1. Rule Based Event Management
Workshop 2013-03-12 / Version: 1.0.1
markus.schneider73@gmail.com
created with

2. Agenda
➢OpenNMS Activation of Drools
 Complex Correlation Example
 Auto Event Example
 Drools with Groovy Example
 More Information
OUCE 2013 2

3. OpenNMS Activation of Drools
 Drools is part of the correlation engine
 Correlation engine is not activated by default
 Drools needs to be configured
 OpenNMS comes with:
 example Configurations
 example Rules
 OpenNMS uses Drools version: 5.1.1
OUCE 2013 3

4. Runbook
Ready, Steady, Go...
https://gist.github.com/m-schneider
OUCE 2013 4

5. Runbook
Execution Order
1. SETUP YOUR ENV
2. UPDATE OUCE2013 REPOSITORY
3. OPEN THE WEB BROWSER
4. NODE DISCOVERY
5. ACTIVATE DROOLS
6. SIMPLE DROOLS RULE TEST
OUCE 2013 5

6. $> showtime
03/12/13 OUCE 2013 6

7. Agenda
 OpenNMS Activation of Drools
➢Complex Correlation Example
 Auto Event Example
 Drools with Groovy Example
 More Information
OUCE 2013 7

8. Basic Rule Creation Workflow
Edit
Define custom
Create custom eventconf.xml
events in the
event config for including the
event config
custom event cfg
Edit
Define custom
Create custom drools-engine.xml
rules in the
rule file for referencing the
rule file
Custom *.drl file
Restart opennms
OUCE 2013 8

9. Workshop Configuration
(1) Clone Git repository
$> git clone http://www.github.com/
m­schneider/ouce2013
(2) Copy all example configurations and rules
$> cd ./ouce2013/config/opennms/etc
$> sudo cp drools­engine.xml
XzampleRules01.drl
XzampleRules02.drl
$OPENNMS_HOME/etc
$> sudo cp events/Xzample.events.xml
$OPENNMS_HOME/etc/events
OUCE 2013 9

10. Workshop Configuration
(3) Add the following line to the end of eventconf.xml
$> echo
'<event­file>events/Xzample.events.xml
</event­file>' >>
OPENNMS_HOME/etc/eventconf.xml
(4) Restart OpenNMS
$> sudo service opennms restart
OUCE 2013 10

11. File Dependencies
$OPENNMS_HOME/etc
reference Xzample.event
eventconf.xml
.xml All Xzample Events
reference
drools-engine XzampleRules01 Complex Correlation
.xml .drl
Example
XzampleRules02 Auto Event
.drl
Example
OUCE 2013 11

12. Runbook
Execution Order
7. COMPLEX CORRELATION EXAMPLE
 CONFIGURATION
OUCE 2013 12

13. $> showtime
03/12/13 OUCE 2013 13

14. Complex Correlation Example
Symptom Event
CarDirectDown
Problem Event Problem Event
Webserver1 Down Webserver2 Down
Resolution Event
CarDirectUp
Resolution Event Resolution Event
Webserver1 Up Webserver2 Up CarDirect
Events are
created by Drools
OUCE 2013 14

15. Send Event
Grep for Drools log file entries
$> tail ­f $OPENNMS_HOME/logs/daemon/output.log
| grep '­­­>'
$> ./send­event.pl ­n $NODEID ­s Http
­d "webserver1"
­p "subSource webserver1"
­p "source sendevent.pl"
uei.opennms.org/webserver/down ­x 4
OUCE 2013 15

16. Event Sequence
Problem Event
Webserver1 Down
OUCE 2013 16

17. Alarm View
OUCE 2013 17

18. Send Event
$> ./send­event.pl ­n $NODEID ­s Http
­d "webserver2"
­p "subSource webserver2"
­p "source sendevent.pl"
uei.opennms.org/webserver/down ­x 4
OUCE 2013 18

