IBM Analytics
White Paper
Contents
1 Introduction
and others involved in intelligence analysis, identify, predict, and prevent
2 Who should read this
criminal, terrorist and fraudulent activities.
white paper
2 Potential benefits of
i2 Analyst’s Notebook
unstructured information in a powerful visual analysis environment. It
3 Key features of i2 Analyst’s
Notebook
18 Technical description
18 What prerequisites are required
to install the product?
18 What documentation
is provided?
19 For more information
IBM i2 Analyst’s
Notebook
Discover and deliver actionable intelligence to help
identify, predict and prevent criminal, terrorist, and
fraudulent activities
IBM® i2® Analyst’s Notebook® provides rich visual analysis capabilities
that help to quickly turn complex sets of disparate information into
high-quality, actionable intelligence. It is designed to help analysts,
i2 Analyst’s Notebook allows users to quickly collate both structured and
supports analysts in rapidly building a single, cohesive intelligence picture.
The intuitive, modern user experience reduces user familiarization times,
allowing users and organizations to quickly take advantage of productivity
gains. The flexible data model and visualization environment that is coupled
with a comprehensive range of visual analysis tools help users build insight
and understanding on complex data sets. It helps drive the faster discovery
of key individuals, connections, relationships, events, patterns, and trends in
data that might otherwise be missed. Integrated Social Network Analysis
capabilities also deliver increased comprehension of social relationships and
structures within networks of interest.
The results that are delivered from this detailed analysis can then be
shared via intuitive and visual briefing charts or visualizations. These
easy-to-understand visualizations can easily be included in other end
intelligence products. This greatly simplifies the communication of
sometimes complex information and scenarios and ultimately helps
to drive more timely and accurate operational decision making.
 IBM Analytics
White Paper
i2 Analyst’s Notebook is a technology road-tested by
over 2,000 organizations worldwide. It is designed to
help government agencies and private sector businesses
in their fight against increasingly sophisticated criminal
and terrorist organizations.
“i2 Analyst’s Notebook offers a wide range of
analysis and visualization capabilities that
can aid in the identification of key actionable
intelligence.”
“i2 Analyst’s Notebook supports the dynamic
2
Who should read this white paper
This white paper is intended for:
• Potential users of i2 Analyst’s Notebook such as analysts
and investigators who want information about i2 Analyst’s
Notebook and the potential benefits it provides.
• Managers or team leads who want to learn more about
how their teams can use the application most efficiently.
• System administrators who want to gain a high-level
understanding of the product and system prerequisites
that are needed to install and run the application.
This document relates to i2 Analyst’s Notebook version 8.9.7
Potential benefits of i2 Analyst’s Notebook
Reduce the time that is required to deliver rich,
actionable intelligence from complex sets of
disparate data
• Quickly turn data into easily understandable visualizations
to aid in the analysis of complex scenarios.
• Combine all available information to build a single cohesive
intelligence picture.
• Perform effective analysis of a wide range of data types with
a flexible data modeling and visualization environment.
• Increase insight and understanding and the depth of
intelligence products for more effective resource utilization.
human thought process and offers
unparalleled visual analytics.”
IBM Analytics
White Paper
Identify connections, patterns, and key intelligence
that might otherwise be missed
• Identify the key who, why, what, where and when of any
analysis question with a wide range of visual analysis tools.
• Combine association, temporal and geospatial aspects of
data with multi-dimensional analysis views.
• Quickly highlight key individuals and relationships and
their connections to key events with core link analysis
capabilities.
• Understand critical timeline of events or patterns within
criminal activities with powerful temporal analysis tools.
• Identify potentially important intermediaries between
seemingly unconnected entities in a network.
Increase understanding of complex criminal, terrorist,
and fraudulent networks
• Gain better insight and understanding of the structure,
hierarchy and ‘modus-operandi’ of complex networks with
integrated Social Network Analysis tools.
• Aid the decision-making process and ensure best resource
utilization for operational activities in network disruption,
surveillance or influencing.
Simplify the communication of complex information
to support timely and accurate decision making
• Clearly communicate complex data and scenarios with
intuitive and easy-to-follow charts and visualizations.
• Drive the effective and efficient sharing of intelligence
for internal teams and across intelligence organizations.
• Effectively share intelligence with a familiar tool that over
2,000 organizations use.
Rapid deployment delivers near-immediate
productivity gains
• Remove the need for professional services deployment
costs with wizard-driven installer.
• Reduce the time to streamline analysis and end intelligence
product generation activities with rapid deployment of
powerful visual analysis capabilities.
• Rapid deployment and intuitive, modern user experience
delivers near immediate productivity gains.
3
Proven worldwide visual analysis solution
• Over 2,000 organizations worldwide have used this
intelligence analysis solution.
• Designed with input garnered from customer experiences
collected in real operational environments.
• Comprehensive support infrastructure for global organizations
with language versions available in 17 languages.
Key features of i2 Analyst’s Notebook
Overview
i2 Analyst’s Notebook is a powerful visual analysis
environment that offers users a comprehensive range of
capabilities to identify actionable intelligence hidden within
disparate data sets. These capabilities include:
• Flexible data acquisition tools to quickly ingest a wide
variety of data types and formats.
• Flexible data modeling and visualization environment that
does not constrain the input of complex relational data.
• Powerful range of visual analysis capabilities that enables
users to quickly gain increased understanding and reduces
the time to pin-point key intelligence.
• Effective dissemination tools that simplify the communication
of complex data and scenarios.
Flexible data acquisition
i2 Analyst’s Notebook provides a range of methods to quickly
ingest the wide variety of information that intelligence
analysts are faced with everyday. This flexible approach to
data acquisition allows users to input a broad range of data
types. Examples include telephone call records, financial
transactions, computer IP logs and mobile forensics data,
to name but a few. i2 Analyst’s Notebook’s data acquisition
allows users to:
• Rapidly import structured data via a wizard-style
visual importer.
• Simplify manual data entry with an intuitive drag and
drop mode.
• Connect to and query available data sources via numerous
extensibility options.
IBM Analytics
White Paper
Visual importing of structured data
i2 Analyst’s Notebook users can rapidly import data from
structured data files via the wizard-style visual importer.
Import specifications that map the data from tabular style files
in to an i2 Analyst’s Notebook chart can be quickly created.
Users are able to visually create how the different data aspects
are to be mapped. Inputting this tabular style data into the
visual environment of i2 Analyst’s Notebook can greatly
increase the potential of discovering key information. It helps
to identify connections and relationships or communication
and commodity flows across a network that would otherwise
remain hidden.
The import specifications in i2 Analyst’s Notebook convey
how the data in the source file is to be interpreted. It details
which items of data are to be used for the entities and links,
and specifies how extra supporting data is to be added to the
chart in the form of cards or attributes. It also details how
the resulting output chart will be laid out.
These import specifications can also be saved and shared. Data
of the same format, for both individuals or across groups of
analysts, can be quickly imported and visualized. These shared
specifications help to provide data ready for analysis, with the
minimum of effort and removal of any repetition of work.
4
Drag and drop manual data entry
i2 Analyst’s Notebook includes manual data entry options that
are designed to allow rapid chart item creation and editing.
This function provides an intuitive drag and drop interface that
helps to quickly build chart data. Users are able to choose from
the extensive array of icon types to visually represent real-world
items or events.
This visual interface in i2 Analyst’s Notebook displays the wide
range of icon, link, and attribute types available to users. This
extensive range can be used to best represent the imported data
and allows users to quickly add the wanted information on to a
chart. Templates that can be tailored to a user’s data entry
requirements can also be created.
Other importing methods
i2 Analyst’s Notebook also offers the ability to import data in
XML format. Style sheets can be created that are used in the
import process to transform the data into the format that is
required for i2 Analyst’s Notebook.
There are also a number of dedicated importers for specific
formats related to telephone and mobile forensics data.
 IBM Analytics
White Paper
Data acquisition extensibility options
The potential benefits of i2 Analyst’s Notebook can be further
enhanced by combining it with other capabilities from the
IBM i2 Intelligence Analysis Portfolio. Automated data
acquisition products such as IBM i2 iBridge and IBM i2
Information Exchange for Analysis Search for i2 Analyst’s
Notebook are available. Live connections, to one or more
of an organization’s existing data sources, can be established
directly from within the i2 Analyst’s Notebook environment.
This smooth integration gives analysts the ability to retrieve
and analyze information that is stored in multiple, standard
relational databases. With live data access, analysts can use
i2 Analyst’s Notebook to more quickly retrieve vital
information from key databases. Users are also assured that
any analysis is based on the most up-to-date information
available. It also helps remove any reliance on a database
specialist or the need to learn a complex query language.
Organizations can also create data connections to existing
data sources themselves by using the IBM i2 Analyst’s
Notebook SDK.
“i2 Analyst’s Notebook can be upgraded to
allow connectivity to one or more of your
existing data sources.”
5
Flexible data model and representation
i2 Analyst’s Notebook provides users with an environment
that offers flexibility in how data is modeled. The flexibility is
designed to ensure that users are not constrained in the input
of complex relational data. The intuitive environment allows
data to be modeled in various ways. Information can be
displayed in the most effective manner to suit the type of
data to be viewed and the analysis to be performed.
This flexibility allows users to:
• Represent information to best suit the data to be analyzed.
• View data in multiple ways in the form of network and
timeline views.
• Effectively visualize a wide range of data sets.
• Perform various tasks for both analysis and briefing purposes.
The visualization environment within i2 Analyst’s Notebook
allows users to represent information in association or timeline
charts. Items can be represented as entities, links, events,
timelines or attributes in order to best present the type of data
to be analyzed. This helps drive the effective analysis and
visualization of a wide range of data sets. Examples include
social networks, telephone records, financial transactions and
internet traffic records, to name but a few.
Association charting / Link analysis
Link analysis, the bedrock of i2 Analyst’s Notebook since its
inception, is a proven tool for intelligence analysts. It remains a
key ingredient in identifying key connections and relationships
within complex data. The extensive association visualization
and analysis tools in i2 Analyst’s Notebook help users in
identifying key aspects within a data set of interest such as:
• Key individuals and their relationships with others
• Structures in networks
• Close-knit groups of individuals (clusters)
• Information or commodity flow across a network
IBM Analytics
White Paper
The link analysis environment in i2 Analyst’s Notebook allows
users to display their data in association charts. The association
view can be used to show the relationships between entities
such as people and organizations and illustrate how they are
interconnected. A wide range of formatting options allows
users to quickly and easily represent real-world information.
These extensive options help provide increased insight and
understanding of a wide variety of ‘networks’. It helps analysts
better understand the relationships within criminal networks,
the communication patterns between individuals in a network,
how money flows across a network and much more.
Timeline charting
i2 Analyst’s Notebook goes beyond just how entities are
interconnected by also allowing information to be portrayed
in the form of timeline charts. These temporal views can be
used to illustrate how sequences of events unfold over time.
They help not only reveal the interactions between entities
but also portray when these interactions occur.
6
Timeline charts are commonly used to analyze information
such as telephone call records (and any other form of
communications) or financial transactions. They also enable
users to build a picture of a sequence of events for time
periods of interest. These type of charts provide a powerful
visualization that help to simplify both the analysis and briefing
of key temporal information.
Item property model
Users can easily use the following methods to store properties
or supplemental information for an item within i2 Analyst’s
Notebook:
• An item’s type is an important property. The type property
is used to define both entity and link types in a chart. In the
case of entities, the type can be used to define the visual
icon style that is displayed in the chart.
• Semantic types can be applied to give real-world meaning
for an item type. The real-world meaning helps when
performing a search on a data set. For example, a search for
a person type returns both males and females in the results.
• Other item properties can be stored as attributes against
an item.
IBM Analytics
White Paper

