Analyst Rule Processing Actions

The Rule Definitions section contains the implementation details for each of the rules contained within the Analyst. Each rule definition is delimited by a RULE, END_RULE token pair.

SECTION RULE_DEF

	RULE <rule-name> {PRIMARY | SECONDARY} [DISABLED]

	[<initialization>]

	<record-clause>

	[<action-clause>]
	[<action-clause>]
	...
	END_RULE

	RULE <rule-name> {PRIMARY | SECONDARY} [DISABLED]

	[<initialization>]

	<record-clause>

	[<action-clause>]
	[<action-clause>]
	...
	END_RULE

...

END_SECTION

Syntax

RULE
The RULE keyword starts the definition of a rule. A unique rule identifier for the <rule-name> must be provided in addition to whether this is a PRIMARY or SECONDARY level rule.

The <rule-name> identifier has a maximum of 24 characters. If this is a Primary rule then the DISABLED parameter can be included. This will cause the rule definition to start in a disabled state, meaning that the rule will need to be manually started when required. Omission of this keyword ensures that the rule is automatically enabled whenever the Analyst process is started.

Processing always begins with Primary rules, which then flow to Secondary rules as the underlying cause is approached. Secondary rules can only be reached via primary processing.

Each rule definition is split into 3 main parts:

  1. Rule Definition Initialization - defines any local variables for this rule

  2. Rule Definition Record Clause - specifies how the rule is to be triggered

  3. Rule Definition Action Clause - specify what action to take when the rule triggers

Provide feedback on this article