Network Event Management & Metrics | CompTIA Network+ N10-007 | 3.3b

In this video you will learn about network event management, SIEM, SNMP monitors, and network performance metrics such as: bandwidth, throughput, packet drops, error rate, and utilization.

Event Management

Event management is the process that monitors all events that occur through the IT infrastructure.  It allows for normal operations and also detects and escalates exception conditions.  An event can be defined as any detectable or discernible occurrence that has significance for the management of the IT infrastructure or the delivery of IT service and evaluation of the impact a deviation might cause to the services.  Events are typically notifications created by an IT service or monitoring tool.  The purpose of event management is the following:[1]

  • The ability to detect events, investigate and determine the correct control action.
  • The events (warnings & exceptions) can be used to automate many routine activities.
  • Provides mechanisms for early detection of incidents.
  • Some types of automated activities can be monitored by exception, reducing downtime.

SIEM (Security Information & Event Management)

Security information and event management (SIEM) technology supports threat detection, compliance and security incident management through the collection and analysis (both near real time & historical) of security events, as well as a wide variety of other event and contextual data sources.  The core capabilities are a broad scope of log event collection and management, the ability to analyze log events and other data across disparate sources, and operational capabilities (such as incident management, dashboards and reporting).[2]

SNMP (Simple Network Management Protocol) Monitors

SNMP is an Internet standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.  Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, etc.[3]  SNMP is widely used in network management for networking monitoring.  SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB) which describe the system status and configuration.  These variables can then be remotely queried (and in some circumstances, manipulated) by managing applications.[4]

Network Performance Metrics

Network performance monitoring is the process used to track, evaluate and diagnose the performance of a network.  With the variety of devices, technologies and network environments continuing to expand, the definition of optimal performance can vary significantly.  Network performance metrics are the measurable outputs that indicate how the infrastructure and services are operating as a part of short-term and long-term network performance evaluations.  Real-time analysis of these metrics allows teams to identify potential problems on the network and prioritize IT resources and response according to impact.  Over time, network performance metrics support a long-term understanding of end-user demands and help in building and adaptive network that meets future business needs.[5]  Some network performance metrics that you should be aware of are:

  • Bandwidth:  The maximum data transmission rate possible on a network.  For optimal network operations, you want to get as close to your maximum bandwidth as possible without reaching critical levels.  This indicates that your network is sending as much data as it can within a period of time, but isn’t being overloaded.
  • Throughput:  Measures your network actual data transmission rate, which can vary wildly through different areas of your network.  While your network’s bandwidth measures the theoretical limit of data transfer, throughput tells you how much data is actually being sent.  Specifically, throughput measures the percentage of data packets that are successfully being sent; a low throughput means there are a lot of failed or dropped packets that need to be sent again.
  • Packet Drops:  Examines how many data packets are dropped during data transmissions on your network.  The more data packets that are lost, the longer it takes for a data request to be fulfilled.[6] 
  • Error Rate:  The frequency with which errors or noise are introduced into the channel.  Error rate may be measured in terms of erroneous bits received per bits transmitted.[7]
  • Utilization:  Network utilization is the proportion of the current network traffic to the maximum amount of traffic that can be handled.  It indicates the bandwidth consumption in the network.  While high network traffic means that the network is overloaded, low network traffic means that the network is not busy.  If the network load reaches or exceeds the threshold under normal conditions, this will result in low network speed, interruptions, timeouts, etc.  The network load is an indicator of the network utilization.[8]


  1. Event management (ITIL). Wikipedia.
  2. Security Information And Event Management (SIEM). Gartner.
  3. Mauro, D. & Schmidt, K. (2001). Essential SNMP.
  4. Simple Network Management Protocol. Wikipedia.
  5. Network Performance Metrics. Via Visolutions.
  6. Hein, D. (2019, June 27). Network Performance Metrics:  7 Essential Network Metrics to Monitor. Solutions Review.
  7. Error Rate.  Encyclopedia.
  8. What is network utilization? Paessler.