Search form

Upcoming Webinars

Behind the Scenes: Rocket Lawyer's Secret Sauce for Uninterrupted Digital Legal Services
December 12, 2023

On-Demand Webinars

3 Tips to Supercharge Your Application Tracing
What's New at Catchpoint! Fall 2023 Product Launch Event
Demo of Internet Sonar: From Disruption to Instant Detection
Optimization Without Recommendations: Automating Cost Optimization on Amazon EKS
Harnessing the Power of Generative AI in Retail
Expert Insights: Navigating Outages Like a Pro
What's New in Application Monitoring: Maximizing Operational Efficiency with Enhanced Performance Insights
Preventing Outages: Implement an Internet Performance Monitoring Plan
Don't Get Lost in the Cloud
SOLD IN 6 SECONDS: Formulas to Fast & Friction-Free E-commerce
Supercharge Your IT Resources
Automate and Save Time
Maximize Shareholder Value with Internet Resilience
Building & Monitoring Lighting Fast, Cloud Native Payment Experiences
Getting the Most Out of Elastic Observability & New Features
Preventing Outages: Map Your Internet Stack
The Benefits of Real-Time, Automated Cloud Cost Automation
Maintaining Price and Performance SLAs Across Engineering Teams
May 2023 Product Launch: Learn about Catchpoint's New Capabilities
Automox Virtual Summit 2023
Puzzled by Patching: Solve Endpoint Pains On-Demand
Perfecting the Customer & Employee Digital Experience with TMNAS
Maximize Your Savings: The Journey from On-Premise Hadoop to Amazon EMR
Gaining App-Centric Visibility Into Your IT Infrastructure
Preventing Outages: Monitor What Matters
Data Stack Summit 2023
Risky Business: Implementing a Redundant Networking and Multi-CDN Monitoring Strategy
New Forrester Research Reveals Opportunities for Retail & eCommerce Companies to Increase Revenue Through Internet Resilience
What the World's SREs Know: The 2023 SRE Report
Bridging Visibility Gaps in Your Multi-Cloud Infrastructure

All Webinars...

Analyst Reports

2023 Gartner Critical Capabilities for APM and Observability
Forrester Opportunity Snapshot: Increase Revenue with Internet Performance Monitoring
2023 Gartner Magic Quadrant for APM and Observability
Honeycomb's O'Reilly Book Observability Engineering
2022 Gartner® Magic Quadrant™ for APM and Observability

All Analyst Reports...

White Papers

Apache Tomcat Monitoring Made Easy with Applications Manager
End-User Experience Monitoring: Its Meaning, Importance, and Best Practices
5 Steps to Improve Website Performance
Scout APM - New Relic Comparison Guide
Kubernetes vs. Docker Comparison Guide
Learn the Importance of Network Backup Tool
IT Budgeting Amid a Challenging Macroeconomic Climate
Network Configuration Manager as an Add-On to OpManager
State of ITOM in 2023
The 2023 State of IT Operations Report
Transitioning from APM Tools to Honeycomb
The State of Kubernetes 2023
Tracking Core Web Vitals with Vercel and Honeycomb
Going Beyond Plain Virtualization Monitoring
Using Honeycomb to Optimize CI/CD Delivery Pipeline Performance with GitLab
Preventing Outages in 2023: What We Learned from Recent Failures
Create a GitHub Actions Workflow to Optimize Delivery Pipeline Performance with Honeycomb
Integrated Performance Management for Physical, Virtual & Cloud Infrastructure
Using Honeycomb to Optimize CI/CD Delivery Pipeline Performance with CircleCI
Hybrid Cloud Monitoring: Fundamental Driver of Efficiency in Hybrid Clouds
Best Ways to Map Impact of Application Performance Issues on Business Goals
Quick Tips: Network and Application Infrastructure Checklist for the “Work From Home” Admin
Application Management Solutions for Enterprises
Essential CDN Monitoring for Digital-First Organizations: The Authoritative Guide
G2 Users Love Pepperdata
Autonomous FinOps for Kubernetes
The Comprehensive Guide to Border Gateway Protocol
2023 SRE Report
Leveraging Observability to Build Better Applications
Data Building Blocks for an Observability Solution

All White Papers...

