Sounds like you had some problems. I, on the other hand, have to give Qwest some respect. I needed to switch my DSL due to the MSN deal (I run a few machines behind my router that aren't Windows). They sent out a letter with a URL and I jumped there and found the ISP I wanted. I called up Qwest and explained that I needed to switch and the new ISP to verify they would support my Qwest hardware. One week later (as promised) the switch occured and was flawless. Now I have a nice static IP and can run all the Linux I want. I was suprised and half expected to run into somethink like Katz had to deal with. The only problem I had was that the new ISP (visi.com) gave me the wrong phone number to call for Qwest--that was solved by just calling the number on the Qwest mailing. Easy and only took about an hour (and 30 minutes a week later to reconfigure the router).
I really hope that they do get to a better level of API compatability. We run Solaris here and on the server side they are perfectly stable. Still, I can understand why it hurts developers when you have to look at all the hooks for Solaris in the Apache build files. Not that this is odd for any platform--they all have hooks. Still, if Sun can make some progress in getting compiles more seamless between a Linux Intel box and a Solaris 9 Sparc box more power to them.
On the other hand, you have to wonder what this means for their desktop systems. I haven't had to have a Sun box on my desktop since I started doing Java development and could run javac just fine under Windows (business environ and all), but maybe they are looking to make Linux the default devel platform for things destined to run on Sun big iron. Any ideas?
Security as a Wicked Problem
on
Byte Wars
·
· Score: 4, Interesting
I don't know how many of you get Software Development magazine, but they had an interesting article on wicked problems in the latest issue. The quick definition from the article header is this:
When you're scrambling to complete a never-ending task and no one can decide what "done" means, it helps to know that there's a name for this situation--and it's not a four-letter word.
This is essentially what the problem is with developing security plans--you never really know when you are done. The other problem is that you never have one true answer. Sure a national ID card seems like a good idea, but is it the right answer to the right question? Anyway, you can find the article here: Wicked Problems.
I think this would be pretty cool if they could add some sort of a SOAP/XML-RPC type interface where you could query on sections, stories, whatever. It would be nice to allow content syncing like this.
I was writing about this in response to a post in a user's journal the other day that even better would be to make a story content P2P system where you could allow story distribution. You might place a limit and only allow the summary to drive people to your site, but it could still help with bandwidth issues. This would basically be like an enhanced RDF/RSS type system but over a P2P type network you wouldn't even really have to host your own feeds for people. Add in some sort of DB persistance and you could just say "get new headlines and summaries from site x"--the system would bring in all the new content. Anyway, that is just a dream I have and probably will never happen the way some people feel about their content.
Re:And this relates to XML how?
on
Java RMI
·
· Score: 4, Interesting
XML-RPC is just another way to do what RMI and CORBA do--except it uses XML to encapsulate the data (including the call you are making). RMI was nice when it came out, but I haven't seen it mentioned in a long time. Where I'm working right now they would probably just use XML-RPC or SOAP simply because it is open and can be used by a wider variety of systems (like those OpenVMS machine they have sitting around). I personally use XML-RPC and SOAP and they are great if you have to parse things for the web on the other site. I used to pull a ton of RDF feeds from NewsIsFree, but they screwed it up and only started feeding the updates to the channel. I rewrote the calls using their XML-RPC engine which is much better. I then parse the tree and convert it into RDF for my website. Very slick technology.
Judging from the TOC of the book, I'm surprised that the author didn't deal more with the "why should you use RMI over some other technology?" He does cover the CORBA vs. RMI choice, but that was it. I also don't know how "new" this book is--especially if those topics (SOAP, XML-RPC) weren't covered.
Cool, thanks for the info. My quick browse at the store didn't get me that. I will definately have to check that out. My browse was simply a skim of the TOC and index, so that is why I missed it.
I was over at Borders the other day buying some books and saw this. I was looking to redo my existing website (which provides weblog functionality for my friends) with some other engine. Given that my site is running on Win2K, I ended up having to use PHP-Nuke5.5 (PostNuke had some problems getting going and MyPHPNuke was missing some features I wanted). Anyway, this book has absolutely no information (that I could find) on getting things running on Windows. I don't know if this can be done, but don't go looking to this book for help.
