blended analytics for it unknown unknowns
TRANSCRIPT
Originally Published by Clabby Analytics July 15, 2015
Evolven: Blended Analytics for IT’s “Unknown Unknowns”
July 15, 2015 by Jane Clabby, Clabby Analytics
Evolven, a leading IT Operations Analytics vendor announced Blended Analytics, a solution that
combines all relevant data/sources across IT silos (including performance, log, network, deployment
automation, service desk and CMDB), correlates them with change data and applies powerful analytics to
find the true root causes of performance and availability issues.
Why is this important? Enterprises are missing the “unknown unknowns” – issues they have never seen
before and can’t afford to continue missing. By collecting and analyzing data from this broad range of
sources and combining it with information about what has changed, Evolven reports that troubleshooting
resolution times can be reduced by up to 50%, and the number of incidents can be reduced by as much
as 35%, thus improving both mean time to repair (MTTR) and to prevent problems before they impact
users.
Background
Founded in 2007, Evolven is headquartered in Jersey City, New Jersey, and is privately held, backed by
leading venture capital firms Pitango Venture Capital and Index Ventures. Evolven sells to medium to
large enterprises, particularly in the Financial, Banking, Insurance, Pharmaceutical, and Healthcare
industries where IT infrastructure is dynamic and complex as well as being critical to the business. The
typical Evolven client can have from hundreds to tens of thousands of production servers located on-
premise and/or in the cloud. The company’s customers include Barclays, JPMorganChase, Chubb,
Deloitte, IMS Health, ING, Southboro Medical Group and others.
In general, the CIO, CTO, or Head of Operations makes the purchase decision but Evolven users come
from all the IT teams including DevOps, Service Management, Change Management, QA, and others.
Rather than having any direct competitors, Evolven offers an alternative to other approaches to problem
identification and resolution. For example, some potential customers focus on deployment automation
(actually increasing pace of change and complexity of root cause analysis) or APM tools (identify an area
of the issue but not the true root cause). Evolven’s ability to track end-to-end granular changes and
correlate and analyze change information with other operational symptoms and IT context data is what
differentiates the company from those approaches and vendors..
Blended Analytics – A Closer Look
Evolven’s Blended Analytics (See diagram, next page) correlates and analyzes cross-silo data sources to
deliver IT operations insights. After blending relevant data sources and correlating with change data,
advanced analytics based on machine learning, anomaly detection and domain specific heuristics help to
transform this data into meaningful, actionable information.
Originally Published by Clabby Analytics July 15, 2015
Evolven reports that 95% of incidents are caused by change. By incorporating related change data with
other collected operational data including “symptoms” such as data collected by APM tools (Dynatrace,
AppDynamics, NewRelic, for example), log and network management tools and information about IT
context including CMDB, Deployment Automation, and Service desk, Evolven can either resolve
problems more quickly or even fix them before they affect users.
Evolven Blended Analytics Model
It is Evolven’s technology that collects information about changes – tracking, correlating and analyzing all
changes, end-to-end from application to infrastructure at the most granular level, in order to quickly find
the root cause. Examples of changes include:
Configuration: Causing configuration issues
Data: Unexpected data inputs and structure, data anomalies, size of data
Capacity: Insufficient resources causing system failures and slowdown
Workload: Unexpected transactions distribution, sequence or volume
Code: Introducing new defects
Data is collected non-intrusively in near real-time. According to Evolven, customers typically select from
15 minutes to 1 hour as the interval for data collection. Data is cleansed to eliminate any “noise” and
irrelevant or insignificant data, and then similar events and key performance indicators (KPIs) are
clustered. Finally, data from each source is normalized and put into a similar format for analysis.
Originally Published by Clabby Analytics July 15, 2015
The Evolven analytics engine (See diagram next page) calculates a risk score for each change dimension
and blended data source. Using machine learning-based anomaly detection, statistic and heuristic
algorithms, and a knowledge base incorporating subject matter expert (SME) input, dimensions are given
a risk score and are ranked based on that score. Risk may be predicted based on the type of change,
frequency of change, what is affected by the change etc.
From this data an integrated risk score is calculated. For example, this change related to this alert has an
X% chance of being the root cause. Note that the actual change must be used to calculate risk – the
system cannot look ahead to predict the impact of a particular change that is not deployed yet. “What-if”
analysis of this type is planned for a future release.
Evolven Blended Analytics – Change-Centric Risk Analysis
The solution is available either on-premise or in a software-as-a-service (SaaS) model. The same
functionality on the same release schedule is offered regardless of delivery model.
Originally Published by Clabby Analytics July 15, 2015
Evolven Use Cases Troubleshooting – By identifying what has changed in a unified correlated view and applying
analytics multi-dimensional risk analysis to identify critical changes that carry the most risk, root
cause diagnosis is accelerated (up to 50% faster according to Evolven).
Prevent incidents – With changes being tracked and ranked according to risk as they happen,
Evolven analytics look for anomalies and patterns and issue risk alerts that can eliminate
incidents proactively (up to 35% fewer incidents, according to Evolven). Analytics can be applied
across environments to validate environment consistency (for example, production vs DR; new
server vs. golden baseline; across cluster).
DevOps – Individual changes, patches, and releases can be validated to ensure that they are
applied correctly and consistently. Automated consistency reports improve deployment efficiency.
The software links changes with post-release stability issues so that they can be quickly resolved
(error-free releases are attained up to 25% faster according to Evolven).
Automated Audit – An end-to-end audit trail is automatically created for reliable identification of
unauthorized changes and quick alerting of high-risk changes (75% less manual effort required
according to Evolven).
Summary Observations
The market for IT Operations Analytics is evolving, with many vendors trying to gain a share of the
growing market. APM vendors are adding analytics capabilities to their performance monitoring tools;
analytics vendors are adding new data sources such as Internet of Things (IoT) data to their analytics
platforms; while others are offering easy-to-deploy/manage SaaS delivery models to entice customers.
By offering a solution that is “change-centric”, Evolven has zeroed in on the dynamic nature of today’s IT
environments. Virtualized and cloud-based infrastructure is constantly changing to address new
workloads and new applications. DevOps methodologies introduce new code at much more frequent
intervals, and users are more demanding with expectations of rapid response time and no downtime.
Evolven’s Blended Analytics addresses these requirements with a solution that is cross-silo, focused on
change data, and analytics-driven to provide actionable insights that quickly identifies root causes and
sets the scene for correcting or entirely preventing the problems.
About the Author: Jane Clabby
Jane Clabby has been in the computer industry for 25 years. She worked at both Data
General and EMC in a variety of positions including product management, marketing
research, business development, and marketing communications. In her five years at
Clabby Analytics, she has covered storage, storage management, software defined
infrastructure, cloud computing, and application performance management in her role
as a research analyst. Jane received her BA from Williams College and an MBA from
Boston University.