7.3.2 Executing the Alert Purge Utility

To execute the Alert Purge Utility, follow these steps:

  1. Verify that the Behavior Detection database is operational: tnsping <database instance name>
  2. Verify that the <OFSAAI Installed Directory>/database/db_tools/mantas_cfg/ install.cfg configuration file contains the correct source database connection and logging information.
  3. Access the directory where the shell script resides: cd <OFSAAI Installed Directory>/database/db_tools/bin
  4. Start the Alert Purge shell script: run_alert_purge.sh -purge
    Executing this command sets the environment classpath and starts the utility. You may also pass command line arguments to the utility, and execute the utility in any of the following ways:
    • You may pass a list of purge rules (as configured in Table 7-5 file) separated by a comma (,) following the convention of alert_rule_<i0> for alert-related rules and case_rule_<i0> for case-related rules; here i0 is an integer representing the corresponding rule number in the purgeRules.xml file. ./run_alert_purge.sh -purge alert_rule_<i0>,alert_rule_<i1>,case_rule_<i2>….
    • You may instruct the utility not to purge any alerts, but only cases, and vice-versa. If the value passed is 'alert=N' the utility considers this as no to purge alerts ./run_alert_purge.sh -purge alert=N If the value passed is 'case=N' the utility considers this as no to purge cases ./run_alert_purge.sh -purge case=N
    • You may instruct the utility only to simulate the purge process and not purge the alerts by passing a command line parameter 'test=Y'. In this case, the utility considers this as running in test mode and generates the report of alerts that would have purged. ./run_alert_purge.sh -purge test=Y
    • You can provide all these parameters or a combination of these parameters irrespective of order, once at a time, to the utility as shown in the example below: ./run_alert_purge.sh -purge case=N alert_rule_<i0>,alert_rule<i1> test=Y

    Note:

    1. If the utility is executed without any command line arguments, then utility considers the install.cfg parameter "purge_default_rule_set" value for purging the alert rules defined in PurgeRules.xml.
    2. The following install.cfg parameters are no longer considered for purging the alerts in this version:
      • job=null
      • scenario=null
      • start_date=null
      • end_date=null
      • alert_status=NW