Yeah, GTA3 the cerial would rock. This cerial is rated M for Mature. That would be an interesting section of the grocery store to hang out in. Just like the pr0n sections of video stores. Plus maybe I can start my pimp and ho action figure collection with the prizes.
There was something about this on TechTV the other day (forget the show) where they went to the MIT Media lab to take a look at some of the things they were working on. A couple of the cooler projects were using technology to allow greater inteaction with more traditional toys (e.g. dollhouse, puppet show). I'd suggest trying to get ahold of the people there to work on something. Given the puppet show thing on the program it would be cool if the kids could make a show and type in the text/action for each puppet actor. Then using some backend technology to translate, it could be sent to others. This would fall more into the individual (and group) storytelling realm, but it could be a fun project for a day. For the dollhouse type thing maybe you could have replicated character actions across the venues or maybe make the whole thing virtual inside the Unreal engine or something (with it geared less towards violence:).
Just make sure that you allow yourself the ability to check the van/bus/trailer out so you can be the person to bring the LAN party to the rural keggers.
With all the hype surrounding XP/Agile/Name of the Week type development, I've been looking for hard numbers on how much better it is against older development styles. So far, I haven't been able to find anything accurate. It really comes down to multiple projects vs. performance. The is no hard data yet on the speed of XP against all project/component types. My biggest concern with this is that some manager will read up on XP, read a line that says it cuts your development time/cost by some percent and then draft a memo and adjust all targets.
Do these sort of numbers exist out there yet and is it even worth doing them given the theme of the article? Thanks.
This is one thing that I'll never figure out.
Why can't people use Google to solve these types of problems. Finding that took about 10 seconds with Google.
One would assume that you don't allow all sorts of evil things past your firewall. Lets expand on the intent of what you are trying to do and also assume that there needs to be internal access to the data as well--customer support, phone registration, etc. What would you do in that case?
Certainly you can wrap the calls (client or web) in something like SOAP/XMLRPC/RMI/Corba and then use an encryption package over it. I built something similar to talk to a credit card authorization system using XML over HTTPS with the Java JSSE library extensions. You could certainly do this internally and to the remote authentication system as well.
The problem most sites seem to have is where the data is located and how access is allowed. Provided you are not putting your client info DB out on the net and leave it inside and protected you shouldn't have much of a problem. Do customers need to change their credit card numbers? One assumes they do and will be prompted when the card expires. This means the web server needs to have access to that data. If not, lock it inside your network and only allow writes to the database and reads only to the monthly revalidation program. In an ideal world, the internal program would have a direct link to the payment system and not have to use the net at all. You should really try to build some data abstraction layers into the system so even if the web server is hacked it can't be used as a platform to run SQL statements directly against the customer data DB. Most of the posts here seem to be about encrytion and the like, but in reality if you allow access by the web server and it is hacked you are pretty much SOL if you have a visable API through a server-side scripted language. Just IMHO.
I use a ton of my bandwidth (DSL) for my own web hosting (RSS news feed updates, etc.) and to stream my MP3s. I got a little sick of listening to the same stuff over and over again on the various radio sites and decided to run my own. It is nice to know that wherever I am, I can get my music via WinAmp. Then there is remote access to my machine.
On the other side of it is what I pull down into my house. I think the biggest use of broadband in the future will be for Microsoft product updates. Just kidding. I tend to pull things like MPEG files from TV shows that are no longer available (Sifl-n-Olly) and MP3s of songs I can't rip because they are on record or tape. Then there is always the content on Sputnik7. It is nice being able to queue up some anime/videos to watch.
I think the biggest problem will be getting respectible DL speeds if it does take off. If I was paying for content I certainly wouldn't want to see the player hang due to BW problems. Since there really isn't much people can do about QoS right now, it could be a problem.
One would think I could really care less about satellite radio living in a fairly big metro area like Minneapolis/St. Paul. The fact of the matter is that there are basically 2 big companies that own almost all the radio stations here. This means that they get to choose what we get to listen to. They ditched the alternative music radio format for some other crap station. There are three stations that play almost the exact same pop music. I imagine that a lot of large metro areas are like this.
