Home Red Hat Green-lights a Behavior Modeling Platform for JBoss

Red Hat Green-lights a Behavior Modeling Platform for JBoss

In a large organization, no single IT staffer will be able to observe all the millions of system events and glean from them a pattern worth paying attention to. It’s a problem with the level of knowledge decreasing in proportion to the rising amount of data.

Back in 2007, Red Hat joined an effort to craft a system for automating the process of detecting actionable patterns from huge amounts of system data. Maybe one human being can’t detect the patterns in a trillion data points, but a rules engine could. This rules engine is called Complex Event Processing (CEP). Last week, the company announced it’s ready to integrate the results of its work into its business rules engine, JBoss Enterprise BRMS 5.2.

CEP forms the backbone of an open source project called Drools. Its vision is to enable an understanding of what’s happening in a system on a very large scale, and to enact rules and processes in reaction to those occurrences. The developers of CEP understand that system events in and of themselves say nothing of relevance, but a rule processing system – perhaps using procedural logic, maybe even neural networking – can at least give them handles with which they may be addressed. And with those handles, broader rules may be written using a language based around Java, called Drools Fusion.

“CEP deals with complex events. A complex event is a set of simple events. For example, a sequence of large withdrawals may raise a suspicious transaction event,” explains author Michael Bali, in his book Drools JBoss Rules 5.0. “The simple events are considered to infer that a complex event has occurred.”

Simple events are the sort recorded in logs all the time; complex events are more the type that responds to rules, using the simple events as arguments. Bali offers some examples related to a fraud detection system. Here, transactions such as withdrawals are considered complex events – they require a chain of simple events to complete. Suppose a chain of three or more withdrawal transactions took place within a three-minute period, and the sum of those withdrawals constituted more than 90% of the account holder’s 30-day moving average balance. That chain of events should raise an alarm, so Drools Fusion can be applied to the task of stating how the system should respond.

Rules in Drools Fusion look… kinda like Java. Each rule is a module, the simplest of which is divided into two clauses. The when clause lists all the conditions upon which the rule is invoked, in separate lines. All of the conditions here must prove true. The then clause gives the procedural code for the response, often in the form of calls to Java methods.

This example is a clip of a screenshot from the familiar Eclipse environment, showing an example formation of an event that updates a database’s entry for a stock price.

Drools documentation insists upon referring to events as “first-class citizens,” treating them as the principal indicator of states of change in any system. The rules processing engine processes these events in parallel. Then Drools Fusion specifies how the system should respond to events, as well as to the strange absence of any events.

As Drools Fusion documentation on JBoss.org reads, “The same way in that it is necessary to model rules and processes that react to the presence of events, it is necessary to model rules and processes that react to the absence of events. Example: ‘If the temperature goes over the threshold and no contention measure is taken within 10 seconds, then sound the alarm.’ Drools Fusion leverages on the capabilities of the Drools Expert engine, allowing it complete and flexible reasoning over the absence of events, including the transparent delaying of rules in case of events that require a waiting period before firing the absence.”

JBoss veteran developers are already familiar with Drools over the past four years of work. But now, support in Enterprise BRMS 5.2 will take it out of the gestation phase, and into the main front end used by business managers and COOs.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.