jasonsmith
ServiceNow Employee
ServiceNow Employee

Early Availability is live for San Diego - are you ready to take advantage of new ITOM Health features? Let's go through some highlights. Check the links below to see Rome compatibility. 

KB Articles

Did you know that Health Log Analytics already ships with over 3000 KB articles?

What's new is the capability to capture KB articles as part of the workflow associated with handling log alerts. 

HLAs predictive alerting capability gives you a forewarning before end users are impacted. Having remediation instructions at hand further improves MTTA and MTTR. This also increases the chances of a person other than the SME being able to solve the issue. 

If you have the remediation instructions, then you can decide if you want to automate the response or not. 

Who said automated remediation is a bridge too far to cross? Boom!

find_real_file.png

CMDB Enrichment

While ITOM Visibility is the go to solution for updating the CMDB, it is clearly acknowledged that CI data comes from the source that makes sense at implementation time. The Multisource capabilities allow you to safely enrich CIs as your use cases evolve.

Health Log Analytics can create Server CI candidates from log stream data. The operator decides whether or not to update the CMDB with the CI candidates - and of course the IRE is used in support of the Multisource strategy.

Agent Client Collector Log Analytics

The power of ACC is growing by the day - Discovery, Metrics, Events, Logs and Playbook execution. Until December 2021, ACC did not support streaming of logs from Windows. Problem solved! Yes to both logs that happen to be on Windows and the Windows Event Log itself.

Alert Grouping Enhancements

ML Automated Grouping for Alerts with no CI

Alerts that do not contain a CI can be grouped together as text-based or pattern-based alert groups.

To enable this functionality, set the sa_analytics.enable_no_ci_grouping property to true. When working with pattern-based groups, ensure that the Feature Identifier includes both node and metric name

find_real_file.png

Learned Pattern Exclusion 

Ever tried to delete a learned pattern to exclude alerts from an automated group? First glance, it works great...until the learner job runs again and the pattern is re-learned. DoH! New button alert - problem solved! You can now exclude learned patterns and the patterns stay excluded. 

Filters for alert groups

This is a fine tuning mechanism so that you can filter alerts for inclusion / exclusion from the following alert group types: CMDB, Automated and Text.

Tag Based Alert Clustering Engine

TBACE is a no-code method of alert grouping that correlates alerts without having to use CMDB or model training. You can easily create tags to find alerts that should be grouped together by using fuzzy logic for example.

This feature has been enhanced to use tags from the cmdb_key_value table. The cmdb_key_value table is where you will find tags discovered from Public / Private Cloud & K8. 

Pattern matching can also be utilized - this is similar to regex, but much easier to understand. 

Custom Log Retention

By default, Health Log Analytics retains logs for 3 days. The retention time can be changed to 7, 14 or 30 days. 

Health Log Analytics
User generated KB Articles

CMDB Enrichment
Agent Client Collector Log Analytics
Grouping of Alerts with no CI
Learned Pattern Exclusion
Filters for Automated Groups

Tag Based Alert Clustering Engine
Pattern Matching
Modify log source retention
Storage space for log retention