Even worse was living in middle of nowhere Iowa where there was only 1 radio station.
So, it would be nice to have some decent radio stations (i.e. alternative, techno for me). Still, it is pretty hard to sell me on something when I'm only going to be using 2% of it.
The whole problem with his view was that people would become intelligent and say things others want to hear. If this was the case then every post on slashdot would be a 5. I'm surprised he even thought this could happen. Back when I was in college (88-92), 90% or usenet was absolute crap. This hasn't changed, it has just moved to the web. Microsoft/AOL made internet access easy. It desn't take much to post a web page. This doesn't make them any smarter or their views worth hearing. They are still the morons I avoided before they got on the net. I think Jon's giving the average person too much credit. I had faith that the average person could rise above the general stupidity, but then I realized the forum doesn't matter--most people will rarely change if they don't have to.
This actually happened to me for a while in my junior year in college (~91). It started when I was working in the computer lab and would usually get bored and finish all my homework. Soon the MUD took the place of doing the work as well as it should have been (didn't actually slip so far as to fail anything). Luckily, I realized what was happening after a few weeks and gave it up to do more productive things--like the papers I had due. The other problem was that I was one of the few people at the school with a computer that could dial-in so I started doing it back in the dorm as well. Luckily, my friends were big into having parties and after a couple of those and some new girls the MUD was forgotten.
Now when I see this sort of things in my friends (obsessive online chat, MMORPGs), I just don't understand it. The novelty of it is interesting for a while, but I think most people realize there are better things to waste your time on--at least I did.
I've been using one of these since a little after I was diagnosed in '87. The one I use is a Medi-Jector Vision (see it on drugstore.com). Highly recommended. This is one thing that I'm glad came about. It is almost pain free and very easy to use. Oh, mine is spring loaded and not air based, but a similar concept I'm sure. My mom just started using something like it for her MS injections.
Of course they are a local Minneapolis company so it is really easy to find/get support for so I may be a bit biased. Also, I think they were just purchased by some other company.
Why can't you use HTTPS? I'm not sure what the implementation in VB/VC++ would be like, but doing it in Java is quite easy (go grab the Sun JSSE libs and look at the examples). Just setup the authentication and you are good to go. I built an internal relay inside our network. It listens on port XXXX and then sends the request to port 443 on the remote machine. I wrote the connector in Java but was talking to an MS ASP box. Even though we were not using true SOAP encapsulation it was a cutomized XML RPC type call so it is pretty close. I had to write a relay because the internal request was coming from a C program and the C programmer didn't know how to handle HTTPS authentication/verification. This was for some e-commerce type stuff. The managers here seem to think that is enough.
As a side note, the relay is actually faster than individual, direct connections since in Java it takes a while to generate the KeyStore.
Well, I was working the night shift in '92 shoving tapes into a DEC and was usually totally bored. There happened to be a nice Sun with a color monitor sitting in the server room that they usually left logged in as root. Well, I decided that it would be better used playing XTank and loaded it up. I got busted the next day but when they noticed that I new how to pull something off a tape, run make and then debug the compile problems they were pretty impressed and gave me an admin job and a nice raise. Of course I learned all this stuff in college since no one ever used the unix machines (next, sun). I had a Poli Sci/German major, but spent more time playing in the labs compiling crap and learning scripting languages. They also really needed an admin.
-J
Re:Using XML to configure Servlets
on
XML in a Nutshell
·
· Score: 1
Isn't this part of the idea behind the Apache Struts project? It seems like a great idea, although I haven't yet developed anything using the framework. Still the servlet/service mapping process looked pretty easy to do since it was all in XML.
I'm also a big fan of XML. I have been pulling XML from a variety of news sites (including Slashdot) for display on my own site. I just built a Java class which gets run every 30 minutes and pulls the latest headlines and then rendering is all done with XSL. The XSL was a pain to generate since there are all sorts of different implementations of the RSS/RDF frameworks, but once you figure it out it isn't too bad. In the end I had about 4 different XSL files for the 14 feeds I pull. The benefit is that once you have the basic XSL framework it is relatively easy to tweak it to appear different. If you build in CSS support you can even change the look and feel by modifying the CSS and not the XSL. Plus, if you use JRun it has a built in XSLT taglib for doing the conversion (although it is only about 3 lines using Xerces/Xalan). Too bad my site is down right now since my site (DSL) re-initialized my IP and I don't know what it is.
