Event Management Stuck at The Crossroads

I’ve been in IT for longer than I’d like to admit and one thing I’ve seen repeatedly is companies taking a disorganized and ad-hoc approach to Event Management and monitoring of their infrastructure that includes network, servers/VMs, databases, applications, etc.. Most IT organizations I’ve worked with suffer from tool sprawl, having acquired — over time — dozens of point and siloed monitoring tools and element managers. In most cases, each tool sends an event via an text message or email to individual subject matter experts (SMEs). This approach does not provide a centralized way to proactively identify potential issues (including cyber-attacks) at an Enterprise-visible level. In addition, the high volume of “noise” generated from these different tools makes it nearly impossible to determine the real issues and take action.  This leaves IT exposed to client satisfaction issues (end-users know about problems before IT), service outages and unnoticed cyber-attacks.

Here’s what we are seeing:

  • Too many events and noise
  • No correlation or de-duplication of events coming from diverse sources
  • Too many false positives
  • Events / alerts go to multiple groups and handled independently
  • Lack of event enrichment — alerts are cryptic and not actionable
  • No business context and therefore minimal business value
  • And more…

The complete lack of prioritization, budget and a cohesive organizational strategy for Event Management and monitoring is the primary cause and this mindset clearly cannot continue.

We work with clients to develop an Event Management Architecture Plan (EMAP). An EMAP is an actionable strategic blue print and roadmap to get a handle on this tool sprawl, reduce the number of point monitoring solutions to those necessary. We put a plan in place to define Event Management from a people, process and technology perspective. How do we enable the EMAP and turn it into reality?

ServiceNow’s Event Management Solution provides for the automatic creation of actionable alerts from third-party point monitoring tools such as SCOM, Solarwinds, NNMi and others. The application brings events captured by existing infrastructure monitoring tools into ServiceNow for consolidation, analysis, and action. Events are then processed through filters that normalize and de-duplicate the incoming event stream to generate alerts. From there, our clients can simply integrate with other processes enabled within ServiceNow including Incident, Problem and Change Management. Coupled with Service Mapping and the CMDB, our EMAP and ServiceNow implementation services finally allow IT to become more proactive and predictive and bring visibility to the business via service reporting.

Contact us at sales@service-catalyst.com or contact us at +1.888.718.1708 to learn more about our EMAP and ServiceNow services.