As we’ve heard in recent months, IT Operations Analytics (ITOA) has been one of the most talked about topics in IT. While leading vendors and startups alike have made significant progress in leveraging analytics for offering better IT operational insights, the available ITOA solutions still struggle to effectively deal with IT big data -- operating with a focus on data in narrow silos (APM, log etc.).
To really reap the benefits and promise of analytics, IT decision makers need to break these silos and apply blended analytics, an approach that blends and analyzes major sources of IT information. Blended analytics can extract insights and draw intelligent correlations from a variety of data produced by multiple systems across IT silos.
By analyzing a blend of data sources together (e.g., performance, log, deployment automation and configuration data) IT Decision makers can see more than the individual components and finally get the whole picture.
Problem: Today’s ITOA is More of the Same
Today's ITOA solutions are limited by silos, a focus on symptoms, and weak analytics.
Still in Silos: Who sees the whole picture? IT operations data is very diverse. Nevertheless, many of the available ITOA solutions continue a siloed operations approach, where some essential data feeds are still left unprocessed and not correlated. This includes deployment and release automation data, service requests, environment configuration, software configuration, application data and many others. While current insights are important, they fall short of quickly pinpointing sticky issues.
Symptom-focused: Focusing just on the “symptoms” that indicate a problem, ITOA solutions do not get to the true root-cause of a problem, leaving IT vulnerable as an investigation lags. Reverse engineering from symptoms is very time consuming and not practical for identifying an actual root cause (an “undesired change”) that set off an issue.
Focusing on “symptoms”, ITOA tools need to wait for something to happen (an abnormality to arise) and then kick into action. However, it could already be too late, for when a “symptom” has been observed, the abnormal system behavior may already have impacted users.
Narrow analytics: The pressures weighing upon IT have pushed the demand for ITOA solutions, making a case for effective analytics. In turn various IT management vendors, particularly established ones, announced new ITOA components that enhance their current product suites. Yet, these so called’ analytics, in many cases, have merely been a new dashboard or a KPI aggregation. Still relying on users to define data analysis algorithms, many of the solutions just provide a catalog of pre-defined statistic functions. Moreover, most existing ITOA solutions do not offer truly intelligent analytics, not applying machine learning approaches like advanced statistical analysis or domain-specific heuristics.
Blended Analytics Extracts Useful Insights
Blended analytics is about bringing in, correlating and analyzing data together from multiple data sources (APM, network, log, configurations, etc.), using a combination of methods to draw intelligent correlations and extract useful insights from IT operations data. By analyzing this blend of data sources together (e.g., performance, logs, automation and change data), behavioral patterns, unusual event occurrences and anomalies can be identified. Analysis methods can include machine learning, statistics algorithms and domain-specific heuristics.
To make analytics insights comprehensible and useful, they need to be mapped to the context of IT environments and activities familiar to IT operations (e.g. applications topology, releases, service requests, etc.). Blended analytics will proactively detect potential performance, availability and security issues, to automatically provide root cause analysis that can allow IT ops to prevent and quickly resolve issues. Root cause investigation could be accelerated by leveraging various tools and an array of data sources.
Blended Analytics Takes ITOA Higher
To drive operational decisions and activities (both manual and automated), analytics must provide actionable insights. All relevant IT data should be analyzed to reach this level of insight.
Blended analytics takes ITOA to a new level, towards realizing the actual benefits promised by ITOA, by combining information from across silos, correlating symptoms and root causes as well as mapping them into context that users can grasp.
Change Is the Root of All Evil
In today’s complex IT environments, most operational issues are due to changes. This is why the first question usually asked when performance issues come up is: “what changed?”
Though critical, this is a surprisingly frequently overlooked source of data, really a blind spot for IT operations. Very few organizations can claim that they have such comprehensive knowledge. Often, the root cause is attributable to an “undesired change” - automated or manual (authorized or not).
“Undesired changes” to an application update, can introduce defects. Changes in environment configuration can lead to misconfigurations. Changes in an application data set can impact performance or even cause a failure if the system was not designed to handle certain types, volumes or parameters of data. Environment capacity changes can impact the ability of a system to support current and historical application workload levels. The only other cause that could impact operations is hardware failure.
While this is not new to either IT organizations or to IT tool vendors, knowing exactly what changed is an extremely difficult undertaking, and today’s ITOA tools still don’t monitor and analyze changes.
Collecting information about changes in the environment state is not easy; particularly configuration, data and code at the granular level and in near real-time. Information is stored in different formats across different sources (files, databases, registry in Windows, APIs, system utilities etc.). With environment state data coming in huge volumes, business systems (especially in production) need to remain unaffected during such massive data collections.
Thus both IT and vendors have put their focus on the far more accessible area of symptoms.
Get the Whole Picture with Blended Analytics
A comprehensive view of IT operations comes forth with blended analytics, standing on three key pillars: multiple data sources, change-centric, and powerful analytics.
Multiple Data Sources: Symptoms are identified via indicators that focus on system behavior AND health such as APM, system & network management, log events etc. Observing several types of indicators can increase the probability of early issue detection. For example, errors in a log report that show a locking database, combined with performance slowdown indicators and mapped to the environment components exhibiting abnormal behavior can provide alerts about an imminent performance problem.
Change-centric Approach: A critical, yet frequently overlooked source of data is changes. With change being one of the primary sources of operational issues, blending multiple sources of data with a top-down analysis focused on change will offer quick access to actual and potential root causes, raising the level of automation necessary for managing complex and dynamic environments.
Powerful Machine Learning Analytics: The level of change risk can be revealed through machine learning algorithms, such as advanced statistical analysis or even domain-specific heuristics that look at repeating data patterns. Calculating an integrated risk score for each change can show where changes set off a root cause of an investigated incident or even warn about a potential issue.
Blended Analytics: Where ITOA is Heading
Optimized IT operations more than ever serve as the foundation for business success in today’s competitive, complex landscape. This means providing reliable support for critical business systems and their underlying infrastructure, while ensuring the availability of business side services. IT operations need to support the introduction of new applications and infrastructure while analyzing ever growing amounts of operational data.
So, to ultimately realize the benefits and promise of IT Operations Analytics, IT decision makers need to apply Blended Analytics to bust out of their silo-focused approach. By looking at change as the cornerstone of everything that happens in IT environments and applying a blended approach to diverse data sources from APM, log, service management, configuration and others, the next generation of IT Operations Analytics tools will have truly intelligent analytics and be ready to sift through terabytes of operational data in near real time. This will lead to continuously improving and providing effective descriptive, predictive and eventually prescriptive IT Operations Analytics.