Introduction

Observability tools have historically focused on logs and metrics, but not configuration information. This is surprising given how often configuration changes lead to outages as well as their potential to create security vulnerabilities.

Enter the Selector Configuration Compliance solution. Operations teams can now audit configuration changes, correlate configuration changes to anomalies, and search for the presence or absence of specific configuration statements. Operations teams can be configuration commandos, with an elite understanding of configuration changes, state, and consequences.

Anomaly Detection

The Basic Workflow

  • A configuration change occurs
  • A syslog event monitor invokes an automation webhook, for example Rundeck/Ansible
  • The entire configuration is retrieved from the affected device and stored in a repository
  • The repository does a diff between the old config and the new config
  • Selector Analytics stores both the diff and the new configuration
  • Selector Analytics correlates the diff to any relevant anomalies
  • Selector Analytics highlights the correlated incident to users
  • Selector Analytics users can drill down on all correlated information including diff and whole configuration

Greater Clarity and Efficiency

Through this workflow, anomaly detection is much richer, and correlated to likely causes whether it is a fault in the network or a configuration change. Instead of operations teams having to guess at what are the likely sources of anomalies, there is greater clarity, more efficient triage, lower mean time to detect (MTTD), and lower mean time to repair (MTTR). With the impact of the configuration change identified, operations teams can rollback the change if needed, using an approved process.

This solution highlights the strength of the Selector Analytics architecture, capable of correlating any data source or data type, including configuration changes.

Configuration Search / Validation

Be Prepared for Any Network Situation

Ever been in a situation where you are about to go live with a major new network segment and/or change, and wondered if every configuration was set the way it needed to be?

No problem, now you can do a configuration search for the absence or presence of any configuration element.

  • Show me the devices that have this BGP statement.
  • Show me the devices that do not have this ACL statement.

All with a natural language query. A Selector customer recently used this capability before going live with a major, highly visible media event, and were very pleased they did.

List all the devices that do or do not have a specific configuration statement.

 

Configuration Audit

Increase Performance and Security

As with many Selector analyzed events, a timeline is constructed so that Selector users can explore a timeline, see correlations, and do drill downs as needed.

With the Selector Configuration Change Timeline, operations teams can see when a change was made, what the change was, and who/what made the change. As automation becomes more prevalent, the frequency of changes are likely to increase. Buried in such changes may be configuration changes made by hackers that create significant security vulnerabilities. A configuration change trace / timeline is essential as configuration changes are among the most common sources of outage, performance degradation, and increasingly, security exposures.

 

Conclusion

While change management processes may provide a check on what planned changes occur, the outcome of a change is unpredictable.

There may be unwanted changes occurring outside of the change management process that operations teams need to know about. Importantly, if there is a correlation between a configuration change and outages / performance degradation, operations teams need to know about that as rapidly as possible, and then return to the desired KPIs as soon as possible.

  • Collect from Various Data Sources

    Collect from Various Data Sources

    Ingest variety of data sources in various formats

  • Correlate Metrics & Events

    Correlate Metrics & Events

    Machine Learning based data analytics for automated anomaly detection

  • Collaborate Across Boundaries

    Collaborate Across Boundaries

    Instant actionable insights on collaborative platforms using Natural Language Queries (NLQ)

  • Technical Support

    Technical Support

    24×7 Product support

  • Low-Code Analytics

    Low-Code Analytics

    A fully interactive web portal with on-demand dashboards

  • Cloud-Native Deployment

    Cloud-Native Deployment

    Selector AI can be deployed in three possible modes – public, private, and cloud VPCs

Schedule Your Free Demo Today

Find out firsthand how Selector can help you reduce network management complexity, reduce MTTR, and lower operational costs.

This field is for validation purposes and should be left unchanged.