Invention Application
- Patent Title: FACILITATING CUSTOM CONTENT EXTRACTION RULE CONFIGURATION FOR REMOTE CAPTURE AGENTS
-
Application No.: US17466665Application Date: 2021-09-03
-
Publication No.: US20220124183A1Publication Date: 2022-04-21
- Inventor: Fang I. Hsiao , Clayton S. Ching , Michael R. Dickey , Vladimir A. Shcherbakov , Clint Sharp
- Applicant: Splunk Inc.
- Applicant Address: US CA San Francisco
- Assignee: Splunk Inc.
- Current Assignee: Splunk Inc.
- Current Assignee Address: US CA San Francisco
- Main IPC: H04L69/22
- IPC: H04L69/22 ; H04L43/028
Abstract:
The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.
Public/Granted literature
- US11973852B2 Generating event data at remote capture agents based on identified network addresses Public/Granted day:2024-04-30
Information query