• i2 Analyst’s Notebook includes a wide range of entity
(including associated visual icons), link, and attribute types.
However, users can easily create and add their own.
• Users (or their organization) can create templates so that
users are only given the option to choose types that are
most commonly used. Organizations can standardize the
way information is entered across an entire organization.
• An image (for example mug shots or CCTV imagery) can
also be stored against an entity. These images can then be
used to display on the chart in place of an entity’s visual icon.
• Supplemental information (that is, extra information on an
item from a different source) can be added in the form of
cards. These cards provide a method to record text-based
information against an item while also recording the source.
• Items can also be graded to record information such as
source, reliability, and clearance level. The grading structure
is configurable to suit the needs of an organization.
• Items that are imported from external data sources can also
return the property information on those items in the form
of data records. This rich data can then be used by many of
the analysis tools within i2 Analyst’s Notebook.
Item visualization / Formatting
i2 Analyst’s Notebook provides an extensive icon set with a
high-quality, ultra-modern 3D look that offers clear, modern,
and detailed real-world representations in charts. The extensive
range of icons that are provided includes individual sets that are
targeted at specific sectors. These icon sets include Defense,
Cyber, Telephone, and Financial / Fraud analysis to name a few.
• Modify the size of entities to identify or emphasize key or
important entities within a data set.
• Include other supporting data such as pictures to enhance
briefing charts or reports with images of individuals.
Timeline charts can also be enhanced to include event
frames that depict, for example, CCTV images of an event.
• Display the direction of links to visually represent who
called who within a phone call or how money flows
between accounts.
• Categorize links with the use of color, width, or link
style. Easily identify differing types of relationship, higher
volumes of calls between individuals, relative size of financial
transactions between accounts, or the confidence level of a
piece of information that links two people together.
• Group items within a chart to ensure that items can be
selected and moved together as a group either manually
or when a user runs one of the analytical layouts.
• Change the display status of an item. Items can be hidden
(the item still exists but is not displayed) or ‘grayed-out’ so
they are de-emphasized compared to other chart items.
Users can then put emphasis on particular items in a chart
but still maintain their context within a wider network.