I also found the XML Pocket Reference book pretty handy to have around (although a bit slim on explanations).
Also, anyone know what is up with the slashdot.xml file? It doesn't seem to be updating as often lately. I thought this was automated in the code. Am I wrong?
I used to do this sort of thing for Andersen Consulting about 3 years ago. The base platform we used was HP OpenView, Seagate NerveCenter and BMC Patrol. I believe it was Patrol that handled the event correlation for us. I'm not sure if these products are still around or not , it has been quite a while.
Anyway, the idea was to reduce the amount of damage a network outage could cause. For example if the route hosting your path to your servers failed it is better to get a page or notification simply for that and not for the 20 server that are no longer responding. It also allowed for an automatic escallation method such that if the server did not respond to a ping the system would wait for a minute to see if it was just a packet drop vs. a real outage.
The programming was pretty simple. Pick your events and then tell the system how they correlate. Then if it reaches level X have it generate a new event for the base system to handle. It was actually pretty simple and was more drag and drop than real programming. The programming came when you wanted the system to check something that was not one of the normal services. For example, making sure that the LDAP service was still up and authenticating. As long as you can program a way to communicate with the correlation and collection engine (HP OpenView as the base--the other products ran on top of that) you would be fine. The stuff I wrote generally included a mix of SNMP traps via Perl. Although I did not write an expanded MIB to acutally handle this, I simple repurposed some existing ones and then tweaked the sent messages and parsed it with the engine. For what we were doing speed was better than perfection (at least according to my manager at the time).
We also kept data stores of other SNMP type things (performance type data) which were then analyzed by a nightly SAS run. But that is slightly off topic.
-Joel
Slashdot Mirror
Sounds like you had some problems. I, on the other hand, have to give Qwest some respect. I needed to switch my DSL due to the MSN deal (I run a few machines behind my router that aren't Windows). They sent out a letter with a URL and I jumped there and found the ISP I wanted. I called up Qwest and explained that I needed to switch and the new ISP to verify they would support my Qwest hardware. One week later (as promised) the switch occured and was flawless. Now I have a nice static IP and can run all the Linux I want. I was suprised and half expected to run into somethink like Katz had to deal with. The only problem I had was that the new ISP (visi.com) gave me the wrong phone number to call for Qwest--that was solved by just calling the number on the Qwest mailing. Easy and only took about an hour (and 30 minutes a week later to reconfigure the router).
I really hope that they do get to a better level of API compatability. We run Solaris here and on the server side they are perfectly stable. Still, I can understand why it hurts developers when you have to look at all the hooks for Solaris in the Apache build files. Not that this is odd for any platform--they all have hooks. Still, if Sun can make some progress in getting compiles more seamless between a Linux Intel box and a Solaris 9 Sparc box more power to them.
On the other hand, you have to wonder what this means for their desktop systems. I haven't had to have a Sun box on my desktop since I started doing Java development and could run javac just fine under Windows (business environ and all), but maybe they are looking to make Linux the default devel platform for things destined to run on Sun big iron. Any ideas?
This is essentially what the problem is with developing security plans--you never really know when you are done. The other problem is that you never have one true answer. Sure a national ID card seems like a good idea, but is it the right answer to the right question? Anyway, you can find the article here: Wicked Problems.
I think this would be pretty cool if they could add some sort of a SOAP/XML-RPC type interface where you could query on sections, stories, whatever. It would be nice to allow content syncing like this.
I was writing about this in response to a post in a user's journal the other day that even better would be to make a story content P2P system where you could allow story distribution. You might place a limit and only allow the summary to drive people to your site, but it could still help with bandwidth issues. This would basically be like an enhanced RDF/RSS type system but over a P2P type network you wouldn't even really have to host your own feeds for people. Add in some sort of DB persistance and you could just say "get new headlines and summaries from site x"--the system would bring in all the new content. Anyway, that is just a dream I have and probably will never happen the way some people feel about their content.
