Event Management

Event management serves as the foundation for operational monitoring and control.

First, we need to know what an event is. An event is a measurable event that changes the way IT services are provided. Either the Configuration Item (CI) or the monitoring tools create events. This life cycle of activities detects events, makes sense of them, and determines the appropriate control action coordinated by the event management process.

Event: Any change of state that has significance for the management of a service or other configuration item (CI). (ITIL4 Practice)

Monitoring and event management are used to manage events throughout their lifecycle to understand and optimize their impact on the organization and its services. Monitoring and event management includes identification and categorization, or analysis, of events related to all infrastructure levels and service interactions between the organization and its service consumers. Monitoring and event management ensure an appropriate and timely response to those events.

When events are programmed to communicate operational information such as warnings and exceptions, they can be used as the basis for automating many routine operational management activities.
For example, running scripts on remote devices, submitting jobs for processing, or even dynamically balancing service demand across multiple devices to improve performance.

An event can be defined as any status change that is important for managing a configuration item (CI) or an IT service. Events are usually recognized by notifications created by an IT service, CI, or monitoring tool. An effective service operation depends on knowing the condition of the infrastructure and identifying deviations from the usual or expected process.

Monitoring and event management data

Monitoring and event management data and information are an important input to many practices, including:

• incident management
• Problem management
• information security management
• availability management
• performance and capacity management.
• Change enablement
• risk management
• Infrastructural and platform management
• software development and management.

Objectives

The objectives of the event management process are to:

1. Detect all changes of state that have significance for the management of a Cl or IT service.
2. Determine the appropriate control actions for events, and ensure these are communicated to the relevant functions.
3. Provide the trigger, or entry point, for the execution of any service operation processes and operations management activities.
4. Provide the means to compare actual operating performance and behavior against design standards and SLAs.
5. They provide a basis for service assurance and reporting and service improvement.

This can be achieved through good monitoring and control systems based on two types of tools: Active monitoring tools that query key CIs to determine their status and availability All exceptions generate a warning that must be forwarded to the appropriate tool or team for action.

Passive monitoring tools that detect and correlate operational alerts or communications generated by CIs Area of application Event management can be applied to all aspects of service management that need to be controlled and automated. This includes configuration items (CIs). Some CIs are included because they need to be kept in a constant state.

For example, a network switch needs to stay on, and event management tools confirm this by monitoring responses to “pings.” Some CIs will be excluded because their status needs to change frequently. Event management can automate this and update the configuration management system (CMS) (e.g., updating a file server).

environmental conditions (e.g., fire and smoke detection). Software license monitoring for usage to ensure optimum/legal license utilization and allocation.

security (e.g., intrusion detection). Normal activity (e.g., tracking the use of an application or the performance of a server)

The difference between monitoring and event management Monitoring and event management are closely related but slightly different.

event management services is focused on generating and detecting meaningful notifications about the status of the IT infrastructure and services. 

For example, monitoring tools will check the status of a device to ensure that it is operating within acceptable limits, even if that device is not generating events. Put another way, event management works with occurrences that are specifically developed to be monitored. Monitoring tracks these occurrences, but it will also actively seek out conditions that do not create events.

Event Management—Value to Business

Event management’s value to the business is generally indirect; however, it is possible to determine the basis for its value as follows:

Event management provides mechanisms for the early detection of incidents. In many cases, the incident can be detected and assigned to the appropriate group for action before any actual service outage occurs. In addition, when integrated into other service management processes (such as, for example, availability or capacity management), event management can signal status changes or exceptions that allow the appropriate person or team to perform an early response, thus improving the performance of the process. This, in turn, will enable the business to benefit from more effective and efficient service management overall.

Event management provides a basis for automated operations. This increases efficiency and allows expensive human resources to be used for more innovative work. such as designing new or improved functionality or defining new ways the business can exploit technology for increased competitive advantage. Event management can have a direct bearing on service delivery and customer satisfaction. As an example, an automated teller machine may generate event notifications that indicate the device is running low on cash—potentially avoiding the failure of the cash withdrawal portion of that service and its immediate impact on customer satisfaction.

There are three types of events.

Informational Events

These events only provide us with information like a scheduled workload has been completed. A user has logged in to use an application. An email has reached its intended recipient.

Warning Events

These events will provide us with alerts when set threshold levels have been achieved. For example, a server’s memory utilization reaches within 5% of its highest acceptable performance level. The completion time of a transaction is 10% longer than usual.

Exceptional Events

These events indicate that a CI or service is operating abnormally. When a user attempts to log on to an application with an incorrect password, the device’s CPU is at or above the acceptable utilization rate. A PC scan reveals the installation of unauthorized software.

Digital transformation
Service Portfolio Management
Kaizen and Six Sigma The Main Differences
Quantum Computing