Users are also provided with many formatting options. These

options help in the identification of key information during
analysis or for emphasizing important items when briefing
intelligence. The formatting options available in i2 Analyst’s
Notebook include the ability to:

• Apply color icons to visually represent real-world properties

of an entity, such as the color of a vehicle.
• Visually categorize items in the form of colored Icon
Frames that can be used to visually group items with
common properties. These Icon Frames can also be used
to visually display analysis results from tools such as Social
Network Analysis.

7
IBM Analytics
White Paper

Conditional formatting i2 Analyst’s Notebook provides the tools to quickly analyze

Any formatting can also be applied semi-automatically with
the use of i2 Analyst’s Notebook Conditional Formatting.
Users can define a set of rules that automate the process of
formatting chart data to emphasize significant information for
analysis or presentation purposes. Rules can also be saved so
that repetitive tasks that are required across many charts can
be automated.
Multiple rules can be set up in conditional formatting
specifications to perform complex formatting tasks. These
rules can be configured to work against the properties that are
contained within chart entities, links, and attributes. As with
import specifications, the conditional formatting specifications
can be saved either locally or in a workgroup. Organizations
are provided with an effective method of standardizing analysis
and briefing tasks across wider teams. These specifications
can be shared to standardize the techniques that are used for
both analysis and presentation purposes. Examples include
identification of important information in the analysis phase,
or for standardizing the format of charts for reporting and
presentation purposes.
Powerful analysis capabilities
i2 Analyst’s Notebook provides a wide range of analysis
capabilities. The extensive analysis environment enables users
to quickly gain understanding of the information they are faced
with and pin-point any key intelligence.
complex data sets and the ability to create multiple analysis
views on data of interest. Data can be displayed as association,
temporal, spatial, statistical and spreadsheet views. These
multiple views help to give a wider understating of all the
important who, why, what, when and where aspects.
i2 Analyst’s Notebook provides users with a range of temporal,
social and geospatial analysis tools. The multiple views can
help analysts gain greater insight of a charted data set, all from
within a single user environment.
Data filtering and histograms
The dynamic filtering and histogram views available within i2
Analyst’s Notebook provide users with quick feedback on the
information that is contained within a charted data set. Users
can quickly browse and filter information that is based on any
property of the data within a charted data set. Insight is
provided to a user with the use of visual bar graphs (list view)
or histograms. These interactive list and histogram views
allow users to quickly identify, select and drill down into
information of relevance. Any non-relevant information that
does not pass the filter criteria can be filtered out by either
hiding it or ‘graying’ it out. Multiple filters can also be applied
to quickly and efficiently narrow down larger data sets and
identify possible high-value intelligence.

