Cerner depends on Elastic machine learning for a healthy infrastructure

Cerner Corp. is a supplier of healthcare information technology systems, services, and devices. The company, with $5.7 billion in annual revenue, empowers people and communities to engage in their own care. A key aspect of the business is surfacing data to enable their clients to make informed decisions about their healthcare. 

The 29,000 Cerner employees in 30 countries are on a mission to shape the healthcare of tomorrow. They believe that their influence goes beyond healthcare, and impacts the world.

Jim Avazpour, Director of Infrastructure, says Cerner was challenged by the massive amount of data that they log — network storage, virtualization, and supporting services — to monitor the health of its infrastructure. In response, Cerner chose Elasticsearch as their logging solution to help shore up gaps in data quality. They also cite scalability and resiliency, and cost-effectiveness, as key reasons for choosing Elastic. 

Elastic helps log and monitor the Cerner environment continuously. With data gaps filled, Cerner no longer misses critical alerts of performance violations in the company’s environment, Avazpour says.

Lowering MTTK with Elastic machine learning 

With the introduction of Elastic, Cerner’s observability data pipeline now includes two data feeds. 

Data Feed 1 captures all the industry standard alerting messages, which are readable by people. Alerts in Data Feed 2, however, are generated for every violation. As soon as violations occur, alerts not immediately read by humans are generated and sent to Elasticsearch.

“The amount of data that we collect on a daily basis from our devices in our infrastructure amounts to about 5 billion to 8 billion messages per day,” Avazpour says. “That's a very large amount of data that's flowing through our monitoring solution.”

Using machine learning on Data Feed 2, Cerner is able to find anomalous behavior that was not detected on Data Feed 1. In the end, this two-feed configuration empowers engineers to prevent downtime that would hinder the customer experience.

This two-feed approach has paved the way for dramatically lowering the team’s mean time to knowledge (MTTK) to find the root cause of issues and resolve them. Harnessing Logstash, Elasticsearch, and a home-brewed network crawler, Avazpour says Cerner has been able to reduce MTTK by 75%.

“We've been able to use machine learning to be able to baseline and look for deviation from normal to look for chronic issues, look for anomalies in performance and then be able to generate an alert from that and then be able to notify our engineers to be able to troubleshoot and try to fix issues proactively before our clients were impacted,” Avazpour says.

Watch the full presentation to learn more about how Cerner deploys the Elastic Stack and machine learning to drive a successful observability platform. The video begins with talks by Elastic’s Mukesh Gadiya, Sr. Manager of Product Management, and Tom Grabowski, Principal Product Manager. They discuss the benefits of Elastic Observability with machine learning.