CPC G06F 21/554 (2013.01) [G06F 21/552 (2013.01); H04L 63/20 (2013.01); G06F 2221/034 (2013.01)] | 20 Claims |
1. A computer-implemented method for operating an endpoint agent at an endpoint device, comprising:
providing the endpoint device with an endpoint agent, the endpoint device and the endpoint agent providing a protected endpoint, the endpoint agent comprising an endpoint core and one or more collectors, each collector comprising a configuration engine, a business logic analytics module communicating with the configuration engine, an ingress filter communicating with the business logic analytics module and an egress filter communicating with the business logic analytics module;
operating the endpoint agent to selectively subscribe, using the business logic analytics module and the ingress filter of the endpoint agent, to events corresponding to activities occurring at an endpoint platform, the ingress filter being configured by the configuration engine to pass through subscribed events for selective processing by the endpoint agent;
processing events received from a message bus by the endpoint agent, wherein the events processed by the endpoint agent are events to which the endpoint agent has subscribed; and
communicating, to a service, information corresponding to the events processed by the endpoint agent, the communicating being performed using a service connector of the endpoint agent that provides a communication path to the service; and wherein
the endpoint core and one or more endpoint collectors of the endpoint agent cooperate with one another as resources of a unified endpoint system; and
the endpoint core dynamically reconfigures at least one of the endpoint collectors and the endpoint agent during operation of the endpoint device to prevent at least one of overutilization and underutilization of the resources of the unified endpoint system.
|