This invention pertains to computers and other information technology systems and, more particularly, to monitoring and managing events in such systems.
An event occurs when something significant happens in an information technology (IT) system. For example, an event may be a business event, such as an application processing a new client order, or a system based event, such as a failure occurring in a critical part of the system.
An event infrastructure provides the runtime environment to persistently store and retrieve events from many different programming environments. An application creates an event object whenever something happens that either should be recorded for later analysis, or which may require additional work to be triggered.
An event infrastructure can be a shared component, for example, inside or outside a WebSphere Application Server (WebSphere is a trade mark of International Business Machines Corporation). The infrastructure provides means to store, update and distribute events to event consumers, for example, by categorising events by topics.
The Common Base Event model is a standard defining a common representation of events that is intended for use by enterprise management and business applications. This standard, developed by the IBM Autonomic Computing Architecture Board, provides a consistent unified format for the creation, transmission, persistence and distribution of a wide range of business, system and network events. The standard uses a common XML-based format, making it possible to correlate different types of events that originate from different applications.
There are a number of existing infrastructures for managing events (e.g. product trace, operating system debug trace, Tivoli TEC). These events are typically used to collect and report on error situations within the IT infrastructure. Event points can normally be activated or deactivated to determine which events should be recorded.
To simplify the administration of these points, the product or operating system can also group points together. Different techniques are used to group related events. For example, one option is for a product to group events by component. Another option is to arrange events in a hierarchy; grouping is then by level within the hierarchy. Yet another alternative is for the user to define a group and then manually associate known trace points with the group.
The problem with defining groups is how to manage them when they need updating to add new event points or to remove event points. These additions may be of a permanent or temporary nature. Apart from updating groups with required changes, one solution to this is to define multiple groups that are very similar, but have entries added or removed to produce the required pattern. Then, the appropriate group is used when the event logging is activated. This is difficult to manage.