What is an event?

Feb 14, 2024 | Glossary

Terms like ‘event’ play an important role in understanding IT and OT operations. There is usually an abundance of interpretations and definitions. You will also find different naming conventions with each vendor of tools for monitoring and service management. So, let’s dive in. How does ITIL (Information Technology Infrastructure Library) define an event?

ITIL links events and notifications directly by saying:

“An event can be defined as any detectable or discernible occurrence that has significance for the management of the IT Infrastructure or the delivery of IT service and evaluation of the impact a deviation might cause to the services. Events are typically notifications created by an IT service, Configuration Item (CI) or monitoring tool.” Source: Wikipedia, i.e. from the ITIL Service Operation Book

Some disagree because an event is (not necessarily) a notification.

ITIL also defines categories for events mixing up events and alerts:

“Standard categorization based on the significance of an event:

  • Informational (INFO): the event does not require any immediate action and does not represent an exception. They are recorded in the log files and maintained for a predetermined period. This type of event is used to check the status of a device or service, to confirm the state of an activity, to generate statistics (user login, batch job completed, device power up, number of users logged into an application)
  • Warning (WARN / ALERT): the event is generated when a device or service, (application / utility), is approaching an agreed threshold (KPI). Warnings are intended to notify the group/process/tool in order to take the necessary actions to prevent an exception occurring.
  • Exception (ERROR): means that a service or device is currently operating below the normal parameters/indicators (predefined). This mean that the business service is impacted and the device or service presents a failure, performance degradations or loss of functionality (web server down, CS coverage lost for several sites). A device failure is an error.”Source here

Here is another definition which might be a better fit:

“An event is an observed change to the normal behavior of a system, environment, process, workflow or person.” Source: danielmiessner.com 

So, you could simplify this by saying that any (included an unobserved) change to the current behavior or desired status is already an event.

How SIGNL4 relates to an event

SIGNL4 is able to process events from a variety of sources. It logs events, and can decide to turn an event into alert and subsequently alert notifcations. Incoming events can already be qualified as alerts by the originating system, e.g. an IT monitoring tool. In any case, SIGNL4 makes sure any alerts are sent to the right person at the right time, anywhere. Learn more

Discover SIGNL4

SIGNL4 Alerting App

Stay ahead of critical incidents with SIGNL4 and its superpowers. SIGNL4 provides superior and automated mobile alerting, delivers alerts to the right people at the right time and enables operations teams to respond and to manage incidents from anywhere.

Learn more about SIGNL4 and start your free 30-days trial.