IT-Analysis.com
IT-Analysis.com Logo
Enterprise Finance
Business Issues Channels Enterprise Services SME Technology
Module Header
Craig WentworthMWD Advisors
Craig Wentworth
16th April - Egnyte the blue touchpaper...
Louella FernandesLouella Fernandes
Louella Fernandes
11th April - Managed Print Services: Are SMBs Ready?
Louella FernandesLouella Fernandes
Louella Fernandes
11th April - The Managed Print Services (MPS) Opportunity for SMBs
Simon HollowayThe Holloway Angle
Simon Holloway
11th April - Intellinote - capture anything!
David NorfolkThe Norfolk Punt
David Norfolk
11th April - On the road to Morocco

Analysis

Simplifying CEP
Philip Howard By: Philip Howard, Research Director - Data Management, Bloor Research
Published: 6th October 2010
Copyright Bloor Research © 2010
Logo for Bloor Research

You can tell that complex event processing (CEP) was not initially developed by a company because no marketing man would ever have allowed a technology to be referred to as complex. In fact, the man generally regarded as the father of CEP, David Luckham, is a professor at Stamford University and he invented the term to describe the processing of complex events, as opposed to any idea that event processing is, in itself, particularly complex. He defines a complex event as “an event that could only happen if lots of other events happen”. For example, to use CEP (or any other technology for that matter) to recognise fraud means recognising the pattern of events that indicates that type of fraud: so this pattern consists of the “lots of other events”. To take a more prosaic example, the completion of an online shopping basket is a complex event that is dependent on a whole series of preceding steps.

Also, bear in mind that events are not limited to a single environment: for example, the availability of hotel rooms represents a complex event that will be influenced by such diverse individual events as the weather, time of year, whether there are any conferences in town and how many, the state of the economy and so on.

So, CEP is essentially about monitoring those individual steps or (micro)events or, in some cases, transactions, and then looking to see if they make up the complex event you are looking for. Or, of course, you might be looking for any one of a number of different complex events so there are multiple patterns against which the incoming event data must be tested against.

That’s it, basically. Of course there are bells and whistles that you can add to make the software faster or easier to use or look prettier but, essentially, CEP is about two things: monitoring events and then looking to see if those events fit into patterns that you are looking for or, sometimes, looking for events that don’t fit an expected pattern (anomaly detection). If you think about what the intelligence communities do, those responsible for squashing terrorist threats before anyone is affected, they are looking for a series of events to establish and identify a complex event that might be a threat. That’s the type of things they’ve been doing for years and businesses can leverage the same approach.

So, the question, naturally, is what can CEP do for your business? And the answers are as diverse as industry and commerce. Two generic examples are a) any environment in which you might want to prevent and/or detect fraud or criminal behaviour or any sort of unwanted behaviour (even if it is not actually illegal but is, perhaps, against corporate governance policies); and b) any network that you need to monitor, whether that be a road, rail, pipeline, computer or utility network. In its broadest sense you can even think of a shop-floor production line as a sort of network and certainly CEP has been employed on the shop-floor as it has in airports and by airlines.

An even more generic example is when you want to link events to a process of some sort. It is often the case that many business processes, for example, are embedded within application software while other processes have been formally modelled and are managed within a BPM (business process management) environment. And then, of course, informal processes abound. One of the issues that arises is how to link these together, and one answer to that is to use CEP, treating each step in a business process and each transaction as an event in its own right. However, this is not limited to business processes per se but any sort of environment where processes are involved, including process manufacturing (the shop-floor again), communications processes (not necessarily within communications companies), integration processes (witness Informatica’s acquisition of AgentLogic) and so on.

Finally, there lots of specific use cases: monitoring PC fleets for carbon emissions, monitoring stock ticks within capital markets, monitoring automated number plate recognition systems, monitoring patient heart rates and so on and so forth.

The bottom line is that if you need something monitored then you may need CEP. It might be because you need to detect a problem (typically, something anomalous has happened); or because there is an opportunity to buy stock or up-sell or cross-sell to an existing customer because you have recognised a particular pattern of events that predicts a higher than usual success rate (using CEP in conjunction with predictive analytics); or because you need to prevent, or at least detect, unwanted behaviour such as a security breach or potential fraud. But whatever your requirement is don’t get put off because it is called complex: it isn’t or, at least, it doesn’t have to be (with the right vendor).

Advertisement



Published by: IT Analysis Communications Ltd.
T: +44 (0)190 888 0760 | F: +44 (0)190 888 0761
Email: