We are excited to announce further integration between IBM Cloud Pak for Watson AIOps and ServiceNow's ITSM and ITOM solutions.
In October 2020, IBM and ServiceNow announced an expanded partnership, working together to help clients optimize and automate IT. IBM and ServiceNow are driving further integration between IBM's Cloud Pak for Watson AIOps and ServiceNow's IT Service Management (ITSM) and IT Operations Management (ITOM) solutions. With this integration, industry-leading AI capabilities from IBM Cloud Pak for Watson AIOps are woven into ServiceNow's tools, data, and workflows, helping users and clients embrace automation, better manage IT incidents, and work more intelligently.
Bringing intelligence and automation to IT Operations
When an IT incident occurs, a ticket is often created once the incident is detected and determined to require an engineer's attention. The time between an incident occurring and ticket creation (i.e., a person being aware of the incident) could range from a few seconds, to minutes, to days, depending on detection mechanisms.
While alert-based automatic incident ticket creation is a widely applied practice used in the industry, it has many drawbacks. Traditionally, alerts are set based on manual thresholds and rules designed by subject matter experts. These manual thresholds and rules require constant revision, monitoring, and adjustment, often failing to capture complex scenarios. Frequently, incident tickets are created well after the occurrence of the incident, losing precious time towards quick resolution, in turn increasing costs via service level agreement (SLA) violations, decreasing customer satisfaction, and ultimately lowering customer lifetime value.
Applying AIOps solutions like the IBM Cloud Pak for Watson AIOps can help address these problems by predicting issues, detecting them early, reducing event and alert noise, intelligently locating the specific source components, determining the potential impact, and recommending relevant and timely actions. These AI and automation capabilities help IT teams respond more quickly and intelligently.
Anomaly prediction from logs and metrics
IBM Cloud Pak for Watson AIOps is capable of automatically parsing IT application and infrastructure logs from log aggregation tools (e.g., Splunk, Humio, LogDNA, Logstash) and metrics from metric aggregation tools (e.g., Sysdig, New Relic, Solarwinds). These auto-parsing capabilities automatically detect anomalies in real-time, faster than traditional techniques, thereby significantly reducing the time to diagnose an incident.
IBM Cloud Pak for Watson AIOps applies algorithms such as Granger Causality, Robust Bounds, Variant/Invariant, Finite Domain and Predominant Range, among others, for metric anomaly prediction and deep-learning algorithms to both prepare features from logs during log parsing and to make predictions. Users don’t have to set static thresholds or manual rules to detect anomalies — AI addresses the challenge for users instead.
Event grouping, fault localization, and blast radius
Once the anomalies are detected, IBM Cloud Pak for Watson AIOps groups these anomalies to reduce noise and prioritize efforts for IT teams, applying algorithms such as Temporal, Spatial, and Association Rule mining to achieve grouping. After grouping, entity mentions in anomalous logs, metrics, alerts, and events (e.g., service or application component names, server names, server IP addresses, pods, nodes, etc.) are extracted. These entities are applied against a topology to isolate the problem. The topological graph across application, infrastructure, and network layers allows IBM Cloud Pak for Watson AIOps to map out components and dependencies and provide localization information to engineers, providing critical context that helps them respond more effectively.
Once anomalies are detected, grouped, and localized, IBM Cloud Pak for Watson AIOps then finds relevant next-best actions to resolve the incident by ingesting and mining prior incident ticket data from ServiceNow. Incident symptoms are used as a query to ticket data to retrieve incident records and are used to extract succinct phrases using natural language processing. These next-best-actions can then be executed using Runbook automation tools.
These analytic and AI capabilities are triggered as soon as an anomaly is recognized by IBM Cloud Pak for Watson AIOps, automatically creating a ticket in ServiceNow with all relevant information about anomalies, grouped events, localized faults, blast radius, and next-best-action recommendations. Along with this critical information, corresponding explanations and evidence are attached to allow for a quicker holistic understand of the incident, deeper investigation and documentation for stakeholders.
In IBM’s latest AIOps release, IBM has implemented this automatic ticket creation using AI from IBM Cloud Pak for Watson AIOps. We have a screenshot below laying out how the Cloud Pak for Watson AIOps generated insights appear in ServiceNow.
What’s next in the IBM Cloud Pak for Watson AIOps and ServiceNow integration?
As IBM Cloud Pak for Watson AIOps continues to grow, we are working to help IT teams proactively avoid issues from happening at all by applying AI to Development-Security-Operations (DevSecOps) lifecycle activities for efficient operations. For example, smart controls and gates prevent risky deployments from getting pushed to production. Our team is working to help IBM Cloud Pak for Watson AIOps ingest additional data from ServiceNow and push new information like deployment change risk scores, along with recommendations for fixing high-risk deployment changes.
Taken together, these new capabilities will help IT teams better manage and reduce the impact of IT incidents as they occur and will also help them avoid them in the first place through more intelligent development and deployment.