Monitoring and Event Management in ITIL 4

Like This Blog 0

Added by Mark Thomas February 28, 2019

Monitoring and Event Management in ITL 4® is an important practice for us to understand. The definition of an event is.

Event: Any change of state that has significance for the management of a service or other Configuration Item (CI)

For example, I monitor and manage multiple data centers. One of the things we had to monitor was the temperature inside these data centers. If the temperature rises too high, then we were going to have issues and problems with our gear.

We buy this monitoring tool, called a thermostat. The thermostat doesn’t know what it’s supposed to do when we first install it, we need to program it first. For this example, thermostat need to be set to keep my data center at 70 degrees Fahrenheit.

Now that it’s set to 70 degrees, it’s acceptable for the temperature to go up one degree up or down on degree, because that’s the acceptable variance that the data center will remain operational. If the temperature goes up to 72, that monitoring tool (the thermostat) will trigger a response. That monitoring tool will then react by turning the air conditioner on so that it comes back down to the acceptable requirement.

What we just did is avoided an incident through monitoring and detection. It was able to see an event and actually brought the temperature back down into a zone that was acceptable. Now, if that temperature hits 73 degrees, that’s beyond the programed threshold, now the monitoring tool kicks off a message to my Incident Management tool.

Based on what that message is, my incident management tool can recognize the incident type and priority and then automatically create an incident ticket and routes that to appropriate parties. It’s a great way of looking at Event Management.

In organizations today, we have monitoring tools that are monitoring everything, from temperature, to application, to storage, to capacity, to uptime, to security.

Monitoring and Event Management Purpose:

Systematically observes services and service components and record and report selected changes of state identified as events. Identifies and prioritizes infrastructure, services and business process and information security events. Establishes the appropriate response to events, including responding to conditions that could lead to potential faults or incidents.

Events are typically recognized through notifications created by an IT service, CI or monitoring

It is important is to understand from the above purpose statement, that Monitoring and Event Management are systematically observing services and my service components, so that they know what the threshold is, and that tool knows when we need to be alerted, and it knows when we’ve breached some type of threshold.

They record and report selected changes of state as events. For example, you could now go look in the log files. Those are events that are recorded, identified and prioritizes infrastructure, additional services, business processes and information security events.

Security teams pioneer their efforts around Monitoring and Event Management and establish the appropriate response to events, including responding to conditions that could lead to potential faults.

Finally, we place Event Management in front of Monitoring because we need to know before that incident takes place, so that that monitoring tool can trigger a reaction that removes the attributes of a potential incident coming up.

The key to understanding Monitoring and Event Management is to systematically observe and be able to help us react faster so that we can close incidents earlier or avoid those incidents altogether.

Are you preparing for your ITIL Foundations Certification? Get the Authorized ITIL 4 Certification Video Training Course by expert instructor Mark Thomas. The course includes video lectures and practice exams with video answers – plus an exam voucher from PeopleCert® all for $495!