AIOps 2. 4 release introduces a new AI based correlation method – AIOps Similarity Correlation. This correlation method does not require any rules to be configured.
Along with this, following key core capabilities are introduced:
Setting up custom ticket wait times
Alert enrichment using custom mapping
Reverse acknowledgement for monitoring tool integrations
Adding new fields in device inventory by adding "Device status" & "Device priority"
The release also provides the capability to create dashboard widgets using information from the device inventory.
AIOps 2.4 release introduces a new correlation method – AIOps Similarity correlation. This feature enables the admins to set up AI based correlation based on similarity between alert attributes, without having to define any rules. A combination of multiple fields and different degrees of similarity can be defined.
The preview feature allows admins to verify the results, before activating the similarity correlation.
To define similarity based correlation: follow the steps mentioned below:
Login to SmartOps AIOps.
Navigate to Configuration tab. This displays the Alert Correlation Policy page as shown in FigureFigure.
Click on Setup Similarity Correlation to setup similarity based correlation.
You may add the fields to based included in the similarity check and corresponding percentage value.
Click on Preview to view the definitions.
Click on Save and Activate to save and activate.
Folowing features are enhanced as part of auto resolution enhancements:
Tickets that triggered auto-resolution but failed due to some scenarios such as ‘user doesn’t have the rule to execute automation story’, ‘workflow engine is down’; can be reassigned to a HITL (Human-in-the-loop) assignment group. This is an optional field in project configuration which will enable us to separate auto-resolution failed tickets from other tickets, by assigning them to a specific HITL group.
Hyperlinks for Tickets – User may click on the ticket hyperlink to see details of recently executed tickets.
Create Intent button in Automation Story tab enables to create intents specific to the project. The will redirect to the Conversation Designer project.
Multiple monitoring tools can be integrated with AIOps for alert correlation. Some monitoring tools expect an acknowledgement from AIOps, when the alert sent by them is processed in AIOps (alert received/alert is ticketed/alert is resolved).
AIOps 2.4 introduces an event based reverse acknowledgement framework to send reverse acknowledgement to monitoring tools when alerts are received, correlated, ticketed and so on. Admins can select the events for which reverse acknowledgements should get triggered, for each integrated monitoring tool in a project. Here is the list of events supported for reverse acknowledgement.
| Event | Event Desription |
|---|---|
|
newAlert |
Created when a new alert is created |
|
ackClusterCreated |
when an ack cluster is created |
|
addedToAckCluster |
new alert added to ack cluster |
|
tktClusterCreated |
when a cluster is ticketed |
|
addedToTktCluster |
new alert added to ticket cluster |
|
ticketedAfterThreshold |
when a ACK cluster is ticketed after threshold breach |
|
splitCluster |
when alerts are split to form a new cluster |
|
acknowledgedByUser |
when ack cluster is acknowledged by the user |
|
surgeClusterCreated |
when surge cluster is created |
|
addedToSurgeCluster |
when an alert is added to surge cluster |
Customers might have additional files that can provide context to an alert. Ability to use such files to enrich alerts will help improve correlation and context for resolution, for example - List of critical devices, Holiday Calendar for different regions, and List of application owners.
In this release, admins can upload such custom mapping files and set up additional alert enrichments which can be a simple lookup enrichment or a refined enrichment.
Ticket creation in AIOps generally happens as soon as a ticket alert is correlated into an alert cluster. With the introduction of this ‘ticket trigger wait time’ feature, it is now possible to delay ticketing for a customized “wait time”. During this wait time, the alert cluster will be in ‘queued for ticketing’ state. While the alert cluster is in ‘queued for ticketing state’, users still have the option create a ticket immediately before wait time is completed. They can also resolve the alert cluster and avoid ticket creation.
This wait time can be set in two ways. It can be a common setting for all alerts, or it can be a rule based customized wait time based on attributes of the ticket triggering alert.
To define "Wait Time", follow the steps mentioned below:
Login to SmartOps AIOps.
Navigate to Configuration tab.
Click on "Trigger Wait Time Policy". This displays the Trigger Wait Time Policy screen as shown.
You may define wait time for all ticket alerts or for specific policies.
AIOps 2.4 enables the Create Ticket option in ‘Correlation Error (COR ERR)’ alert clusters, to create ticket directly from AIOps. User can ‘Create ticket' by selecting only base alert, or base alert along with few other alerts.
As per earlier versions, if an alert that encountered any failure during correlation is marked as a 'COR ERR’ alert. The only user action possible for such an alert is Resolve. If a ticket had to be created for such an alert, the user would have to access the ITSM tool and create the ticket. Even after creating the ticket through ITSM, it is not possible to link the alert with this ticket and each had to be tracked and resolved separately.
Non-ACK alerts (ticket alerts) will be correlated into a manually ticketed ACK cluster, so that related alerts will be correlated into the existing cluster, instead of creating additional tickets.
As per earlier versions, when user manually create a ticket for ACK alert cluster it is still considered as non-ticketed. Any new incoming ACK alerts correlates into the manually created ticket cluster, while the new ticket alerts are either forming a new alert cluster or correlates to an existing ticketed cluster.
From this release onwards ‘Add Comments’ is enabled for users to add comments in tickets directly from AIOps. This will allow users to log comments for manually created and auto-created tickets.
In the 'Create Ticket' popup after confirming the ticket creation, users will be prompted to log in their comments through 'Add Comments' field.
The feature is applicable for all the Tickets in the 'Tickets' listing page under Conversation tab. This allows users to add their comments for auto-created tickets as well.
AIOps 2.4 introduces negate operators like ‘Not In,’ ‘Not Equals,’ ‘Not Contains’ to fetch the results of not matching conditions and ‘GTE’ & ‘LTE’ to use against the number and date value attributes.
AIOps 2.4 introduces two fields ‘Device status’ & ‘Device priority’ as part of device inventory. These fields will be part of alert enrichment from the device inventory and will be available for creating widgets in the dashboard.
Device status is viewable on the Device Details screen, but it was not persisted in the device inventory. With this release, Device Status will continue to be calculated as ‘Up/Down’ based on the absence/presence of a failure alert and made available as a device attribute in device inventory.
Device priority is introduced for users to keep track of the high priority/critical devices. The values can range from 1-9, 1 being the highest priority.
Device inventory details are now enabled to be used in the Grafana dashboard widgets, by introducing a new custom data source. The custom data-source is enabled using a wrapper API. By configuring the API and the custom query that fetches desired device details within dashboard settings, device info can be shown in AIOps dashboard widgets.