Automated runbooks can be tremendously useful in managing the important technology that underpins how large organizations serve their customers and staff. They reduce risk and increase the efficiency of critical processes such as recovering services following a cyber attack or technology outage, as well as patching, updating, and migrating technology.
Organizations have lots of software that helps them manage technology such as IT service management platforms, Infrastructure as Code (IaC) tools, monitoring, and communications. People are generally required to join these things together as nothing is completely software defined. Without automated runbooks, teams can inadvertently cause errors which can have catastrophic consequences. Automated runbooks help to join up the human and machine activities end to end, sequencing them and guiding them to significantly reduce error rates. They also provide a good source of audit trails to make compliance a lot easier.
There can sometimes be confusion about what an automated runbook actually is. The following methods are not automated runbooks and present significant risk:
- Static documents held in repositories such as Confluence or in the form of spreadsheets, word documents, PDFs or other manual non-executable non-integrated disconnected formats
- Scripts such as IaC held in tools like Ansible and Terraform where the manual activities to kick these off are held in tools such as those mentioned above or not at all
Although these may be useful tools for managing your IT operations to some degree, they don’t provide the functionality that our concept of automated runbooks do, which I’ll go into below.
So what are automated runbooks?
Automated runbooks contain a set of tasks and their dependencies that need to be undertaken to complete a technology operation. Those tasks can be manual activities carried out by an individual or team, or they can trigger automated activities like executing a script. In this way, runbooks bring together human expertise and knowledge and the benefits of automation.
Automated runbooks provide a number of key features and benefits, including:
Without runbook automation, there is a heavy reliance on individuals to manually orchestrate the teams and tasks involved in a particular operation. This can involve manually updating spreadsheets, spending hours on bridge calls, and contacting individuals by phone or email to let them know when to start their tasks. With automated runbooks, this manual effort is removed. Automated runbooks orchestrate this complex sequence of tasks, ensuring that teams and technology follow the set path in the correct order by automatically notifying people when to start their tasks and triggering automated processes. When orchestration is automated in the runbook, there is no need for a person to manually sequence the tasks or spend time letting teams know when they need to take actions.
Enterprise visibility and reporting
With automated runbooks, the progress and status of activities are automatically reported in real time and freely available for stakeholders and teams to self-serve, so they don’t have to wait to be given progress updates. This also applies to the real-time progress of multiple runbooks at the same time, providing a comprehensive overview of all your in-progress activities.
Automated runbooks can be dynamically adjusted during execution by API or users that have the correct permissions, allowing for the process to adapt as needed on the basis of new information or requirements. This is particularly useful during events such as cyber recovery where you may be getting new information about the extent of the outage after the recovery has begun.
The runbook may also contain sub-routines or snippets of tasks that can automatically repeat until a set of conditions has been reached, such as checking the health of a service and acting on it or retrying the automation scripts.
You can also include logic-based tasks to automatically determine the best path forward when certain conditions or variables are met. This removes the need for manual intervention and improves the overall orchestration and execution of runbook tasks.
It can also be helpful to link runbooks in a parent/child relationship, for example having an IT disaster recovery parent runbook that has hundreds or thousands of specific recovery runbooks for each individual application or service feeding into it.
Integrations and an API
Automated runbooks have powerful integrations to third-party platforms that create a single source of execution. This increases flexibility and productivity and reduces the risk of human error. Likewise, an automated runbook will have a well-defined API that allows you to create or query runbooks, tasks, or teams directly from third-party platforms.
Post-execution analytics and regulatory audit logs
Automated runbooks automatically record the timing and execution of tasks for reporting and generating an audit trail that is not editable. This serves as a record of performance for auditing, continuous improvement, and regulatory compliance purposes.
The number of tasks, users, dependencies, parallel tasks, and runbooks being executed at the same time runs into the thousands to deliver enterprise-grade capability. This enterprise-grade capability has been proven in some of the world’s largest and most sophisticated organizations.
To find out more about how automated runbooks could benefit your organization, get in touch with us at email@example.com or request a demo.