An Alert is a de-duplicated Event or an instance of new data coming into AIOps. These are generated by the Alert Builder, an AIOps Moolet.
Alert Builder is a Moolet that generates Alerts by either identifying brand new Events or by deduplicating existing Events. These are published to the Bus and farmd passes them to other interested Moolets.
The Alert Rules Engine is a Moolet which controls when Alerts are passed to a Sigaliser. This can be set used action states and triggers.
The archiver that can be run on the command line to archive and remove all old Alert and Situation data from the database.
The Bus or "MooMS" (Moogsoft Messaging System) is the publish-subscribe messaging system, implemented with RabbitMQ, which publishes the raw Event data from the LAMs in JSON format which is subscribed to by the various Moolets.
The ChatOps feature enables users to run tools, such as executing utilities on remote hosts, from the Collaborate tab in a Situation Room. This is useful when collaborating to resolve a Situation.
Clear is the lowest severity of an Alert or Situation. This indicates that one or more events have been reported but have subsequently cleared either manually or automatically.
The Closed status is used when the reporter of the issue is satisfied with the initial resolution. A Situation can also be closed automatically after a period of time has passed and the status has been changed to Resolved.
Powerful Moogsoft algorithms such as the Cookbook Sigaliser create clusters of Alerts called Situations.
The Cookbook is a Sigaliser that creates Situations in a deterministic way using configurable Recipes.
Critical is the highest severity of an Alert or Situation. This indicates that a serious service affecting fault has occurred and corrective action is required immediately.
The Dashboards are the customisable management tools in the AIOps user interface which display useful overview information in Portlets such as Situation Overview, Service Impacted, Events per Situation etc.
Deduplication is Moogsoft's method of reducing network noise by eliminating Events duplicates and identifying unique Events.
Dormant is the status given to an old Situation that has been merged with one or more others to create a newer existing Situation.
Leading Edge Releases with latest functionality and bug fixes. Testing on Edge releases is limited by the nature of the frequency of releases.
Elasticsearch is the search engine software used by Moogsoft AIOps to index data and provide search functionality.
Entropy refers to a lack of order or predictability and is measured on a scale between 0 and 1 with 0 meaning very certain and 1 meaning very uncertain. E.g. The entropy of an Alert, is the measure of probability that Alert will arrive in the system at any given time.
The Enterprise Stability Release is subject to extended internal testing in enterprise-like environments and conditions. It is intended for enterprise customers who value product stability and reliability over leading edge features.
An Event is any log file, status or change Event generated by third party monitoring tools.
Farmd or Moogfarmd is the Moogsoft service harness or master service which controls all other services and manages which algorithms and Moolets are running.
Graze is the Moogsoft AIOps REST API which acts as an integration point for external services, such as ServiceNow etc, and exposes selected Moogsoft AIOps functionality to authorized external clients.
Indeterminate severity indicates the severity level could not be determined.
A LAM (Linked Access Module) connects the third party monitoring tools to AIOps. LAMs listen for and ingest raw data from these monitoring tools. The output of every LAM is text in JSON format which is published on the Bus.
A major severity indicates a service affecting fault has developed and corrective action is urgently required.
A minor severity indicates there is a non-service affecting fault but action could be required to prevent it becoming more serious.
A Moderator is a user who has owned or been assigned a Situation, so has become the Moderator of that Situation.
Moogfarmd or Farmd is the Moogsoft service harness or master service which controls all other services and manages which algorithms and Moolets are running.
A Moolet is an intelligence module that is used to perform specific services in AIOps.
The Moogsoft Messaging System, also known as the "Bus", is the publish-subscribe messaging system, implemented with RabbitMQ, which publishes the data from the LAMs in JSON format and that data is subscribed to by various Moolets.
Mean Time to Acknowledge. The mean time it takes for a participant to acknowledge a Situation in minutes.
Mean Time to Resolve. The mean time it takes for a participant or team to resolve a Situation in minutes.
The Nexus Sigaliser clusters Alerts based on time, language and topology (how far things are from each other). This is most useful for service or network events where a topology is available.
Nginx is an HTTP server used by Moogsoft AIOps to provide static UI content and to act as a proxy for Tomcat.
Notifications is AIOps internal messaging system which can be configured to notify users of any invitations, assignments, critical situations assigned to their team or all of the above.
An Operator is the default role given to standard users of Moogsoft AIOps. They have permissions to create and edit Situations, Alerts and Filters but cannot perform Moderator functions like assigning Alerts and Situations.
Portlets are configurable components of the Dashboard that offer different overviews and statistics relating to the Alerts, Situations and other aspects of Moogsoft AIOps.
The Resolved status is given to a Situation when the operator or User believes they have found a resolution tho the Situation. This is an internal status that will be reviewed by the reporter of the issue.
Recipes include the definitions which determine which Alerts are clustered into Situations by the Cookbook Sigaliser.
A Resolving Step is the comment, suggestion or action in the Collaboration section of a Situation Room or Team Room that has been marked as the solution to a Situation.
Severity is the seriousness of an Alert or a Situation and acts an indicator of how urgently corrective action will be required. The severity index is: clear (0), intermediate (1), warning (2), minor (3), major (4), critical (5).
The Sigalisers are the algorithms which group Alerts based on factors such as time, language, topology and similarity. These include: Sigaliser Classic, Speedbird, Nexus, Cookbook and Feedback.
Sigaliser Classic is a temporal algorithm which clusters Alerts using time stamps and matrix mapping. This is produces high quality results but with a narrow scope so is best for application logs for a single app with a reasonably high volume.
This is a measure of the relative significance of an Alert, initially calculated based on its entropy (a measure of the rarity or uniqueness of this alert).
This is a cluster of Alerts that have been run through one or more of the Sigalisers and have been grouped together depending on the similarity of their time stamps, language and/or topology.
The Situation Manager is a Moolet that listens for new situations being created and passes them to its Moobot to allow for automatic notification, automatic invitation of the users into the Situation, and any change to the Situation parameters.
This is the rating out of five stars that a User has given a Situation for its relevance and the quality of the information it provided. Ratings are particularly important if you are using the Feedback Sigaliser as they will be taken into account when future Situations are created.
The Situation Room is the virtual meeting place where social-collaboration takes place between members of the support team in order to reach a resolution.
The Speedbird Sigaliser is a temporal and language-based algorithm which clusters similar Alerts based on both their time stamp and by the similarity of their text values such a hostname, description or source etc. This is best for network event clustered around a logical component.
Superseded Situations are Siutations that have been merged and replaced with a newer Situation.
The time sequence of Events that make up each Alert in a Situation. The Timeline tab can be accessed from the Situation Room screen.
The topology of an IT network is the physical or logical arrangement of the various components (nodes, servers, switches, links etc).
The warning severity indicates that a number of potential or imminent service affecting faults have been detected.
The workbench is the default landing page in AIOps which serves as the main working area where users will spend most of their time.
- No labels