ScienceLogic has been getting the right kind of press recently – e.g. they were a winner of Best of Interop 2013 – Management & Monitoring, and Infoworld had some rather nice things to say. They’ve got some high-profile customers too, such as Fasthosts and Equinix. But what exactly is their product all about, and is it any good? Recently I’ve been reviewing the ScienceLogic EM7 system for my customers, and to see if it is a good fit for my company.
The Promise: One Tool
According to ScienceLogic, their EM7 system:
…delivers a completely integrated IT monitoring and management solution for service providers and enterprises with distributed operations
Er…right. Sounds good. Doesn’t everyone promise that? Not quite like this. What they’ve built is a single application that does discovery and monitoring of networks, servers, storage, virtualisation environments, and pretty much anything else with an API. Since they can connect into almost any API, they can also plug in to things like AWS or Rackspace to monitor “cloud”-hosted systems. They provide fault and performance monitoring and reporting. Obviously they include event management – but then they also include ticket management, asset management, knowledge base, and of course wrap it up with some dashboards. This is all delivered as either an ISO you can install into a VM, or as a physical appliance running the same code.
What makes this different from the other major network management vendors is that they’re not trying to sell you a heap of different modules, which you need to glue together. Instead, they’ve written it as one application, and you get access to all the features. All information is stored in one database, so reporting, event management, asset management is all consolidated and consistent. You can monitor the network and the applications from one place, instead of using a range of tools.
Multi-tenancy is pervasive throughout the system. I have seen other tools try to add this later, and it almost always fails in some way. This product appears to have properly catered for multi-tenancy from an early stage.
The system can be distributed for either network topology or scaling reasons.
The clear target market for ScienceLogic is Managed Service Providers. They’ll like the customisability, flexibility and the multi-tenancy. But there’s a limit to the size of that market, and for ScienceLogic to expand, they need to be able to deliver for Enterprises. Historically ScienceLogic was very focused on the North American market (>80% of customers in NA), but they are now expanding worldwide. Presumably the funding they’ve taken on in 2010 and 2012 will be used to help with this.
I’m an engineer, not a salesman, so I can’t tell you the exact pricing. The pricing model is pretty flat – they only really care how many devices you monitor, not how many polling engines you put in, or what features you use. In terms of approximate market positioning, think a bit more expensive than Solarwinds, but a lot less than Big 4 (HP, CA, IBM, BMC). It’s probably not going to make sense if you’ve got < 100 devices, but it would certainly fit into medium-large networks. If you have existing monitoring or helpdesk tools that you wish to retain, the pricing might not work out.
So, Is It Any Good?
Yes. On balance, I do think it’s a good tool. It’s not perfect, but nothing is.
Good Bits – The Stuff I Liked
- Quick to deploy – build the VM from ISO, license it, and start discovering systems. No time wasted integrating various tools purchased from different countries and sold under one umbrella.
- Easy to configure a range of visualisation options in the dashboards.
- Monitoring these days is far more than SNMP and WMI – this system lets me configure all manner of integration into various APIs – SOAP/XML, SQL, SSH, whatever. I don’t feel like I’ll need to buy more modules when a new technology comes along.
- “Power Packs” let me package up any combination of themes, event policies, reports, device templates etc, and share them between EM7 systems. This lets someone like me easily leverage enhancements across multiple customers.
- Very easy to pick out a running process on a Windows or Linux box, and say “monitor this.”
- Monitoring views can pull in lots of different sources – network, servers, virtualisation environment, AWS, etc. I haven’t seen many products that can pull together “cloud” monitoring with local system monitoring.
- Excellent GUI tool for modelling an SNMP device, or adding monitoring to an existing device. One of the easiest methods I’ve seen for this. Other tools become a nightmare of SNMP MIB parsing to try and do this.
Annoyances, Frustrations and Other Caveats
- The interface can be very “busy” with a lot of options, and small targets to click on. It leans towards the “propeller-head” side of the continuum between Fisher-Price and raw source code. It needs an “Old person” version with big icons, so people like me don’t have to squint. Note this tends to be more on the admin parts of the interface – you can hide most of that complexity with dashboard views.
- Some interface inconsistencies – e.g. if you’re going to have a “Close” button on a pop-up, you should have the same “Close” button in the same location, on all pop-ups.
- Use of the term “Guide” where every other modern product uses “Help” (Petty I know, but consistency across applications reduces the learning curve).
- Some parts of the interface still require Flash, although they are moving to HTML5.
- The system installs with a default SSL certificate (not individually generated and self-signed, but instead all systems ship with the same certificate/key pair). This is not the end of the world, but the process for installing a proper SSL certificate should be clearly documented. I had to scratch around inside the system to work out how to install my certificate.
- Some of the file ownership/permissions didn’t look right – e.g. private keys should not have permissions 644. Yes, I know, if someone gets shell access, you’re compromised, but still…
- /var/log/secure logs the sudo actions taken. This is fine, but it’s not so cool that this file logs the password used for all WMI operations, every single time the monitor runs.
- When changing behaviour of one of the system monitoring policies, I had to write SQL statements to insert records in a DB. NB: This is definitely not the norm within the product, but, well…you know you’re in trouble when Lindsay’s writing SQL statements.
- Documentation is hidden away, only available to registered customers. So far as I know, it’s only in PDF too, with a font that I’m sure looks lovely when printed, but is difficult to read on-screen. I can’t remember when I last printed a manual – why do people still tailor documentation for print layout?
- No downloadable free trial. Even once you access to the install ISO, you still need a license. Boo! There should be a 30/60-day instant-on license, so customers can try out the product without needing to go through the whole sales cycle.
It won’t be the single tool for ALL your management needs either – depending on your exact needs, you’ll probably still need to use other systems for network configuration management, NetFlow analysis, deeper logfile analysis (e.g. Splunk), etc. You should be able to integrate these to some degree with ScienceLogic. If you’re an ITIL shop, you’ll probably need to use other tools for Change Management.
Non-technical things to consider include the size and reach of ScienceLogic, where their customers are, and whether you can find local engineers and support partners or not. There’s not a huge amount of publicly available information about them that’s not from ScienceLogic either – e.g. blog posts, forums, etc. Obviously they’d like to change that, but particularly if you live outside North America, you should think carefully about what that means to your risk profile. If you have clued-up local staff, this may not be a problem for you. But for many organisations, they need to purchase a ‘name’ brand, to get support from senior management. ScienceLogic is not yet that scale.
I like this product, and I like their general philosophy. The challenge I see with my customers is that they’re trying to work out how they’re going to monitor networks, servers and applications that are spread across a mix of local systems, IaaS, PaaS and SaaS. Traditional monitoring vendors are barely coping with virtualisation, and I have no idea how they are going to deliver the flexibility needed for monitoring much more complicated systems. ScienceLogic is taking a different approach, and promises something that can adapt as needed. The promise of less consultant spend on tool installation/integration/maintenance is very compelling. Hey, as a consultant, I’d far rather spend my time on real business value!
If they continue to develop the product, and successfully expand internationally, I think we’ll see a lot more of them around.
Disclaimer: ScienceLogic did not offer any consideration for writing this, nor did they seek to unduly influence my opinion. While ScienceLogic did pay for lunch at one meeting I had with them, I think I bought the coffees at the other meeting. They provided me with demo software, a trial license, and some assistance with setup and configuration. These opinions are my own, and do not represent those of my employer.