IM InfoSphere Identity Insight, Version 8.0

Getting started with Event Manager

Use the following steps as a checklist to configure and use Event Manager.

Procedure

  1. Required: Install the Eclipse-based CEP (complex event processor) Rule Author tool. The EclipseTM-based Rule Author tool is not automatically installed with the product. (Event Manager functionality and the CEP engine are automatically installed.) The Rule Author tool is included in a ZIP file on the product installation CD or download.
  2. Use the Rule Author tool to create a CEP project to group all the event rules and configurations for Event Manager.
  3. Required: In the Rule Author tool, import the cep.xml event rules file into the CEP project and customize the file by creating the event rules that meet your business event processing and alerting usage scenarios. Before altering an original starting file, back up or copy the file to another directory, as a precaution.
    • If this is a new product installation, the starting events rule file is named cep.xml.
    • If this is a product upgrade installation from version 4.2.2 or if there is already a file named cep.xml, the latest version of the starting event rules file is namedcep.8.0.0.0.xml.
    Important: The case used for naming the event rules file is very important, especially in the Unix environment. The file name must be in lower case only.
  4. Required: Export the cep.xml event rules file. The CEP engine and Event Manager use this event rules XML file to process events and determine when to generate alerts. The exported XML file must be named cep.xml, and it must be located in the following directory: product_installation_home/srd-home/console/.
  5. Required: Configure Event Manager system parameters in the Configuration Console.
    Remember: Before system configuration changes take effect, you must stop and restart all running pipelines. You can either stop all running pipelines before configuring Event Manager system parameters and event types or stop and restart all running pipelines after you configure Event Manager system parameters and event types.
  6. Required: Configure event types in the Configuration Console.
    Remember: Before system configuration changes take effect, you must stop and restart all running pipelines. You can either stop all running pipelines before configuring Event Manager system parameters and event types or stop and restart all running pipelines after you configure Event Manager system parameters and event types.
  7. Optional: Run a Configuration report in the Configuration Console. Whenever you change or update system configuration (such as system parameters and event types), it is a good idea to review the Configuration report.
  8. To see event alerts in the Visualizer, do the following:
    1. Optional: The Visualizer already contains default activity codes for dealing with event alerts (Pending, Assigned, and Closed). But you can create additional activity codes for event alerts in the Configuration Console, if you want. Stop all running pipelines before creating the activity codes, and then restart the pipelines after the activity codes are created.
    2. Optional: You can review event alerts, change the status of event alerts, assign event alerts to yourself, or assign event alerts to other Visualizer analyst groups.
    3. Optional: If you want to view the full details about a specific event alert, you can generate the Event Alert Detail report.
    4. Optional: You can view the event alert history for an entity on the entity resume.
    5. Optional: From the entity resume, you can click Show Events to view all the events associated with the entity, even events that did not generate an event alert. Or you can click Report to print an All Events report that also shows all event associated with the entity.
  9. Required: Use the EVENT data segment definitions to include event processing information in the UMF data that you convert to send to the pipelines.
  10. Optional: If you want to send system messages (including Event Manager messages) to your client application, make sure to use an HTTP pipeline, and make sure that your client application can receive messages from the standard SYSTEM_MESSAGE return document.
  11. Optional: After Event Manager processes events, you can review the Event Manager log files and the associated Configuration Console log files.


Feedback

Last updated: 2011