| Subject: |
RE: [TME10][TEC] Tec predicate similar to perl split |
I messed up the cut and paste:
The re_matches in the first example should be:
re_match(re_1,_msg,1,_re_date),
re_match(re_1,_msg,2,_re_time),
re_match(re_1,_msg,3,_re_host),
re_match(re_1,_msg,4,_re_path),
re_match(re_1,_msg,5,_re_app),
re_match(re_1,_msg,6,_re_data)
-----Original Message-----
From: Blankenship, I.V. (Contractor)
[mailto:BlankenI-kfCVbGkJtQ75oiiGuJUvLw@public.gmane.org]
Sent: Thursday, July 29, 2004 9:08 AM
To: 'tme10-XtjxT7Vmt5b1ENwx4SLHqw@public.gmane.org'
Subject: RE: [tme10] [TME10][TEC] Tec predicate similar to perl split
I am surprised that old TEC 3.6 stuff is still floating around ;-)
I think that the re_* regular expression predicates provided since 3.7 will
work better and with less overhead.
For the specific problem in the original post this should work:
reception_action: tec_start_action:
(
% Date time host path
app data
re_create(re_1,'^\s*([^\|]+)\s*\|\s*([^\|]+)\s*\|\s*([^\|]+)\s*\|\s*([^\|]+)
\s*\|\s*([^\|]+)\s*\|\s*(.+)$'),
)
In the processing rule I assume that the msg slot will be split:
action: split_msg:
(
re_match(re_1,_msg,1,_re_date),
re_match(re_2,_msg,1,_re_time),
re_match(re_3,_msg,1,_re_host),
re_match(re_4,_msg,1,_re_path),
re_match(re_5,_msg,1,_re_app),
re_match(re_6,_msg,1,_re_data)
)
If I wanted to make a more generic predicate that worked along the lines of
the perl split I could do something such as this:
Step 1 - define the Prolog rules to split the string:
split(_regex_id,_string,_list) :-
atom(regex_id),atom(_string),
re_split(_regex_id,_string,_list),!.
re_split(_regex_id,_string,_list) :-
re_before_match(_regex_id,_string,_element),
(re_after_match(_regex,_id_string,_rest) ->
(re_split(_regex_id,_rest,_working),!);_working=[]),
_list=[_element|_working].
re_split(_,_string,[_string]).
Step 2 - setup regular expression and processing rule:
reception_action: tec_start_action:
(
re_create(re_1,'\s*\|\s*'),
)
action: split_msg:
(
split(re_1,_msg,[_re_date,_re_time,re_path,_re_app,_re_data])
)
I have not tested the code listed above so it may need some tweaking.
-----Original Message-----
From: kdamundson-s5q6fvC1XT8@public.gmane.org
[mailto:kdamundson-s5q6fvC1XT8@public.gmane.org]
Sent: Thursday, July 29, 2004 7:05 AM
To: tme10-XtjxT7Vmt5b1ENwx4SLHqw@public.gmane.org
Subject: Re: [tme10] [TME10][TEC] Tec predicate similar to perl split
I have not been around for the last couple of days so this may have been
answered already. Anyway, here is I.V.'s original predicate for splitting a
string. At the moment, I cannot find his upgraded, more efficient version.
reception_action: split_atom:
(
assert((
split_atom(ATOM,DELIM,_LIST) :-
nonvar(ATOM),nonvar(DELIM),var(LIST),
name(ATOM,_codes),
name(DELIM,_list),
[_delim|[]]=_list,
re_split_atom(_codes,_delim,[],_working),!,
_LIST=_working
)),
assert((
re_split_atom([],_,[],_WORKING):- _WORKING=[]
)),
assert((
re_split_atom([],_,CURRENT,_WORKING) :-
name(_current,CURRENT),
_WORKING=[_current]
)),
assert((
re_split_atom([DELIM|Y],DELIM,[],_WORKING) :-
re_split_atom(Y,DELIM,[],_WORKING),!
)),
assert((
re_split_atom([DELIM|Y],DELIM,CURRENT,_WORKING) :-
re_split_atom(Y,DELIM,[],_working),!,
name(_current,CURRENT),
_WORKING=[_current|_working]
)),
assert((
re_split_atom([X|Y],DELIM,[],_WORKING) :-
re_split_atom(Y,DELIM,[X],_WORKING),!
