Inferring application inventory
First Claim
Patent Images
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program, when executed, causing the at least one computing device to at least:
- obtain a disk configuration of one of a plurality of machine instances executing a plurality of applications;
obtain a network traffic permissions configuration of the one of machine instances, the network traffic permissions configuration defining at least one of an open port, a set of network addresses, or a networking protocol for which the one of the machine instances is configured to accept network traffic;
obtain a network traffic routing configuration associated with one of the machine instances, the network traffic routing configuration defining a network traffic flow between the one of the machine instances and a distinct one of the machine instances;
identify, without an internal inspection of the machine instance, a first one of the applications based at least in part on the disk configuration, the network traffic routing configuration, the network traffic permissions configuration, and an identification of a second one of the applications;
store an identification of the first one of the applications as one of a plurality of identifications stored in a data store;
generate an analytics report embodying the identifications.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for an application inventory application. Computing resource usage data and configuration data is obtained for machine instances executed in a cloud computing architecture. The usage data and configuration data are used as factors to identify applications executed in the machine instance. Reports embodying the application identifications are generated.
-
Citations
24 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program, when executed, causing the at least one computing device to at least:
-
obtain a disk configuration of one of a plurality of machine instances executing a plurality of applications; obtain a network traffic permissions configuration of the one of machine instances, the network traffic permissions configuration defining at least one of an open port, a set of network addresses, or a networking protocol for which the one of the machine instances is configured to accept network traffic; obtain a network traffic routing configuration associated with one of the machine instances, the network traffic routing configuration defining a network traffic flow between the one of the machine instances and a distinct one of the machine instances; identify, without an internal inspection of the machine instance, a first one of the applications based at least in part on the disk configuration, the network traffic routing configuration, the network traffic permissions configuration, and an identification of a second one of the applications; store an identification of the first one of the applications as one of a plurality of identifications stored in a data store; generate an analytics report embodying the identifications. - View Dependent Claims (2, 3)
-
-
4. A system, comprising:
-
at least one computing device configured to at least; obtain data embodying an interoperability between at least a subset of a plurality of machine instances, the data comprising a disk configuration, a network traffic routing configuration, a network traffic permissions configuration, and an identification of a first application; generate an identification for at least one second application executed in one of the machine instances based at least in part on the data without an internal inspection of the machine instance. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method, comprising:
-
obtaining, in one or more computing devices, data embodying operational interoperability between a subset of a plurality of machine instances executing at least one application, the data comprising a disk configuration, a network traffic routing configuration, a network traffic permissions configuration, and an identification of another application; and identifying, in the computing device, the at least one application based at least in part on the data without an internal inspection of the plurality of machine instances. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
Specification