We've been deeply involved in event management since the late 90's and early 2000s, particularly within the massive NOCs of London's major financial institutions. Back then, the network was IT's linchpin, but over time, business operations, applications, and the customer experience have taken precedence.
Even in those early days, priorities were straightforward: swiftly identify and resolve issues. Our tools were basic, telemetry was rudimentary, and finding the root cause relied on experts in the room. It was challenging, but that was the only way forward at the time. We utilized tools and local events to troubleshoot in silos/swim lanes.
As technology progressed, we introduced incident management integration, allowing us to automatically create incidents with the click of a button. This innovation was ground breaking – a ticket could be logged without manual data entry and sent automatically to the relevant team in Remedy and we'd get a pager message to inform us when on call.
The evolution persisted with the rise of event management solutions, addressing and categorizing events before they escalated into incidents (i.e., before something is broken). These tools were designed to manage traps and events from diverse sources, with the goal of offering improved and faster comprehension through effective centralised grouping. Monitoring, event management, and incident management took center stage in technological advancements, ushering in semi-automated processes and a more proactive approach.
Jumping to the present day, we observe the emergence of platforms where vendors, formerly focused on a specific domain, broaden their offerings to provide centralized solutions spanning multiple areas. Vendors boasting extensive and comprehensive capabilities have risen as formidable players in the industry. The motivation behind this shift was to break silos, minimize the number of vendors, and potentially achieve cost savings.
ServiceNow, in particular, emerged as a frontrunner by offering one of the first cloud services, dethroning Remedy in the incident management space. While Remedy was reliable and beloved, the allure of a SaaS solution, with no hosting or database concerns, frequent feature updates, guaranteed availability, and cost-effectiveness, was too compelling to resist. ServiceNow's success then expanded beyond incident management, incorporating event management, CMDB, asset management, and asset discovery, making it the go-to solution for enterprises seeking an all-encompassing, automated workflow across various capabilities with all the data accessible under one roof.
However, is adopting a platform truly advantageous for an organization? For us, the answer hinges on specific use cases, staying abreast of innovations in the field and striking the right balance for your organisation. Despite accolades from industry authorities, we remain unconvinced that it's the optimal choice.
Examining the IT Operations Management (ITOM) module reveals a substantial expansion beyond event management. It encompasses Discovery, Service Mapping, Certificate Management, Firewall Audits and Reporting, Service Graphs, Configuration Management Database (CMDB), Metric Intelligence, Health Log Analytics, and Cloud Accelerate. It has swiftly evolved into a comprehensive platform where you now have to select a package:
Note: "Visibility" package does not incorporate Event Management, which is at the core of IT operations—visibility into what? If you require Event Management, opting for the "Professional" package is necessary, although it includes various other components that you likely do not need and may already have. This underscores the critical importance of well-defined use cases, as you might find yourself purchasing a package with features that you do not fully utilize. If your use case involves conducting event management on production systems, be prepared for a potential surprise, as the licensing is configured based on Configuration Items (CI) and does not distinguish between environments.
Comparing to point solutions unveils alternative options in the market. Choosing 2 or 3 distinct products, even with some degree of fragmentation, becomes a feasible strategy if it leads to a cost reduction, offers better manageability, and scores higher on use cases, particularly in a cloud-centric approach.
If you manage multiple monitoring tools in cloud or observability environments, especially if your service providers have their own, consider Big Panda—an acclaimed platform renowned for its efficient and user-friendly event management. Big Panda has pioneered advanced AIOPS functionalities, adeptly detecting anomalies, predicting future events, and safeguarding your services through proactive self-healing. With its automated change detection feature and seamless integration with ServiceNow Change Management (or alternative platforms), it facilitates swift correlation to identify root causes. Impressively, many features now found in ITOM were already part of Big Panda's repertoire long before. This serves as a prime example of a point solution that has remained focused on its core strengths.
Several observability and infrastructure monitoring tools, including Dynatrace and LogicMonitor, come with built-in event management features. Additionally, most of them offer AIOps capabilities, enabling the execution of self-healing scripts through tools like Ansible or StackStorm. The scope of infrastructure monitoring spans servers, applications, networks, and cloud environments. With ServiceNow CMDB integration, there's no requirement for an additional discovery tool. (For the CMDB, the "Visibility" package is sufficient.)
In conclusion, exploring alternatives is crucial. Failing to research innovations in tooling and explore different vendors might limit your awareness of available options. Choosing a platform doesn't mean you need all of it, you can leverage other best in class solutions. While ServiceNow might excel in incident or change management, it doesn't necessarily dominate in discovery, event management, or service mapping. The power of choice is yours.
Smaller companies, such as ours, offer a unique perspective. It's crucial to carefully analyze cost structures and align them with your specific use cases. Begin with use cases that align with ITIL capabilities, evaluate them collaboratively with your teams, conduct adoption reviews, and reassess every six months. Clearly define priorities; if Service Mapping isn't a critical requirement, assign it a lower score—it's a nice-to-have, not a necessity. Always have a contingency plan in place.
We hope you enjoyed the read, it certainly took us back 20 plus years to the good old days where we had the best tools for the job. If you would like to talk to us about tooling, use cases, event management or AIOPS, feel free to reach out via email@example.com.