Computer systems, such as servers and desktop personal computers, are expected to operate without constant monitoring. These computer systems typically perform various tasks without the user's knowledge. When performing these tasks, the computer system often encounters events that require a particular action (such as logging the event, generating an alert for a particular system or application, or performing an action in response to the event). Various mechanisms are available to handle these events.
A computing enterprise typically includes one or more networks, services, and systems that exchange data and other information with one another. The enterprise may include one or more security mechanisms to safeguard data and authenticate users and may utilize one or more different data transmission protocols. At any particular time, one or more networks, services or systems may be down (e.g., powered down or disconnected from one or more networks). Networks, services or systems can be down for scheduled maintenance, upgrades, overload or failure. Application programs attempting to obtain event data must contend with the various networks, services, and systems in the enterprise when they are down. Additionally, application programs must contend with the security and network topology limitations of the enterprise as well as the various protocols used in the enterprise.
A typical computing environment includes multiple event consumers (i.e., applications and other routines that use various event data generated by one or more event sources or event providers). These event consumers are typically implemented by network administrators or other individuals responsible for the operation of the computing environment. An administrator generally implements many different event consumers to properly handle the various events generated throughout the computing environment. A particular administrator may be responsible for a portion of the computing environment, such as the computing devices in a particular building or the computing devices associated with a particular department in an organization. Different administrators may implement duplicate (or substantially similar) event consumers stored in different portions of the computing environment. The creation of duplicate event consumers is wasteful of the administrators' time and wastes storage space by storing redundant event consumers.
The system and method described herein addresses these limitations by providing a standard set of event consumers for handling various common events (i.e., events that are likely to be handled by multiple administrators). The system and method described herein also provides a standard schema that allows event consumers to use event data without requiring knowledge of the source of the event data.