These capabilities can help analysts to quickly analyze complex

data sets and allows users to:

• Quickly analyze data by providing multiple analytical

views on data of interest.
• Drill down into data sets to identify non-obvious
connections, patterns, and trends.
• Get better insight into the critical timeline of events.
• Identify potentially important intermediaries between
seemingly unconnected entities in a network.
• Increase understanding of target criminal, terrorist,
or fraudulent networks.
• Identify potential duplicates within imported data.
• Understand the who, what, when, where and why of
any analysis task.

8
IBM Analytics
White Paper
Histogram view filtering — Histogram filters provide a
powerful mechanism for quickly delivering visual feedback
on a range of data types that are contained within any chart.
This interactive view is highly suitable for range-based data
types such as date/time or transactional amounts. It allows
users to identify areas of interest in chart data set such as
peaks, troughs, or patterns in activities. Users can then drill
down to quickly highlight any relevant information.
The interactive histogram view provides the following capabilities:
• Select single or multiple bars in the histogram view to
highlight the corresponding items within the main chart view.
• Drill down to perform more detailed analysis of a data set.
Users can display a more granular view of the entire data
set or display the information for a selected range only.
• Run an animation of chart data to show how activities
occur over time or how a data set builds over time.
• Copy the histogram view as a bitmap to allow easier
integration into reports or presentations.
List view filtering — List view filters provide effective and
fast visual feedback for non-range-based data with a chart
data set. This visual statistical summary can be used for any
aspect of a charted data set. It can offer quick insight into the
information that is contained within. Multiple list view filters
can also be used to quickly identify commonality within items
in a chart that is based on complex filter criteria.
9
Temporal analysis and visualization
Answering the ‘when’ question is a critical need for most tasks
that are posed to intelligence analysts and their organizations.
i2 Analyst’s Notebook provides a set of temporal analysis tools
that help in understanding the temporal aspects of any data
set. These powerful tools help analysts to:
• Drill down in to the temporal aspects of an entire charted
data set with instant, interactive visual temporal views.
• Identify areas of interest within chart data, such as
temporal peaks, troughs, or patterns in activities that
require further investigation.
• Understand potential temporal trends such as activities
that occur more at a particular time of day and day of week.
• Create a more detailed timeline view of activities for
items of interest down to individual event granularity.
Activity View — To fully understand a timeline of events
there is the need for analysts to understand a timeline down
to individual event granularity. Many of these events also
occur over time. It is vitally important to be able to record
and visualize the duration over which any particular event
occurred. The Activity view in i2 Analyst’s Notebook allows
users to do just that. The ‘Gantt-style’ temporal visualization
allows users to plot, down to individual event granularity, all
time-based activities that occur within selected chart data.
Both ‘point-in-time’ events and activities that occur over time
can be plotted with the Activity view. It provides users with a
full view of an item’s activity timeline.
IBM Analytics
White Paper
This detailed temporal view greatly reduces the time that is
required to re-create and then understand any critical timeline
of events. It also helps analysts to identify potential anomalies
within a timeline. It can highlight overlaps in an individual’s
activities (such as being in two places at the same time). It also
more clearly highlights time periods with no information,
helping to pinpoint areas for further data-gathering by
operational teams.
The activity view can also be used side-by-side with a network
chart, allowing analysts to compare both association and
temporal aspects simultaneously.
Histogram view — The histogram functionality in i2 Analyst’s
Notebook provides a powerful tool to display temporal data.
The interactive view allows analysts to select time periods of
interest and filter out non-relevant information that falls
outside these times. This powerful capability helps users to
quickly identify potential time periods of interest, such as peaks,
troughs, or patterns in activities, in a chart data set. Users can
then drill down in these areas of interest to gain better insight
in to the potential causes.
10
Users can perform a more detailed analysis of a data set with
interactive histogram view. Data can be viewed at a more
granular level (for example, show by days instead of months).
It can also display the data for a selected range only (for example,
show only the items in June).
The histogram view also works interactively with the main
chart view. Data that falls outside the selected time period
within the histogram can be hidden or ‘grayed-out’ within the
chart. Users can then display both association information
within the main chart and temporal information within the
histogram simultaneously. This combination is designed
to help users to gain better insight into how, over time,
communications occur between individuals or how finances
might flow across a network.
Heat matrix view — The heat matrix takes the temporal
analysis of a charted data set a step further. It offers a more
detailed breakdown of the temporal content of data, allowing
users to map/visualize activities against two temporal ranges.
This capability helps to provide a much quicker answer to
temporal questions, do activities happen at a certain time of
day AND a particular day of the week?
IBM Analytics
White Paper

This understanding can help users to quickly identify patterns
in activity or aspects of a target’s likely pattern of life. It also
helps identify how and when a target individual works or
whether there are any regular patterns in terms of their
common activities.
The relationships between prominent people of interest who
wield the greatest influence over the rest of the network can be
understood better. SNA also helps identify how directly and
quickly information flows between people in different parts of
the network.

