Events and Incidents Comparison Summary Incidents and events have separate but related roles in managing your network.
The key differences between incidents and events are important in understanding how to best manage the information coming into Entuity:
Incident and Event Life Cycles
An event indicates a particular state of an object at the time the event was raised. An incident indicates an ongoing condition on your network with its associated events providing the state updates.
Incidents are usually removed from the system 7 days after they are expired, events are retained by default for 14 days.
Event and Incident Severity Levels
Events have an associated severity level, which is configurable through the Events administration page and also through actions. Incidents inherit the highest severity level of the currently raised event. For example, if an incident is raised by an event with a severity level of Major it has a severity level of Major, if it is updated by an event with the severity level of Critical the incident also inherits the Critical severity level.
Event and Incident Assignment
Incidents you can assign to users, events you cannot.
Event and Incident Annotation
Incidents you can acknowledge, events you cannot.
Pre and Post Storage Processing
In the set up of the Event Management System you can configure processing of incoming events before they are stored in the database, and also after their storage. Processing of incidents occurs after these two event stages. This indicates that incidents are raised only after the intelligence that is built into the Event Management System has been applied, which is why the Incidents dashboard is the best way to see what is happening on your network.