Root cause analysis

Previously, the Root module caused :

• the state of a service is equivalent to the worst state of its dependencies
• the state of a component is provided by an event
  
  

The Root cause feature lets you add algorithms for calculating service and component states. The state or severity of a service can now depend on state calculation rules applied to its dependencies:

There are two types of rules for state calculation algorithms:

1. Dependencies induce states

Which dependency(ies) of the target entity will be responsible for the final state?
If several dependencies are selected by the model, then the worst state of these will be used.

2. A share or number of dependencies of a specific state define the states
In this mode, it is possible to define the state of a service from conditions based on a percentage or number of states of the service’s dependencies.

We could, for example, express the fact that the service will be in condition

• Critical if more than 50% of its dependencies are in critical condition or
• Major if 3 of its outbuildings are in minor condition or
• Minor if 20% of entities are in major state or
• OK if at least 1 dependency is in OK state

From a dependency diagram of this type :

Canopsis can propose a result as follows:

Finally, when no rule applies, the state of the service is equal to the worst state of its dependencies.

Update 2024: The Root cause analysis module will be able to suggest the reason for one or more incidents.

This causality can be determined by two factors:

• The repository
• Manually defined links

For more information on the Root Cause feature, see the Canopsis documentation.