This documentation supports BMC Helix AIOps till November 2021. To view other versions of the documentation, select a version from the Product version menu.

Event noise reduction indicator for prioritized triage and remediation

Event noise is the term used to describe the hundreds of hourly and daily notifications and alarms (eg: CPU utilization, memory utilization, end user response time) delivered by monitoring systems to IT Ops teams to show the health and performance of infrastructure and applications across their IT environment. Event noise reduction involves reducing the event storm by combining multiple matching events into a single aggregated event. Event noise reduction enables you to perform prioritized triage and remediation.


What is the source of events considered for event noise reduction?

To compute the event noise reduction value, BMC Helix AIOps considers ML-based aggregated events, which are derived by using AI/ML algorithms. For more information, see ML-based situations.

You can view the noise reduction value in percentage and its trend on the Overview page as shown in the following example:

Event noise reduction computation

The following computation is used to derive the noise reduction value in percentage.

Noise reduction computation

noiseReduction(%) = ((secondaryEvents-primaryEvents)/totalEvents)*100)

Example

Consider the following example to understand how the noise reduction value is computed:

Total number of primary events in the system (primaryEvents) = 4

Total number of secondary events in the system (secondaryEvents) = 20

Total number of other events in the system (otherEvents) = 40

Total number of events in the system (totalEvents = primaryEvents + secondaryEvents + otherEvents) = 64

Noise reduction in percentage = ((20-4)/64)*100 = 25% 

What are primary and secondary events?

Primary events

A primary event is an aggregated event derived from several matching events. For example, you can derive a single event from the secondary events listed in the following example:

The host1.bmc.com host is shutting down

Secondary events

Secondary events are a set of matching events that can be combined to create a single aggregated event. For example, if the host1.bmc.com host is shut down, you may receive several events originating from that host as shown in the following example:

Secondary eventsPrimary event

application1 is shutting down

The host1.bmc.com host is shutting down

stopped application2

Unable to authenticate application3
Unable to open application5


Total events

Sum of primary, secondary, and other events.

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Alexis Bernard

    What are "other events"? How would an event be categorized as secondary vs other ?

    Oct 19, 2022 01:33
    1. Harihara Subramanian

      Hello Alexis Bernard,

      Can you refer to the latest version of the page that contains additional explanation added in recent times? See the link below. Please do let us know.

      Event noise reduction indicator for prioritized triage and remediation

      Oct 20, 2022 08:26
      1. Alexis Bernard

        Thank you. For some reason that info is not yet available in the "current release" page of the doc but shows up in 22.4 version

        Oct 20, 2022 09:30