Root cause analysis

Before the Root cause analysis:

• the state of a service is equivalent to the worst state of its dependencies
• the state of a component is provided by an event
  
  

The Root cause analysis feature lets you add state compute method for calculating service and component states. The state or severity of a service depends on state calculation rules that apply to its dependencies:

When no rule applies, the state of the service is the worst state of its dependencies.

The rules of state compute method can be of two types:

1. State is inherited from dependencies

Which dependency(ies) of the target entity will be responsible for the final state?
If several dependencies are selected by the model, then the worst state of these will be used.

2. The state is defined by a share or number of dependencies of a specific state.
In this mode, it is possible to define the state of a service using conditions based on a percentage or number of states of the service’s dependencies.

We could, for example, express the fact that the service will be in condition

• Critical if more than 50% of its dependencies are in critical condition or
• Major if 3 of its outbuildings are in minor condition or
• Minor if 20% of entities are in major state or
• OK if at least 1 dependency is in OK state
  
  

From a dependency diagram of this type :

Canopsis can propose a result as follows:

Update 2024: The Root cause analysis module will be able to suggest the reason for one or more incidents.

This causality can be determined by:

• The repository
• Manually defined links
  
  

For more information on Root cause analysis, please refer to the Canopsis documentation.