AI and machine learning have developed rapidly in recent years and have been integrated into many IT systems and solutions. The technology is helping overburdened ITOM (IT Operations & Management) teams to solve problems and reduce manual effort. AI is redefining the possibilities in digital operations management. IT operations, or Ops for short, is becoming AIOPs. 'Artificial Intelligence for IT Operations' refers to the use of artificial intelligence and machine learning in the automation of IT operations and processes. The benefits include improvements in the monitoring, management and analysis of IT infrastructures. Anomalies, trends and problems are detected at an early stage.

AIOps is based on huge amounts of data and historical findings (big data). AI and ML algorithms identify patterns, can make predictions and thus support human decision-making. By processing natural language, AI-supported systems even understand complex relationships and can output comprehensible texts. Intelligent recommendations and the automation of repetitive tasks help companies to resolve incidents faster and more effectively. This benefits both companies and customers.

AI in incident management

Incident management refers to the process of identifying, escalating, investigating and resolving unexpected events (incidents) that affect the normal operation of IT services or business processes. The aim of incident management is to restore operations as quickly as possible and minimize the impact on users. In the long term, solutions must be found to prevent future incidents.
However, companies struggle with the strategic goal of finding long-term solutions. Siloed incident response systems make it difficult to process incident data; response times are longer. Many manual processes place an additional burden on already overloaded ITOM teams. Artificial intelligence can be used to automate a large number of incident management processes and tasks. Automated processes based on AI algorithms help incident management teams to identify incidents more quickly and respond to them more efficiently. Less time spent on manual tasks means more time for strategic tasks.

The use of AI in incident management also offers a number of other benefits. AI can analyze large amounts of data in real time to identify abnormal patterns or behaviors. It can even derive trends and identify potential risks before they become obvious problems. This requires a large amount of data to be analyzed. This is almost impossible to do manually. The example of anomaly detection shows what is needed and how it works.

Early detection of anomalies

In the first step, machine learning algorithms (e.g. clustering or neural networks) are used to create models that represent the normal behavior of the systems or processes. The trained model is then applied to real-time data. Information is continuously collected from various data sources for comparison with the baseline. The sources include log files, server logs, network data, transaction logs or sensor data. The collected data must be processed to reduce noise and identify relevant information. Then the features or characteristics that show unusual patterns or behaviors are extracted. Such features can be higher CPU utilization as well as unusual transaction volumes or user activity.
If deviations from the expected patterns are detected, the system identifies these as potential anomalies. Defined threshold values indicate when a deviation is significant enough to trigger an alarm. If the threshold value is exceeded, an alarm is generated and forwarded to the incident management team.

AI can also automatically classify and prioritize incidents. Tickets are assigned to the right teams more quickly and, if necessary, escalation to higher levels is initiated in good time. The model is continuously monitored and refined to reduce false positives and improve its ability to detect new anomalies. Expert systems play an important role in AI-supported systems. Access to the broad knowledge base of such systems supports incident management teams with concrete recommendations for action and helps in the search for solutions to known problems.

Knowledge management of AI-supported systems

In AI-supported systems, knowledge management is often carried out using so-called knowledge graphs. The systems collect and store knowledge from various sources, such as manuals, technical documents, solution databases and expert knowledge, but also from chat logs and historical incidents. This process is also known as data aggregation.
The aggregated data is analyzed and indexed. In the course of indexing, entities such as terms, concepts and keywords are identified, content is categorized and recorded in a structured manner. Entities can also be linked together to create relationships between them. The knowledge base created enables users to search for specific information and ask questions. Appropriate tagging facilitates the search.
Natural language processing is relatively new, but essential in knowledge management. AI-supported systems can also understand complex queries using natural language processing (NLP).

AI-supported platforms and solutions are now an integral part of incident management in every modern, data-centric digital company. By integrating AIOps into incident management, companies can optimize operations and increase the efficiency of their ITOM teams. The combination of AI and compliance monitoring enables more efficient compliance with regulations such as GDPR through automated detection of breaches and early warning of potential issues. AI-powered processes also help to improve the customer experience.

Erick Dean

© PagerDuty

The author, Erick Dean, is Senior Director of Product Management for the AIOps product line at PagerDuty.