Fall has begun with the autumnal equinox and ServiceNow, sticking to its promises to push two releases per year out of the door, with the periodicity of a Swiss watch, comes with the Rome release. As usual, it contains dozens of new features and improvements. Let’s have a look at those in the area of IT Operations Management.
Among the new features, these ones have attracted my interest:
- Unified Agent Client Collector
- Event Management Alert aggregations
- Discovery password vault improvements
United we swing with Unified Agent Client Collector
Agent Client Collector framework (ACC-F) has been here for some time already, namely from the Paris release. Its use cases were primarily in the ITOM Health space, where the concept of direct monitoring of hosts to fetch events or metrics signified a breaking news in the ServiceNow’s positioning towards the monitoring market segment, where it has never been before.
ServiceNow did not stop there and have invested significant energy into pushing the ACC framework further. It is not about monitoring anymore, although this is probably still most tempting use for the customers, but it is now usable for many other things. Aside of the use cases in monitoring space, you can now use it as the data flow for the Discovery and Service Mapping, in the ITSM space for fetching realtime data from endpoints and automating remediations, in SecOps to ensure endpoint security compliance and timely response and also there are ideas how to use ACC in IT Asset Management to automate various stages in the asset lifecycle.
ACC-F, along with its fellow components, is being delivered as ServiceNow Store apps. The new versions are coming outside of the ServiceNow release schedule and therefore not associated with the Rome release. Time-wise, the newest features have also seen the light of the in September, so let’s have a look what the newborns are:
- Simplified download and installation options
- Automatic MID server selection
- REST/CLI Agent APIs
- ACC can now collect data for Health Log Analytics
- Unified AIOps Agent – what’s behind this is support for the Operational Intelligence application
- Performance improvements – CPU consumption limits, scalability
ACC is definitely a nice piece of technology, has been from the beginning and now is even better – becoming a mature universal solution for many needs.
Alerts aggregations in Event Management made simple
Tag-based alert clustering engine is one of the new features that has not been advertised much, but it is very handy. In fact, I was looking for this function from the beginning. In nutshell, in Alert Management, there are options that you can use to make your Alerts overview more clean and neat with Correlations and Aggregations. For Correlations, you can have your own rules identifying which alerts should be qualified as Primary and which as Secondary. With Aggregations, you can group alerts based on the CMDB data or based on the text NLP processing with AI/ML-driven Predictive Intelligence. That’s it, or at least was until now. I was wondering how I can group alerts based on its own data. And now I can! First, I create conditions for alerts tagging and secondly, define the group where they should aggregated. As simple as that, done! Event operators’ daily bread is now a bit softer.
Visibility, that’s what Discovery and Service Mapping is for – securely
Discovery has been providing options in security hardening using password vault integration with CyberArk and with Just Enough Administration with non-admin selected commandlets execution from Orlando release. Discovery can now be even more secure with an improved CyberArk integration and for those customers who use other PAM vendors, the good news is that there are two newly supported solutions – Hashicorp, which we have seen as frequently used, and another market leader – Thycotic. Creation of a custom external credential store integration still remains an option for customers possessing the Java development skills within their teams.
Other notable improvements
In Event Management, new EIF listener that can use webhooks to pull events from IBM tooling, as well with the new Grafana webhook listener, Health Log Analytics has now more standard log source connectors and lastly, improved overview of ITOM Health subscriptions consumption.
Service Mapping brings automation of machine-learned relationships now controllable with policies you can setup.
Discovery – Certificate Inventory and Management has now improved TLS request fulfilment flows.
CMDB – Data Workspace for the complete overview of the data health on one unified landing page and Data Manager to help setup automated CI transitions.
Did you know, that the MID Server can now be containerized? Docker recipes are ready to cook this delicacy, yummy!
…and many more new, improved and changed goodies that did not fit here in this article, but you can read for yourself in the Rome release notes.
To sum it all up, ServiceNow is again demonstrating its traction in innovations, miles ahead from their competition. Talking about the competition… Other vendors exists, of course. But have you heard of any offering such complete vision and advanced technology, adoptable so easy by everyone? Yes? Let me know, I’d like to learn more.