17 October 2019 | Updated on 17 July 2024
The ability to monitor, analyse, and respond to events within an IT environment is a critical factor in maintaining the health, performance, and reliability of any IT service. ITIL® 4 offers an approa...
The ability to monitor, analyse, and respond to events within an IT environment is a critical factor in maintaining the health, performance, and reliability of any IT service. ITIL® 4 offers an approach to help with this.
Learn more about ITIL 4 and how it can benefit your organisation.
An event is any change of configuration item (CI) from one state to another within an IT service. ITIL event management is a process that defines and manages the lifecycle of all these events.
The primary objective of event management is to ensure the normal operation of services by detecting and addressing any ‘exceptional conditions’ or ‘exceptional events’.
An exceptional event refers to a significant and disruptive occurrence that, if not handled effectively, could have a substantial impact on service quality, performance, or availability. These events require immediate attention to mitigate their effects.
For example, a server moving from online to idle would be considered an event. However, if this server had an outage this would then turn into an exceptional event, as it needs to be dealt with urgently to avoid impacting the service provided.
Event management tools are software solutions designed to monitor, analyse and respond to events within IT environments. These tools help keep the technology running smoothly and will alert IT service teams if something goes wrong, so it can be addressed quickly and efficiently.
These tools fall into two categories:
Active monitoring tools proactively collect data by testing components such as servers, network devices and applications. If issues are detected or a pre-determined threshold is exceeded, they will then send an alert to the IT service team to make them aware of the problem.
Passive monitoring tools capture data that is already being generated, such as logs, messages, or event streams, and analyse it for patterns or anomalies. These tools are particularly useful for security and network monitoring.
IT events can be split into three categories:
These events are typically messages or notifications generated to provide information about the current status or performance of the system. These are typically the lowest priority events, as they do not require immediate attention but the data they provide may prove useful in maintaining and optimising the IT environment. Examples of informational events include messages about software updates, successful backups, etc.
Warning events are of a slightly higher priority, as they provide notifications to indicate potential issues or anomalies within an IT system which, if left unaddressed, could lead to more significant problems or service disruptions. Common examples of this are alerts about high memory usage or nearing storage limits.
Exceptional events are the highest priority and require immediate attention. They refer to events which may cause significant disruption or deviations from normal service operation. Examples of exceptional events include system crashes, hardware failures and security breaches.
Event management metrics can be used to measure the effectiveness of these processes and gain insights into the performance of IT systems and services.
Some examples of useful event management metrics include:
There are multiple stages to the event management process, as detailed in ITIL 4:
Improve your IT event management processes with ITIL 4 training. Complete your e-learning, virtual or classroom training and then book your ITIL exam to become a certified IT service management professional.