event management diagram

Event management in ITIL® 4

The ability to monitor, analyse, and respond to events within an IT environment is a critical factor in maintaining the health, performance, and reliability of any IT service. ITIL® 4 offers an approach to help with this.

Learn more about ITIL 4 and how it can benefit your organisation.

What is event management?

An event is any change of configuration item (CI) from one state to another within an IT service. ITIL event management is a process that defines and manages the lifecycle of all these events.

The primary objective of event management is to ensure the normal operation of services by detecting and addressing any ‘exceptional conditions’ or ‘exceptional events’.

What is an ‘exceptional event’ in ITIL 4?

An exceptional event refers to a significant and disruptive occurrence that, if not handled effectively, could have a substantial impact on service quality, performance, or availability. These events require immediate attention to mitigate their effects.

For example, a server moving from online to idle would be considered an event. However, if this server had an outage this would then turn into an exceptional event, as it needs to be dealt with urgently to avoid impacting the service provided.

Event management tools

Event management tools are software solutions designed to monitor, analyse and respond to events within IT environments. These tools help keep the technology running smoothly and will alert IT service teams if something goes wrong, so it can be addressed quickly and efficiently.

These tools fall into two categories:

Active tools

Active monitoring tools proactively collect data by testing components such as servers, network devices and applications. If issues are detected or a pre-determined threshold is exceeded, they will then send an alert to the IT service team to make them aware of the problem.

Passive tools

Passive monitoring tools capture data that is already being generated, such as logs, messages, or event streams, and analyse it for patterns or anomalies. These tools are particularly useful for security and network monitoring.

Event management examples

IT events can be split into three categories:

Information

These events are typically messages or notifications generated to provide information about the current status or performance of the system. These are typically the lowest priority events, as they do not require immediate attention but the data they provide may prove useful in maintaining and optimising the IT environment. Examples of informational events include messages about software updates, succ