WSO2 Complex Event Processor is succeeded by WSO2 Stream Processor. To view the latest documentation for WSO2 SP, see WSO2 Stream Processor Documentation.
Skip to end of metadata
Go to start of metadata


This sample demonstrates how to use external time windows for a fraud detection use-case. In this sample, we look for two or more transactions done within a very short period of time and send an alert immediately when such an occurrence is detected.

The query used in this sample is as follows:

from atm_transactions#window.externalTime(meta_timestamp, 60 sec)
select cardNumber, count(cardNumber) as transactionCount, sum(amount) as totalAmount 
group by cardNumber   
insert current events into transactions_per_card ;			
from transactions_per_card[transactionCount > 1] 
select cardNumber, transactionCount, totalAmount 
insert into alert_stream;

The first query uses a 60-second external time window, which keeps events based on the time of the meta_timestamp attribute. Upon arrival of each new event, it gets a count of the transactions so far (last 60 seconds), sum of the amount per each card and emits the results to an intermediate stream named transactions_per_card.

The second query looks for the condition where more than one transaction has taken place for a specific card and sends an alert. 


See Prerequisites in CEP Samples Setup page.

Building the sample

Start the WSO2 CEP server with the sample configuration numbered 0114. For instructions, see Starting sample CEP configurations. This sample configuration does the following:

  • Points the default Axis2 repo to <CEP_HOME>/samples/cep/artifacts/0114 (by default, the Axis2 repo is <CEP_HOME>/repository/deployment/server).

Executing the sample

  1. Open a terminal, go to <CEP_HOME>/samples/cep/producers/wso2-event and run the following command:

    ant -DstreamId=org.wso2.sample.atm.transactions:1.0.0 -Dsn=0114

    It builds and runs the wso2event producer, which sends sample ATM transaction events to the CEP server.

  2. From the terminal opened, see the details of the events sent. 

    To configure host, port, username, password use -Dhost=xxxx -Dport=xxxx -Dusername=xxxx -Dpassword=xxxx

  3. After sending events, you can see the outputs from the CEP console (the outputs are logged by the logger which we use for this sample), given below is part of the console output of the logger when sending events from the producer.


  • No labels