This documentation supports BMC Helix AIOps till November 2021. To view other versions of the documentation, select a version from the Product version menu.

Event noise reduction indicator for prioritized triage and remediation


Event noise is the term used to describe the hundreds of hourly and daily notifications and alarms (eg: CPU utilization, memory utilization, end user response time) delivered by monitoring systems to IT Ops teams to show the health and performance of infrastructure and applications across their IT environment. Event noise reduction involves reducing the event storm by combining multiple matching events into a single aggregated event. Event noise reduction enables you to perform prioritized triage and remediation.


What is the source of events considered for event noise reduction?

To compute the event noise reduction value, BMC Helix AIOps considers ML-based aggregated events, which are derived by using AI/ML algorithms. For more information, see ML-based-situations.

You can view the noise reduction value in percentage and its trend on the Overview page as shown in the following example:

noise_reduction.png

Event noise reduction computation

The following computation is used to derive the noise reduction value in percentage.

Noise reduction computation

noiseReduction(%) = ((secondaryEvents-primaryEvents)/totalEvents)*100)

Example

Consider the following example to understand how the noise reduction value is computed:

Total number of primary events in the system (primaryEvents) = 4

Total number of secondary events in the system (secondaryEvents) = 20

Total number of other events in the system (otherEvents) = 40

Total number of events in the system (totalEvents = primaryEvents + secondaryEvents + otherEvents) = 64

Noise reduction in percentage = ((20-4)/64)*100 = 25% 

What are primary and secondary events?

Primary events

A primary event is an aggregated event derived from several matching events. For example, you can derive a single event from the secondary events listed in the following example:

The host1.bmc.com host is shutting down

Secondary events

Secondary events are a set of matching events that can be combined to create a single aggregated event. For example, if the host1.bmc.com host is shut down, you may receive several events originating from that host as shown in the following example:

Secondary events

Primary event

application1 is shutting down

The host1.bmc.com host is shutting down

stopped application2

Unable to authenticate application3

Unable to open application5


Total events

Sum of primary, secondary, and other events.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*