ESClient partitioning

My team has received a bit of instruction in the past about how to use ESClients for Endpoint Security tasks. The source suggested using multiple ESClients but not too many. I think the proposed limit was 40. The question is this: how can I determine what warrants a new ESClient? For example, consider an app that has 30 concurrent tasks of type A, a task of type B, a task of type C, and a task of type D. Should each task type gets its own ESClient? Should the tasks of type A be divided between multiple ESClients?

Can you deliver any additional guidance on this?

Up vote post of maggie_z Down vote post of maggie_z
434 views
Posted by
maggie_z
Reply
Add a Comment

Replies

I think the proposed limit was 40.

Yikes! That’s way more than I’d want to use.

What sort of benefit are you expecting to get by using multiple clients? I would’ve thought that it’s be more efficient to have a single client and then demultiplex your events within that.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment