Event Management is teh process that monitors all sorts of occurrences within an IT infrastructure. The point is to detect exception conditions not part of the normal operation. By detecting exceptions it's possible to escalate them to the appropriate support level. An event is any notification created by an IT service, Configuration Item or monitoring tool that has significance for the management of the IT infrastructure or the delivery of IT service. The scope of Event Management basically comprises of detecting events, investigate and determine the necessary course of action. A clear objective of event management is early detection of incidents and the automation of routines according to input from the event record. This is specially important since a number of routines can be monitored by exception, reducing downtime.
Events are typically handled through use of SNMP (Simple Network Management Protocol), which assigns a unique identifier to any event generated from the IT infrastructure. Next they go through a filter and receive a notification label: Informational, Warning/Alert (when a CI is nearing a critical stage in its execution lifecycle, which can possibly cause it to m alfunction or underperform) and Exception/Error, which means that a CI is performing below expectations as defined in the SLA (service level agreement) and business has been impacted in a negative way, requiring intervention and corrective actions. Usually filtering takes place in accordance with established KPI (key performance indicators).
Usually only the latter 2 require some form of intervention. Events rated informational are simply logged in the system.
A trend analysis is usually run by periodically going through the event management logs. This helps find possible ways of preventing future incidents from happening. When the events requires human intervention, it's said to have escalated. Filtering events and correctly labelling them helps reroute them to the correct person responsible for handling them. When an exception is detected, this usually results in an incident record. Incident closure is highly recommended along with links to the other processes.
No comments:
Post a Comment