A sequence rule is defined by the sequence pattern. It detects
whether a certain sequence of events arrives within a time interval. The sequence
can be ordered or random. A sequence rule is a stateful rule.
Overview
The sequence pattern checks for a sequence
of events over a period of time, and it detects whether the sequence is complete
or incomplete. An incomplete sequence is one that includes one or more of
the events in the specified sequence but not all of them.
The time period
is indicated by a mandatory time window, as defined by the <timeWindow>
element in the rule language. Each event in the sequence is defined by a separate <eventSelector>
element within the rule. The sequence of events can be detected in either
of the following orders:
- In the order in which the <eventSelector> elements are coded for the
rule. In this case, when the rule detects the event that is defined by the
first <eventSelector> element, the detection of the sequence is started.
The rule now awaits the event that is defined by the second <eventSelector>
element.
- In random order. In this case, when the rule detects any one of the events
that are defined by the <eventSelector> elements, the detection of the
sequence is started. The rule now awaits another one of the events that are
defined by the <eventSelector> elements.
The sequence pattern is different from other rule patterns in
the following primary ways:
- It has multiple <eventSelector> elements for defining which events
are accepted by the rule. It requires a minimum of two <eventSelector>
elements.
- When an event meets the criteria that is defined by one of the <eventSelector>
elements, that <eventSelector> element is excluded from further event processing
within that rule instance.
- The alias attribute on the <eventSelector> element is valid only within
a sequence rule, and it uniquely names an event that is selected by a certain
event selector in the sequence rule. In an expression within a filtering predicate
or action, you can use the act_eventList variable to access an event in a
sequence rule by its alias name.
Example usage of this rule pattern
Scenario that illustrates detection of complete sequence:
Assume that in an IT environment, an administrator wants
to know whether the value of the DB2
® heap size is affecting the WebSphere
® Application
Server, and if so, to correct this problem. Therefore, if the following events
occur in the following order during a specified time period, the administrator
wants to increase the value of the DB2 heap size and restart the database manager:
- A WebSphere Application
Server resource allocation exception. Assume this is an event of type WASResourceAllocationException.
- The DB2 error
message that states: "Not enough heap to process statement". Assume this
is an event of type DB2NotEnoughHeap.
For this scenario, two <eventSelector> elements are defined
in a sequence rule, and the events must arrive in the order in which the <eventSelector>
elements are coded (rather than in random order). The first <eventSelector>
element is checking for the event
WASResourceAllocationException,
and the second <eventSelector> element is checking for the event
DB2NotEnoughHeap.
Assume that the following events are presented to the system within the specified
time window:
- WASResourceAllocationException
- DB2BackupStarted
- WASResourceAllocationException
- WASResourceAllocationException
- DB2NotEnoughHeap
The rule behavior is as follows:
- The first event, WASResourceAllocationException, is accepted.
Because the criteria for the first <eventSelector> element has been met,
the first <eventSelector> element is now excluded from further event processing
within this rule.
- The second event, DB2BackupStarted, is ignored.
- The third event, WASResourceAllocationException, is ignored.
- The fourth event, WASResourceAllocationException, is
ignored.
- The fifth event, DB2NotEnoughHeap, is accepted, and it
completes the sequence. The <onDetection> rule response action runs. This
action is defined to increase the value of the DB2 heap size and restart the database manager.
The rule returns to its initial state.
The first <eventSelector> element
is now included in future event processing by this rule.
Scenario that illustrates detection of incomplete sequence:
Assume that a business organization wants to have all
customer orders ready for delivery within 1 hour of the order request and
wants to know when this does not occur.
For this scenario, two <eventSelector>
elements are defined in a sequence rule, and the events must arrive in the
order in which the <eventSelector> elements are coded (rather than in random
order). The first <eventSelector> element is checking for the event
Netsales with
operationType=Order,
and the second <eventSelector> element is checking for the event
Netsales with
operationType=Delivery.
Assume that the following events are presented to the system within the specified
time window of 1 hour:
- A Netsales event with operationType=Order
- A Netsales event with operationType=Order
The rule behavior is as follows:
- The first event is accepted. Because the criteria for the first <eventSelector>
element has been met, the first <eventSelector> element is now excluded
from further event processing within this rule.
- The second event is ignored.
- Because a Netsales event with operationType=Delivery is
not received within the specified time window, the <onTimeOut> rule response
action runs. This action is defined to notify a business executive that a
customer order is not ready for delivery within 1 hour of the order request.
The rule returns to its initial state.
The first <eventSelector> element
is now included in future event processing by this rule.