Wire data is the information that passes over computer and telecommunication networks defining communications between client and server devices. It is the result of decoding wire and transport protocols containing the bi-directional data payload. More precisely, wire data is the information that is communicated in each layer of the OSI model (Layer 1 not being included because those protocols are used to establish connections and do not communicate information).
Wire data is the observed behavior and communication between networked elements which is an important source of information used by IT operations staff to troubleshoot performance issues, create activity baselines, detect anomalous activity, investigate security incidents, and discover IT assets and their dependencies.
According to a March 2016 research note from American IT research and advisory firm Gartner, wire data will play a more important role than machine data for analytics in the future: "While log data will certainly have a role in future monitoring and analytics, it is wire data—radically rethought and used in new ways—that will prove to be the most critical source of data for availability and performance management over the next five years."[1]
Real-time wire data streams are also important sources of data for business and operational intelligence teams. In these types of scenarios, wire data is used to measure order transactions for real-time reporting on transaction volume, success, and failure rates; tracking patient admission rates at hospitals; as well as reporting on the weights and measures of airplanes prior to take-off.
Distinction between wire data and system self-reported dataedit
Wire data is distinct from machine-generated data, which is system self-reported information typically in the form of logs sourced from elements like network routers, servers, and other equipment. Unlike those forms of machine-generated data, which are dependent on the logging configurations of those devices, wire data is defined by wire and transport protocols. There is a small amount of overlap between wire data and machine-generated data but also significant differences. For example, web server logs typically record HTTP status code 200 responses, indicating that a web page was served to a client. However, web servers do not log the transaction payload and so would not be able to show which HTTP status code 200 responses were for pages with a “service unavailable” message. That information is contained in the wire data or transaction payload and is not logged by the server.
Examples of information derived from wire dataedit
Structured transactional data passed over HTTP, including information encoded using SOAP/XML
SQL transaction details, such as errors, methods used, and stored procedures executed
Unique customer IDs, handset type, and credit-control details defined by AVPs and commands contained in Diameter transactions
Cross-tier (web, database, storage, etc.) transaction metrics parsed by unique session IDs or other GUID
Correlation of network transfer time and server processing time
TCP mechanisms such as Nagle delays and throttling
HTTP metadata including user-agent, session ID, status code, and IP address
HTTP page content including page title, user ID, and transaction values
Methods of analyzing wire dataedit
Traditional methods of capturing and analyzing wire data include offline network packet analyzers. Newer approaches receive a copy of network traffic from a port mirror (SPAN) or network tap and reassemble those packets into full per-client sessions and transaction streams, analyzing the entire transaction payload in real time and generating metadata on those transactions without storing the actual packets.[2]
Bibliographyedit
Will Cappelli, Gartner: "Use Data- and Analytics-Centric Processes With a Focus on Wire Data to Future-Proof Availability and Performance Management," March 2016
Will Cappelli, Gartner: “Data Growth Demands a Single, Architected IT Operations Analytics Platform,” September 2013
Will Cappelli, Gartner: “How ITOA Relates to Other Analytics-Driven Disciplines,” November 2013
Referencesedit
^Cappelli, Will. "Use Data- and Analytics-Centric Processes With a Focus on Wire Data to Future-Proof Availability and Performance Management". Gartner. Retrieved March 11, 2016.
^Patel, Zarna. "Morgan Stanley Turns To Wire Data". Wall Street & Technology. Retrieved March 14, 2014.
April 10, 2024
wire, data, information, that, passes, over, computer, telecommunication, networks, defining, communications, between, client, server, devices, result, decoding, wire, transport, protocols, containing, directional, data, payload, more, precisely, wire, data, i. Wire data is the information that passes over computer and telecommunication networks defining communications between client and server devices It is the result of decoding wire and transport protocols containing the bi directional data payload More precisely wire data is the information that is communicated in each layer of the OSI model Layer 1 not being included because those protocols are used to establish connections and do not communicate information Contents 1 Relevance 2 Distinction between wire data and system self reported data 3 Examples of information derived from wire data 4 Methods of analyzing wire data 5 Bibliography 6 ReferencesRelevance editWire data is the observed behavior and communication between networked elements which is an important source of information used by IT operations staff to troubleshoot performance issues create activity baselines detect anomalous activity investigate security incidents and discover IT assets and their dependencies According to a March 2016 research note from American IT research and advisory firm Gartner wire data will play a more important role than machine data for analytics in the future While log data will certainly have a role in future monitoring and analytics it is wire data radically rethought and used in new ways that will prove to be the most critical source of data for availability and performance management over the next five years 1 Real time wire data streams are also important sources of data for business and operational intelligence teams In these types of scenarios wire data is used to measure order transactions for real time reporting on transaction volume success and failure rates tracking patient admission rates at hospitals as well as reporting on the weights and measures of airplanes prior to take off Distinction between wire data and system self reported data editWire data is distinct from machine generated data which is system self reported information typically in the form of logs sourced from elements like network routers servers and other equipment Unlike those forms of machine generated data which are dependent on the logging configurations of those devices wire data is defined by wire and transport protocols There is a small amount of overlap between wire data and machine generated data but also significant differences For example web server logs typically record HTTP status code 200 responses indicating that a web page was served to a client However web servers do not log the transaction payload and so would not be able to show which HTTP status code 200 responses were for pages with a service unavailable message That information is contained in the wire data or transaction payload and is not logged by the server Examples of information derived from wire data editStructured transactional data passed over HTTP including information encoded using SOAP XML SQL transaction details such as errors methods used and stored procedures executed Unique customer IDs handset type and credit control details defined by AVPs and commands contained in Diameter transactions Cross tier web database storage etc transaction metrics parsed by unique session IDs or other GUID Correlation of network transfer time and server processing time TCP mechanisms such as Nagle delays and throttling HTTP metadata including user agent session ID status code and IP address HTTP page content including page title user ID and transaction valuesMethods of analyzing wire data editTraditional methods of capturing and analyzing wire data include offline network packet analyzers Newer approaches receive a copy of network traffic from a port mirror SPAN or network tap and reassemble those packets into full per client sessions and transaction streams analyzing the entire transaction payload in real time and generating metadata on those transactions without storing the actual packets 2 Bibliography editWill Cappelli Gartner Use Data and Analytics Centric Processes With a Focus on Wire Data to Future Proof Availability and Performance Management March 2016 Will Cappelli Gartner Data Growth Demands a Single Architected IT Operations Analytics Platform September 2013 Will Cappelli Gartner How ITOA Relates to Other Analytics Driven Disciplines November 2013References edit Cappelli Will Use Data and Analytics Centric Processes With a Focus on Wire Data to Future Proof Availability and Performance Management Gartner Retrieved March 11 2016 Patel Zarna Morgan Stanley Turns To Wire Data Wall Street amp Technology Retrieved March 14 2014 Retrieved from https en wikipedia org w index php title Wire data amp oldid 1121692010, wikipedia, wiki, book, books, library,
