The ITIL® event management process defines three event types: informational, warning and exception. In this post, I will discuss the different event types and give real-world examples of each.
Informational Events
Informational events are simply things that happen in an IT environment that indicate normal operation. These might be events that a service provider cares about, or they might be events that are ignored. Informational events:
- Indicate acceptable behavior of a configuration item
- Convey data that can be used to make a decision
Examples include:
- A nightly backup job has completed successfully
- Control has been given to a CICS region
- A server is now online
- A user logged into an application
Warning Events
Warning events are things that happen in an IT environment that indicate unexpected or unusual operation. These are often events that a service provider cares about and will take additional steps to investigate when they occur. Warning events:
- Indicate unexpected operation of a configuration item
- Might communicate an early indication that a configuration item isn’t behaving as expected
- Often trigger follow-up responses or activities
Examples include:
- The /var filesystem on a UNIX machine is 85 percent full
- A nightly batch job is running 10 percent longer than normal
- A CPU on a service has been 95 percent utilized for 30 minutes
- Unusual traffic has been seen on a network segment
Exception Events
Exception events are things that happen in an IT environment that indicate an abnormal situation has occurred. These are often events that a service provider cares about and will immediately take action on when they occur. Exception events:
- Indicate abnormal behavior of a configuration item
- Typically trigger follow-up actions
Examples include:
- An application has gone offline
- A configuration item is unreachable on the network
- A user has attempted to login to an application with the wrong password too many times
- A user has installed unauthorized software on a work computer
Event management is a very important process because it helps service providers understand what’s happening in their environments. However, without thinking about the different event types, and how they’ll be handled, event management can quickly produce a lot of messages without clarity about which are most important to the service provider.
Related Courses
ITIL Foundation
ITIL Awareness