Difference between revisions of "Event"
From Veloopti Help
m |
m |
||
| Line 5: | Line 5: | ||
== How events enter Veloopti == | == How events enter Veloopti == | ||
| − | + | Events enter into your organisation though the following methods: | |
| + | # A policy running on a Veloopti agent detects a breach | ||
| + | ## A logfile policy detects a match | ||
| + | ## A SNMP trap is received that matches | ||
| + | # A metric threshold is violated | ||
| + | # It is injected by the Veloopti agent Application Programming Interface (API) | ||
| + | |||
| + | Once the event has been forwarded to Veloopti it is processed according to the following logic. | ||
IF event matches [[Outage|outage]] rule THEN | IF event matches [[Outage|outage]] rule THEN | ||
| Line 12: | Line 19: | ||
EXIT | EXIT | ||
ELSE IF outage rule = auto close THEN | ELSE IF outage rule = auto close THEN | ||
| − | + | <b>Create the event</b> and close | |
EXIT | EXIT | ||
END IF | END IF | ||
| Line 22: | Line 29: | ||
IF event matches an existing event with a different severity THEN | IF event matches an existing event with a different severity THEN | ||
| − | Change the existing severity to match the new one | + | Change the existing events severity to match the new one |
Increment the existing events [[Event_lifecycle#Previous_events_and_duplicates|duplicate count]] by one | Increment the existing events [[Event_lifecycle#Previous_events_and_duplicates|duplicate count]] by one | ||
ELSE IF event matches an existing event with the same severity THEN | ELSE IF event matches an existing event with the same severity THEN | ||
| − | Increment the [[Event_lifecycle#Previous_events_and_duplicates|duplicate count]] by one | + | Increment the existing events [[Event_lifecycle#Previous_events_and_duplicates|duplicate count]] by one |
ELSE | ELSE | ||
| − | Create the event | + | <b>Create the event</b> |
IF the event has a notification THEN | IF the event has a notification THEN | ||
Perform the notification | Perform the notification | ||
Revision as of 20:28, 2 August 2017
1 Overview
According to ITIL events can can be defined as: any detectable or discernible occurrence that has significance for the management of the IT Infrastructure or the delivery of IT service and evaluation of the impact a deviation might cause to the services.
2 How events enter Veloopti
Events enter into your organisation though the following methods:
- A policy running on a Veloopti agent detects a breach
- A logfile policy detects a match
- A SNMP trap is received that matches
- A metric threshold is violated
- It is injected by the Veloopti agent Application Programming Interface (API)
Once the event has been forwarded to Veloopti it is processed according to the following logic.
IF event matches outage rule THEN IF outage rule = suppress THEN Suppress the event EXIT ELSE IF outage rule = auto close THEN Create the event and close EXIT END IF END IF IF event matches one or more storm rules THEN Perform the storm rule(s) END IF IF event matches an existing event with a different severity THEN Change the existing events severity to match the new one Increment the existing events duplicate count by one ELSE IF event matches an existing event with the same severity THEN Increment the existing events duplicate count by one ELSE Create the event IF the event has a notification THEN Perform the notification END IF END IF