The heat matrix view, in the same way as the histogram view,
works interactively with the main chart view.
Social network analysis
i2 Analyst’s Notebook provides analysts with the means to
increase understanding of the structure, hierarchy and modus
operandi of criminal and terrorist networks.
Social network analysis (SNA) has emerged as an effective
intelligence analysis technique. It enables the analysis of how
and why social groups operate, interact and behave in particular
ways. This quantitative technique enables users to map and
measure complex networks of entities such as people and
organizations, by measuring the interactions between them.
Using SNA measures can help analysts to understand individuals’
roles within a network. Coupled with the temporal analysis
capabilities within i2 Analyst’s Notebook, SNA can help identify
so-called Emerging Leaders and Rising Stars. These individuals
are people who increase in importance or influence within a
network over time.
Better understanding of a network, its structure, hierarchy, and
individuals’ roles within a network is vitally important. This
understanding helps drive better operational decision making
whether for network disruption, surveillance, or information
access and dissemination purposes.

SNA techniques can help analysts gain better insight and

understanding of complex networks of entities by providing users
with insight into the aspects of social structure and the sources
and distribution of power of a network. This can shed critical
insight on the intricacies of a network, highlighting who knows
whom and who does business with whom. By monitoring the
communication patterns between network nodes, the network’s
structure can be established, which then enables identification
of critical nodes and their relationships.

SNA techniques can also help give insights into the performance
of a network as a whole and its ability to achieve its key
goals. It helps to identify characteristics of a network that
normally are not immediately obvious, such as the existence
of smaller subnetworks that operate within a larger group.

11
IBM Analytics
White Paper

The SNA centrality measures that are included in i2 Analyst’s
Notebook are:
Degree Centrality — Identifies entities who are the most
active in a network that is based on the number of direct links
to other entities
Closeness Centrality — Identifies entities who have the best
access to other parts of a network and visibility of activities
within the rest of a network
Betweenness Centrality — Identifies entities who act as
gatekeepers or bridges of information and control information
flow between different parts of a network
Find connecting networks
i2 Analyst’s Notebook offers users the means to help identify
potential important intermediaries between entities in a network.
The Find Connecting Networks feature helps users to identify
potential intermediaries between seemingly unconnected
entities and highlight possible networks that connect multiple
entities of interest.
One example of this is searching for a network that joins several
bank accounts that are involved in fraud. Find Connecting
Network results could help to identify an intermediate account
or accounts that distribute money to those accounts and
possibly play a central role in the fraudulent activity.

Eigenvector Centrality — Identifies how well-connected an
entity is and how much direct influence it has over the most
active entities in the network
i2 Analyst’s Notebook also includes an SNA clustering
technique in the form of K-Cores. This clustering measure
can help identify tightly interlinked groups within a network;
this information points to potentially smaller subnetworks
that operate within a wider group.
SNA can also be enhanced by the use of weightings. These
scores help to indicate the strength of differing relationships
(links), each of which can affect a target network. Weighting
relationships helps to deliver a more real-world indication of
the dynamics and structure of a target network.
Users can control this analysis to:
• Exclude specific entity or link types to refine the search
such as concentrating just on actual communication or
transactional information.
• Exclude specific entities to remove those known not be
involved in investigations.
• Test hypothesis by excluding items to help identify potential
effects of removing that entity from a network, for example
the effects of freezing a bank account on the movement of
funds between other accounts of interest.
• Format the results on the chart to help to clearly
communicate analysis findings.

Directed links can also be included in the calculation of

centrality measures in i2 Analyst’s Notebook. The use
of link direction on a chart is often useful in assessing how
information and commodities flow through a network.

This direction of flow has an important bearing on how

quickly information is passed from one part of the network
to another. For example, a person may receive information
from many others in the network but only send information
on to a select few.

For more information, see the overview and technical Social

Network Analysis white papers. These white papers are
available at ibm.com/i2software

12
IBM Analytics
White Paper

Geospatial analysis
Combining geospatial data and understanding with both
association and temporal understanding is a key requirement for
analysts and their organizations. The combined understanding
of all these aspects helps to facilitate turning information into a
full intelligence picture. The Google Earth Exporter within i2
Analyst’s Notebook enables users to export selected chart data
to an installed Google Earth client. More detailed geospatial
analysis is also available with the addition of the optional
IBM i2 Analyst’s Notebook Connector for Esri.