19. Event Sequence
Problem Event Problem Event
Webserver1 Down Webserver2 Down
OUCE 2013 19

20. Alarm View
OUCE 2013 20

21. Event Sequence
Symptom Event
CarDirectDown
Problem Event Problem Event
Webserver1 Down Webserver2 Down
OUCE 2013 21

22. Alarm View
OUCE 2013 22

23. Send Event
$> ./send­event.pl ­n $NODEID ­s Http
­d "webserver1"
­p "subSource webserver1"
­p "source sendevent.pl"
uei.opennms.org/webserver/up ­x 3
OUCE 2013 23

24. Event Sequence
Symptom Event
CarDirectDown
Problem Event Problem Event
Webserver1 Down Webserver2 Down
Resolution Event
CarDirectUp
Resolution Event
Webserver1 Up
OUCE 2013 24

25. Alarm View
OUCE 2013 25

26. Send Event
$> ./send­event.pl ­n $NODEID ­s Http
­d "webserver2"
­p "subSource webserver2"
­p "source sendevent.pl"
uei.opennms.org/webserver/up ­x 3
OUCE 2013 26

27. Complex Correlation Example
Symptom Event
CarDirectDown
Problem Event Problem Event
Webserver1 Down Webserver2 Down
Resolution Event
CarDirectUp
Resolution Event Resolution Event
Webserver1 Up Webserver2 Up
OUCE 2013 27

28. Alarm View
OUCE 2013 28

29. Runbook
Execution Order
7. COMPLEX CORRELATION EXAMPLE
 SEND EVENTS
OUCE 2013 29

30. $> showtime
03/12/13 OUCE 2013 30

31. Agenda
 OpenNMS Activation of Drools
 Complex Correlation Example
➢Auto Event Example
 Drools with Groovy Example
 More Info
OUCE 2013 31

32. Auto Event Example
Created by
Symptom Event Drools timer
…/autoTask/run Rule
Symptom Event Symptom Event
.../droolsTimer/start .../droolsTimer/stop
OUCE 2013 32

33. Auto Event Example
Practical Use Case Scenario
Practical Use Case Scenario
ScriptD triggers
the custom script
every 5 seconds
Custom
Script
Cloud
Drools ScriptD check-
Service
status.
Event groovy
if (status == true)
Drools creates Event
an event every 5 uei.opennms.org/droolsTimer/stop
seconds
OUCE 2013 33

34. Send Event
$> ./send­event.pl ­n $NODEID ­s autoTask
­d "droolsTimer"
­p "subSource drools"
­p "source send­event.pl"
uei.opennms.org/droolsTimer/start ­x 4
OUCE 2013 34

35. Log File
OUCE 2013 35

36. Send Event
$> ./send­event.pl ­n $NODEID ­s autoTask
­d "droolsTimer"
­p "subSource drools"
­p "source send­event.pl"
uei.opennms.org/droolsTimer/stop ­x 4
OUCE 2013 36

37. Alarm View
OUCE 2013 37

38. Runbook
Execution Order
8. AUTO EVENT EXAMPLE
OUCE 2013 38

39. $> showtime
03/12/13 OUCE 2013 39

40. Agenda
 OpenNMS Activation of Drools
 Complex Correlation Example
 Auto Event Example
➢Drools with Groovy Example
 More Information
OUCE 2013 40

41. Knowledge Session Creation
Three main fundamental concepts:
 Knowledge Builder
 Knowledge Base
 Knowledge Session
OUCE 2013 41

42. Knowledge Session Creation
Overview
Step 1
KnowledgeBuilder
KnowledgeBuilder *.drl
Factory
KnowledgeBuilder
KnowledgeBuilder *.drl
Factory
Step 2
KnowledgeBase
KnowledgeBase Knowledge
Knowledge
KnowledgeBase
KnowledgeBase
Factory
Factory Packages
Packages
Stateless Stateful
Step 3
Stateless Stateful
Knowldege
Knowldege Knowldege
Knowldege
Session
Session Session
Session
OUCE 2013 42

43. Knowledge Builder
 Building KnowledgePackage from knowledge definitions
 Knowledge Builder Factory creates Knowledge Builder
 Knowleged definitions are:
 Rules, Processes and Types
 Can add multiple resources of different types:
 DRL, DRF, PKG etc...
 Errors reported by hasErrors & getError method
OUCE 2013 43

