Tuesday, 19 February 2013

ITIL : Alert Management -II


Dear Readers,

As promised yesterday, today we are going to understand the responses to Alert Notifications. But before we start that, let us have a look at Event Management Flow.

































In the actual implementations, the alert response depends upon the type of design, process implementation and the requirements at the ground. A good number of standard responses is available and any combination of these responses can be used while responding.

For Example, suppose an event of login of authorized users occurs at the server. Now as per configuration, this event may be logged or may be left without any action. In some setups there may not be any action required and in case of some highly sensitive and security focused setups, these events may needs to be recorded for future analysis.

Some of the important Event response options are-

Event Logging

An event occurred can be recorded for analysis and future reference purposes. But, this decision again depends on few factors like availability of space, retention period, Event types etc. A normal successful login event may be excluded from recording if numbers of such events are very high, are considered less significant and management agrees to do so.

Auto Response

Some of the well analyzed and understood events may be configured for auto response. One such response may be restart of a service by a specific set of IDs. A restart includes a series of event like service stop and then start of service. Hence Auto response may be configured to no action for normal proceeding of entire activity and log an incident in case restart doesn't complete. Another example may be auto locking of accounts after an specified number of unsuccessful attempts.

Escalation

An alert is generated if human intervention is required. Such escalations are mostly configured to reach at help desk which in turns assign this alert of appropriate function.

Ticket Logging

Those events which represent a failure, disruption to service or a need for change, appropriate ticket like Incident, Problem or Change may be logged.
We’ll discuss about selection of correct ticket type will be discussed in the posts on Incident, Problem and Change Management processes.










Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)