Search form

Upcoming Webinars

SignalFx Live Demo
October 23, 2019
An Introduction to APM with AppDynamics
October 23, 2019
EMA Webinar: IT Service Modeling in the Age of Cloud and Containers
October 29, 2019
EMA Webinar: The Great Scheduler Migration
October 31, 2019
Achieving Effective Identity and Access Governance
November 05, 2019

On-Demand Webinars

How to Future-Proof Your App Environment
EMA Webinar: Transform Your Security Operations with Security Automation and Orchestration
Do Legacy Root Cause Analysis (RCA) Techniques Still Work for Modern, Fast-Moving IT?
EMA Webinar: Adapting Performance Visibility to New Technology Trends
EMA Webinar: Achieve IT Operations Success with a Unified Approach to Network Monitoring
EMA Webinar: Enterprise Network Automation for 2020 and Beyond
EMA Webinar: Enterprise Service Management (ESM) - How to Build High-Value Services on Existing ITSM Investments
EMA Webinar: Optimizing Cloud and Multi-Cloud Once You're There
Can AIOps Reduce the Noise?
EMA Webinar: Unlocking the True Value of SD-WAN - ROI and Strategic Benefits
EMA Webinar: A Definitive Market Guide to Deception Technology
Make the Most of Your APM/NPM Tools with AIOps
Autonomous or Bust - What Is The Future of IT Operations?
Can AIOps Cure Your Service Desk Problems?
Breakthrough Innovations in SaaS and Cloud Performance
Monitoring Kubernetes and Service Mesh Environments
Assuring Performance in Hybrid Cloud Ecosystems | QOS and User Experience in the Digital Age
Business Dashboards, Application Performance Analytics and Admin Functions
Server and Infrastructure Monitoring from a Single Console
Application Performance Monitoring with Code Level Diagnostics
Delivering the Right End User Experience with Your Application Performance
How to Deliver Exceptional End User Experience in Your Citrix Environment
How to Ensure High-Performing Microsoft .NET Applications
Four Best Practices for Delivering Exceptional User Experience in VMware Horizon VDI Environments

All Webinars...

Analyst Reports

MIT Review: The AIOps Mission - Simplify the Complex
Harvard Business Review: Using Real-Time Data to Drive Deep Customer Loyalty
451 Research: The Future of IT Ops is Autonomous
Gartner Magic Quadrant for Application Performance Monitoring 2019
Gartner MQ for Network Performance Monitoring and Diagnostics 2019

All White Papers...

White Papers

Cory's Guide to Understanding Observability
The Central Nervous System for IT: 3 Real-World Use Cases
The Rise of AIOps
Why Application Performance Bottlenecks Matter and How to Avoid Them in the Enterprise
How to Future-Proof Your App Environment: 4 Plays to Drive Success
Autonomous Operations: How to Intelligently Automate and Scale IT Operations at Global Enterprises
AIOps Brings Calm to Overwhelmed IT Ops Teams
Can AIOps Reduce the Noise?
The Definitive Guide to Container Monitoring and Observability
Driving Performance in Modern Data Applications
Best Practices to Ensure High-Performing Java Applications
The Definitive Guide to Serverless Monitoring and Observability
Monitoring Microservices on Kubernetes
Metrics: The Foundation For Cloud Monitoring In A Real-Time World
Operational Intelligence for the Entire Organization
Best Practices Guide for Creating Alert Detectors
The 4 Key Challenges of Cloud Monitoring
Converged Application & Infrastructure Performance Monitoring
Industry Insights: 2018 Citrix XenApp & XenDesktop Migration Survey Results
Overcoming Performance Monitoring Tool Sprawl with a Single-Pane-of-Glass Solution

All White Papers...

Universal Monitoring Crimes and What to Do About Them - Part 1
May 22, 2018

Leon Adato
SolarWinds

Share this

Monitoring is a critical aspect of any data center operation, yet it often remains the black sheep of an organization's IT strategy: an afterthought rather than a core competency. Because of this, many enterprises have a monitoring solution that appears to have been built by a flock of "IT seagulls" — technicians who swoop in, drop a smelly and offensive payload, and swoop out. Over time, the result is layer upon layer of offensive payloads that are all in the same general place (your monitoring solution) but have no coherent strategy or integration.

Believe it or not, this is a salvageable scenario. By applying a few basic techniques and monitoring discipline, you can turn a disorganized pile of noise into a monitoring solution that provides actionable insight. For the purposes of this piece, let's assume you've at least implemented some type of monitoring solution within your environment.

At its core, the principle of monitoring as a foundational IT discipline is designed to help IT professionals escape the short-term, reactive nature of administration, often caused by insufficient monitoring, and become more proactive and strategic. All too often, however, organizations are instead bogged down by monitoring systems that are improperly tuned — or not tuned at all — for their environment and business needs. This results in unnecessary or incorrect alerts that introduce more chaos and noise than order and insight, and as a result, cause your staff to value monitoring even less.

So, to help your organization increase data center efficiency and get the most benefit out of your monitoring solutions, here are the top five universal monitoring crimes and what you can do about them:

1. Fixed thresholds

Monitoring systems that trigger any type of alert at a fixed value for a group of devices are the "weak tea" of solutions. While general thresholds can be established, it is statistically impossible that every single device is going to adhere to the same one, and extremely improbable that even a majority will.

Even a single server has utilization that varies from day to day. A server that usually runs at 50 percent CPU, for example, but spikes to 95 percent at the end of the month is perfectly normal — but fixed thresholds can cause this spike to trigger. The result is that many organizations create multiple versions of the same alert (CPU Alert for Windows IIS-DMZ; CPU Alert for Windows IIS-core; CPU Alert for Windows Exchange CAS, and so on). And even then, fixed thresholds usually throw more false positives than anyone wants.

