Assign the permission to operators to archive and restore logs. |
| Collect logs | loganalytics > logs > manage loganalytics > logs > ingest intelligent-integrations > integrations > manage intelligent-integrations > integrations > view intelligent-integrations > connectors > manage intelligent-integrations > connectors > view | Assign view permission for viewing rights only. To create, edit, and delete permissions, assign the manage permission. You might want to assign view permissions to operators to view log-collection configurations. However, administrators require all permissions to manage, ingest, and view permissions to collect logs. |
| Configure log enrichment | loganalytics > logs > manage loganalytics > enrichment_sources > manage loganalytics > enrichment_sources > view loganalytics > log_policies > manage loganalytics > log_policies > view | Assign view permission for viewing rights only. To create, edit, and delete permissions, assign the manage permission. You might want to assign view permissions to operators to view the enrichment configurations. However, administrators require both manage and view permissions to configure log enrichment |
For information about assigning permissions, see Setting up roles and permissions in the BMC Helix Portal documentation.
Learn more
Use the following resources to learn more about BMC Helix Log Analytics:
| Webinars | Watch the following webinar (28:31) that explains how you can achieve service monitoring with BMC Helix Log Analytics and BMC Helix AIOps. Watch the following webinar (47:59) that explains how you can make your logs smarter with BMC Helix Log Analytics. |
| Product blogs | |
| Additional resources | BMC Community: Learn and engage with other users of BMC Helix Log Analytics at BMC Community. Education and certification: Go through the web-based trainings for BMC Helix Log Analytics at courses for BMC Helix Log Analytics. Product datasheet: Access the product data sheet that summarizes the use-cases of BMC Helix Log Analytics: Datasheet. |