Google Earth Exporter — If items in a chart contain

geographical information, i2 Analyst’s Notebook can identify
and map this information to a separately installed Google
Earth client. As well as the ability to simply map selected
chart data, the date, and time information can also be sent
to Google Earth. This extra information allows users to track
the movement of suspects or events over time with the time
slider animation in Google Earth. i2 Analyst’s Notebook also
enables users to export selected chart data to a kml/kmz file.
This mapping file format can be imported in to other
common mapping applications.
Analyst’s Notebook Connector for Esri — i2 Analyst’s
Notebook Connector for Esri is an optional plug-in to i2
Analyst’s Notebook. It enables users to combine the link and
temporal analysis capabilities of i2 Analyst’s Notebook with
the geospatial capabilities provided by an available Esri
ArcGIS Server. This powerful combination allows users to
connect to and utilize available Esri geospatial analysis
services. These services include base maps, dynamic map
feature layers, and analytical services such as Geocoding,
Find Route, and Drive-time Analysis.
This closely coupled, two-way integration allows users to
create a geospatial view directly inter-connected with the
association and temporal views of i2 Analyst’s Notebook.
It allows users to perform the who, what, when and where
analysis all from within a single combined environment.
More information on the benefits and capabilities of this
offering can be found in the i2 Analyst’s Notebook Connector
for Esri Product Overview white paper. This white paper is
available at ibm.com/i2software
Entity matching
With the ability to take data from a wide variety of sources it
becomes important to be able to identify, and deal with, items
from different data sources that are in fact the same real-world
object. Entity matching, within i2 Analyst’s Notebook, is the
process of finding occurrences of items on a chart that represent
the same item. i2 Analyst’s Notebook provides two types of
entity matching:
Automatic entity matching — i2 Analyst’s Notebook
automatically detects entities that are the same as other
entities as they are being imported into a chart. This
matching works on item identity or database identity. The
identities of two entities are deemed to be the same if they
match exactly (and are the same case) character for character.
Because two identical entities are not allowed to coexist on
the same chart, i2 Analyst’s Notebook merges them together,
even if their labels are not the same.

13
IBM Analytics
White Paper
Find Matching Entities — With data potentially coming
from different data sources, situations commonly arise where
data imported into a chart has differing unique identities but
refers to the same real-world object. This situation could
involve people who are imported from different data systems,
where name formats are different or name synonyms used
(Danny instead of Daniel). Items also could have been
imported with different unique identities but have a number
of equivalent properties behind them. The use of an alias
name is one example.
Find Matching Entities allows users to quickly identify
imported items that have enough similarity that may indicate
they are the same entity. All matches are ranked by smart
matching technology that automatically analyzes chart item
information for equivalency. This technology uses various
inputs from synonym lists (name variants), spelling, and
phonetics to Semantic Type Libraries. The Semantic Type
Libraries can be used to categorize items by defining common
meaning (for example, male and female can be categorized
as person).
14
These definitions can be used to align data from different
sources. Better data alignment improves the accuracy of any
potential matching and reduces the time that is taken to
identify possible duplicates. These ranked results help in the
final human-led decision as to whether the items are the same
and can be merged into a single item.
Search and discovery
With the ability to ingest a wide variety of information from a
wide variety of sources comes the need to be able to efficiently
search that data. Effective search techniques are vital to allow
users to quickly identify information of interest, key connections,
or patterns that are hidden within any charted data set.
i2 Analyst’s Notebook provides a number of search and
discovery capabilities that aid users in the identification of
key areas of interest. These capabilities include:
Search — i2 Analyst’s Notebook provides two main search
functions that can be used based on the depth of search that is
required by the user. The Find Text search returns exact text
matches, ideal for when a user knows exactly what they are
looking for. The Search Bar provides a wider search by taking
into account synonym lists (such as name variants). It returns
results in a ranked list that is based on the closeness of the
match. This method is ideal when performing a search with
terms that are likely to have potential variances in the data to
be searched.
List Items — The List Items view in i2 Analyst’s Notebook
allows users to view charted data in a spreadsheet (tabular) view.
This structured view allows analysts to quickly sort data based
on specific properties. Sorting helps quickly identify items with,
for example, the highest or lowest values or to identify specific
groups of items that have certain properties in common.
IBM Analytics
White Paper

Infotips — Any top-level item in i2 Analyst’s Notebook can

hold a wealth of information underneath it. Infotips provide
faster access to an item’s information by providing an instant
summary view of an item. This view can include information
about the item’s properties. It can also display any supplemental
information, who or what the item is linked to and information
on an item that is sourced from external data sources. Infotips
can also be configured to display only relevant information of
interest so users can identify and highlight the most important
information quickly.

Find Path—Identifying hidden connection paths between

items that appear not to be directly connected is important in
determining potential relationships between parties. The Find
Path function in i2 Analyst’s Notebook helps to identify paths
from one item to another, based on a user’s specified criteria. It
helps answer the questions of “Is Item A connected to Item B
and how are they connected?”. Users are able to set various rules
about which items are allowed on the path (both entities and
links). These rules allow users to exclude particular relationships
or communication types as being valid connection paths.

Linked Items Bar — The Linked Items Bar is an analysis

Visual Search — Visual Search provides an intuitive search
interface that allows users to visualize the search criteria they
wish to perform on a charted data set. Search criteria can be
quickly created for both single item and linked item searches.
Single item searches can be built based on their type, label, date
and time, and attributes. Linked item searches take that a step
further by being able to visually specify the search criteria for a
pair of linked items. This linked search helps to find items or
the links between them that match the specified conditions.
One example is searching for a ‘blond male who owns a blue
BMW with license plate number that includes YH57’.
tool that can help users discover the items that are connected
to a selected entity. In smaller charts, which are created
manually, it is simple to see which chart items are linked to
a particular entity. However, in larger charts, from sources
such as telephone call logs, it can be more difficult to see what
other items are directly connected across an entire network.
The Linked Items Bar provides a quick summary of each of
the connections for a selected entity, and also interacts with
the main chart view.