XML-RPC is just another way to do what RMI and CORBA do--except it uses XML to encapsulate the data (including the call you are making). RMI was nice when it came out, but I haven't seen it mentioned in a long time. Where I'm working right now they would probably just use XML-RPC or SOAP simply because it is open and can be used by a wider variety of systems (like those OpenVMS machine they have sitting around). I personally use XML-RPC and SOAP and they are great if you have to parse things for the web on the other site. I used to pull a ton of RDF feeds from NewsIsFree, but they screwed it up and only started feeding the updates to the channel. I rewrote the calls using their XML-RPC engine which is much better. I then parse the tree and convert it into RDF for my website. Very slick technology.
Judging from the TOC of the book, I'm surprised that the author didn't deal more with the "why should you use RMI over some other technology?" He does cover the CORBA vs. RMI choice, but that was it. I also don't know how "new" this book is--especially if those topics (SOAP, XML-RPC) weren't covered.
-J
Cool, thanks for the info. My quick browse at the store didn't get me that. I will definately have to check that out. My browse was simply a skim of the TOC and index, so that is why I missed it.
I was over at Borders the other day buying some books and saw this. I was looking to redo my existing website (which provides weblog functionality for my friends) with some other engine. Given that my site is running on Win2K, I ended up having to use PHP-Nuke5.5 (PostNuke had some problems getting going and MyPHPNuke was missing some features I wanted). Anyway, this book has absolutely no information (that I could find) on getting things running on Windows. I don't know if this can be done, but don't go looking to this book for help.
Yeah, GTA3 the cerial would rock. This cerial is rated M for Mature. That would be an interesting section of the grocery store to hang out in. Just like the pr0n sections of video stores. Plus maybe I can start my pimp and ho action figure collection with the prizes.
-J
There was something about this on TechTV the other day (forget the show) where they went to the MIT Media lab to take a look at some of the things they were working on. A couple of the cooler projects were using technology to allow greater inteaction with more traditional toys (e.g. dollhouse, puppet show). I'd suggest trying to get ahold of the people there to work on something. Given the puppet show thing on the program it would be cool if the kids could make a show and type in the text/action for each puppet actor. Then using some backend technology to translate, it could be sent to others. This would fall more into the individual (and group) storytelling realm, but it could be a fun project for a day. For the dollhouse type thing maybe you could have replicated character actions across the venues or maybe make the whole thing virtual inside the Unreal engine or something (with it geared less towards violence :).
-J
Just make sure that you allow yourself the ability to check the van/bus/trailer out so you can be the person to bring the LAN party to the rural keggers.
-J
With all the hype surrounding XP/Agile/Name of the Week type development, I've been looking for hard numbers on how much better it is against older development styles. So far, I haven't been able to find anything accurate. It really comes down to multiple projects vs. performance. The is no hard data yet on the speed of XP against all project/component types. My biggest concern with this is that some manager will read up on XP, read a line that says it cuts your development time/cost by some percent and then draft a memo and adjust all targets.
Do these sort of numbers exist out there yet and is it even worth doing them given the theme of the article? Thanks.
I also found it here: LDAP Browser/Editor.
This is one thing that I'll never figure out.
Why can't people use Google to solve these types of problems. Finding that took about 10 seconds with Google.
One would assume that you don't allow all sorts of evil things past your firewall. Lets expand on the intent of what you are trying to do and also assume that there needs to be internal access to the data as well--customer support, phone registration, etc. What would you do in that case?
Certainly you can wrap the calls (client or web) in something like SOAP/XMLRPC/RMI/Corba and then use an encryption package over it. I built something similar to talk to a credit card authorization system using XML over HTTPS with the Java JSSE library extensions. You could certainly do this internally and to the remote authentication system as well.
