A visual representation of the analysis engine is provided in Figure 11 with a description of each process in the flow summarized as follows.
- Setup of the analysis engine policy is performed, and it is a collection of one or more rules that is assigned to an object or group.
- A rule is defined which contains the logic for when to issue an alert.
- Assign the policies or rules to an Object to be monitored.
- The analysis engine compares monitored data to the conditions in a rule, and triggers alerts when a rule is matched.
- Event-based rules trigger an alert in response to data that is streaming into the Data Protection Advisor server.
- Schedule-based rules periodically compare data in the Data Protection Advisor Datastore against rules to detect a match.
- The alerts can be sent by SNMP trap, a local script to send a text message, for example, windows event log entry and email.
Figure 11. Analysis Engine Workflow