AIOps

In an IT environment, machines and humans contribute to generating huge volumes and variety of data. If we can tap into this data through Analytics, we can glean deep insights for the IT Operations users.

BigData in an IT environment consists of metrics, logs, transaction traces, events, tickets etc. Tickets are an interesting type of data in this environment and often a key source of insight because they contain a mix of machine and human generated data which accumulate over its lifecycle, from creation to closure.

Tickets are created in multiple ways – e.g. an end user may report a problem at a call-center via voice transcription or email, an event can be generated by the IT monitoring system leading to a ticket being auto-created, an Operations user may inspect a monitoring event and act on it by creating a problem ticket to be solved by a Subject Matter Expert (SME).

Depending on how it is created and the lifecycle, a ticket contains a mix of machine generated data and natural language descriptions and comments about the problem, how it is being handled, and even the final resolution. What if we could analyse this rich data to answer the questions of IT Operations users and help them to be innovative at work ?

There are 3 types of users who may benefit from the analysis of tickets. Let’s give them some hypothetical names for the discussion —
(a) Ann, an Executive responsible for running the Central IT or may be the Applications within a Line of Business in the organisation
(b) Joe, the Service desk analyst responsible for routing tickets to the right SME
(c) Mark, an SME responsible for troubleshooting a set of IT systems or Applications when he gets a ticket assigned.

Let’s dig into the questions they want answered —

Ann wants to see a dashboard of problem hotspots and trends that tell her a summary of where she needs to focus her resources to help make the IT environment more healthy. For e.g. she may find out that most of her team is spending time on network related issues currently, where she has less SMEs, or the database server for her critical application is increasingly impacted by storage problems, which means she has to spend more on storage procurement.

Joe wants to route an open ticket to the right SME. This means that he needs to understand what is the problem area the ticket is describing, who has solved similar problems in the past quickly and is now free to solve it, how much time does it take to solve such issues, whether the problem is service impacting, and what have been the past resolutions of such issues.

Once Joe routes the ticket to the best SME, say Mark, now Mark needs to pull together data from relevant parts of the systems and application metrics and logs to do the root cause analysis. It is like looking for a needle in a haystack, where context really helps – where should one start? The ticket can provide him that context and the right starting point. For e.g. a ticket can provide information about what parts of the system are affected, around what time, and what symptoms were observed to drive a better metric or log search for root cause analysis. But this contextual search needs to be automated for Mark.

Many of these questions can be answered by analysing the natural language text within the tickets along with existing structured meta-data. Many Service Desk solutions provide some of this analysis on only the structured meta-data of tickets that are populated by humans or programs. E.g. the ticket problem category may indicate it is a networking issue because someone filled up the attribute. But that’s often not the case.

The solution built on IBM Operations Analytics – Log Analysis takes the approach where the natural language text is analyzed along with structured meta-data to understand what a ticket is talking about and which other tickets or logs it relates to. This helps to be more automated and “cognitive” when providing actionable recommendations to the users. The Analytics applies across multiple vendor Service Desks to solve the problems for the typical Ann, Joe and Mark.