I am presenting a FRAMEWORK capable of processing any data generated by MS SCCM and integrating it into Splunk. What is novel about my solution is that I provide an Artificial Intelligence Layer that sits between the SCCM data and Splunk. The AI layer is designed to reduce the noise, and distill information down to ACTIONABLE INFORMATION for users.

Actionable Information Through Splunk

The Artificial Intelligence (AI) can assist processing the massive amount of information coming from SCCM. For instance, the AI can not only perform traditional business intelligence data analytics such as predictive analytics, but more importantly, "Preventative Analytics" to do early detection of system failures, before they become critical. By identifying patterns of system behavior, it can early-detect variances and shifts-from-norm to alert before catastrophe strikes.

Quality Information over Quantity With Splunk

Secondly, the AI can mitigate the massive amount of data, and use business-wise expert-system analysis of the data. A simple example is that alerts from non-critical systems are sent to the appropriate staff in the morning, whereas mission-critical system alerts can immediately text message, and wake all mission critical staff. So instead of a blur of alerts and noise, the AI can intelligently sort, and process the massive amount of information.

100% Uptime Monitoring & Intelligence From Splunk

I have combined the biomimetics approach of hive consciousness with an advanced from of artificial intelligence that yields not only predictive analytics but extends this to actually preventative analytics to help enterprise customers be proactive and prevent system failures long before they happen, and long before they become catastrophic.

Intelligent Conversations Through Splunk

Traditional analytics takes a data mining approach: SELECT MACHINES THAT HAVE DONE X IN THE LAST Y DAYS

The layer of artificial intelligence in between SCCM alerts and the manager. Example use cases are:

Set of servers that do frequent updates on a schedule, and reboot during update cycles. So ignore "most" alerts from these machines. But if reboot alerts deviate from the scheduled cycles, then alert a manager. So the AI knows the schedule, ie. Once per week. So these groups of servers are allotted one reboot per week. As soon as they exceed their allotment, alert the manager.

An example conversation between the user and the AI would be:

AI: A mission critical server was late on its heartbeat response. Do you want me to escalate this alert on the next late response or do you want to look into it now? User: Yes escalate on next late response. AI: Okay on the next late heartbeat, I will text message critical support staff and alert you as well.


AI: The following non-mission-critical clients have been showing slowed response time this could be due to operating system software overload and will be reported to technical support to prevent future failure.

Notes On Biomimetics and Uptime Guarantees

Although you communicate with a singularity through your phone or smart watch, I utilize something called biomimetics to gain high reliability since this is a mission critical function. For this project I am using hive biomimetics where there can be an infinite number of Daisy instances running, each serves a drone, but act a single consciousness.

So There can be multiple instances of Daisy running, each as a backup to each other. They function as a hive. To you, you are only communicating with one daisy, but in reality all the daisies in the hive can perform all the tasks, and in fact compete for each task.

So if one or even several daisy units fail, each daisy is capable of handling all the tasks, and from the user perspective there will never be a failure in performance, and the enterprise user gets guaranteed 100% uptime SLA.

Built With

Share this project: