Facilitating custom content extraction rule configuration for remote capture agents

Invention Grant

US11115505B2 Facilitating custom content extraction rule configuration for remote capture agents 有权

Please log in to see more content

Patent Title: Facilitating custom content extraction rule configuration for remote capture agents
Application No.: US16404644

Application Date: 2019-05-06
Publication No.: US11115505B2

Publication Date: 2021-09-07
Inventor: Fang I. Hsiao , Clayton S. Ching , Michael R. Dickey , Vladimir A. Shcherbakov , Clint Sharp
Applicant: Splunk Inc.
Applicant Address: US CA San Francisco
Assignee: Splunk Inc.
Current Assignee: Splunk Inc.
Current Assignee Address: US CA San Francisco
Agency: Nicholson De Vos Webster & Elliott LLP
Main IPC: H04L29/06
IPC: H04L29/06 ; H04L12/26

Facilitating custom content extraction rule configuration for remote capture agents

Abstract:

The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.

Public/Granted literature

US20190268446A1 FACILITATING CUSTOM CONTENT EXTRACTION RULE CONFIGURATIONFOR REMOTE CAPTURE AGENTS Public/Granted day:2019-08-29

Information query

Espacenet