Intelligent Monitoring With Premon

Posted on Saturday, July 10, 2010


In our last post, we discussed how intelligence can be built into the monitoring systems. This helps in decreasing the burden of system monitoring and allows administrators and stakeholders to focus on relevant information. In this post we would introduce Premon and look at some of the features that it provides to make monitoring easy and efficient.

  1. Premon complements, it does not compete: Premon does not compete with the existing industry products. The existing products like Nagios, Hyperic, OpenView, Sitescope, Cricket etc are already doing a wonderful job. Most of these systems provide threshold based monitoring and do not correlate alerts. Most enterprises are either using one of these tools or a similar product for monitoring. Premon builds on the capabilities of these existing tools to provide enhanced functionality and easier monitoring.
  2. Premon is non-invasive: Premon expects very minimal changes to the current setup. Strength of Premon is based on the idea of teeing off information from the existing systems, that the enterprise is already using, then using that information to build correlations and other intelligence. The Premon machine learning capability learns about the enterprise information in real-time on the basis of various information collected from existing sources. You could set up Premon on a separate box which listens to a queue for incoming messages in the real-time. These messages could either be put on the queue by an existing monitoring system, if it has the capability or the Premon agent could be configured along with the existing monitoring system to send messaged to the queue also apart from its existing logic.
  3. Premon is configurable: Apart from what Premon learns about the enterprise environment on its own, it can also be taught. For example there could be certain scenarios which are rare occurrences. Due to the nature of their frequency, Premon cannot learn about them till they happen. However, some of these might be critical and an immediate action is required in the event of their occurrence. Such scenarios can be taught to Premon by giving it a definition of the correlation along with the expected behavior.
  4. Premon is extensible: It has a plugin based architecture which makes it possible to plug-in virtually any monitoring system and Premon agent would be able to tee off the relevant messages to the queue where Premon server is listening. This makes it easy to plugin in a monitoring system like Hyperic or Nagios with say a home-grown network monitoring system or an existing application or even an email inbox. Just about anything could come into Premon as an event and then on the basis of correlations defined or realized while learning, relevant alerts would be generated.
  5. Premon exposes functionality via API: It exposes the machine learning, correlation definition API for custom enhancements and programmatic definition and invocation of alerts. This allows greater flexibility and enhancement ease.
  6. Premon satisfies the intelligent monitoring criterion: It satisfies the criterion that we discussed for intelligent monitoring, thereby reducing setup and configuration time, allowing easier root cause analysis and efficient storage of historical information.

In the next post, we would try to dig a bit deeper into the working of Premon. Stay tuned.

Posted in: Architecture, Java