Incident Management for ITOps Teams: Learning to Centralize

by Chris Riley August 30, 2016 | 5 min read

Can ITOps teams centralize incident management? If you work in ITOps, your first answer to that question may be a resounding “no.”

After all, ITOps has such a broad and diverse set of responsibilities that it may seem nearly impossible to bring them all under a single umbrella when it comes to incident management. From server administration to desktop PC provisioning to help desk support — not to mention things like handling purchasing and managing independent contractors — ITOps teams do it all.

That makes ITOps very different from most other parts of an organization. If you’re a programming department, you can centralize your development and bug management processes using a code repository. If you’re sales, you can manage products and customer contacts through a centralized platform like Salesforce. Not so with ITOps, since it covers so many different tasks.

We’re here to tell you that centralized incident management for ITOps doesn’t have to be just a pipe dream. Yes, ITOps handles so many diverse jobs that there’s no one-size-fits-all platform for monitoring and responding to issues, but you can still centralize the way you manage incidents across your whole infrastructure.

How do you do that? By using an incident management tool that can integrate with all the various strands of your ITOps workflow.

Getting the Most from Your Monitoring Services

Let’s run through a basic example of how your ITOps team can centralize incident management — even if ITOps itself is not so centralized.

If you’re an ITOps professional at a small or medium business, there’s a good chance you have to keep track of three main types of infrastructure. The first piece is your on-premises servers, which you might use to host a local file share or serve some websites. The second part is your public cloud, where you keep data back ups. The third bit is local workstations, which need to be kept up and running and connected to your on-premises and cloud servers.

Planning incident management for each part of this infrastructure is tricky. Some monitoring systems might claim to be able to support bare-metal servers, cloud infrastructure and PCs equally well. But if they do, they probably don’t specialize in any of these areas. They’ll just give you generic monitoring, without advanced functionality designed for particular types of infrastructure.

For that reason, you’re better off using a combination of monitoring services that are tailored to the different pieces of your infrastructure. For your cloud, you’ll probably get the most value out of a cloud-centric monitoring system, like AWS CloudWatch. SolarWinds could be useful for your on-premises devices and local network. And you might want to use something like Splunk to analyze all of the log data your many devices are spitting out.

One incident management Tool to Rule Them All

Each of the monitoring platforms we’ve mentioned comes with some type of alert or notification system, but the notifications may not be as robust as you need. Even if they are, no ITOps team wants to be receiving alerts from several different platforms — in different formats, with different types of content — at once. Under those conditions, it would be extremely difficult to make sure the right alerts are reaching the right people at the right time.

The good news for ITOps professionals is that incident management doesn’t have to be so confusing and disorganized. Even if you have multiple monitoring systems in place for the different parts of your operations, you can centralize how you receive all of the alerts.

Just as important, you can also centralize how the notifications are distributed to your team. For example, some of your monitoring services might not be able to do SMS alerts natively. If you interface those services with a centralized incident management platform that can translate notifications into whichever format you need, you can forward them to your admins’ phones as needed.

Last but not least, a centralized incident management solution also lets you avoid redundant alerts. If your network gets overloaded, that could lead to notifications not only from the service that is monitoring your network switches but also from the monitoring stack on your servers, which will detect a spotty connection.

Receiving multiple alerts that stem from the same core problem will sow confusion among your team and increase the time they take to respond. In contrast, centralized incident management assures that the team receives notifications on a per-incident basis, not a per-monitoring system one — so there’s less noise and it’s clear immediately what’s going on.

Normally, adding yet another tool to your ITOps workflow might seem like it will only lead to bloat. That may be true in many contexts. But in the case of incident management, implementing a solution, like PagerDuty, that centralizes notifications can help your ITOps team derive a lot more value from the monitoring tools you already have in place.