cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
dishen_pancholi
Fluorite | Level 6 dishen_pancholi
Fluorite | Level 6
Go to Solution

Email Notification as a part of AGP in SAS VI 10.6

Posted 04-21-2020 05:38 AM (711 views)

Hello all, 

 

Our requirement is to send email notifications when an alert is generated using SAS VI 10.6. 

As Scenario Administrator does not help with sending email notifications, can we as an approach take data from the 'alert' table from the underlying data model, once the alert is generated, and then send email notifications by developing an ETL job basis the data retrieved.

If the above is recommended, can someone help with the understanding of the VI data model. 

 

Thank you,

Dishen Pancholi

SAS Fraud and Risk (Senior Consultant)

Global Fraud Analytics CoE

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
_austin_
SAS Employee _austin_
SAS Employee

Re: Email Notification as a part of AGP in SAS VI 10.6

Posted 04-22-2020 02:15 PM (612 views)  |   In reply to dishen_pancholi

Hi Dishen,

 

The alert data model in VI separates the incoming "events" that need to be investigated from the alert "work item". The events are basically immutable - they get recorded when they arrive. When an alerting event arrives, the system will check if there is an alert or not. If there is no alert, one is created. If there is an alert, it is updated based on information in the new event. The score may change, the alert may be routed to a different queue, etc. We maintain a complete audit trail of changes that are made to the alert over time.

 

In your situation, I think the easiest thing for you to do is query the svi_alerts.tdc_alerting_event table. You can use the created_dttm column to find all the new alerting events that were generated by scenario administrator. (Depending on your configuration, you may also want to filter on domain_id if the deployment includes multiple alerting domains.)

 

Since you were talking about ETL, I was using "sql terminology". This information is also accessible via REST call. That would look something like this:

 

/svi-alert/alertingEvents?filter=gt(creationTimeStamp,2020-04-22) or 
/svi-alert/alertingEvents?filter=and(eq(domainId,svidomain),gt(creationTimeStamp,2020-04-22))

 

You can learn more about the alert data model by reading Chapter 2 of the SAS® Visual Investigator 10.6: User’s Guide, "Performing Alert-Based Investigations", and Chapter 16 of the SAS® Visual Investigator 10.6: Administrator’s Guide, "Alert Scorecards".

View solution in original post

1 REPLY 1
_austin_
SAS Employee _austin_
SAS Employee

Re: Email Notification as a part of AGP in SAS VI 10.6

Posted 04-22-2020 02:15 PM (613 views)  |   In reply to dishen_pancholi

Hi Dishen,

 

The alert data model in VI separates the incoming "events" that need to be investigated from the alert "work item". The events are basically immutable - they get recorded when they arrive. When an alerting event arrives, the system will check if there is an alert or not. If there is no alert, one is created. If there is an alert, it is updated based on information in the new event. The score may change, the alert may be routed to a different queue, etc. We maintain a complete audit trail of changes that are made to the alert over time.

 

In your situation, I think the easiest thing for you to do is query the svi_alerts.tdc_alerting_event table. You can use the created_dttm column to find all the new alerting events that were generated by scenario administrator. (Depending on your configuration, you may also want to filter on domain_id if the deployment includes multiple alerting domains.)

 

Since you were talking about ETL, I was using "sql terminology". This information is also accessible via REST call. That would look something like this:

 

/svi-alert/alertingEvents?filter=gt(creationTimeStamp,2020-04-22) or 
/svi-alert/alertingEvents?filter=and(eq(domainId,svidomain),gt(creationTimeStamp,2020-04-22))

 

You can learn more about the alert data model by reading Chapter 2 of the SAS® Visual Investigator 10.6: User’s Guide, "Performing Alert-Based Investigations", and Chapter 16 of the SAS® Visual Investigator 10.6: Administrator’s Guide, "Alert Scorecards".

SAS' 10th Year as a Category Leader

Chartis names SAS a leader in both Model Risk Governance and Model Validation

Read the Report

Discussion stats
  • 1 reply
  • ‎04-21-2020 05:38 AM
  • 712 views
  • 1 like
  • 2 in conversation