IT Monitoring: Getting Above the Noise, Part 1 – Accuracy & Alerts

Every now and again, our team comes across industry research papers that might as well have been commissioned specifically for us. Q: Did you order a market research survey from Forrester? A: Who me? No. I think they just read our minds and went ahead and did it!

Sadly, Forrester (probably) doesn’t have ESP. It’s our friends at Zenoss that asked Forrester Consulting a little while back to find out what’s happening on the ground in the IT monitoring sector and what the biggest challenges are to monitoring a corporate IT network. As we know, when Forrester knocks at the door, people like to talk! They got a great sample of 157 organizations with more than 500 employees in North America to provide detailed accounts of their most common IT monitoring issues and the corresponding business impact. Drawing meaningful conclusions from small samples can be a bit sketchy, but with 157 large organizations in scope, the results are most likely replicable in other smaller companies too. Let’s take a look.

Monitoring Alerts, Root Cause Analysis & Efficiency

SentinelAgent, like many other players in the monitoring space, has been refining its products to include more functionality, more alerts, and easier installation. It turns out though, according to Forrester’s research, that more functionality and more alerts might actually be part of the problem – too much information and too many alerts can be as bad as not enough.

Despite the plethora of choices available, the market seems to feel that monitoring tools are generally ineffective. The most common complaints, regardless of the sophistication or complexity of the solution, are that monitoring tools fall short on their promise of providing (1) accurate alerting, (2) root cause analysis capability, and (3) improved efficiency. They generally lack the ability to identify the source of availability and performance issues quickly and accurately, do not provide meaningful intelligence, and ultimately, cannot be fully trusted.

This is a scathing indictment of legacy monitoring solutions!

To ensure accuracy, SentinelAgent’s pre-configured alerts are set to Microsoft-recommended specs. Since SentinelAgent collects raw event and performance data from your system, finding the root cause of an outage can take a little as a few clicks!

Forrester found that even though companies have monitoring solutions in place with alerts configured and ready, 28% of the time, Help Desks wait for a service call from users before working on an issue. Even with monitoring in place, over a quarter of all IT problems are solved after the outage occurs? With regards to root cause analysis, 41% of companies reported needing between 1 hour and 5 days to identify the root cause of an outage! Even worse, 63% of these organizations need 4 to 6 FTE to find and resolve major service disruptions.

What good is a monitoring solution if most alerts aren’t actionable, root causes can’t be quickly identified and a platoon of IT specialists is needed to find and fix the problem?

Actionable Intelligence

When bombarded with the beeps and chimes of alerts, notifications, messages, and emails day in and day out, you can imagine that at some point, your brain, yes even an IT brain, just tunes out. Service technicians, it’s reported in the study, don’t even trust that any single alert from a monitoring solution requires immediate attention simply because of the overwhelming number of alerts they typically generate. “If there is no visibility into whether or not services are impacted by a specific alert, there cannot be any prioritization to address the issue.” Forrester’s research found that only 8% of alerts generated by monitoring tools were relevant and actionable. 92% noise! Forrester also found that 90% of companies surveyed dedicate two or more FTEs to maintaining and configuring these monitoring tools to generate their non-actionable alerts. That’s a tremendous drain on IT resources.

This is why SentinelAgent facilitated the installation process by pre-configuring a number of performance and event ID alerts to Microsoft-recommended specs. That way you’ll know. When you get an alert from SentinelAgent, it’s time to swing into action – not sit and wait for the user to report an outage. Of course you can always edit your notification rules to focus on what’s most important to you, but SentinelAgent’s philosophy has been and continues to be to deliver ACTIONABLE INFORMATION to the right resources at the right time. No noise, no friction. Download it today, it’s free!