44. Knowledge Builder
KnowledgeBuilder kbuilder =
KnowledgeBuilderFactory.newKnowledgeBuilder()
kbuilder.add(
ResourceFactory.newClassPathResource("rules.drl"),
ResourceType.DRL);
if ( kbuilder.hasErrors() ) {
println( kbuilder.getErrors().toString() )
throw new RuntimeException( "Unable to
compile "rules.drl"." )
}
KnowledgeBuilder
Step 1
KnowledgeBuilder KnowledgeBuilder *.drl
*.drl
Factory KnowledgeBuilder
Factory
OUCE 2013 44

45. Knowledge Base
 Main purpose is to store and reuse knowledge definitions
 Creation of Knowledge Base is expensive
 Provides methods for creating knowledge sessions
 Maintains a reference to all of the created knowledge
sessions
 Knowledge Base can be reused instead of creating a new
one every time
OUCE 2013 45

46. Knowledge Base
KnowledgeBase kbase =
KnowledgeBaseFactory.newKnowledgeBase()
kbase.addKnowledgePackages(
kbuilder.getKnowledgePackages())
Step 2
KnowledgeBase
KnowledgeBase Knowledge
Knowledge
KnowledgeBase
KnowledgeBase
Factory
Factory Packages
Packages
OUCE 2013 46

47. Knowledge Session
Stateless Session
 Doesn't maintain the context between one
interaction and the next one
 Doesn't keep information from previous calls
Stateful Session
 Keeps the information from several calls and
interactions
 Previous calls can be used to add and enrich
the information we already have
OUCE 2013 47

48. Knowledge Session
StatefulKnowledgeSession ksession =
kbase.newStatefulKnowledgeSession()
Event event = new Event(uei:"uei.opennms.org/
webserver/down",
severity:6,
priority:2,
message:"webserver1 not available")
ksession.insert( event )
ksession.fireAllRules()
Step 3
Stateless
Stateless Stateful
Stateful
Knowldege
Knowldege Knowldege
Knowldege
Session
Session Session
Session
OUCE 2013 48

49. Drools with Groovy
(1) Go to the cloned Git repository
$> cd ~/ouce2013/groovy/non­gradle
$> ./change­rules.sh
OUCE 2013 49

50. Drools with Groovy
(2) Program Files
$> cd ~/ouce2013/groovy/non­gradle/change­
rules/src/org/xzample/drools
OUCE 2013 50

51. Runbook
Execution Order
9. DROOLS WITH GROOVY
OUCE 2013 51

52. $> showtime
03/12/13 OUCE 2013 52

53. Agenda
 OpenNMS Activation of Drools
 Complex Correlation Example
 Auto Event Example
 Drools with Groovy Example
➢More Information
OUCE 2013 53

54. More Info
Workshop Slides
 http://de.slideshare.net/mschneider73/OUCE2013-RBEM-WS
GitHub
 https://gist.github.com/m-schneider/5143591#file-ouce2013-rbem-ws-runbook
OpenNMS
 http://www.opennms.org/documentation/java-apidocs-stable/
 http://www.opennms.org/documentation/java-apidocs-
stable/org/opennms/netmgt/xml/event/Event.html
 http://www.opennms.org/documentation/java-apidocs-
stable/org/opennms/netmgt/model/events/EventBuilder.html
 http://opennms.git.sourceforge.net/git/gitweb.cgi?
p=opennms/opennms;a=tree;f=opennms-correlation/drools-correlation-
engine/src/main/java/org/opennms/netmgt/correlation/drools;h=aaffefdf28ac3f
e585cbab4db41b45f118ab85d9;hb=HEAD
OUCE 2013 54

55. More Info
Groovy
 http://groovy.codehaus.org/
 http://groovy.codehaus.org/Getting+Started+Guide
OUCE 2013 55

56. Comments & Questions
Thank you for your attention
Contact details:
markus.schneider73@gmail.com
www.rapideca.org
03/12/13 OUCE 2013 56