Universal Monitoring Crimes and What to Do About Them - Part 1
May 22, 2018

Leon Adato
SolarWinds

Share this

Monitoring is a critical aspect of any data center operation, yet it often remains the black sheep of an organization's IT strategy: an afterthought rather than a core competency. Because of this, many enterprises have a monitoring solution that appears to have been built by a flock of "IT seagulls" — technicians who swoop in, drop a smelly and offensive payload, and swoop out. Over time, the result is layer upon layer of offensive payloads that are all in the same general place (your monitoring solution) but have no coherent strategy or integration.

Believe it or not, this is a salvageable scenario. By applying a few basic techniques and monitoring discipline, you can turn a disorganized pile of noise into a monitoring solution that provides actionable insight. For the purposes of this piece, let's assume you've at least implemented some type of monitoring solution within your environment.

At its core, the principle of monitoring as a foundational IT discipline is designed to help IT professionals escape the short-term, reactive nature of administration, often caused by insufficient monitoring, and become more proactive and strategic. All too often, however, organizations are instead bogged down by monitoring systems that are improperly tuned — or not tuned at all — for their environment and business needs. This results in unnecessary or incorrect alerts that introduce more chaos and noise than order and insight, and as a result, cause your staff to value monitoring even less.

So, to help your organization increase data center efficiency and get the most benefit out of your monitoring solutions, here are the top five universal monitoring crimes and what you can do about them:

1. Fixed thresholds

Monitoring systems that trigger any type of alert at a fixed value for a group of devices are the "weak tea" of solutions. While general thresholds can be established, it is statistically impossible that every single device is going to adhere to the same one, and extremely improbable that even a majority will.

Even a single server has utilization that varies from day to day. A server that usually runs at 50 percent CPU, for example, but spikes to 95 percent at the end of the month is perfectly normal — but fixed thresholds can cause this spike to trigger. The result is that many organizations create multiple versions of the same alert (CPU Alert for Windows IIS-DMZ; CPU Alert for Windows IIS-core; CPU Alert for Windows Exchange CAS, and so on). And even then, fixed thresholds usually throw more false positives than anyone wants.

What to do about it:

■ GOOD: Enable per-device (and per-service) thresholds. Whether you do this within the tool or via customizations, you should ultimately be able to have a specific threshold for each device so that machines that have a specific threshold trigger at the correct time, and those that do not get the default.

■ BETTER: Use existing monitoring data to establish baselines for "normal" and then trigger when usage deviates from that baseline. Note that you may need to consider how to address edge cases that may require a second condition to help define when a threshold is triggered.

2. Lack of monitoring system oversight

While it's certainly important to have a tool or set of tools that monitor and alert on mission-critical systems, it's also important to have some sort of system in place to identify problems within the monitoring solution itself.

What to do about it: Set up a separate instance of a monitoring solution that keeps track of the primary, or production, monitoring system. It can be another copy of the same tool or tools you are using in production, or a separate solution, such as open source, vendor-provided, etc.

For another option to address this, see the discussion on lab and test environments in Part 2 of this blog.

3. Instant alerts

There are endless reasons why instant alerts — when your monitoring system triggers alerts as soon as a condition is detected — can cause chaos in your data center. For one thing, monitoring systems are not infallible and may detect "false positive" alerts that don't truly require a remediation response. For another, it's not uncommon for problems to appear for a moment and then disappear. Still some other problems aren't actionable until they've persisted for a certain amount of time. You get the idea.

What to do about it: Build a time delay into your monitoring system's trigger logic where a CPU alert, for example, would need to have all of the specified conditions persist for something like 10 minutes before any action would be needed. Spikes lasting longer than 10 minutes would require more direct intervention while anything less represents a temporary spike in activity that doesn't necessarily indicate a true problem.

Read Universal Monitoring Crimes and What to Do About Them - Part 2, for more monitoring tips.

