Another day starting up your laptop or workstation, logging into programs, and waiting for that first call to come in. As an IT help desk analyst, you love when you can solve people’s problems, but sometimes the number of calls feels overwhelming. Although each analyst tier responds to different customer or employee concerns, you all share the same basic job functions like answering calls, asking questions, and research answers.
When you create an efficient help desk process using centralized log management, you can respond faster and provide better service.
3 Core Functions of the IT Service Desk
An IT analyst wears many hats, playing a pivotal communications role across the IT team, customers, and employees. Juggling the different requirements becomes time consuming without having efficient processes and investigation capabilities.
Incident Management Process
As the team responsible for managing incidents, you need to restore services as quickly as possible so that you can meet service level agreements (SLAs). Handling incidents is more than just fixing what’s broken, it involves creating consistent processes for:
- Incident management support: Maintaining the team’s tools, processes, and skills to route incidents in a timely and efficient way
- Incident logging and categorization: Logging reported incidents by category and type so they can be prioritized based on impact
- Incident resolution: Resolving the incident as quickly as possible or forwarding it to a more experience analyst
- Escalated incidents: Having a Tier 2, Tier 3, or Supervisor take action either themselves or using an external support desk
- Major incidents: Fixing incidents that cause widespread business interruption as quickly as possible, escalating issues, communicating status to users
- Incident management reporting: Reporting incidents to the Problem Management team so they can conduct a root cause analysis
Incidents are when things unexpectedly go wrong. Service requests are the routine things people need help with, like resetting a password or installing a software.
Although these are usually low priority, you still need consistent processes. While these look similar to the incident management processes, they have a few differences:
- Request fulfillment support: Maintaining the team’s tools, processes, an training to efficiently respond to requests
- Request logging and categorization: Logging reported requests by category and type so they can be prioritized based on impact
- Request model execution: Fulfilling the request within a reasonable time ream and according to service level agreements
- Request monitoring and escalation: Maintaining service levels by escalating requests efficiently when necessary
- Request closure and evaluation: Documenting activities and reporting problems or errors that require root cause analysis
The IT service desk acts as the single point of communication between IT and the rest of the business. These communications include:
- Incident management reporting
- Request closure reporting
- Service outage notification
- Solution dissemination
People need to know when the IT department needs scheduled service downtime for things like software, operating system, and firmware updates. Additionally, they sometimes need to reboot systems, so communicating this to the organization reduces the number of service calls.
Service Desk process overview
Every time someone calls you for help, you need to log the interactions so that you can manage the flow of information throughout the process.
Before you have a user interaction management process, you need to define the types of interaction so that you know who should handle them. Some typical categories include:
- Service disruptions
- Service requests
- Requests for information
Along with the type of interaction, you need to define the method of interaction. For example, people may initiate a help desk workflow using:
- Instant messages
- Self-service portal
Not every request or incident is going to be easy, so you need to document the different interaction phases. For example, you need workflows in your help desk ticketing system that allow you to document:
- Intake: who contacted you, when they contacted you, how they contacted you
- Reason: why they contacted you
- Result: whether you could answer the question or had to route to someone more experienced
- Next steps: why you couldn’t fix the problem, who it went to, what they did with it
- Resolution: who fixed the problem, how they fixed it, whether someone needs to do more investigation
For each interaction type, you need to open a ticket, assign it to someone, and make sure they close the ticket when they’re done.
Service Desk user roles
To create efficient workflows, you need to define each help desk user’s roles. This way, as you populate things, you can automate the next steps. For example:
- Tier 1: Initial interaction, simple responses, including but not limited to “turn it off and turn it back on again”
- Tier 2: Systems and applications issues that require more technical expertise, like reviewing network traffic for bottlenecks
- Tier 3: Complex root cause research and analysis
Your workflows should define general problems that each analyst manages and make it easy to route problems to the right person. When you don’t know who should be handling something, you have a harder time meeting SLAs.
Building Out Efficient Workflows
Every organization is unique, making every IT help desk unique. However, despite having different IT environments and staffing, similarities across processes exist.
