SAAS ARCHITECTURE: Cross-domain event ingestion, topology assembly, event correlation, pattern recognition, and remediation capabilities. Deployable in North America, Europe, and Asia, ensuring compliance with regulations like GDPR.
PACKAGED ON-PREMISES VERSION: Managed by the client, with all key features. Scales storage and processing capacity without downtime and supports various operating systems and platforms.
AGENT-LESS METRIC AND EVENT COLLECTION: Ingests metrics and events without requiring a proprietary agent on target systems, though it does support agents for specialized or secure environments.
FLEXIBLE DATA REPOSITORIES: Utilizes its own data stores and integrates with cloud storage services for ingested data, such as events, alarms, and logs. Includes local data repository management, eliminating the need for direct administration of big data platforms. Enables customers to specify storage region and availability zone. Data stores support replication, sharding, searchability, and encryption for all data and metadata.
DISTRIBUTED ARCHITECTURE: Enables administrators to scale deployments for resiliency and performance. This includes horizontal scaling across multiple instances and configuring failover. For cloud-based setups, it integrates with the cloud provider's regional and availability zone features.
RBAC FOR ADMINISTRATOR CONSOLE: Provides local data stores and integrates with cloud storage services for events, alarms, and logs. The platform manages local data repositories without requiring direct big data platform administration. ​​
METRIC INGESTION: Ingests and analyzes metrics to enhance predictive abilities. Metrics can be collected remotely via API/RPC, locally via an agent, or forwarded from a monitoring tool.
EVENTS INGESTION: The Events Ingestion module is designed to seamlessly receive a wide range of event types. Its modular design enables customized consumption of asynchronous events using both standard and proprietary protocols and data formats. Supported built-in event types include syslog, SNMP Traps, gRPC, and REST, allowing for flexibility in gathering data from any device or environment. The received data is then normalized and processed by the Network Incident Engine (NIE), ensuring efficient and effective handling of the incoming events.
LOG INGESTION: Ingests events or telemetry from log management tools.
CMDB DATA: Utilizes asset and CI data from a CMDB to build topology, understand labels, and describe IT asset relationships.
ITSM CHANGE DATA: Consumes change data from ITSM platforms to track software and configuration changes for event correlation and root cause analysis.
DATA PREPARATION AND NORMALIZATION: Standardizes references and schemas across data sources, providing consistent asset labels. Automatically normalizes value ranges to reconcile measurement differences. ​
METADATA MANAGEMENT: Offers labeling for assets and sources, enabling custom references instead of those in events, monitoring data, and logs.
NOISE REDUCTION: Reduces noise by eliminating redundant or irrelevant data from event sources. Supports event deduplication and filtering based on criteria like severity, environment, and tags.
INCIDENT PREDICTION: Provides Predictive capabilities for anticipated incidents affecting service availability. Displays outage details, root causes, and estimated impact time.
ANOMALY DETECTION: Identifies regular patterns and autonomously detects anomalies in ingested data and events. Features customizable notification policies for detected anomalies, allowing operators to manage notifications effectively.
MODEL VERSIONING: Versions all algorithms, event patterns, and remediation associations, enabling rollback to previous versions if needed due to data corruption or errors.
NEAR REAL-TIME DATA PROCESSING: Analyzes incoming telemetry and event data continuously, updating incidents, patterns, and root causes in real-time.
OPERATOR-DEFINED THRESHOLDS: Allows operators to set fixed thresholds for collected metrics, incorporating violations into named scenarios.
ROOT CAUSE DISCOVERY: Determines root causes of incidents through empirical analysis, linking to human actions like misconfigurations without relying on past associations.
CUSTOM EVENT CORRELATION: Groups related events into incidents and adjust correlations as needed for accurate event grouping.
ANOMALY DETECTION PERFORMANCE COMPARISON: Detects anomalies using multiple algorithms, auto-selecting the best or providing evaluation metrics for administrators to choose the most suitable.
AUTOMATIC TOPOLOGY ASSEMBLY: Automatically extracts and assembles IT asset interconnections and dependencies, reconciling duplicates for operational relevance, regardless of the topology generation method.
HETEROGENEOUS TOPOLOGY SUPPORT: Creates an IT asset topology to understand asset relationships and dependencies, supporting network layer 1, 2, and 3 relationships.
