Category:Event Management

From IT frameworks

One of the key processes in Service Operation, Event management delivers guidance on managing detectable occurences in the IT infrastructure and decides upon the appropriate control of action.

Contents 1 Goals & Objectives 2 Terminology 3 Roles 4 Scope 5 Activities 6 Interfaces 6.1 Inputs 6.2 Outputs 7 Value to the Business 8 Implementation 9 Challenges to implementation 10 Flow Chart Model 11 Tips for exam 12 References and resources

Goals & Objectives

To monitor IT services and their components and detect relevant events.

Terminology

• Event - Any detectable occurance in the IT infrastructure.
• Monitoring - Monitoring refers to the activity of observing a situation to detect changes that happen over time.
• Reporting - Reporting refers to the analysis , production and distribution of the output of the monitoring activity.
• Alert - A threshold has been exceeded.
• Event correlation - To understand events they are analyzed against other events and their configuration items.
• Event filtering - Filtering decides if the event is informational, warning or exception.
  • Event Information - no action required ( An IT user may be logging on to a system)
  • Warning - A threshold is soon to be reached or unauthorized IT event has occured (An IT user is using unauthorized software)
  • Exception - Typically a configuration item acting abnormally or a new configuration item has been implemented (An IT user is logged onto a system where memory seems to be filling up too quickly)

Roles

• Event Manager (Note: An event manager is a rarely seen role in IT organizations)
• Technical Management & Application management - Testing event management monitors and reports as defined with tools designed for the service in service design
• IT Operations management - Responsible for monitoring events. Similar to Operations bridge.

Scope

The scope of event management includes detecting occurrences, filtering occurrences as necessary and making the appropriate control of action. Monitoring, reporting and logging over defined configuration items.

Activities

As Event Management is a key process in the Service Operation life cycle phase, the main goal is to ensure normal service operation as soon as possible. Therefore the following 4 activities or something similar should be performed:

• Identify - Log - Categorize - Prioritize

After the above 4 steps, the event must be managed as one of the following:

• Informational, Warning or exception

The event detected may need to trigger one of the other key processes in Service Operation

• Incident Management (allowing proactive possibility)
• Problem Management
• Change Management (RfC filled in and sent)

Before events are closed , a review must be performed to ensure:

• The triggered process received enough information regarding the particular event.
• Feedback from other key processes for CSI
• Was the approriate control of action performed?

Interfaces

Inputs

• An event has been detected

Outputs

• Human intervention (telephone, sms, email)
• Logged and reported
• Input to incident management
• Input to change management
• Input to problem management
• Key information to capacity management
• Key information to availability management

Value to the Business

• Earlier detection of incidents, possibly larger detection of incidents before they have been noticed on the user side of the IT Service
• Due to mostly automated tasks, human resources are freed up to other Service Operation activities

Implementation

Some form of monitoring should have been designed into the service as part of the Service Design life cycle phase. Availability Management and Capacity Management gain valuable input from event management.

Challenges to implementation

Flow Chart Model

See image to the right.

Tips for exam

Learn the main goal of Event Management "Decide the appropriate control of action"

References and resources

1. Key Element Guide Service Operation - OGC
2. ITIL Service Operation - OGC