The problem most sites seem to have is where the data is located and how access is allowed. Provided you are not putting your client info DB out on the net and leave it inside and protected you shouldn't have much of a problem. Do customers need to change their credit card numbers? One assumes they do and will be prompted when the card expires. This means the web server needs to have access to that data. If not, lock it inside your network and only allow writes to the database and reads only to the monthly revalidation program. In an ideal world, the internal program would have a direct link to the payment system and not have to use the net at all. You should really try to build some data abstraction layers into the system so even if the web server is hacked it can't be used as a platform to run SQL statements directly against the customer data DB. Most of the posts here seem to be about encrytion and the like, but in reality if you allow access by the web server and it is hacked you are pretty much SOL if you have a visable API through a server-side scripted language. Just IMHO.
-J
I use a ton of my bandwidth (DSL) for my own web hosting (RSS news feed updates, etc.) and to stream my MP3s. I got a little sick of listening to the same stuff over and over again on the various radio sites and decided to run my own. It is nice to know that wherever I am, I can get my music via WinAmp. Then there is remote access to my machine.
On the other side of it is what I pull down into my house. I think the biggest use of broadband in the future will be for Microsoft product updates. Just kidding. I tend to pull things like MPEG files from TV shows that are no longer available (Sifl-n-Olly) and MP3s of songs I can't rip because they are on record or tape. Then there is always the content on Sputnik7. It is nice being able to queue up some anime/videos to watch.
I think the biggest problem will be getting respectible DL speeds if it does take off. If I was paying for content I certainly wouldn't want to see the player hang due to BW problems. Since there really isn't much people can do about QoS right now, it could be a problem.
One would think I could really care less about satellite radio living in a fairly big metro area like Minneapolis/St. Paul. The fact of the matter is that there are basically 2 big companies that own almost all the radio stations here. This means that they get to choose what we get to listen to. They ditched the alternative music radio format for some other crap station. There are three stations that play almost the exact same pop music. I imagine that a lot of large metro areas are like this.
Even worse was living in middle of nowhere Iowa where there was only 1 radio station.
So, it would be nice to have some decent radio stations (i.e. alternative, techno for me). Still, it is pretty hard to sell me on something when I'm only going to be using 2% of it.
The whole problem with his view was that people would become intelligent and say things others want to hear. If this was the case then every post on slashdot would be a 5. I'm surprised he even thought this could happen. Back when I was in college (88-92), 90% or usenet was absolute crap. This hasn't changed, it has just moved to the web. Microsoft/AOL made internet access easy. It desn't take much to post a web page. This doesn't make them any smarter or their views worth hearing. They are still the morons I avoided before they got on the net. I think Jon's giving the average person too much credit. I had faith that the average person could rise above the general stupidity, but then I realized the forum doesn't matter--most people will rarely change if they don't have to.
This actually happened to me for a while in my junior year in college (~91). It started when I was working in the computer lab and would usually get bored and finish all my homework. Soon the MUD took the place of doing the work as well as it should have been (didn't actually slip so far as to fail anything). Luckily, I realized what was happening after a few weeks and gave it up to do more productive things--like the papers I had due. The other problem was that I was one of the few people at the school with a computer that could dial-in so I started doing it back in the dorm as well. Luckily, my friends were big into having parties and after a couple of those and some new girls the MUD was forgotten.
Now when I see this sort of things in my friends (obsessive online chat, MMORPGs), I just don't understand it. The novelty of it is interesting for a while, but I think most people realize there are better things to waste your time on--at least I did.
-J
So would it look like this http://www.tigerdirect.com/applications/SearchTool s/item-details.asp?sku=D158-1008 only in different colors then? Is this really that new of a concept? These things have been in the last few Tiger catalogs I've gotten.
-J
This is great. Does this mean that bands will have to have network engineers as roadies?
"Um, were sorry people, the show can't go on--the router crashed."
-J
Damn, when I first saw the message I thought it was about a new PDA for Danger Mouse. Penfold will be sad about that. "But Chief, you promised!"
-J
I've been using one of these since a little after I was diagnosed in '87. The one I use is a Medi-Jector Vision (see it on drugstore.com). Highly recommended. This is one thing that I'm glad came about. It is almost pain free and very easy to use. Oh, mine is spring loaded and not air based, but a similar concept I'm sure. My mom just started using something like it for her MS injections.