Regardless of intake method or request, you need to have someone sending the initial response. This event triggers your workflow. Sometimes, this will be
You should have processes in place for:
- Authenticating the caller
- Creating a ticket
- Assigning a ticket
Validation and screening
Now that you have a ticket, you can start to work with the person who called you. Normally, this is the Tier 1 analyst’s job. At this point, you want workflow processes that include:
- Documenting the problem
- Providing initial assistance
- Recording steps taken
If you can’t help the person, then you should have automation that closes out your ticket and alerts the Tier 2 or Tier 3 analyst who can work with the caller.
You know that not every call will require the same level of urgency. When you forward a ticket to the next person, you should be able to prioritize it. Your team’s prioritization decisions will be unique to your SLAs, but you should consider:
- High: Impacts many users and/or business processes that leads to business interruption
- Medium: Slows down users and/or business processes without causing business interruption
- Low: Limited user and/or business process impact with easy workarounds
Automation’s value becomes obvious when you look at the escalation process. You need visibility into everyone’s capacity and their experience level so that you can route the tickets appropriately.
When you escalate the ticket, you should make sure that you provide the next person as much information as possible including:
- Research from your investigation
- Steps taken to attempt resolution
- Problems and reasons for escalating
Resolution and closing
When you finally solve the problem, you need to document everything that happened. Typically, you need to have documentation about:
- Time from initial interaction to resolution
- Investigation research
- Suggested next steps
If you used a workaround to solve the caller’s problem, you may need to share the issue with other people. To do this, you should have a single source of all research data to share with everyone who needs it.
Benefits of a Purpose-Built Centralized Log Management Solution
With a centralized log management solution built for IT operations, you can automate workflows to create efficient processes.
Integrates with business applications
Your centralized log management solution should be able to integrate with automation tools, like your ticketing system. With a comprehensive and robust REST API, you can create workflows in your ticketing system to eliminate redundant, time-consuming, manual processes.
More efficient operations
With all your log data in one place, you can create visualizations, like charts and graphs. These give you at-a-glance visibility into systems and networks. For example, if someone calls the help desk because an application is running slowly, you can more rapidly determine whether a network is slow or an application needs to be debugged.
Faster response times
Aggregating and correlating all log data using a common format enables visibility into your environment. For example, you can scroll through log events in real-time to diagnose and debug issues.
With a purpose-built centralized log management solution, you should be able to communicate across different teams more effectively. When you can assign roles and create teams within your solution, everyone has the access they need and can work from the same information.
For example, you may choose to create dashboards that you can share across the organization but want to limit how different users interact with it. People have the visibility they need, but you still protect the data’s integrity.
Sometimes, you want to share a search when you escalate a ticket. When you pass off the issue, the next person has useful information instead of just screen captures, data dumps, or ticket notes.
Boosts IT’s productivity
With lightning fast search capabilities, you can complete more tickets in less time. For example, limiting your search to the caller’s technology problem, like O365, and user name makes it easier to find what you need.
The search speed means that you’re not sitting around waiting on the technology, you’re using your time more efficiently and productively.
Improves service quality
As an IT service desk analyst, the fewer calls you get, the happier your users are. With centralized log management, you can create customized alerts to detect issues before your users do. With the ability to deliver these alerts in emails, texts, or Slack® messages, you can fix issues before they impact your users.
Increased staff satisfaction
When you choose a purpose-built centralized log management solution, you don’t need to have specialized skills. It should be usable by everyone, no matter how much experience they have or don’t have. This means that it should have a user-friendly interface, including capabilities like auto-complete and drop-down menus.
Graylog Operations: The Centralized Log Management Solution for Help Desks
Graylog Operations is a powerful, flexible, seamless centralized log management experience that enables help desk technicians to rapidly pinpoint errors. By gaining meaningful context from your event log data, you can get to the root cause of performance issues and bottlenecks faster, reducing business impact. With our easy-to-use interface and sharing capabilities, you can escalate issues more efficiently, ultimately delivering on SLAs and providing better service outcomes.