An expression is code that contains custom logic that can be added
to a rule. Expressions can also access code that is external to the Active
Correlation Technology engine. In the rule language, expressions are valid
only within specific contexts, or rule language elements.
Rule writers can code expressions for different purposes depending on the
context and on the result that they want to obtain. Expressions are frequently
used for the initialization of variables, the definition of event selection
criteria, and the specification of rule response and life cycle actions.
Language elements that contain expressions
Each
language element that contains an expression has an expressionLanguage attribute
that identifies the programming language in which the expression is written.
The Java™ programming
language is the only supported expression language.
Expressions can
be contained within the following rule language elements.
- <varInitializer> for a rule set, rule block, or rule variable
- <filteringPredicate> on <eventSelector>
- <computedValue> on <groupingKey>
- <computeFunction> on a computation rule
- <booleanThreshold> on a threshold rule
- <computedThreshold> on a threshold rule
- Rule response actions for a rule:
- <action> within <onDetection>. This action is valid only for the
duplicate, filter, sequence, and threshold rules.
- <action> within <onNextEvent>. This action is valid only for the
duplicate rule.
- <action> within <onTimeOut>. This action is valid only for the sequence
and threshold rules.
- <action> within <onTimeWindowComplete>. This action is valid only
for the collection, computation, duplicate, and timer rules.
- Life cycle actions for a rule:
- <action> within <onLoad>
- <action> within <onActivation>
- <action> within <onDeactivation>
- <action> within <onUnload>
What the Active Correlation Technology provides to help in
coding expressions
To help a rule writer in coding expressions,
the Active Correlation Technology provides the capability to do the following:
- Import external modules (such as Java classes) and objects for use in expressions.
- Initialize and access rule set, rule block, or rule variables.
- Through the act_event variable, access the current event that a rule is
processing.
- Through the act_eventCount variable, access the number of events that
have been accepted by a rule.
- Through the act_eventList variable, access the list of events that have
been accepted by a rule. This includes the capability to access various attributes
of an event and to access each event in a sequence rule by its alias name.
- Through the act_lib variable, access methods that include the capability
to get and set variables and to control event flow through a rule set.
- Through the act_location variable, access the location, within the rule
hierarchy, of an expression.
- Through the act_nodeName variable, access the fully qualified name of
a node.
- Through the act_threshold variable, access the defined threshold value
for a threshold rule.