Baseline

What Is Baseline In Incident Management

A baseline is a documented, normal state of system performance, security, or operations that serves as a reference point for comparison. In incident management, baselines help teams quickly identify abnormal conditions that might indicate an incident is occurring or about to occur.

Why Is Baseline Important In Incident Management

Baselines provide objective criteria for detecting incidents early. They help reduce false alarms by distinguishing between normal variations and actual problems. With proper baselines, teams can identify subtle changes in system behavior that might indicate security breaches or impending failures.

Example Of Baseline In Incident Management

A DevOps team establishes that their e-commerce platform typically handles 1,000 requests per minute with 200ms response time during normal operations. When monitoring shows sustained traffic at 1,500 requests with 500ms response times, it triggers an alert because it exceeds the established baseline parameters.

How To Create Baseline In Incident Management

• Collect performance and operational data during normal conditions
• Document typical patterns including seasonal or time-based variations
• Set thresholds for metrics that indicate potential incidents
• Implement monitoring tools that compare current state to baselines
• Review and update baselines regularly as systems change

Best Practices

• Create separate baselines for different operating conditions (peak hours, maintenance periods)
• Include both technical and business metrics in your baselines