Event management

Incidents occur in the IT Infrastructure that impacts a business service. These incidents originate from various sources, such as events and alerts. The IT infrastructure is monitored by various different sets of monitoring tools at different organizations. These monitoring tools collect data from the inpidual infrastructure components about their activity and signs of abnormality, these might be log messages, warnings, errors, failure messages, security messages, and so on. These messages are called events. ServiceNow event management helps to identify issues across the infrastructure in a single pane of glass or management console by providing event and alert analysis to ensure service availability with the ability to:

• Configure rules for triggering incidents and remediation actions
• Configure alert binding to CIs, services, and hosts for root cause analysis
• Track events from various systems on a single console
• Monitor the alerts console for real-time event processing
• Review the color-coded service maps to see high priority alerts and events
• Use dashboards for monitoring, analysis, and remediation of alerts
• Get a history of previous alerts and events
• Review impact relationships between parent and child CIs
• Review impact and severity calculations based on alerts to prioritize work
• Remediate alerts by integrating with orchestration

An alert is a notification generated by event management for selected events that are considered to be important and require attention. As part of the alert life cycle, you can manage alerts in the following ways:

• Acknowledge alerts
• Create a task such as an incident, problem, or change
• If automatic remediation tasks apply to the alert, begin automatic remediation to start a workflow
• Complete all tasks or remediation activities
• Close alerts for resolved issues
• Add additional information, such as a knowledge article for future reference

The generation of alerts is based on event rules. Event management processes events, generates alerts, and manages alert and incident resolution. Event management either pulls events from supported external event sources using an MID Server.

Event management leverages service mapping data and also data from service analytics to resolve an alert that is raised from the IT infrastructure component. Events are related to the configuration items in the CMDB; when an event is generated, event management locates the associated CI for generating an alert.

Source: wiki.servicenow.com

Event rules can be configured in ServiceNow with the ability to perform and take certain actions as required. Detailed event information associated with inpidual events or a group of eventent information associated with inpidual events or a group of events with inpidual rules set can be viewed within ServiceNow.

If an event rule or event field mapping used the event or group of events to generate an alert, the event information appears in the Activity section of the alert. Event management within ServiceNow has the ability to manage external events and also configure alerts for discovered business services.