Mapping application services
You can create an application services map by exploring connections from a single process.
By default, the endpoint database for Map, endpoint maps, and application maps contain 24 hours worth of data. To change these values, go to the Map Overview page, click Settings , then the Time Range tab. These values apply to all maps and endpoint databases for Map.
An application service consists of one or more application components, which are processes that are running on your servers. After you install and configure Map on your endpoints, application discovery occurs automatically to identify a list of entry points into your application services. By default, this list contains any processes with recorded connections into TCP ports 80, 443, 17472, or 17473. To add ports to application discovery, see Update application discovery ports.
- On the Map Overview page, go to the Application Discovery section.
- Identify the process that you want to explore. To view the endpoints that are running the process, expand the section. To view connections from this process to other application components, click Explore.
- A visual map of the process that you explored appears. You can see connections to and from this process to other application components. Generally, the map is in application layers, flowing from left to right. For example, a web application might show the left side as application clients, then the web server, application server, and back-end database server.
- (Optional) To re-center the map, click Center .
To view the list of components on the Application Discovery page, click the Application Components tab. For each application component, this tab displays the name, process, command line, and number of endpoints on which the process is running.
To view details about a component, click the component in the map. Details about the component are displayed, including type, process name, port, command line that was used to run the process, and a list of endpoints that are running the component.
To customize the component labels, save or edit the map.
To view a list of connections between the application components, click the Application Connections tab. This table displays a list of source and destination IPs, commands, and processes, and the port that is used to communicate.
To drill down to details about an individual connection, click an edge between components in the map.
- Click Save Map.
- Enter Map details, including an application service name, priority, and a description. The Priority is a user-assigned value that is in relation to other maps that you created.
- Select application components to display in the Map. To remove a component, clear the check box next to the label. You can customize a label for any component to give it a recognizable name, such as myapp front end. Click Save.
By default, application discovery finds processes with recorded connections on TCP ports: 80, 443, 17472, or 17473. To update this list, go to Settings and click the Application Discovery tab. To add a port, type a port number in the list and press enter. To remove a port, click Remove .
Last updated: 5/20/2022 3:52 PM | Feedback