Most articles we see about ITSM and ITOM today seem to have a very high level process perspective. In our experience, we’ve found that quite a few companies understand things at a high level, but don’t actually know how to get started “in the weeds”. This short article attempts to address this “boots on the ground” need.
This article is going to list, in chronological/maturity order, the specific functions you need to implement to increase your IT capability maturity.
Service Desk/Ticket Tracking
Just about every company has an incident tracking tool implemented, which is great because this really is the most foundational component of ITSM and ITOM. Almost any tool you pick today has plenty of features and functions to allow you to work effectively for some time. In our experience, you normally shouldn’t look at changing this product unless you’ve fully documented your ITSM/ITOM processes and found that the tool simply doesn’t meet your needs. In our experience, this tool isn’t usually the limiting factor.
Monitoring
Synthetic Monitoring
If you don’t have synthetic transaction monitors in place, then you’re simply leveraging your users as your monitors. You want to know about a problem BEFORE any users do. Without synthetic monitoring, it’s very difficult to truly define and enforce Service Level Agreements.
System/Component Monitoring
High-level synthetic monitoring doesn’t help you with the resolution of the problem, so you need to get system and component monitoring in place to help you pinpoint the actual source of the problem. You need to monitor your operating systems and middleware to ensure they’re healthy.
Transaction Tracking
In addition to component monitoring, you ideally want to have data collectors configured in each component leveraged by your applications. This will allow you to see exactly which part of your application is having problems, greatly reducing your Mean Time To Diagnose. Data Collectors usually require more detailed configuration than the component monitoring, and that’s why a little more maturity is required before they can be deployed.
Logfile Monitoring and Collection
With the advent of technologies like LogStash and ElasticSearch, it’s now possible to store all of your system and application log files to later search for additional information when problems are encountered. In some cases, this can partially replace the need for transaction tracing.
Event Management
Centralized Event Collection
Your alerts need to be collected in a central repository so you have consistent insight, governance and response. Each of your various groups may have its own local monitoring tool, but you need to centrally manage the alerts to provide visibility into your operations.
Event Enrichment
Alerts almost never include information such as the system administrator or application owner. This information needs to be added to the event via enrichment from any existing databases that you have so that the appropriate group(s) can be notified when events are generated.
Event Correlation
Someone needs to be notified when issues are seen, but you don’t want to send a notification for every alert. Once you’ve got your events enriched with the appropriate information, you can correlate them to reduce the noise.
Event Actions
An event management system that’s properly implemented will allow you to take the correct actions and notify the appropriate groups at the appropriate time. Additionally, all of your alerts need to be managed centrally for governance and reporting purposes and for analytical analysis.
Robotic Process Automation
At some point you’ll the need for automating tasks across multiple systems according to a well defined workflow. Even more benefit can be realized when this is integrated with Event Management.
Software Provisioning and Patch Management
This is good to have at any stage in your IT journey and it is absolutely invaluable. You automatically have this on a per-machine basis, or in your Windows domains, but a purpose-built cross-platform software provisioning and patch management tool provides a LOT more capability than anything that you get bundled with another purchase. You get customized grouping, custom criteria and many, many more capabilities than you ever thought possible.
Analytics
All of the tools under the ITSM suite produce invaluable data. However, looking at this data at a point in time is not the only use. Recording it and analyzing it can provide insights into your environment that can assist with problem determination/resolution, show correlations that were previously unknown and help predict issues/outages before they occur.
CMDB and Discovery
Simply stated, you can’t have an up-to-date CMDB without a discovery tool in place. Unfortunately, this is one of THE most difficult applications to successfully deploy and maintain in your environment. The largest issue is with credentials. Your discovery tool will need credentials for every system and piece of middleware that you need to discover, and the owners of those components won’t want to give you the credentials you need. The way to overcome this hurdle, as with any other large endeavor, is to make steady progress and to evangelize each and every success you achieve along the way.
Integration
Integration is vitally important at every tier of your solution. All of your monitoring and management systems need to be integrated to give you a single location from which you can identify, diagnose and remediate issues, as well as provide reports on the current and historical health of your environment.
Conclusion
As you work on expanding your service offerings and becoming more agile, make sure you remember the fundamental building blocks that allow you to effectively manage your environment.