Blog
|
Best practices

Use self-service tools to speed integration onboarding

7 min read
Time Indicator
BigPanda’s new self-service tools are primed to make integration onboarding even faster

by Bhushan Jadhav | Sep 28, 2022

BigPanda supports inbound integrations for alert ingestion out of the box; however, many IT organizations have older, rarer or custom-built tools that require a little more work upfront. Fortunately, BigPanda’s recently announced Open Integration Manager and Email Parser aim to streamline integrating these kinds of monitoring tools with the BigPanda platform. Both of these self-service configuration options significantly reduce the time to onboard new tools, increasing the velocity of information exchange and improving overall time to value.

Let’s take a more detailed look at these exciting new features.

Open Integration Manager (OIM)

The Open Integration Manager provides an intuitive user interface (UI) where users can easily pre-process and normalize alert data sent via REST APIs without the need for custom code. With this self-service capability, users are able to configure, test and deploy existing out-of-the-box (OOTB) inbound integrations on their own.

OIM is not a new integration but rather a new approach to integrations, especially the normalization aspect. It brings intuitive self-service configuration to what is normally a complex behind-the-scenes process. A specific configuration is used to remap the key properties before sending the alerts to Alerts API within BigPanda.

This new self-service configuration layer simplifies and speeds up the process of normalizing that alert data into a consistent taxonomy that BigPanda can ingest, understand and process. Examples of key areas that can be configured include:

  • Primary/secondary properties
  • Status
  • Timestamp
  • Deduplication logic
  • Adding or removing custom tags

In order to use Open Integration Manager, you first need to create the integration from our list of out-of-the-box integrations or by making your own integration. Then, you will notice the new tab at the top titled “Integration Manager.” This is the new self-service configuration layer within the BigPanda UI.

The first step is to add some sample payload data and use the preview pane to verify that the data is being mapped correctly. Then, alert fields can be mapped to BigPanda tags and values. This then enables all the alert filtering and correlation capabilities that BigPanda delivers.

Preview

The Preview Pane

The Preview pane primarily enables you to view two things

  1. An example event payload
  2. Sample BigPanda alerts as they would be generated using the configuration settings

Sample alerts are updated automatically whenever a change is made to the configuration in the left panel, so users can conveniently check the preview pane to see how configuration changes affect the alerts ingested by BigPanda.

Users can also send multiple alerts in a single payload using an array object. Sample alerts will appear individually with values populated based on the tag mapping configuration.

Tag mapping

Tag mapping provides a way to cleanse and normalize tag information from the incoming raw events. It is used to map payload fields to BigPanda alert tags. Once processed, BigPanda tags are then used for deduplication, enrichment, correlation and analytics.

Within BigPanda, the two key data fields that drive correlation and deduplication are primary and secondary properties. As a best practice, fields that map to primary or secondary tags should be included in all alert payloads. Additionally, users can accommodate additional mapping to any customs tags they like, further enhancing context and correlation for every alert.

Furthermore, users have the option to leverage multiple source tags to determine a single BigPanda tag, with the first tag populated defining the value. Tags run in the order they appear in the editor.

Status mapping

Status mapping

As the name suggests, status mapping is used to map a payload’s value to a BigPanda event status. BigPanda alert statuses are determined by specific incoming tag values.

A good example of this capability would be if a tool uses “urgent” instead of “critical”, OIM can map the status to “critical” and make it easy to ingest into BigPanda.

Having the correct status is important because the status of an alert determines several system events and is necessary for closing resolved alerts. The status mapping works on the exact matching of tag values, meaning that if ‘warn’ is in the value mapping, an alert message with ‘warned’ will not be matched.

Event timestamps

Event timestamps

BigPanda expects a UNIX or Javascript-based timestamp, which can be set automatically by BigPanda or by a payload field. This eliminates the need for a custom integration if the user is not able to convert their events into a UNIX timestamp.

If no timestamp is specified, BigPanda automatically adds one reflecting the time the alert was ingested.

Event deduplication fields

Event deduplication helps eliminate redundant data and eventually reduces noise. BigPanda creates an incident identifier for each incoming event. By default, this identifier is created using the primary and secondary property tags.

Users can override the default to define their own set of deduplication tags that determine a unique alert.

Removing tags

Open Integration Manager allows users to remove any unnecessary tags and only bring in properties that are of high quality and value to them.

For example, if the customer is sending a payload with 30-40 tags, OIM allows the user to select only the required properties important to them.

Currently, we support Open Integrations Manager with our inbound alerts REST API, and going forward we will expand support to all of our OOTB integrations.

Email Parser

Email Parser

The BigPanda Email Parser is a streamlined, simplified integration to extract alert data from emails without custom code. This customizable integration, supporting both text and HTML content, is able to receive emails from a source system and parse out relevant information like status and other properties from these emails into BigPanda alert tags. This is ideal for monitoring tools and systems that do not support REST API and/or rely solely on emails to generate and send alerts.

For example, third-party vendors like Oracle Enterprise Manager, one of BigPanda’s most popular custom email parsers, can send email notifications which will then be forwarded to a BigPanda parser’s address and transformed into alerts.

This functionality is available right within the BigPanda UI, bringing a highly desired self-service capability to this powerful tool.

The Open Integration Manager and Email Parser are two examples of how BigPanda is transforming commonly used functionalities to be self-service driven. By providing this type of user-friendly configuration capability directly within the BigPanda UI, we are making it simpler and much quicker for our users to set up new integrations. Increased ingestion of data across all monitoring tools into the BigPanda platform allows organizations to centralize their alert management and provides greater visibility into the health of an organization’s IT stack—ultimately delivering better performance and availability.

Benefits of using Open Integration Manager and Email Parser in your environment:

  • Accelerated integration onboarding
    • With the onboarding of new tools being virtually never-ending for many organizations, OIM and Email Parser provide a self-service configuration layer that significantly increases the speed and ease at which new inbound integrations can be established.
  • Simplified data normalization
    • Raw alert data needs to be normalized into a consistent taxonomy that BigPanda can understand. OIM and Email Parser provide an easy-to-use configuration layer that enables users to perform that data normalization on their own.
    • For less mature monitoring tools that don’t support REST APIs or only provide alert data via email, the Email Parser configuration layer removes a lot of the manual effort and custom code required to ingest those alerts.
  • Scalable data processing
    • When data gets configured using these new self-service tools directly within the BigPanda platform, it eliminates the need for custom coding. By eliminating that need for proprietary code, those integrations become much easier to maintain and significantly more scalable in the long run.

To learn more about these exciting new features, check out our documentation for Open Integration Manager and Email Parser. If you’re new to BigPanda, reach out to a BigPanda sales representative today. If you want to experience for yourself how BigPanda’s AIOps Event Correlation and Automation platform helps prevent and resolve IT outages, try our self-guided product tour today.