It's Friday. Break the Rules.
October 13, 2006 8:49 AM   Subscribe

I'm in the process of building an application and I think I want a rules engine. Assuming I do (and "No" may be the answer to my question), what's the best way to go about such a thing, given the details inside?

The application in question will receive responses from 50-100 (and growing) network devices at external sites. The devices send back numbers on various different items. What I want to be able to do is look at the responses table on a regularly-scheduled basis for things like:

* A response that's above or below acceptable thresholds
* Responses over time that show too large a move in value
* The complete lack of a response over a certain amount of time

I have a database table with components that report, a table with the commands to run on those components to get back values and a set of tables to normalize all those responses over time. My initial thought was to store the thresholds and tests in the database as well and tie them to the components and commands. But that led me to the thought of storing SQL in the database, which is so completely filthy that I stopped thinking about it, took a shower and posted this question.

C# (.NET 2.0) and SQL Server 2000, if it makes a difference. I looked at the Wikipedia entry, but that mostly mentions products and a simple Google search does the same. I'm not averse to integrating a third-party component, but I don't know if I could buy one.
posted by yerfatma to Computers & Internet (7 answers total)
 
Have you looked at Nagios? It's an open source network monitoring system (so it's free), used by a lot of pretty large organizations. The one catch is that it will need to be hosted on a Linux server, but it can be used to monitor clients of pretty much any variety, so you just need a cheap Linux box somewhere to run it. It's extremely customizable, so you can write simple plugins to check for whatever it is you need to check. Everything gets summarized in a simple web interface, and you can set up various triggers for failure conditions. When something fails, it gets highlighted in a big red box, and email notifications can be sent out to appropriate staff to notify them of the failure.

It seems like you'd be served better by building rules and plugins around Nagios (after all, Nagios is essentially a rules engine with a snazzy web interface built around it), then starting from scratch.
posted by zachlipton at 9:05 AM on October 13, 2006


Response by poster: A point of clarification: yes, I could bake the rules directly into the code, but I would prefer not to. I'd like to be able to modify the rules without recompiling. Additionally, the devices have more than one firmware version, so there is the possibility of some rules only applying to some responses and the idea of tying that together outside the app, in the data, appeals to me. For right or wrong.
posted by yerfatma at 9:06 AM on October 13, 2006


Response by poster: Sorry, posted that before I saw your response. Unfortunately, it's unlikely I'd be able to tie a Linux box in. All the same, I'll take a look at the code (I definitely don't want to reinvent the wheel).
posted by yerfatma at 9:10 AM on October 13, 2006


What about RRDTool instead of using SQL?

See especially the section on Aberrant behavior detection.

There are Windows binaries available, and a separate Java project to do the same thing (JRobin). And you can probably find something to work with it in C#.
posted by jma at 9:20 AM on October 13, 2006


You might want to look at an embeddable Prolog (most of them are, since Prolog can be painful for writing a full app, but can be great for certain problem domains, rules engines being one of them). Or emulate it using the yield keyword.
posted by weston at 9:34 AM on October 13, 2006


Best answer: Sure, you could use a rule engine for what you're talking about; They're basically just optimized frameworks for evaluating lots of conditional statements. But the main reason to use a rule engine isn't performance, it's to separate the business logic (rules) from the application logic (your code). This allows non-coders to maintain the rules, in real-time in some cases. Here's a good article that has some more details.

There are several open-source .NET C# rule engines. Here some that I've looked at:

Drools
NxBRE
SRE

There are also several commercial .NET rule engines (e.g. ILOG, InRule, MS-BRE), but they're really expensive, and it's probably more than you're looking to invest.

Some questions to ask when selecting a rule engine:

-Will the engine need to run embedded in your application, or will it be a stand-alone service in a distributed environment?
-Are the rules stored as text or compiled into assemblies?
-Are there authoring tools for writing the rules?
-Who will be writing/maintaining the rules?
-Is there documentation?

Feel free to email me if you've got more questions.
posted by Gamblor at 10:51 AM on October 13, 2006


The new version of .Net (3.0) includes a rules engine in the Windows Workflow Foundation.

It's powerful, very extensible and free. If you have the option of using the new version of .Net this is a good way to go.
posted by MCTDavid at 12:03 PM on October 13, 2006


« Older In search of dwarf citrus trees   |   Tcl, return values and efficiency. Newer »
This thread is closed to new comments.