15
IBM Analytics
White Paper
Analytical layouts—i2Analyst’s Notebook provides a number
of analytical layouts that can be applied to charted data. These
layouts help analyze the structure of chart data or help in
managing the data on the chart for briefing or presentation
purposes. Two main types of layout are provided. Depending
on what data a chart contains, users can apply layouts for both
association and for timeline charts. These layouts can be used to
emphasize different aspects within a charted data set. Layouts
help to visualize the structure of a network, identify different
groups, or display data as a hierarchical or organizational view.
16
Simple communication of complex data
But with all these visual analysis capabilities it is equally
important for analysts to be able to effectively convey key
intelligence in a clear and concise manner. The effective
dissemination of data is vital to aid operational decision
makers in making rapid, accurate, and informed decisions.
i2 Analyst’s Notebook provides users with the means to:
• Communicate complex data with intuitive and easy-to­
follow visual briefing charts.
• Create detailed charts or visuals to enhance other end
intelligence products.
• Export chart visualizations to other commonly used
distribution formats.
• Create ‘down-graded’ versions of charts to easily share the
right level of information with others who have different
security clearances.
• Easily share charts with non-Analyst’s Notebook users.
Charts — i2 Analyst’s Notebook charts are a common currency
for the dissemination of key intelligence. The comprehensive
visualization environment that is coupled with the array of
visual formatting options allows users to convey complex
information within easy-to-understand visual representations.
These visual charts can then be used for the effective briefing
of end intelligence information. i2 Analyst’s Notebook also
provides a tool to further simplify the process of briefing, in
particular, larger charts.
The Snapshot tool enables users to store multiple snippets of
a chart and then play them back in a required order. Users are
able to ‘walk-through’ chart information during briefings with
the minimum of effort.
IBM Analytics
White Paper
Sharing chart information — Often information that is
identified within a chart is required for other end intelligence
reports in differing formats. i2 Analyst’s Notebook provides
a number of methods that allow users to:
• Copy or save a whole chart or parts of a chart to various
image formats (.bmp, .jpg, .png). These visuals can then
be used in other intelligence documents.
• Copy or save a view of the visual results of i2 Analyst’s
Notebook analysis tools. These tools include the
Histogram, Heat Matrix, and Activity views.
• Export all snapshots of a chart that are taken with the
Snapshot tool to a Microsoft PowerPoint presentation.
• Export a whole chart or parts of a chart to an Adobe
PDF document.
Chart redaction — i2 Analyst’s Notebook provides the means
to grade all data within a chart. The grading aids in recording
information such as confirmation status, reliability of source or
security clearance level. Users are also provided with the ability
to save a redacted version of a chart. Redacted versions can
be created to include information that is based on either the
grading level of items within a chart or on a specific property.
This capability allows users to easily share chart information
with others who have a lower security level. Users can quickly
create separate charts with all ‘sensitive’ information removed.
IBM i2 Chart Reader — i2 Analyst’s Notebook charts can also
be shared electronically to anybody who does not have access to
i2 Analyst’s Notebook. IBM i2 Chart Reader is available at no
charge and provides read-only access to charts that can then be
navigated, searched, or printed. Rich information behind chart
entities and links can also be searched and read.
Extensibility
i2 Analyst’s Notebook is a powerful stand-alone visual analysis
environment in its own right. There is also an extensive range
of options available to further extend the capabilities to provide
even greater value to analysts and their wider organization.
17
IBM i2 Analyst’s Notebook Premium
IBM i2 Analyst’s Notebook Premium builds on the powerful
visual analysis capabilities of i2 Analyst’s Notebook. It provides
a rich data-centric analysis environment complete with an
optimized local analysis repository. It further helps to reduce
the costs that are associated in uncovering key connections,
networks, patterns, and trends to help predict and prevent
criminal, terrorist, and fraudulent activities
It includes all the key elements that are required for single
users to collate, manage, explore, and analyze all of their
local information.
• Local analysis repository that is optimized for data
management, information discovery, and analysis.
• Data management interface to enable rapid data entry
and management, as well as powerful search and discovery
capabilities.
• Near-seamless integration with the powerful capabilities
of the rich visual analysis environment empowers users to
quickly build multi-dimensional views on the identified data
of interest.
IBM i2 Analyst’s Notebook SDK
i2 Analyst’s Notebook SDK (software development kit) enables
organizations to extend i2 Analyst’s Notebook to meet their
individual requirements. It provides technical specialists with
the software, documentation, and sample materials that are
required to extend and enhance (through development) the
functionality available within i2 Analyst’s Notebook.
i2 Analyst’s Notebook SDK empowers developers, by using the
i2 Analyst’s Notebook API, to:
• Develop plug-in components to enhance and extend the
functionality that is provided by i2 Analyst’s Notebook.
• Create separate applications that can control and power
i2 Analyst’s Notebook via its automation interface.
• Build custom stand-alone applications that use the i2
Analyst’s Notebook controls to add analysis capabilities
to the application.
IBM Analytics
White Paper
Data acquisition
IBM i2 iBridge — IBM i2 iBridge enables i2 Analyst’s
® ®
Notebook users to directly connect to key existing databases
to speed the data acquisition and analysis process. A live
connection allows users to access the most current data.
The powerful search and query capabilities help analysts to
uncover hidden links that are buried in existing data sources.
i2 iBridge enables users to sequentially access data from
multiple sources, increasing the accuracy and depth of analysis.
IBM i2 Information Exchange for Analysis Search
Services — IBM® i2® Information Exchange for Analysis
Search for i2 Analyst’s Notebook enables i2 Analyst’s Notebook
users to connect to multiple data sources and perform a single,
simultaneous search. This single search across multiple sources
accelerates data acquisition processes and promotes greater
efficiencies in the use of analyst resources.
Collaboration
IBM i2 iBase — IBM i2 iBase is an intuitive intelligence
database application. It enables collaborative teams of analysts
to capture, control and analyze multi-source data in a secure,
workgroup environment. i2 iBase enables multiple users to
effectively and securely access and share key information.
This collaborative ability aids intelligence analysis teams in
uncovering meaning and connections in increasing volumes
of complex structured and unstructured data.
Geospatial analysis
IBM i2 Analyst’s Notebook Connector for Esri—i2 Analyst’s
Notebook Connector for Esri integrates i2 Analyst’s Notebook
with Esri ArcGIS server. It provides analysts with a single
centralized work environment that integrates link and temporal
analysis with geospatial analysis. It helps analysts increase
understanding into the critical where aspects of any analysis, and
reduces the time to build a comprehensive operational picture.
18
Unstructured data analysis
IBM i2 Text Chart — IBM i2 Text Chart is an intuitive,
user-controlled tool that speeds the process of extracting and
visualizing key information that is hidden within unstructured
data. It also facilitates the effective sharing of findings via
intuitive visual charts.
IBM i2 Text Chart Auto Mark — IBM i2 Text Chart Auto
Mark builds on i2 Text Chart with the automatic discovery and
markup of key entities. This ability further reduces the time
that is required for the manual tagging and extraction process.
For more information, visit ibm.com/i2software
Technical description
Product Architecture
i2 Analyst’s Notebook is a stand-alone desktop product that
is designed to provide users with a powerful visualization and
analytical tool. i2 Analyst’s Notebook has an API to enable
programmatic control of the application via the i2 Analyst’s
Notebook SDK.
What prerequisites are required
to install the product?
For information about hardware and software
compatibility, see the detailed system requirements
at ibm.com/software/products/en/analysts-notebook
What documentation is provided?
The following documentation is supplied with
i2 Analyst’s Notebook:
• i2 Analyst’s Notebook Release Notes
• i2 Analyst’s Notebook Online Help
The documentation (other than the online help) is provided
in electronic form only. In order to display the documentation
a PDF viewer must be present on the installation system.
IBM Analytics
White Paper

