ITIL Event Management
Event management is a process which defines a standard and sequential procedure for managing the lifecycle of events.
Event management is the process of monitoring, responding, and resolving the events triggered in infrastructure through a lifecycle approach. Generic event’s lifecycle can be represented through different phases starting from notification, registration, categorization, prioritization, diagnosis, resolution, and closure.
Any occurrences/observations that have significance to the delivery of IT infrastructure or services are called events.
- Monitor CIs and services constantly and provide operational information about the infrastructure.
- To provide a proactive mechanism for early detection of incidents.
Process Context Diagram
|Event Detection & Filtration||1. Events in the IT Infrastructure are detected by monitoring tools.|
2. The two type of monitoring tools used are –
-Active monitoring tools that poll key CIs to determine their status and availability. Any exceptions will generate an alert that needs to be communicated to the appropriate tool or team for action.
-Passive monitoring tools that detect and correlate operational alerts or communications generated by CIs. Filter the events, to decide whether to continue treating the event or to discard it.
|Event Correlation and Response||1. Events are acknowledged and categorised into three broad categories – Informational, Warning and Exception.|
2. If the output of filtration is an exception, it means that the service or a device is currently operating abnormally. Exceptions could represent a total failure, impaired functionality or degraded performance. Incident management would be invoked.
3. If the output of filtration is Informational, it refers to an event that does not require any action. They are typically stored in a system or service log files and kept for a predetermined period.
4. If the output of filtration is a warning, it is an Event that is when a service or device is approaching a threshold. Warnings are intended to notify the appropriate person, process or tools that the situation can be checked and the appropriate action taken to prevent an exception.
|Review & Closure||1. Events responded are reviewed for appropriateness of action taken. |
2. Events are closed if satisfactory actions were taken or sent back for correlation.
- Any alerts and events generated by the monitoring tools
- Trigger to Incident Management (which will in turn trigger Problem or Change Management)
- Updated CMDB
- Trigger to Availability Management
- Trigger to Capacity Management
Roles and Responsibilities
Event Management process owner:
- Define the Business Case for the Event Management Process
- Ensure end-to-end responsibility for the Event Management Process
- Ensure that the Event Management process is fit-for-purpose
- Ensure that there is optimal fit between people, process and technology
- Ensure that proper Key Performance Indicators (KPIs) are set
- Ensure that reports are produced, distributed and used
- Ensure that the Event Management process is conducted correctly
- Ensure that the Event Management KPIs are met
- Ensure that the Event Management process operates effectively and efficiently
- Ensure that Event Management Staff are empowered in their jobs
- Ensure that process, procedure and work instruction documentation is up-to-date
Event management analyst:
- Be the operational process executer for his or her specific IT service, technology platform, or organizational entity
- Enter all relevant details into the Event record and ensure that this data is accurate
- Ensure that the Event Management process is used correctly within all departments
- Be informed of the objectives and activities of all support groups
- Execute and coordinate Proactive & Reactive Event Management
- Ensure correct closure and evaluation of Events