The Big Idea Behind IT Operations Analytics (ITOA): IT Big Data | ExtraHop


Gartner estimates that by 2017, approximately 15% of enterprises will actively use ITOA (IT Operations Analytics) technologies to provide insight into both business execution and IT operations, up from fewer than 5% today.[1] What's driving this growth, and what do you need to know now in order to make sense of ITOA?

This is the first post in a series explaining how you can build an IT Operations Analytics practice, including:

  • How ITOA is data-driven and borrows from Big Data principles
  • A taxonomy you can use to define ITOA data sets
  • Purposes and outcomes for building an ITOA practice
  • How to apply these principles in real-world workflows

If you were to describe IT Operations Analytics in the simplest terms, you could say it was Big Data for IT. ITOA borrows from the primary objective and promise of Big Data with the goal of helping IT organizations to operate in a more data-driven manner.

Watch this two-minute video for a quick primer on ITOA:

Read the next post in the series: The Four Data Sets Essential for IT Operations Analytics (ITOA)

ITOA Uses Big Data Principles

Nearly any Big Data initiative has the objective of transforming an organization's access to data for better and more agile business insights and actions. However, this can only be achieved through the extraction, indexing, storing, and analyzing of many different data sources coupled with the flexibility to add more data sources as they become available or as opportunities arise.

To provide the greatest flexibility and avoid vendor lock-in, more organizations are adopting open source technologies like Elasticsearch, MongoDB, Spark, Cassandra, and Hadoop as their common data store. This same approach is at the heart of ITOA.

A Big Data practice provides the flexibility to combine and correlate different data sets and their sources to derive unexpected and new insights. The same objective applies to IT Operations Analytics.

The Shift from a Tools-Driven to a Data-Driven IT Management Practice

What we've seen for the last couple decades is an accumulation of disjointed tools, resulting in islands of data that prevent you from getting a complete picture of your environment. This is the antithesis of Big Data. If the CIO wants their organization to be data-driven with the ability to provide better performance, availability, and security analysis while making more informed investment decisions, they must design a data-driven monitoring practice. This requires a shift in thinking from today's tool-centric approach to a data-driven model similar to a Big Data initiative.
Tool-centric approaches create data silos, tool bloat, and frequent cross-team dysfunction.

If the CISO wants better security insight, monitoring, and surveillance, they must think in terms of continuous pervasive monitoring and correlated data sources, not in terms of analyzing the data silos of log management, anomaly detection, packet capture systems, or malware monitoring systems.

If the VP of Application Development wants better cross-team collaboration, faster, more reliable and predictable application upgrades and rollouts for both on-premises and cloud-based workloads, they must have a continuous data-driven monitoring architecture and practice. The ITOA monitoring architecture must span the entire application delivery chain, not just the application stack. Because of all the workload interdependencies, without this data an organization will be flying blind resulting in project delays, capacity issues, cross-team dysfunction, and increased costs.

If the VP of Operations wants to cut their mean time to resolution (MTTR) in half, dramatically reduce downtime, and improve end-user experience while instituting a continuous improvement effort, they must have the ability to unify and analyze across operational data sets.

The CIO, security, application, network, and operations teams can achieve these objectives by drawing from the exact same data sets that are the foundation of ITOA. This effort should not be difficult, costly or take years to implement. In fact, this new data-driven approach to IT is actually being accomplished today; we're just codifying the design principles and practices we've observed and learned from our own customers who are the inspiration behind it.

Up Next: The Data Sets Used for ITOA

In the next post in this series, I will introduce a taxonomy that describes the four data sets that drive ITOA: wire data, machine data, agent data, and synthetic data. Understanding how these data sets are complementary and serve different roles will help you assess your operational stance and existing toolset.

If this is an area of interest for you, check out this video of a presentation that I gave at the Gartner Data Center Conference on the topic of IT Operations Analytics.

Does the need to move from a tool-centric to a data-driven approach resonate with you?

Let me know what you think in the comments below.

[1] Gartner: Apply IT Operations Analytics to Broader Datasets for Greater Business Insight, June 2014

This post was last updated April 11, 2016

To learn more about IT operations analytics, including its definition, the four sources of data that comprise ITOA and how it can benefit businesses, see our ITOA platform page.

This is a companion discussion topic for the original entry at