Is i2 Analyst’s Notebook available in languages

other than English?
i2 Analyst’s Notebook is developed in US English. It is
supported on Western Europe, US, Central European,
Baltic, Cyrillic, Turkic, Arabic, Korean, Japanese, Simplified
Chinese and Traditional Chinese regional versions of the
supported operating systems.

As well as English, i2 Analyst’s Notebook is available in the

following language versions:

• French
• German
• Spanish
• Italian
• Portuguese (Brazilian)
• Japanese
• Chinese (Simplified)
• Chinese (Traditional)
• Korean
• Russian
• Polish
• Arabic
• Hungarian
• Turkish
• Czech
• Slovak
• Hebrew

For more information

To learn more about IBM i2 Analyst’s Notebook, please
contact your IBM representative, or visit: ibm.com/i2software

To learn more about all of the IBM Smarter Cities solutions,

visit: ibm.com/smartercities

19
© Copyright IBM Corporation 2015

IBM Analytics
Route 100
Somers, NY 10589

Produced in the United States of America

August 2015

IBM, the IBM logo, ibm.com, i2, and Analyst’s Notebook are trademarks
of International Business Machines Corp., registered in many
jurisdictions worldwide. Other product and service names might be
trademarks of IBM or other companies. A current list of IBM trademarks
is available on the Web at “Copyright and trademark information” at
www.ibm.com/legal/copytrade.shtml.

Microsoft, Windows and Windows NT are trademarks of Microsoft

Corporation in the United States, other countries, or both.

This document is current as of the initial date of publication and may

be changed by IBM at any time. Not all offerings are available in every
country in which IBM operates.

The performance data discussed herein is presented as derived under

specific operating conditions. Actual results may vary. It is the user’s
responsibility to evaluate and verify the operation of any other products
or programs with IBM products and programs. THE INFORMATION
IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT
ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING
WITHOUT ANY WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY
OR CONDITION OF NON-INFRINGEMENT. IBM products are
warranted according to the terms and conditions of the agreements under
which they are provided.

The client is responsible for ensuring compliance with laws and

regulations applicable to it. IBM does not provide legal advice or
represent or warrant that its services or products will ensure that the
client is in compliance with any law or regulation.

Please Recycle

ZZW03172-USEN-03