)),
assert((
re_split_atom([X|Y],DELIM,CURRENT,_WORKING) :-
append(CURRENT,[X],_current),
re_split_atom(Y,DELIM,_current,_working),!,
_WORKING=_working
))
),
Kyle Amundson
3M Tivoli Group
224-3W-17
Phone: 651-575-1906
Fax: 651-736-3125
john_willis@gulfso
ft.com To:
tme10-XtjxT7Vmt5b1ENwx4SLHqw@public.gmane.org
Sent by: cc:
owner-tme10@lists. Subject: Re: [tme10]
[TME10][TEC] Tec predicate similar to perl split
us.ibm.com
07/29/2004 05:20
AM
Please respond to
tme10
Look at the re_create and re_match predicates.
Jim Sander did an article on RegEx predicates in this newsletter:
http://www.gulfsoft.com/downloads/GBF_Newsv1_3.pdf
John Willis
Gulf Breeze Software
www.gulfsoft.com
Quoting "Haynes Ian (UK)" <Ian.Haynes-Y6CAZcWkoHo@public.gmane.org>:
> List
>
>
>
> Does anyone know of a tec predicate similar in functionality to the perl
> split function.
>
>
>
> I have slot which is pipe "|" delimited and would like to split it up int
to
> its 6 constituent parts
>
>
>
> Ie
>
>
>
> Date|time|host|path|application|data
>
>
>
> The information is not always the same length so I need to be able to
split
> the slot at the | symbol and put the data into a variable
>
>
>
>
>
> Many thanks
>
>
>
> Ian Haynes
Use the -f option to specify a config file. This file should be an EIF compliant
configuration file so you can use the BufEvtPath=pathname
keyword to specify a cache file.
Check out the
tec 3.9 rule builder's guide for the resolve_time predicate:
get_local_time(_tm),
resolve_time(_tm,_sec,_min,_hour,_dom,_mon,_year,_dow,_doy,_dst),
_decimal_time
is _hour + ((_min+(_sec/60))/60) ,
((_decimal_time
>= 10.0,_decimal_time <12.0) -> do_this;
((_decimal_time
>= 14.0,_decimal_time <16.0)->do_that ;true))
Hello list
I have written rules in the
past to do this [ignore syntax - I am just using examples]:
If "string1" do this
Else if "string2" do that
Can I do something more intelligent,
like:
If "timeframe 10 am to 12
pm" do this
Else if "timeframe 2 pm to 4
pm" do that
And so on
Thanks much
Alex Atakov, Tivoli
Certified Consultant
Systems Monitoring & Client
Support, John Hancock
Service Delivery Center
Northeast
IBM Global Services
Phone: 617-572-9062
aatakov@us.ibm.com
|
RE: [TEC] Refreshing the Rules cache
| Subject: |
RE: [TEC] Refreshing the Rules cache |
Thanks for the detailed explanation of these predicates. Apart from a reference
to them in a rule example in a redbook I could not find any info on them.
We are experiencing some problems with tec at the moment. In our investigation
we noticed the following behaviour:
1) I closed all current Events a specific class, lets call it joeclass, in the
TEC.
2) A new joeclass Event came in
3) Our dup detect rule ran and even though there were no open events in the
repository, the first_duplicate predicate matched an existing event, even
though there is a "status: outside [ 'CLOSED' ]" clause on the rule.
4) I bounced the TEC and replayed the event. The event was successfully entered
into the repository.
I was just wondering if a scheduled refresh of the cache, without restarting
the tec server as described above, is something that is used, and might solve
this problem.
Cheers
Joe
-----Original Message-----
From: owner-tme10@lists.us.ibm.com
[mailto:owner-tme10@lists.us.ibm.com]On Behalf Of Blankenship, I.V.
(Contractor)
Sent: 11 March 2005 13:51
To: 'tme10@lists.us.ibm.com'
Subject: RE: [tme10] [TEC] Refreshing the Rules cache
The save_event_cache predicate dumps the event cache to a flat BAROC file.
This file is formatted similarly to a BAROC class definition file but does
have some differences.
CLASS_NAME ;
SLOT_NAME =
SLOT_VALUE;
.
.
.
END
.
.
.
