San Diego. The location where ServiceNow headquarters used to reside before moving to the silicon valley-influenced “Santa Clara”-region in California. Given the history of ServiceNow and their heart for San Diego, what can we analyze and conclude from their latest release? You guessed right; it’s time for the official San Diego release notes of the platform.
With the market of 2022 bringing digitalization on steroids, the ServiceNow swiss-army knife of automating and integrating every process of the enterprise steamrolls ahead. Meta and some of the larger tech companies might be taking a hit on the stock markets, but nothing indicates the same for our workflow beast.
In this analysis, we focus our eyes on the growing and in-demand suite of their ITOM (IT Operations Management) and AiOps portfolio. During an investment call with Servicenow in 2021, it became apparent that the natural step for many customers is ITOM. 13 out of the 20 biggest deals included ITOM during 2021 according to a transcript dating back 12 months. Hence we’re happy to see that the release of San Diego provides plentiful of highlights in the AIOps- & ITOM arena.
More secure Discovery with gMSA
Not to be confused with service accounts, gMSA (Group Managed Service Accounts) is the hot thing at the moment. They allow you to run programs as an account that doesn’t require a password while still having the security of a strong password. The way it works, simply put but accurate, is that gMSA of course have a password – but it doesn’t require the administrator to know the password.
In the last release of San Diego, ServiceNow ITOM can now leverage gMSA accounts which means that no credentials needs to be stored in ServiceNow. The benefits are many, such as increasing the security additionally through cycling gMSA passwords (credential rotation).
A very important component in the battle for a secure discovery solution. If you’re curious about securing discovery and best practices, here is more in-depth information.
More powerful connection suggestions in Service Maps
The connection suggestions of Service Mapping sniffs, analyses and parses all the active TCP connections within an organization. Based on the TCP traffic it suggests “Connection Candidates” for Service Maps (application services/application layer). With the latest release this part of Service Mapping is starting to become very comprehensive. Supporting load balancers, virtual IPs and provides automatic suggestion of how confident the connection is relevant.
The immediate benefit of having connection suggestions is that application owners and ITOps becomes aware of how their services truly are constructed. Frequently the enterprise architects draws a theoretical picture but the reality with integrations, dataflows and processes which speaks and depend on each other is vastly different.
Agent Client Collector – Log Analytics (ACC-L)
The agent client collector is a framework provided by ServiceNow which serves a multitude of purposes. Originally an acquisition of Loom systems, health log analytics is now fully integrated into the ServiceNow ITOM portfolio. We see the “Health Log Analytics” as part of Event Management, where it’s possible to analyze logs with Machine Learning. Previously it’s only been possible to ingest log data through connecting to existing log services, such as splunk, azure, rsyslog and others.
Starting from the San Diego release, it’s possible to ingest and get log data with the agent client collector framework. In other words leveraging ServiceNow to grab log-data in real-time (Linux & Win) allows to potentially consolidate a companies log monitoring tools. The ACC-L is rather lightweight as it’s built on Sensu, and through the collectors, you don’t only gather log data but also a multitude of hardware related attributes (discovery).
See the blueprint below for an overview of the Agent Client Collector Framework.
New look for Event Management
In case you’ve missed it, ServiceNow is enabling a major UI rehaul called the “Next Experience”. This new UI is not enabled per default (unless you’re a new customer) but for those curious and working in Operator Workspace, it’s a possibility to enjoy the latest already now.
The new UI have been a project internally at ServiceNow for a longer time and we’re now at the stage where it is slowly being rolled out. “A new UI, again?” – you might ask yourself. Although there’s been many redesigns the past decade at ServiceNow, this particular UI is for a first-time truly created by UX designers with UX designers in mind.
In other words, an organization can build powerful front-ends for ITOM.
Tag-based clustering engine for alerts
Traditionally alerts in ServiceNow ITOM have been very dependent on corresponding CI’s (configuration items). Meaning that for Event Management values to fully take effect a CMDB needs to be in place for all the monitored objects, ideally with relationships. However, the reality is that much of monitoring is not always bound to a host-machine but more abstract concepts such as microservices and applications.
ServiceNow introduces the “Tag-based clustering engine” for event management in the latest release. Based on text semantics alerts can now be grouped in tagging structures. This is very useful in scenarios where CI’s are missing entirely or there is a need to normalize text. For example, an application called different naming conventions depending on the monitoring source.
The alert-based clustering is a powerful addition and can serve as a great option to boost the alert groupings and “fill out the gaps” where the CMDB is lacking.
New event connectors ready to be used
Multiple new OOTB (out-of-the-box) connectors have been added to the Event Management suite. Such as:
- MID push connector for GCP
- MID push connector for Azure
- Azure Bi-directional
- Logic Monitor
- Oracle Cloud
Enrich the CMDB based on log-data with Health Log Analytics
Logs can tell a lot about the infrastructure. In logs we can find components, disks, application names, services and much more. It would be a shame if all of this data went to waste with only analyzing it for errors. Instead in the latest release, ServiceNow Health Log Analytics can scan logs and try to find references to configuration items that are missing. Users of HLA (health log analytics) can there for enjoy an immensely enriched CMDB of suggested CI’s that discovery potentially have missed or can’t discover at all.
Automatically deep-discover resources after provisioning
Are you using ServiceNow Cloud Provisioning and Governance to create new cloud resources? Then you will be happy to know that as soon as a resource has been created, a “targeted discovery” to the resource can be automatically triggered. Previously the deeper discovery of cloud resources would only take place if a discovery schedule was defined and the resource included. Meanwhile in the latest release pattern-based discovery can automatically be launched after provisioning of a resource – enriching the CMDB even further without delay.
Azure Usage Tracking – mapping the footprint of user behavior in Azure
Organizations who uses Cloud Provisioning and Governance tend to be large in size. Typically MSPs or global enterprises can justify the cost of consolidating multiple clouds into one portal. As a result the number of orderable catalog items tend to be rather large. As different groups, departments and regions expect to be able to order different type of cloud resources.
Keeping track of how users are interacting with the order process of catalog items has not always been easy. In the latest release, ServiceNow have added “Usage Tracking” for Azure. Which means that cloud resources in Azure gets enriched with information about what catalog item was the trigger. This is an excellent way to see which cloud catalog items really are in use, which have the greatest impact and where are there room for optimization (where there’s high volume, there’s always room!).
Final words – ITOM and the San Diego Release
Clearly ServiceNow continues to show their commitment and investments in the ITOM portfolio. The challenges of the past years, such as automating service maps even better as well as too much reliance on the CMDB appears to be seriously addressed for the first time. For customers who consider the time-to-value (TTV) of ServiceNow ITOM these aspects are hugely important.
It’s been a long time since we’ve seen these any new features added to a release, the last time was in Orlando. It would appear like ServiceNow still have an affinity for San Diego after all.