Common Base Event model

The Log and Trace Analyzer maps the currently supported proprietary log formats into a common event model called Common Base Event. This allows the analyzer to use a common format for any log records from any supported proprietary log files. The parsers provided with the Log and Trace Analyzer map the log records from their current output format to this common model.

An event, which is the occurrence of an situation, can take a variety of forms. These forms include business, autonomic, management, tracing and logging events. Events encapsulate message data and are therefore the foundation on which complex distributed systems operate. Data elements of these events need to be in a consistent format to enable correlation and to facilitate the effective intercommunication among disparate enterprise applications in such systems.

The Common Base Event model is the new standard for events among the different types of distributed applications. This standard proposes consistency of data elements that comprise these events, both in the elements themselves and in their format.

The Common Base Event definition ensures completeness of the data by providing properties to publish general information, which is collectively referred to as the 3-tuple, whenever a situation occurs.

The following elements constitute the 3-tuple:

  1. The identification of the component that is reporting the situation
  2. The identification of the component that is affected by the situation (which may be the same as the component reporting the situation)
  3. The situation itself

Related reference
Common Base Event format specification
Logging utility support

Related tasks
Exporting a log or correlation to a Common Base Event XML file