AIOps in 2020: How industry consolidation is transforming the AIOps value proposition
Four years ago, Gartner coined the phrase AIOps as an approach to the issue of IT service outages. Now in 2020, AIOps entered the enterprise in modern IT teams. Where do we go from here? Here is a quick overview of the different tools that enterprises have used to maintain and optimize their mission-critical IT services and a short history of AIOps buyouts.
Gartner coined the phrase AIOps in 2016 to introduce IT decision-makers to a modern approach to the age-old problem of IT service outages. The discipline of IT incident management has seen a huge leap with the application of data science, machine learning, and combinatorial optimization techniques for service restoration. Here is a quick overview of the different tools that enterprises have used to maintain and optimize their mission-critical IT services:
1. Event Correlation and Analysis (ECA)
In the early 2000s, event correlation and analysis tools (aka event consoles and manager of managers) emerged to streamline incident response workflows. ECA tools ingested events from different IT infrastructure elements and processed them using causal rules and event filters. While ECA tools worked well in an era of predictable IT infrastructure, technologists struggled to make them work for dynamic apps and infrastructure. Examples of ECA tools include BMC ProactiveNet, CA Spectrum, EMC Smarts, HP OMi, and IBM Tivoli Netcool.
2. IT Operations Analytics (ITOA)
ITOA tools capitalized on the popularity of big data analytics in the 2010s to deliver holistic insights into the performance of modern IT services. While ITOA tools were great at uncovering hidden patterns across event datasets, their focus on historical data analysis (as opposed to real-time analysis) limited their appeal to technology operations teams. ITOA vendors of note include Appnomic, Evolven, Nastel, Netuitive, and Prelert.
3. Artificial Intelligence for IT Operations (AIOps)
Artificial Intelligence for IT Operations (AIOps) tools combine “big data and machine learning to automate IT operations processes, including event correlation, anomaly detection, and causality determination.” The purpose of AIOps tools is to tame event floods by extracting relevant insights for incident response using historical and real-time analysis. Popular AIOps vendors include Moogsoft, BigPanda, Loom Systems, and FixStream.
A short history of AIOps buyouts
In January 2020, larger IT operations management (ITOM) players acquired three different AIOps startups—Unomaly, Nyansa, and Loom Systems—signaling rapid industry consolidation. From 2015, there have been a total of 11 exits in the ITOA/AIOps market, demonstrating incumbent interest in new approaches to incident remediation. Industry leaders like ServiceNow, VMware, New Relic, HP, Cisco, Elastic, PagerDuty, and Splunk all have acquired AIOps tools to complement product portfolios, launch new product lines, build intellectual property, or gain access to outstanding talent.
A quick analysis of these 11 buyouts shows that monitoring (application, infrastructure, network, and logging) companies accounted for more than half of the overall acquisitions in the AIOps space. Here are some of the reasons cited by these acquirers for their purchase:
- ServiceNow on the rationale for buying Loom Systems – “With Loom Systems, ServiceNow will increase customers’ ability to apply AI to their knowledge base of issues and fixes for better insights into root causes and allow them to automate remediation tasks, reducing the number of Level 1 IT incidents.”
- Resolve Systems on the FixStream purchase – “Ultimately, the long-term vision for the combined Resolve and FixStream solution is to aid customers in achieving the long-awaited promise of ‘self-healing IT’.”
- New Relic on the SignifAI transaction – “To deliver reliable software at scale, DevOps teams need to leverage machine learning to help them predict and detect issues early and reduce alert fatigue.”
- PagerDuty on acquiring Event Enrichment HQ – “Integrating the Event Enrichment Platform with PagerDuty reduces noise, surfaces actionable alerts and delivers context-rich remediation information so businesses resolve critical incidents faster.”
AIOps in the enterprise: Where do we go from here?
What do recent acquisitions portend for the future of AIOps as a stand-alone ITOM category? While AIOps approaches will become increasingly widespread for incident management and response, it is unclear if enterprise IT teams will invest heavily in pure-play AIOps tools for the limited value (event correlation and root cause analysis) that they currently deliver.
Here are four reasons why we will see a transformation in the AIOps value proposition so that modern IT operations teams realize greater value from their investments:
1. It’s all about business-service impact
AIOps tools have no way to contextualize the event impact for an IT service without native instrumentation. Machine learning algorithms on their own cannot establish the priority and urgency of a specific event without service context. AIOps tools require service-centricity so that IT teams can focus on the critical incidents that matter to their business and safely ignore the rest.
2. Stand-alone AIOps tools address a limited part of the incident workflow
While AIOps tools offer actionable event intelligence, they need to connect back to a system of record (service desk or alert management systems) for prompt incident escalation and response. If the incident requires a standard response, AIOps tools again need to rely on IT process automation tools for rapid remediation.
3. Domain centricity matters
AIOps tools use machine learning and data science methods to uncover patterns from IT events. IT teams will see great value in marrying AIOps insights with domain-centric tools, like performance monitoring, so that they can view, analyze, and act with the right context across the entire incident lifecycle.
4. Machine learning is now table stakes for digital operations management
Machine data intelligence is no longer a competitive differentiator for AIOps tools as most hybrid monitoring tools have incorporated native machine learning algorithms for reduced event noise and faster root cause(s) analysis for performance management.
In 2020, there are only a few stand-alone AIOps vendors left in the market. IT decision-makers will prioritize AIOps tools that can not only ingest different types of performance data through open integrations and APIs, but also deliver the right business context for incident response using native instrumentation for so-called full-stack observability. Expect more blurring of technology categories – from ITOM to ITSM – as algorithmic event management, contextual alerting, and self-healing workflows become part of the default toolkit for incident management teams.