Incident Management
A data center suddenly receives thousands of alarms that indicate hundreds of servers and related services are unreachable. A network management system filters the events and performs an automated analysis to determine that an alarm from a router is the root cause. The router is swapped for a replacement and all the alarms stop.Problem Management
Several customers of a bank have reported issues paying bills over the past 3 weeks with each recorded as an incident. A problem ticket is created that links the incidents. A support analyst notices that all the incidents are for the same payee. She checks, and the payee isn't configured properly in the system.Service Level Management
A help desk service experiences an incident with one of its core software tools. Call metrics begin to worsen as employees work around the affected system. An analysis is conducted to see if any Service Level Agreements were broken. Where SLAs were exceeded customers are informed and accounts potentially credited with penalty fees. In other words, the service provider informs customers of SLA violations before the customer themselves notice. This tends to improve customer satisfaction and loyalty.Intrusion Detection
An account that hasn't been used for 4 years suddenly experiences a large number of logon attempts that fail. A logon is successful and the account starts executing suspicious commands. An intrusion detection system sends an alert based on correlation of these events leading to the probability that an attack is in progress.| Overview: Event Correlation | ||
Type | ||
Definition | Finding meaningful information by determining likely relationships between events. | |
Related Concepts | ||
