Streaming analytics example

What we will learn in this example?

In this article, we will learn how to combine results from two separate analytic computations to generate an alert signal. We will break down each stage of the pipeline, from data enrichment to complex analytics and end with custom alerting rules.

Here’s what each stage covers:

1. Pre-Processing How to enrich events by pulling signal thresholds from a database and associating them with each event.

2. User-defined function (UDF) How to apply sliding window analytics with an exponential moving average (EMA) function, which calculates trends over time for specific fields.

3. Aggregate analytics How to merge analytics results using JavaScript expressions to create difference calculations, such as the Moving Average Convergence Divergence (MACD) signal.

4. Alerting Rules How to set up alerting rules based on calculated thresholds and emit alert events when conditions are met.

By the end, we will understand how to set up a streamlined alerting process using a mix of database enrichment, custom functions and real-time rule evaluation.

Overview

This example demonstrates how two independent computed analytic pipeline results can be combined to generate an alerting signal.

Stream processing application

Stage 1 - Pre-processing

Enrich event with signal thresholds using the internal in-memory database.

Stage 2 - User defined function

Perform complex analytics using event based sliding windows and a stateful analytic user defined function (exponential mean average).

Stage 3 - Aggregate analytic

Combine the results of the stateful analytics in to two basic difference calculations using Javascript expressions.

Stage 4 - Alerting Rules

Finally once the calculations have been completed perform the final predicate using the having expression to send an alerting event to a downstream system