In the first part of this blog post we saw how events monitoring can be a very powerful, effective and at the same time affordable means to prevent system failures in a corporate environment.

I believe that the process of pre-processing events represents the most important part of events monitoring, because this process will decide whether the collected event will “go” or “stay”.

In other words the quality of a report (that has been built on available data) will mainly depend on the decision which has been made (independently) by the implemented events monitoring framework.

Quality in data provides the right picture of the current health level of your IT infrastructure

Therefore the process must ensure that the right event will be collected at the right time. It also should store the events safely in the database management system.

Both requirements are very tough to fulfil, because

  • it is not really obvious to identify in real time whether the current event might be relevant and useful for the “target” purpose and
  • it requires a logical formula to determine instantly the estimated value for each event.

As the database size is strictly limited and it only keeps a limited amount of data for a short period it is very essential to store only those events which will deliver the highest value for the “target” purpose.

It is very important to deal with such primary key questions before one decides to implement an events monitoring solution in his infrastructure; good planning saves both time and money and it also avoids common mistakes and ensures that you build an efficient events monitoring framework in your IT infrastructure.

Database management systems play an important role in events monitoring as they bring the required capacity to store large amount of data, but not all the database management systems are same. They have differences in performance and also in the size of storage. Retrieval of archived data must be easy, fast and safe.

What does the ideal world of a system administrator look like?

I would say that system administrators prefer:

  • a one click instant report that keeps the admin always up-to-date
  • a fully automated system that collects, pre-processes and delivers the right output at the right time
  • a system that learns continuously from previous decisions
  • a system that involves low maintenance and administration duties

In the next and final part of this blog post we’ll look at further events manager solutions to help prevent IT disasters.

Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.

Try free for 30 days