| CPC H04L 43/04 (2013.01) [G06F 8/61 (2013.01); G06F 16/951 (2019.01); H04L 43/0817 (2013.01); H04L 43/14 (2013.01)] | 24 Claims |
|
1. A computer-implemented method comprising:
receiving a first input to configure a first system monitoring program, the first input indicating a plurality of computing devices for monitoring, wherein the first input is received after initial activation of the first system monitoring program;
executing, by the first system monitoring program, a first search query to search data generated by the plurality of computing devices, wherein the first system monitoring program executes the first search query using a first computing device operating as a search head and a second computing device operating as an indexer, wherein the search head is configured to process the first search query, and wherein the indexer is configured to store the data generated by the plurality of computing devices;
generating, using a result of the first search query, one or more entity-level metrics for each of the plurality of computing devices;
outputting for display the one or more entity-level metrics;
at a point in time after generating the one or more entity-level metrics, receiving a second input to activate a second system monitoring program, wherein, upon activation, the second system monitoring program is configured to monitor the plurality of computing devices;
executing, by the second system monitoring program, a second search query, wherein the second search query correlates the one or more entity-level metrics to produce one or more system-level metrics for the plurality of computing devices, wherein the second system monitoring program executes the second search query using the first computing device operating as the search head and the second computing device operating as the indexer; and
outputting for display the one or more system-level metrics.
|