Leon Adato is a Head Geek at SolarWinds
Share this

Related Links

www.solarwinds.com
Universal Monitoring Crimes and What to Do About Them - Part 2

Hot Topics

Monitoring
Alerting

The Latest

Automation and AI Are Critical to Incident Response
November 28, 2023

Incident management processes are not keeping pace with the demands of modern operations teams, failing to meet the needs of SREs as well as platform and ops teams. Results from the State of DevOps Automation and AI Survey, commissioned by Transposit, point to an incident management paradox. Despite nearly 60% of ITOps and DevOps professionals reporting they have a defined incident management process that's fully documented in one place and over 70% saying they have a level of automation that meets their needs, teams are unable to quickly resolve incidents ...

A New Era: Removing the Psychological and Operational Cost of Legacy VDI
November 27, 2023

Today, in the world of enterprise technology, the challenges posed by legacy Virtual Desktop Infrastructure (VDI) systems have long been a source of concern for IT departments. In many instances, this promising solution has become an organizational burden, hindering progress, depleting resources, and taking a psychological and operational toll on employees ...

IT Departments Must Be Ready to Manage Influx of Online Shopping Over Black Friday and Cyber Monday
November 22, 2023

Within retail organizations across the world, IT teams will be bracing themselves for a hectic holiday season ... While this is an exciting opportunity for retailers to boost sales, it also intensifies severe risk. Any application performance slipup will cause consumers to turn their back on brands, possibly forever. Online shoppers will be completely unforgiving to any retailer who doesn't deliver a seamless digital experience ...

Non-Negotiables for Black Friday Online Shopping
November 21, 2023

Black Friday is a time when consumers can cash in on some of the biggest deals retailers offer all year long ... Nearly two-thirds of consumers utilize a retailer's web and mobile app for holiday shopping, raising the stakes for competitors to provide the best online experience to retain customer loyalty. Perforce's 2023 Black Friday survey sheds light on consumers' expectations this time of year and how developers can properly prepare their applications for increased online traffic ...

What Do Retailers Want This Holiday Season? Observability
November 20, 2023

This holiday shopping season, the stakes for online retailers couldn't be higher ... Even an hour or two of downtime for a digital storefront during this critical period can cost millions in lost revenue and has the potential to damage brand credibility. Savvy retailers are increasingly investing in observability to help ensure a seamless, omnichannel customer experience. Just ahead of the holiday season, New Relic released its State of Observability for Retail report, which offers insight and analysis on the adoption and business value of observability for the global retail/consumer industry ...

72% of Mid-Size Companies Face Significant Cloud Management Talent Shortage, Hindering Business Growth
November 16, 2023

As organizations struggle to find and retain the talent they need to manage complex cloud implementations, many are leaning toward hybrid cloud as a solution ... While it's true that using the cloud is not a "one size fits all" proposition, it is clear that both large and small companies prefer a hybrid cloud model ...

Observability Is No Place for Tunnel Vision
November 15, 2023

In the same way a city is a sum of its districts and neighborhoods, complex IT systems are made of many components that continually interact. Observability requires a comprehensive and connected view of all aspects of the system, including even some that don't directly relate to its technological innards ...

10 Things to Consider Before Multicasting Your Observability Data
November 14, 2023

Multicasting in this context refers to the process of directing data streams to two or more destinations. This might look like sending the same telemetry data to both an on-premises storage system and a cloud-based observability platform concurrently. The two principal benefits of this strategy are cost savings and service redundancy ...

Regaining Control: The Battle of CIOs and CTOs Over Their IT Roadmap
November 13, 2023

In today's rapidly evolving business environment, Chief Information Officers (CIOs) and Chief Technology Officers (CTOs) are grappling with the challenge of regaining control over their IT roadmap. The constant evolution and introduction of new technology releases, combined with the pressure to deliver innovation on shrinking budgets, has added layers of complexity for executives who must transform the perception of the role of the IT leader from cost managers and maintainers to strategic enablers of growth and profitability ...

Even Artificial Intelligence Is Only as Good as Its Users
November 09, 2023

Artificial intelligence (AI) has saturated the conversation around technology as compelling new tools like ChatGPT produce headlines every day. Enterprise leaders have correctly identified the potential of AI — and its many tributary technologies — to generate new efficiencies at scale, particularly in the cloud era. But as we now know, these technologies are rarely plug-and-play, for reasons both technical and human ...