Our Thinking

An Overview of Complex Event Processing (CEP)

Posted by Duane Colley on Mar 5, 2012 4:51:41 PM

What is CEP?

CEP is typical queries run against data residing in a relational database. These queries could target recent data, such as customer transactions, or it could be older data that has been aggregated in a data warehouse. If you have a requirement to query data within milliseconds after it is generated, then you have a challenge. With such low latency requirements, it is just not feasible to use traditional methods like inserting the data into a database and then querying it. CEP solves this challenge d by providing tools to query streams of the data as the data is being generated. Where does the complexity come into play? As you will see in the example below, a single piece of data may not mean anything. But in the context of data from other events or sources, it is possible to create event driven applications that keep enterprises informed of significant events as they happen.

Examples of CEP

The first example we will look at shows how multiple events in a very short time could indicate a serious problem.

Imagine a car that has various sensors which generate data on a continuous basis. Let’s consider just three sources of data:

  1. The speed of the vehicle.
  2. The air pressure in each tire.
  3. Whether someone is sitting in the driver’s seat.

Data from a slow leak may be indicated by dropping tire pressure over a period of hours. But a tire blowout could be indicated by a rapid reduction in tire pressure over a short period of time. If there was a tire blowout and that event was accompanied by data indicating a rapid decrease in vehicle speed, it could indicate that the driver needs help. But if an additional event occurred simultaneously, indicating that the driver was no longer in his seat, this could indicate a serious accident.

Another example is fraud detection. Historically, health insurance fraud detection has been a manual process. In-house auditing processes reveal potentially fraudulent claims. There’s no guarantee that if fraud is detected, an insurance company will be able to retrieve their lost money. The effort might prove too costly to be worth it and this means the expense could be passed on to the other policy holder in higher premiums. In the end, the company may only have a new case of “what to look out for.” What if insurance fraud could be detected in real-time? As claims are entered, CEP could be used to identify fraud based on patterns used by manual auditing processes. This could provide streamlined fraud detection and cost savings simply by catching fraudulent claims before they are processed.

Industries using CEP

The Financial industry may have been the first adopters of CEP. The importance of knowing – in real-time – changes and trends in the financial markets, drove the need for CEP solutions. Professional traders need to know what is happening as soon as possible after events occur. CEP enables and allows this, and facilitates systems to respond automatically to events in order to protect or take advantage of financial events.

Oil and Gas is another industry that relies on CEP. With huge amounts of data coming in from operations, continuous intelligence is required. The data sources can vary from torque and rpm data coming from drilling rigs to sensors along the pipelines. Expensive resources like heavy equipment can be monitored for engine and drive train problems. Decisions on the best course of action can be made before equipment failure occurs.

Another area is clickstream analysis. CEP allows real-time analysis of user activity to help drive site layout and respond with appropriate advertising to the user based on their activity on the website. In the past, clickstream data was saved to a database to be analyzed and then when (or if) a user returned to the website a few days later, actions were taken to customize the site’s layout and advertising. A little too late if you were looking to order pizza online during your first visit.

CEP Vendors

With the release of SQL Server 2008 R2, Microsoft introduced StreamInsight which utilizes .Net with LINQ technologies. The MSDN website provides ample information in the form of videos, whitepapers and working .Net projects. Oracle's CEP offering is bundled in their SOA suite and uses Java and CQL (continuous query language) as the development languages. There are many other vendors; some of them have a longer history than others.

Final Thoughts

With large development vendors like Microsoft and Oracle adding CEP tools to their offerings, the ability to create event driven applications that address these unique requirements are now within reach of every IT department. The challenge is to know what exactly you are looking for in your data streams

Next Steps

Take a look at the following websites. They are great resources for getting to know more about Complex Event Processing:

  1. A great portal for all things CEP - http://www.complexevents.com
  2. Microsoft's StreamInsight - http://www.microsoft.com/sqlserver/en/us/solutions-technologies/business-intelligence/complex-event-processing.aspx
  3. Oracle CEP - http://www.oracle.com/technetwork/middleware/complex-event-processing/overview/index.html

 

Topics: Design

Our Thinking - The Online Blog is a source for insights, resources, best practices, and other useful content from our multi-disciplinary team of Onliners.

Subscribe to Blog Updates