Of course they are a local Minneapolis company so it is really easy to find/get support for so I may be a bit biased. Also, I think they were just purchased by some other company.
-J
Why can't you use HTTPS? I'm not sure what the implementation in VB/VC++ would be like, but doing it in Java is quite easy (go grab the Sun JSSE libs and look at the examples). Just setup the authentication and you are good to go. I built an internal relay inside our network. It listens on port XXXX and then sends the request to port 443 on the remote machine. I wrote the connector in Java but was talking to an MS ASP box. Even though we were not using true SOAP encapsulation it was a cutomized XML RPC type call so it is pretty close. I had to write a relay because the internal request was coming from a C program and the C programmer didn't know how to handle HTTPS authentication/verification. This was for some e-commerce type stuff. The managers here seem to think that is enough.
As a side note, the relay is actually faster than individual, direct connections since in Java it takes a while to generate the KeyStore.
-J
Well, I was working the night shift in '92 shoving tapes into a DEC and was usually totally bored. There happened to be a nice Sun with a color monitor sitting in the server room that they usually left logged in as root. Well, I decided that it would be better used playing XTank and loaded it up. I got busted the next day but when they noticed that I new how to pull something off a tape, run make and then debug the compile problems they were pretty impressed and gave me an admin job and a nice raise. Of course I learned all this stuff in college since no one ever used the unix machines (next, sun). I had a Poli Sci/German major, but spent more time playing in the labs compiling crap and learning scripting languages. They also really needed an admin.
-J
Isn't this part of the idea behind the Apache Struts project? It seems like a great idea, although I haven't yet developed anything using the framework. Still the servlet/service mapping process looked pretty easy to do since it was all in XML.
I'm also a big fan of XML. I have been pulling XML from a variety of news sites (including Slashdot) for display on my own site. I just built a Java class which gets run every 30 minutes and pulls the latest headlines and then rendering is all done with XSL. The XSL was a pain to generate since there are all sorts of different implementations of the RSS/RDF frameworks, but once you figure it out it isn't too bad. In the end I had about 4 different XSL files for the 14 feeds I pull. The benefit is that once you have the basic XSL framework it is relatively easy to tweak it to appear different. If you build in CSS support you can even change the look and feel by modifying the CSS and not the XSL. Plus, if you use JRun it has a built in XSLT taglib for doing the conversion (although it is only about 3 lines using Xerces/Xalan). Too bad my site is down right now since my site (DSL) re-initialized my IP and I don't know what it is.
I also found the XML Pocket Reference book pretty handy to have around (although a bit slim on explanations).
Also, anyone know what is up with the slashdot.xml file? It doesn't seem to be updating as often lately. I thought this was automated in the code. Am I wrong?
-JFS
I used to do this sort of thing for Andersen Consulting about 3 years ago. The base platform we used was HP OpenView, Seagate NerveCenter and BMC Patrol. I believe it was Patrol that handled the event correlation for us. I'm not sure if these products are still around or not , it has been quite a while.
Anyway, the idea was to reduce the amount of damage a network outage could cause. For example if the route hosting your path to your servers failed it is better to get a page or notification simply for that and not for the 20 server that are no longer responding. It also allowed for an automatic escallation method such that if the server did not respond to a ping the system would wait for a minute to see if it was just a packet drop vs. a real outage.
The programming was pretty simple. Pick your events and then tell the system how they correlate. Then if it reaches level X have it generate a new event for the base system to handle. It was actually pretty simple and was more drag and drop than real programming. The programming came when you wanted the system to check something that was not one of the normal services. For example, making sure that the LDAP service was still up and authenticating. As long as you can program a way to communicate with the correlation and collection engine (HP OpenView as the base--the other products ran on top of that) you would be fine. The stuff I wrote generally included a mix of SNMP traps via Perl. Although I did not write an expanded MIB to acutally handle this, I simple repurposed some existing ones and then tweaked the sent messages and parsed it with the engine. For what we were doing speed was better than perfection (at least according to my manager at the time).
We also kept data stores of other SNMP type things (performance type data) which were then analyzed by a nightly SAS run. But that is slightly off topic.
-Joel