Configuring generation of time-series event data from network packets captured by remote capture agent

Inventors

• Fang I. Hsiao · Berkeley, US
• Wei Jiang · Redmond, US
• Vladimir A. Shcherbakov · Pleasanton, US
• Ramkumar Chandrasekharan · Saratoga, US
• Clayton S. Ching · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/75
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Disclosed embodiments receive an event stream from a remote capture agent. The event stream includes timestamped event data generated by the remote capture agent based on network traffic monitored by the remote capture agent. A graphical user interface (GUI) is caused to be displayed for obtaining configuration information for configuring the generation of time-series event data from network packets captured by the remote capture agent. A set of statistics is generated from the time-series event data, and the configuration information is updated to trigger subsequent storage and processing of at least a portion of the event stream by one or more components on a network based on one or more of the statistics, a storage limit associated with the time-series event data, an index volume of the event stream, a historical trend associated with the statistics, or input through the GUI.