Event Correlation, Knowledge Spirals and the Three WaysFollowing up on my previous post, Layer Models are Alive and Well, this article dives deeper into event correlation techniques and their key role in IT management and monitoring.

The purpose of event management and monitoring is to make sense of events, and while this may require some analytics and intelligence, the goal is an actionable alert — a meaningful notification that enables the right person to take the right control action.

So, we may leverage predictive analytics as a form of artificial intelligence to achieve this goal, and we might even need to perform further analytics in order to get the information required to make a good decision.

This right-to-left flow provides us with the knowledge and wisdom to make effective decisions, which is the basis for effective automation.

Right to left flow of event correlation information

We must also leverage this knowledge to make sense of events, which is a left-right flow as illustrated below. In this case, effective event correlation will translate data into actionable information which provides the basis for further decision making.Left to right flow of event correlation information

ITIL’s Knowledge Spirals

The ITIL guidance talks about these left-to-right and/or right-to-left communication flows as knowledge spirals. There are literally thousands of measurements that an IT operation takes every second of every day. This kind of data is essential for today’s IT operation, but without applying the Data-to-Information-to-Knowledge-to-Wisdom (DIKW) principle we run the risk of drowning in a sea of confusion.

However, just as clients should not confuse Information with Data, even sophisticated information in the form of reporting must not be confused with the Knowledge that provides actionable intelligence. Visibility improves as we move beyond what we can see to include what we know (i.e., moving from raw data, to information and to knowledge).

Moving event correlation information from raw data to actionable information

DevOps and the Three Ways

The First Way is a DevOps practice that emphasizes the performance of the entire system, as opposed to a specific silo of work or department.

eG Enterprise radically simplifies and accelerates application performance monitoring across mission-critical virtual, cloud and physical IT infrastructures by embedding an automated performance monitoring and root-cause diagnosis technology that automatically pinpoints IT service performance issues with accuracy. The operative word here is service — this includes applications (Dev) and infrastructure (Ops), consistent with the First Way.

The Second Way is a DevOps practice that is about creating right to left feedback loops; understanding and responding to all customers, internal and external, shortening and amplifying all feedback loops, and embedding knowledge where we need it.

eG Enterprise puts monitoring intelligence in whatever business context is required — from real end user experience monitoring, end-to-end business services, supporting IT services, IT systems (segments) or individual components (configuration items) — and the eG monitor automatically isolates performance anomalies and provides real time feedback. It’s knowledge base also enables critical staff to contribute to a greater overall understanding of the entire system (service) and provide feedback directly to the appropriate stakeholders, consistent with the Second Way.

The Third Way is a DevOps practice about creating a culture of continuous experimentation, improvement and learning. One eG customer commented that the familiar layer model of the eG interface was very easy for diverse IT staff to understand, and created a common frame of reference that was understood by everyone (Dev and Ops).

By providing all staff with a single, intelligent view of each IT service and a single consistent interface, eG Innovations improves collaboration and accelerates feedback between development, quality assurance and operations personnel. End user performance and service levels are based on the same core data and provide IT and business staff rapid understanding of business impacts associated with deviations in IT service performance. By embedding the correlation intelligence into the monitor, it allows staff to focus efforts on business/IT analytics, rather than making sense of events or maintaining a correlation engine.

So regardless of whether you’re adopting IT service management via the ITIL guidance, are on the road to establishing a DevOps culture, or somewhere in between—eG Innovations is extremely well positioned to help your IT transformation.

Learn more about eG Enterprise »

eG Enterprise is an Observability solution for Modern IT. Monitor digital workspaces,
web applications, SaaS services, cloud and containers from a single pane of glass.