Root-Cause Analysis of Application Performance Problems
November 12, 2013

Charley Rich
Nastel Technologies

Share this

I first came upon the term root-cause analysis (RCA) while working at a network management startup. The concept was to determine why a problem occurred so that repair could happen sooner and service restored. To do this required a discovery of the topology of a network and its devices in order to understand where a problem could occur and the relationship between the various parts. Monitoring was necessary in order to identify that a failure occurred and provide notification.

However, the challenge in doing this was that many failure events are received in seemingly random order; thus, it is very difficult to differentiate which events signified symptoms of the problem and which event represented the actual cause. To resolve this, some solutions constructed elaborate causality chains in the hope you could follow them backwards in time to the "root-cause". This is akin to following smoke and having it lead you to the fire. Well it does work, if you do it fast enough and before the whole forest is in flames.

The obvious next thing to do was apply this to applications. It certainly seemed like a good idea at the time ... but it turned out to be much harder than expected. Why harder? Applications are far more complex than networks with many more variations in behavior and relationship. So, instead monitoring systems were applied to the various silos of application architecture such as web servers, application servers, middleware, databases and others.

For many years the focus of APM was on making the application server run better. And from that perspective, it was successful. However, while the application server became more reliable and ran faster, the two key features IT Operations management desire: getting alerted to problems before the end user is affected and being pointed in the right direction have not improved much.

Part of the difficulty in this sort of multiplicity of monitoring tools world is that there so many sources of events and so many moving parts. Is the cause capacity, a stuck message, configuration issues or even worse a misunderstanding of business requirements? Perhaps, the application is running just fine with all indicators green, but the results aren't what the business expected. Or it works fine for users in one group, but not for another. These are very difficult problems to unravel.

An approach Forrester Research suggests is to bring the events from the various sources to a single pain of glass and perform a root-cause analysis. The suggestion is made to use a technology called Complex Event Processing (CEP) to search in real-time for patterns based on events from multiple sources that together describe a problem.

CEP is very good at identifying situations spanning multiple event streams, correlating the individual events together into the "big picture", the situation. Analogous to this is the concept in QA of test cases. Think of situations as the test cases that occur spontaneously in production. APM is not for the faint of heart.

CEP can tie the seemingly unrelated events together into a picture that tells a story, what happened and what triggered it. CEP, using rules is of course dependent on the quality and completeness of those rules. But, that is something that grows ever better over time. A new situation can be described and prevented from ever causing harm again. Without the relationship between the events from the various sources, that would not be possible. We would just be fixing the web server or the database or the application server. With this approach, we are fixing the problem.

CEP represents an actionable form of analytics. You can add CEP analytics to your APM including your currently deployed monitoring solutions as it is inherently a multi-source approach. Utilizing this and delivering root-cause analysis can improve your incident management process. It can help you achieve the IT Ops goals of: getting alerted to problems before the end user is affected and being pointed in the right direction.

Charley Rich is VP Product Management and Marketing at Nastel Technologies.

Charley Rich is VP Product Management and Marketing at Nastel Technologies and has over 28 years of technical, hands-on experience working with large-scale customers to meet their application and systems management requirements. Prior to joining Nastel, Charley was Product Manager for IBM's Tivoli Application Dependency Discovery Manager software, where he co-authored an IBM Redbook, charted the product roadmap, managed an agile requirements process and was recognized for his accomplishments by winning the Tivoli General Manager's Award. Recently, Charley was granted a patent for an Application Discovery and Monitoring process.
Share this

The Latest

August 08, 2022

Hybrid and remote work environments have been growing significantly in the past few years. As individuals move away from traditional office settings in today's new remote and hybrid environments, many operational issues such as poor visibility into asset status and refreshes, unaccounted assets, and overspending on software are becoming a bigger challenge for IT departments ...

August 05, 2022

MLOps or Machine Learning Operations are a combination of best processes and practices that businesses use to run AI successfully ... While it is a relatively new field, MLOps is a collective effort that captured the interest of data scientists, DevOps engineers, AI enthusiasts, and IT ...

August 04, 2022

The data is in: enterprises are not happy with their managed service providers (MSPs) and cloud service providers (CSPs). According to the latest CloudBolt Industry Insights report, Filling the Gap: Service Providers' Increasingly Important Role in Multi-Cloud Success, 80% are so unsatisfied with their existing MSP and/or CSP, they are actively looking to replace them within 12 months ...

August 03, 2022

The last two years have accelerated massive changes in how we work, do business, and engage with customers. According to Pega research, nearly three out of four employees (71%) feel their job complexity continues to rise as customer demands increase, and employees at all levels feel overloaded with information, systems, and processes that make it difficult to adapt to these new challenges and meet their customers' growing needs ...

August 02, 2022

Investing in employees will always be smart business. And right now, investing in employees means giving people the resources — and ability — to optimize performance ... For pretty much every company, that means delivering the digital tools necessary to facilitate seamless, secure, user-friendly access and connectivity ...

August 01, 2022

Digital transformation can be the difference between becoming the next Netflix and becoming the next Blockbuster Video. With corporate survival on the line, "digital transformation" is no longer merely an impressive buzzword to throw around in boardrooms. It's the ticket for entry into the digital era, a fundamental business strategy for every modern company ...

July 29, 2022

IT infrastructure has rapidly evolved over the last decade, and as a result important specialized tools have been developed and an entire dedicated industry has grown up to serve the need for monitoring these IT systems and services in order to keep them operational and efficient ...

July 28, 2022

At Cisco AppDynamics, we recently conducted research exploring consumer attitudes and behaviors in relation to wearable technology ... In our study, 87% of global consumers claimed that trust is a critical factor when choosing a wearable medical device or application brand. And, 86% expect companies offering wearable technology and applications to demonstrate a higher standard of protection for their personal data than any other technology they use ...

July 27, 2022

You've been here before: waiting for a web page to load. You keep refreshing it, but still no luck. How many times will you try to reload the page before visiting a different site? Probably not too many. Brands today have just a few moments at most to captivate and delight potential customers ...

July 26, 2022

In the DevOps world, observability is trumpeted and lauded in many corners. However, in reading much of the coverage, there seemed to be some more fundamental issues at play. It's time to demystify the idea of observability, shedding light on what it means in a broader context. And once we break down the concept and its true value to an organization, let's answer a more important question: Are we approaching an observability tipping point? ...