What is the data collector
The data collector is the application that collects and delivers the metadata that is analyzed and presented in the GUI.
The data collector is a light-weight application that is installed on a server in your data
center. It sends the metadata that is collected about your storage systems, such as asset,
configuration, capacity, and performance metadata, from your data center to your instance of
IBM Storage Insights
Pro or IBM Storage
Insights, which is in an IBM® Cloud data center.
Important: Outbound metadata is sent by data
collectors to the well-defined and secure network endpoint https://insights.ibm.com:443. Update your
firewall rules to allow outbound communication to https://insights.ibm.com and to the HTTPS port 443
using the Transmission Control Protocol (TCP).
In a matter of minutes, you can install the data collector and when you add the storage systems
that you want to monitor, you get the capacity and performance insights that you need to monitor
your data center. Because the metadata that IBM Support needs
to investigate and close tickets is also collected, you can also upload logs when you create or update tickets and IBM Support can access and investigate the metadata to resolve any issues that you
might have.
Credentials for connecting to storage systems: To add and
collect metadata from the storage systems that you want to monitor, you must provide the storage
system's credentials. Depending on the type of storage system that you add for monitoring, you can
provide the name and password of a user with privileges to collect the metadata, or an SSH user and
SSH key. The credentials that are provided are encrypted before they are stored in the database for
the instance, and the database is also encrypted. In addition, most storage systems support the
creation of users with read-only roles, who can't make any changes to the configuration of the
storage system.
Note: IBM Storage
Insights now supports onboarding of IBM Storage Virtualize devices running on SSH4 secured
connectivity by using data collector.
Supported operating systems: Data collectors can be installed on servers or virtual
machine that run AIX®, Linux®, or Windows (64-bit systems only). On the
server or virtual machine, you must provide at least 1 GB of RAM and 3 GB of disk space. For more
information about the requirements for data collectors, see the following topics:
Security certification: IBM Storage
Insights, based on regular audits, has ISO/IEC 27001 Information Security Management certification. Annually, the following audits are conducted: two KPI audits, one external Veritas ISO27001, 27017, and 27018 audit, and one IBM internal audit for each ISO2700x.
Note: Security scanners can display an alert message 'Daemon is not managed by RPM' for IBM Storage
Insights data collector. For more information, see
Troubleshooting data collectors.
Key security characteristics
To ensure that metadata is collected securely, the data collector has the following
characteristics:
- Built-in security
- Communication with other entities, such as storage systems in the local data center and the IBM Storage Insights service in the IBM Cloud data center are initiated solely by the data collector. The data collector does not provide any remote APIs that might be used to interact with the data collector.
- One-way communication
- The data collector sends metadata out of your network to your instance of IBM Storage Insights
Pro or IBM Storage
Insights. Communication is outbound only; the data
collector can't receive data from the internet or any other entity in your network. Here's how the
one-way communication works:
- The data collector sends out a request for work.
- IBM Storage Insights responds with a data collection request.
- The data collector communicates with the storage resource or starts a log collection.
- Secure transmission
- All communication between the data collector and IBM Storage Insights Pro or IBM Storage Insights in the IBM Cloud data center uses encryption based on HTTPS.