What to do about it:

■ GOOD: Enable per-device (and per-service) thresholds. Whether you do this within the tool or via customizations, you should ultimately be able to have a specific threshold for each device so that machines that have a specific threshold trigger at the correct time, and those that do not get the default.

■ BETTER: Use existing monitoring data to establish baselines for "normal" and then trigger when usage deviates from that baseline. Note that you may need to consider how to address edge cases that may require a second condition to help define when a threshold is triggered.

2. Lack of monitoring system oversight

While it's certainly important to have a tool or set of tools that monitor and alert on mission-critical systems, it's also important to have some sort of system in place to identify problems within the monitoring solution itself.

What to do about it: Set up a separate instance of a monitoring solution that keeps track of the primary, or production, monitoring system. It can be another copy of the same tool or tools you are using in production, or a separate solution, such as open source, vendor-provided, etc.

For another option to address this, see the discussion on lab and test environments in Part 2 of this blog.

3. Instant alerts

There are endless reasons why instant alerts — when your monitoring system triggers alerts as soon as a condition is detected — can cause chaos in your data center. For one thing, monitoring systems are not infallible and may detect "false positive" alerts that don't truly require a remediation response. For another, it's not uncommon for problems to appear for a moment and then disappear. Still some other problems aren't actionable until they've persisted for a certain amount of time. You get the idea.

What to do about it: Build a time delay into your monitoring system's trigger logic where a CPU alert, for example, would need to have all of the specified conditions persist for something like 10 minutes before any action would be needed. Spikes lasting longer than 10 minutes would require more direct intervention while anything less represents a temporary spike in activity that doesn't necessarily indicate a true problem.

Read Universal Monitoring Crimes and What to Do About Them - Part 2, for more monitoring tips.

Leon Adato is a Head Geek at SolarWinds
Share this

Related Links

www.solarwinds.com
Universal Monitoring Crimes and What to Do About Them - Part 2

Hot Topics

Monitoring
Alerting

The Latest

How Big Data And Predictive Analytics Fit Perfectly with APM
October 17, 2019

As the data generated by organizations grows, APM tools are now required to do a lot more than basic monitoring of metrics. Modern data is often raw and unstructured and requires more advanced methods of analysis. The tools must help dig deep into this data for both forensic analysis and predictive analysis. To extract more accurate and cheaper insights, modern APM tools use Big Data techniques to store, access, and analyze the multi-dimensional data ...

Is Your Enterprise Fully Maximizing the Value of Its Available Data?
October 16, 2019

Modern enterprises are generating data at an unprecedented rate but aren't taking advantage of all the data available to them in order to drive real-time, actionable insights. According to a recent study commissioned by Actian, more than half of enterprises today are unable to efficiently manage nor effectively use data to drive decision-making ...

User Experience - the Key Driver of Businesses Today
October 15, 2019

According to a study by Forrester Research, an enhanced UX design can increase the conversion rate by 400%. If UX has become the ultimate arbiter in determining the success or failure of a product or service, let us first understand what UX is all about ...

The Evolving Needs of Application Performance Monitoring - Part 2
October 10, 2019

The requirements of an APM tool are now much more complex than they've ever been. Not only do they need to trace a user transaction across numerous microservices on the same system, but they also need to happen pretty fast ...

The Evolving Needs of Application Performance Monitoring - Part 1
October 09, 2019

Performance monitoring is an old problem. As technology has advanced, we've had to evolve how we monitor applications. Initially, performance monitoring largely involved sending ICMP messages to start troubleshooting a down or slow application. Applications have gotten much more complex, so this is no longer enough. Now we need to know not just whether an application is broken, but why it broke. So APM has had to evolve over the years for us to get there. But how did this evolution take place, and what happens next? Let's find out ...

Creating Agility with DevOps and AI-Driven ITSM
October 08, 2019

There are some IT organizations that are using DevOps methodology but are wary of getting bogged down in ITSM procedures. But without at least some ITSM controls in place, organizations lose their focus on systematic customer engagement, making it harder for them to scale ...

Discovery and Dependency Mapping-CMDB/CMS: The Synergies Are There!
October 07, 2019
OK, I admit it. "Service modeling" is an awkward term, especially when you're trying to frame three rather controversial acronyms in the same overall place: CMDB, CMS and DDM. Nevertheless, that's exactly what we did in EMA's most recent research: <span style="font-style: italic;">Service Modeling in the Age of Cloud and Containers</span>. The goal was to establish a more holistic context for looking at the synergies and differences across all these areas ...
How to Troubleshoot Java CPU Usage Issues
October 03, 2019

If you have deployed a Java application in production, you've probably encountered a situation where the application suddenly starts to take up a large amount of CPU. When this happens, application response becomes sluggish and users begin to complain about slow response. Often the solution to this problem is to restart the application and, lo and behold, the problem goes away — only to reappear a few days later. A key question then is: how to troubleshoot high CPU usage of a Java application? ...

Ensuring Communication Apps Perform as Networks Expand
October 02, 2019

Operations are no longer tethered tightly to a main office, as the headquarters-centric model has been retired in favor of a more decentralized enterprise structure. Rather than focus the business around a single location, enterprises are now comprised of a web of remote offices and individuals, where network connectivity has broken down the geographic barriers that in the past limited the availability of talent and resources. Key to the success of the decentralized enterprise model is a new generation of collaboration and communication tools ...

The State of AI Development and Operations in 2019
October 01, 2019

To better understand the AI maturity of businesses, Dotscience conducted a survey of 500 industry professionals. Research findings indicate that although enterprises are dedicating significant time and resources towards their AI deployments, many data science and ML teams don't have the adequate tools needed to properly collaborate on, build and deploy AI models efficiently ...