By Splunk April 24, 2014
With Knowledge14 kicking off next week, it’s a good time to reminisce on your service desk, the face of your operations to both internal and external customers.
For external facing service desks supporting customers, the effectiveness has traditionally been measured on mean time to resolution, first level resolution rates, escalations and such. And for internal facing service desks that support employees, its effectiveness has been measured mostly around service delivery within acceptable internal SLOs/SLAs.
These days, service desks are expected to continuously improve end-user satisfaction by delivering high quality, timely customer/user support. How do you enable this?
Let’s look at each of the delivery models individually.
External Facing Service Desks:
The most important metrics to track the external service desk will be cost per contact, customer satisfaction, First Contact Resolution (FCR) rate, First Level Resolution rate and aging open incidents. While most of these metrics are easily obtained from your ticketing system, enabling FCR is a whole different beast.
The biggest challenge your NOC/SOC face is their inability to look at ALL relevant data, as they are locked down in silos. This results in frequent escalations to second line of support or engineering teams, poor customer experience and inability to resolve the problem at first contact.
Solving this problem is fundamental to Splunk. So, let’s move on to how Splunk can enable you to gain insights into the effectiveness of your internal facing service desks.
Internal Facing Service Desks:
In order for IT service desks to be effective, IT teams need to aim to provide the highest level of service to their end customers – the employees. Taking ownership, tracking the incident to ensure the user is kept informed about the status of the incident, that the incident is resolved within the expected time frame, and that the user is satisfied with the final resolution is very important.
At Splunk, we use ServiceNow as our incident management ticketing system. It’s the one and only service desk system for us employees to request services of our IT team. While ServiceNow provides analytics on the incident level data it would be atypical of us if we did not splunk the ServiceNow data from their entire ITSM solution. By integrating the ServiceNow data into Splunk, our IT team has enabled every employee to visually measure the effectiveness of IT services with some fantastic analytics.
To begin with, there are 2 different views to the ServiceNow data in Splunk.
Executive Overview: focused on providing a quick snapshot of the operations of IT to effectively drive governance meetings. The dashboard provides key metrics on IT projects (like the total number of projects, their status, planned vs. cancelled projects, in-progress vs on-hold projects…) and incidents (like number of resolved incidents in comparison to opened, aging vs resolved incidents and more)
Component Drilldowns: allow you to get deep into the details on individual projects, incidents and enhancements.
Let us look at the Incident drilldown report as an example. With this report, IT practitioners and IT Managers at Splunk get detailed analytics on all incidents. This data can be filtered over time and by various dimensions like IT team, functional unit, department, requestor, assignee and much more (the data on functional units and roles are indexed from our Active Directory environment). Detailed insights into incidents such as resolved cases, aging incidents, logged vs. open vs. closed incidents, priority by status, SLA breaches and more are captured to measure effectiveness of incident resolution.
This dashboard also includes a report that provides details on individual incidents including a direct drilldown into ServiceNow for in-depth exploration on specific incidents.
Given Splunk’s role-based access controls, each employee has access to view the relevant incident and ticketing data within Splunk.
Additionally, we’re also a Salesforce customer and yes, we splunk Salesforce data – we can’t help ourselves! Now, our IT admins are able to correlate any changes occurring in our salesforce environment to whether there was an approved change request in ServiceNow. With that, we are able to monitor the changes applied against a cloud application and determine if the cloud service was in compliance with security standards, defined change windows and more.
We’ve done some pretty amazing things to improve the effectiveness of our service desk. If you want to discuss the possibilities and see all of this in action, visit us at booth 129 at Knowledge14 next week. We’ll have much more to demonstrate – you won’t want to miss out. See you next week.
----------------------------------------------------
Thanks!
Priya Balakrishnan