MANUAL TOPOLOGY ADJUSTMENT: Allows operators to manually adjust the automatically generated topology by adding, removing, or amending interconnections, attributes, and dependencies between IT assets.
NETWORK FLOW TOPOLOGY: Uses network flow data to validate and enhance topology accuracy, representing connectivity and interactions among IT assets and services.
LOGS AS A TOPOLOGY SOURCE: Uses log data to validate and refine interactions and transactions between IT assets and services.
CMDB AS A TOPOLOGY SOURCE: Uses asset and configuration data from different CMDB vendors to map relationships and dependencies between IT assets and services.
MANUAL REMEDIATION ASSOCIATION: Operators can manually specify and associate the best action to an incident, enabling predefined automation or user notifications based on the recommended action.
CONDITIONAL AUTOMATIC REMEDIATION: Automatically triggers recommended remediation steps for detected incidents, with operators setting conditions like metric thresholds or confidence levels for automation. If conditions are not met, the platform suggests an alternative best action.
ITSM REMEDIATION ASSOCIATION: Learns remediation steps by observing incident responses in the ITSM platform and automatically links them to future incidents.
SIMILAR INCIDENT ASSOCIATION: Links incidents to historical ones and their remediation steps, highlighting situational and contextual similarities like metric breaches and environments to aid in better triage.
GENERATED REMEDIATIONS: Utilizes generative AI to propose configuration or capacity changes needed to resolve incidents or enhance operations.
CUSTOMIZABLE MONITORING DASHBOARD: Provides a customizable interface for creating dashboards that display events, metrics, and trends in various filterable graph formats. Includes a live-update view for continuous updates without manual refreshing.
EVENT TIMELINE: Allows operators to view and explore the timeline of correlated events, focusing on potential root causes or relevant events identified by the platform. This helps confirm the root cause and understand the event sequence.
ITSM INTEGRATION: Creates and reads tickets and incidents in an ITSM platform, ensuring synchronous and consistent incident and operations views across both platforms.
EMAIL AND MOBILE NOTIFICATIONS: Generates email and mobile notifications via a companion app or SMS. Configuration options include event nature, severity, user inclusion/exclusion, and grouping events with a "time to wait" before sending notifications.
EXTERNALLY ACCESSIBLE APIs: Provides a comprehensive set of APIs for external tools to automate operations. Key use cases include managing correlated events and user operations, such as creating, reading, updating, and deleting users, permissions, and roles. ​
INTERACTIVE CONVERSATIONAL COLLABORATION: Supports interactive, bidirectional collaboration with human operators via a conversational interface, sharing notifications and responding to requests. Generative AI enhances this capability.
CONSOLIDATED METRICS VIEW: Consolidates metrics from various monitoring tools to display a unified set of metrics for events. Operators can view all relevant metrics, events, and log entries that drive correlation, with the option to track cross-domain metrics over time.
COLLABORATION TOOL INTEGRATION: Integrates with popular collaboration tools to send notifications as direct messages to users or groups on channels. Users can be targeted or excluded based on event nature, affected systems, or severity.
DIRECT EVENT LINKS: Notifications feature direct links to associated tickets or incident records in the ITSM environment or named scenarios in the platform, enhancing efficiency by eliminating the need for manual event searches.
KPI DASHBOARDS: Features dashboards with KPIs focusing on platform impact, including metrics like noise reduction, mean-time-to-respond (MTTR), and team productivity. Supports custom KPI dashboards in addition to prebuilt ones.
DATA ACCESS FOR EXTERNAL REPORT GENERATION: Offers external tools direct access to its data stores or an API for extracting data and analysis results, enabling the creation of reports and dashboards with external tools like A&BI tools.
Operational Engagement
-
Task Automation
-
Change Risk Analysis
-
SD Agent
-
Performance Analysis
-
Knowledge Management
Real-Time Surveillance
-
Historical Analysis
-
Anomaly Detection
-
Performance Analysis
-
Correlation and Contextualization
Intelligent Automation
-
Scripts
-
Runbooks
-
Application Release Automation
Real-Time and Historical Data
Incidents, Associations, Changes
Events, Metrics, Traces, Topology
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
​
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
​
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
​
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
Network Incident Engine
​