	US 11,943,295 B2
	Single bi-directional point of policy control, administration, interactive queries, and security protections
Nicolas Ruflin, Untersiggenthal (CH); and Pier-Hugues Pellerin, Montreal (CA)
Assigned to Elasticsearch B.V., Amsterdam (NL)
Filed by Elasticsearch B.V., Mountain View, CA (US)
Filed on Jan. 7, 2021, as Appl. No. 17/143,881.
Application 17/143,881 is a continuation in part of application No. 16/379,356, filed on Apr. 9, 2019.
Prior Publication US 2021/0152636 A1, May 20, 2021
Int. Cl. H04L 67/1097 (2022.01); H04L 67/101 (2022.01); H04L 67/104 (2022.01); H04L 67/5682 (2022.01); H04L 67/75 (2022.01)

CPC H04L 67/1097 (2013.01) [H04L 67/101 (2013.01); H04L 67/1044 (2013.01); H04L 67/5682 (2022.05); H04L 67/75 (2022.05)]

16 Claims

1. A method for configuring and managing data shipper agents, the method comprising:

receiving a list of one or more data shipper agents installed on one or more edge nodes associated with a user, the data shipper agents configured to collect multiple types of data from other network machines related to processes running on the one or more edge nodes;

providing a graphical user interface (GUI), the GUI enabling the user to configure the one or more data shipper agents;

receiving, via the GUI, from the user, selections of configuration parameters associated with at least one of the one or more data shipper agents, the configuration parameters representing one or more tasks assigned to the at least one of the one or more data shipper agents;

monitoring a status of the one or more data shipper agents;

based on the monitoring, providing a notification to the user prompting the user to change the configuration parameters associated with the at least one of the one or more data shipper agents;

receiving a configuration of the at least one of the one or more data shipper agents, the configuration being reconfigurable through the GUI using a configuration application programming interface (API), wherein a first portion of data to be collected by the at least one of the one or more data shipper agents is set in the configuration;

analyzing the first portion of data and generating a plurality of recommendations based on the analyzing, the plurality of recommendations comprising advice to collect a second portion of more granular data connected to processes or services running on the one or more edge nodes to provide the user with details relevant to any processes running on the one or more edge nodes and with recommendations from the plurality of recommendations concerning both increasing system performance and improving security protection;

receiving, via the GUI, from the user, a change to the selections of configuration parameters associated with the at least one of the one or more data shipper agents in response to the plurality of recommendations; and

based on the configuration parameters, automatically reconfiguring the configuration of the at least one of the one or more data shipper agents.