The restore_event_cache predicate calls bo_parse_baroc_file/2 to read the
file and add the instances to the event cache. Both save and restore
predicates call get_config_param to read the your
$BINDIR/TME/TEC/.tec_config file for the event_cache_file parameter and will
only work if that parameter is defined. To dump your cache to an arbitrary
file you can use print_cache(FILENAME). To read from any BAROC file do
something like this:
bo_get_config_options(_old_quote,_old_parse_in,_old_parse_out),
bo_set_config_options(_old_quote,0,_old_parse_out),
bo_parse_baroc_file(FILENAME,add_to_cache),
bo_set_config_options(_old_quote,_old_parse_in,_old_parse_out),
If you wanted to "reload" the event cache I suppose you could write a
program or perl script to read from the event repository to build a BAROC
file, iterate through all instances of events in your cache and remove them
with bo_delete_instance/1 and then call bo_parse_baroc_file/2 to reload the
events.
The real question is not "can you" (there is almost always a way...) but
"why would you need to?" Are you experiencing problem where you events in
cache are out of sync with your repository as a result of forced cache
cleaning? If so you would be better off implementing better duplicate detect
rules, drop and or close irrelevant events, and increase your event cache
size.
-----Original Message-----
From: john willis [mailto:john_willis@gulfsoft.com]
Sent: Friday, March 11, 2005 6:38 AM
To: tme10@lists.us.ibm.com
Subject: RE: [tme10] [TEC] Refreshing the Rules cache
The undocumented predicates I saw in a flisting output were
save_event_cache and restore_event_cache. My guess is they are used in
the non-tme TEC. Other than that I think you are going to have to
wait till I.V. checks in.
John Willis
Gulf Breeze Software
www.gulfsoft.com
OpenESM Project
www.sourceforge.net/projects/gulfsoft
-----Original Message-----
From: owner-tme10@lists.us.ibm.com [mailto:owner-tme10@lists.us.ibm.com]
On Behalf Of Moran, Joseph
Sent: Friday, March 11, 2005 6:27 AM
To: tme10@lists.us.ibm.com
Subject: RE: [tme10] [TEC] Refreshing the Rules cache
John,
Thanks for the explanation of the rules cache update process.
I don't suppose you, or anyone on the list, know any of these
undocumented predicates, that you mentioned so I can search for them,
and take a look?
Regards,
Joe
-----Original Message-----
From: owner-tme10@lists.us.ibm.com
[mailto:owner-tme10@lists.us.ibm.com]On Behalf Of john willis
Sent: 11 March 2005 10:55
To: tme10@lists.us.ibm.com
Subject: RE: [tme10] [TEC] Refreshing the Rules cache
>Has anyone got a method to refresh the rules cache without restarting
the >tec?
I don't believe there is a documented way to do this. There are some
undocumented predicates but I am not brave enough try them.
>Also when an event slot is modified (closed on the console for example)
>what is the process that is triggered in order to update that event in
the >Cache, from the event in the event repository?
It kinds of works the other way around. First the requested change is
queued for the TEC_Rule process. TEC_Rule then processes the change
against the change_rules. If the change is not dropped the rules cache
copy is updated and a request is sent to the TEC_Dispatch to request an
update of the event in the event repository.
John Willis
Gulf Breeze Software
www.gulfsoft.com
OpenESM Project
www.sourceforge.net/projects/gulfsoft
-----Original Message-----
From: owner-tme10@lists.us.ibm.com [mailto:owner-tme10@lists.us.ibm.com]
On Behalf Of Moran, Joseph
Sent: Friday, March 11, 2005 5:29 AM
To: tme10@lists.us.ibm.com
Subject: [tme10] [TEC] Refreshing the Rules cache
Hello list,
Has anyone got a method to refresh the rules cache without restarting
the tec?
Also when an event slot is modified (closed on the console for example)
what is the process that is triggered in order to update that event in
the Cache, from the event in the event repository?
Thanks in advance,
Joseph Moran
|
Copyright © 1996-2008 by Dr. Nikolai Bezroukov.
www.softpanorama.org was
created as a service to the UN Sustainable Development Networking Programme (SDNP)
in the author free time.
Submit
comments This document is an industrial compilation designed and created
exclusively for educational use and is placed under the copyright of the
Open Content License(OPL).
Original materials copyright belong to respective owners. Quotes are made
for educational purposes only in compliance with the fair use doctrine.
Standard disclaimer: The statements, views and opinions presented on
this web page are those of the author and are not endorsed by, nor do they necessarily
reflect, the opinions of the author present and former employers, SDNP or any other
organization the author may be associated with. We do not warrant the correctness
of the information provided or its fitness for any purpose.
Last modified:
March 15, 2008