Why should the IT Service Manager of a company choose Kriu for IT Operations as the support software for the Network Operation Center (NOC), for the processing of events and alarms from its IT environment?
There are diverse motivations that guide an organization to choose this product, designed and developed by Omninecs.
Kriu is a tool for IT Event Correlation and Analysis, whose main functions are to:
- aggregate, normalize, correlate, filter and present events on a customizable console;
- effect automated corrective actions and notification actions (such as email, and sms);
- integrate with Process Automation tools.
This product is accessible through two web consoles, a user console and an administrative console (designed in accordance with the practices of “Accessibility”), which provide direct access to the core of the IT environment.
The system administrator, using the Administrative console, can control every aspect of event management, from the receipt of data gathered to the definition of mappings visible to end users.
For the NOC operator a user console has been provided that allows the operator to:
- view events with added details and comments;
- create and edit selection and viewing filters, customized to the individual’s objectives;
- get reports in real-time created through the events storage functionality.
Kriu is a systems integrator provided with a native proprietary send_event interface and capable of receiving SNMP traps. The send_event interface is a tool that allows you to send data to the software that can be run directly from the command line or invoked by bash, Perl, or PHP scripts.
Heterogeneous sources can be integrated by using a Design Wizard section of the admin console, an instrument which is of fundamental importance in the day-to-day operations of troubleshooting.
Events received are normalized and enriched with information gathered from external data bases (usually enterprise Configuration Management Data Bases). Through the server module, the rules of “data cleansing” and “deduplication” are applied. Collected events are manipulated by logical correlation tools in a “plug’n play” mode.
The scheduler module enables the automation of “programmed reactions” (e.g. sending preformatted e-mails, executing external commands, opening tickets, sending sms). These operations can be performed using diverse programming languages that are suited to the feature being developed. This represents an added value, because we often find ourselves struggling against the limits of a language rather than exploiting the potential of another. The standard configuration of the Kriu scheduler offers for example a script for the parser of emails from a dedicated Inbox that is written in Perl, while the script for enrichment of information from external databases takes advantage of the MySQLi extension of PHP and MySQL.
Moving to the technical part, below are listed the main components which allow users to take advantage of all the functionalities indicated above.
- Event Receiver: module responsible for receiving events from send_event and Trap Receiver clients. The events are processed first through a programmable logic written in Lua. Features of this processing are simplicity and high performance (standard in the world of video games).
- Trap Receiver: module responsible for receiving SNMP traps.
- Server: the heart of the software. This component does further processing of events from the Event Receiver before inserting them into the Database. The processing logic can be programmed in Lua.
- Scheduler: module responsible for the execution of scheduled tasks.
- MySQL DB: Relational DB, event and history repository.
- Ldbproxy: integration module that enables connecting to different types of external Databases: MS SQL Server, Oracle, DB2.
- User Console: web console designed for management of “Real Time” events.
- Administrative Console: Web console for software configuration management: includes users, groups, roles, scheduled activities, and plugins.
In conclusion, the strengths of KriuxITO are:
- the ease of configuration,
- a highly scalable modular architecture,
- high-performance thanks to
- efficient logic (Lua)
- low memory and disk footprint due to the use of native code C/C++ and C #.