Savision IQ – Aggregate monitoring data from different sources (+ natural search capabilities)
Savision, a company that we all know to provide a management pack for Microsoft SCOM you had to have, is working on a new solution. What they noticed talking to customers and companies is that every one is using multiple monitoring solutions. Companies have a lot of point solutions to monitor a specific segment of their network or a specific functionality. This leads to many console and a lot of data that is not aggregated in one console. Searching through all this data trying to find the needle in the haystack is a burden for many IT admins. Savision recognised this problem and developed a new solution, Savision IQ. In this article I will give an overview of Savision IQ and why I think it is interesting for many companies facing similar problems.
Monitoring systems generates data, everyone working long enough in IT knows the massive amounts of data e.g. Microsoft SCOM produces. It is one reason customers are reluctant for new monitoring systems. Mailboxes are overloaded and most alerts stay in the inbox marked unread. Microsoft SCOM and almost any other product out there is designed from a dashboard principle where you build a dashboard and read statuses there.
What I also notice is that when you have a lot of data, you would like to ask the system for a specific metric. You would like to talk to it, like you talk at home to Alexa or NVIDIA Shield. Natural language queries like “I would like to see all machines with less than 2GB of RAM”. Offering that to a customer would simplify his or her work and speed up issue tracking. you’d like to search your data like you search the Internet with Google. Easy language understandable for everyone with a lot of option to filter. Below you see a screenshot of how Savision IQ does this, you connect a lot of data sources and with a query you get data from all of them
Savision IQ is a new way of handling internal monitoring data. Instead of having multiple console you now aggregate the data into one console. This one console offers you dashboards, search capabilities and sharing options. It is a monitoring solution itself but is fed by external sources.
The power behind Savision IQ is the fact that they offer a natural search where you can search through several data sources as they were one. You saw the search capabilities before already. Of course there is much more to it but you get the impression. If you’re at MSIngite this week visit the booth and be amazed.
One thing to understand is that it is not a replacement of any tool, it is an addition a console to create an overview. Once you see an issue and the source data system would be a better place to look you can jump right to it, there is a button for that in the console taking you right to the source console.
A quick walkthrough
So if we take a look at Savision IQ you will see that it works from integrating other data systems, which ones will be mentioned later on. After the initial install that is the first step, integrate it with other systems. Savision IQ will then collect data, initially that’s a lot of course. And then you can search just like you would in Google. If you have multiple systems connected you could search for a server and get results from different systems (you see the data from different systems) and drill down to the details or you could filter. Filter means you select which source is used or you create your search query to filter based on time, source etc.
The filters can be stored as a dashboard so that on a large screen you got a number of dashboard showing numbers, incidents, alerts or whatever the query was about. All data being shown is from the source systems. If you see a number, lets say 100 alerts, these are aggregated alerts from all the sources and filters in your query. You can share the dashboards with others and set roles to prevent them from messing up your queries or dashboards. The dashboards show above are all created from queries entered. As you can see these are more demo boards but you could create dashboard that monitor certain functionality and create a heat map for that.
If you want to see the number of alerts from all the systems you monitor in different queries you switch to a different view of the console and in a glance you have an overview of all alerts of specific systems (the ones you selected in the query) from all connected data sources.
Lets take a quick look at the more technical side of things.
The solution is created from the following components, a web service with the elastic search data store for the intelligence and A SQL server database to store the data it receives.
- Web application running in IIS (Core) + a local agent
- Elasticsearch data store
- Microsoft SQL Server 2012 or higher, for configuration store.
Right now they integrate with a number of systems but that is expanding and they have API’s to connect to legacy systems. The systems they can connect with are:
- System Center Operations Manager 2012 SP1, 2012 R2 and 2016.
- SolarWinds Orion
- Nagios Core and XI
- VMware vCenter
- Microsoft Azure
- Amazon Web Services (AWS)
- Ivanti Service Management
Communication with the integrated systems is always on a read-only base, the solution does not change anything but merely reads data. Communication is done over the following ports;
- System Center Operations Manager: 5724
- SolarWinds: 17778
- Nagios Core and XI: 443 or configured in the url
- VMware vCenter: 443
- Microsoft Azure: 443
- Amazon Web Services (AWS): 80 and 443
- ServiceNow: 443
- HEAT Service Management (HEAT Software is now Ivanti): 443
- Cloud instance: 443
More insight information will be shared in a follow up article about setting up the product, I think especially with the natural search and the intelligence to search and combine multiple sources this is a very interesting product. Check them out at MSIgnite they are at booth 1113 if you want to see Savision IQ. The product is about the be released. I’ve seen it live already and the easiness of setup and usage is interesting. Hopefully more monitoring solutions will be available to integrate with.