Incident Management
ITSM defines incidents as events that are not part of the normal operation and have adverse impact on the business operations, such as network or system interruptions. When an incident occurs and causes reduction in the quality of services, the Incident Management process is specifically created to help restore the IT services back to its normal operations as quickly as possible so that the service is operating within the parameters of the service level agreement (SLA).
It’s important to know that ITSM makes distinctions between an incident, a problem and a known error. An incident causes interruptions to normal operations. For example, an incident can be the server or network device going down, or an application bug preventing users from working was identified, or the printer not printing.
A problem occurs when the underlying cause for the incident or incidents cannot be identified. Sometimes several incidents may occur before a problem is recognized. The incidents in this case are symptoms of the problem. Often the incidents are resolved by simply fixing the symptoms. However, until the underlying cause is identified and fixed, a problem will eventually re-occur.
A problem record becomes a known error once it has been successfully diagnosed and a work-around has been developed. Log Intelligence can be used to detect any new incidents occurring in the IT infrastructure and alert IT organizations. In addition, Log Intelligence can be used to report on the number of instances that have occurred in the past to determine whether newly implemented ITSM processes are indeed effective.