How AIOps Transforms IT Operations: Real-World Architecture and Lessons

Background and Pain Points

Operations teams often face overwhelming volumes of monitoring data with many dimensions and weak correlations, making root‑cause analysis time‑consuming. The speaker introduces AIOps, which has evolved through three stages: ITOA (2013) focusing on human‑driven analysis, early AIOps (2016) combining big data and algorithms, and intelligent AIOps (2017) leveraging machine learning.

AIOps aims to free operators from noisy alerts, logs, and manual monitoring by using two core pillars—big data and machine learning—to improve automation, service management, and monitoring quality.

Architecture and Planning

The proposed architecture focuses on correlating diverse data sources—metrics, tracing, events, middleware consumption, business data, and logs—through machine‑learning models. Data is collected via agents, buffered with Kafka (MessageQ), and processed in real time using Flink for ETL tasks.

Alerting, machine‑learning, and a high‑performance data warehouse (capable of sub‑second queries on billions of rows) complete the pipeline. CMDB provides foundational asset and tag information.

The AIOps workflow consists of four paths:

Anomaly Detection : unsupervised screening, manual labeling, then supervised refinement and KPI classification.

Anomaly Localization : building incomplete fault graphs and applying algorithms such as Isolation Forest.

Root‑Cause Analysis : aggregating alerts, clustering correlated metric fluctuations, and narrowing down to server‑ or user‑level issues.

Failure Prediction : still experimental, requiring extensive model training to anticipate incidents and trigger automated mitigation.

Challenges and Opportunities

The biggest challenge is correlation analysis across applications, business metrics, and domains. Steps include tagging in CMDB, time‑series correlation, and deep‑learning of existing alarm rules.

In the online‑education context, additional AI‑driven signals—speech‑to‑text, facial recognition, speaking duration, and emotion detection—are explored to assess teaching quality.

Overall, the case demonstrates how AIOps can reduce alert noise, improve baseline stability, and enable smarter, data‑driven operations.