The ITIL Lifecycle
The monitoring and planning ITIL (Information Technology Infrastructure Library) process is a key component of the ITIL lifecycle. Without monitoring, you will find it difficult to gauge how effective your IT organization is. ITIL’s definition of monitoring is the ‘activity of observing a situation to detect changes that happen over time’. This implies that you are looking at and capturing data related to your infrastructure in order to make informed decisions about your infrastructure's performance and to head off potential incidents.
Depending on the size and capability of your IT organization, monitoring may be as simple as using a tool to ping servers looking for outages. More advanced organizations will use monitoring to look for more advanced types of information such as:
- Security events or network intrusions
- Unauthorized changes to infrastructure or computers
- Status of key configuration items (servers, switching gear, computers, etc.) looking for abnormalities or failures
- Performance and tracked data for key performance indicators
- Processes to determine their effectiveness
Monitoring also ties into several of the other ITIL processes including incident management, problem management and change management. For more information on ITIL change management, see my article entitled ITIL Change Management tools. For more information on incident management under ITIL, take a look at my article Strategies For Incident Management Teams:Sample Diagram.
Types of Monitoring
There are several types of monitoring – active versus passive and reactive versus proactive.
Active monitoring deals with actively monitoring for events. This is very resource-intensive and implies someone is actively watching and monitoring the data. Active monitoring is typically used when trying to debug an incident or problem.
Passive monitoring is used to collect data against several configuration items which is then aggregated into a tool so it can send out alerts based on criteria you’ve set up. Passive monitoring only works when you’ve spent time setting up monitoring rules and alerts.
Reactive monitoring is used to perform an action based on a criteria being met. For example if several devices can’t be contacted through a switch, you may have a tool automatically reboot the switch.
Proactive monitoring is used to look at a series of events looking for a potential problem to crop up so you can head off the problem before it occurs.
Both reactive and proactive monitoring can be either active or passive.
Planning for Monitoring
Now that you have a basic understanding of what monitoring in ITIL is, you can start planning for your monitoring operations. How will you monitor, what will you monitor and how will you use the results of monitoring?
Start by deciding what you will be monitoring. If you are new to ITIL and have few or immature IT processes, start by monitoring the basics. At a very basic level, make a list of your key configuration items such as your mail server, file server and so on. Also be sure to list any critical networking components such as backbone switches and your firewall. Each of these items should be monitored for connectivity. Additional proactive monitoring such as setting thresholds for low disk space or high memory usage on your key servers is highly recommended. More advanced organizations will likely build processes to monitor other IT processes to ensure they are being carried out in a consistent and efficient manner.
Next, you’ve got to figure out how you are going to monitor for events. There are many network monitoring tools ranging from basic to advanced and free to expensive. Nagios is a popular open source network monitoring tool while on the commercial side Microsoft Operations Manager is another popular choice. Other non-technical monitoring such as processes can be ‘monitored’ by other processes. For example, you could monitor your new hire process after each new hire starts. Was the new hire set up properly, at the appropriate time and in the manner expected based on your procedure?
Last, what do you do with the data? Monitoring does no good if you don’t plan for what to do with the data you collect. In the case of technical monitoring, it should be simple – fix the issue or prevent the problem from happening. In the case of a process, look at ways the process would have been improved or made more consistent.
Again, this was just an introduction to monitoring and planning ITIL processes. By monitoring you can ensure you are on top of potential issues while looking for opportunities for improvement.