公开(公告)号：US12181956B1

公开(公告)日：2024-12-31

申请号：US18208879

申请日：2023-06-12

Applicant: Splunk Inc.

Inventor： Kristal Curtis ,  William Deaderick ,  Wei J. Gao ,  Tanner Gilligan ,  Chandrima Sarkar ,  Aleksander Stojanovic ,  Ralph Donald Thompson ,  Poonam Yadav ,  Sichen Zhong

IPC: G06F11/30 ,  G06F11/07 ,  G06F18/21 ,  G06F18/214

Abstract: Systems and methods are disclosed that are directed to improving the prioritization, display, and viewing of system alerts through the use of machine learning techniques to group the alerts and further to prioritize the groupings. Additionally, a graphical user interface is generated that illustrates the prioritized listing of the plurality of groupings. Thus, a system administrator or other user receives an improved experience as the number of notifications provided to the system administrator are reduced due to the grouping of individual alerts into related groupings and further due to the prioritization of the groupings. Previously, or in current technology, system alerts may be automatically generated and provided immediately to a system administrator. In some instances, any advantage of detecting system errors or system monitoring provided by the alerts is negated by the vast number of alerts and provision of minimally important alerts in a manner that concealed more important alerts.

公开(公告)号：US20250028737A1

公开(公告)日：2025-01-23

申请号：US18222863

申请日：2023-07-17

Applicant: Splunk Inc.

Inventor： Houwu Bai ,  Kristal Curtis ,  William Deaderick ,  Tanner Gilligan ,  Poonam Yadav ,  Om Rajyaguru

IPC: G06F16/28 ,  G06F16/2458

Abstract: Computerized methodologies are disclosed that are directed to detecting anomalies within a time-series data set. An aspect of the anomaly detection process includes determining one or more seasonality patterns that correspond to a specific time-series data set by evaluating a set of candidate seasonality patterns (e.g., hourly, daily, weekly, day-start off-sets, etc.). The evaluation of a candidate seasonality pattern may include dividing the time-series data set into a collection of subsequences based on the particular candidate seasonality pattern. Further, the collection of subsequences may be divided into clusters and a silhouette score may be computed to measure the clustering quality of the candidate seasonality pattern. In some instances, the candidate seasonality pattern having the highest silhouette score is selected and utilized in anomaly detection process. In other instances, a plurality of seasonality patterns may be combined forming a time policy, where the time policy is utilized in anomaly detection process.

公开(公告)号：US12158880B1

公开(公告)日：2024-12-03

申请号：US17978153

申请日：2022-10-31

Applicant: SPLUNK, INC.

Inventor： Kristal Curtis ,  William Deaderick ,  Tanner Gilligan ,  Joseph Ross ,  Abraham Starosta ,  Sichen Zhong

IPC: G06F16/22 ,  G06F16/242 ,  G06F16/2458 ,  G06F16/28

Abstract: Implementations of this disclosure provide an anomaly detection system and methods of performing anomaly detection on a time-series dataset. The anomaly detection may include utilization of a forecasting machine learning algorithm to obtain a prediction of points of the dataset and comparing the predicted value of a point in the dataset with the actual value to determine an error value associated with that point. Additionally, the anomaly detection may include determination of a sensitivity threshold that impacts whether points within the dataset associated with certain error values are flagged as anomalies. The forecasting machine learning algorithm may implement a seasonality component determination process that accounts for seasonality or patterns in the dataset. A search query statement may be automatically generated through importing the sensitivity threshold into a predetermined search query statement that implements that forecasting machine learning algorithm.

公开(公告)号：US20250028618A1

公开(公告)日：2025-01-23

申请号：US18222870

申请日：2023-07-17

Applicant: Splunk Inc.

Inventor： Houwu Bai ,  Kristal Curtis ,  William Deaderick ,  Tanner Gilligan ,  Poonam Yadav ,  Om Rajyaguru

IPC: G06F11/34 ,  G06F11/30 ,  G06F16/23 ,  G06F16/2458

Abstract: Computerized methodologies are disclosed that are directed to detecting anomalies within a time-series data set. A first aspect of the anomaly detection process includes analyzing the regularity of the data points of the time-series data set and determining whether a data aggregation process is to be performed based on the regularity of the data points, which results in a time-series data set having data points occurring at regular intervals. A seasonality pattern may be determined for the time-series data set, where a silhouette score is computed to measure the quality of the fit of the seasonality pattern to the time-series data. The silhouette score may be compared to a threshold and based on the comparison, the seasonality pattern or a set of heuristics may be utilized in an anomaly detection process. When the seasonality pattern is utilized, the seasonality pattern may be utilized to generate thresholds indicating anomalous behavior.

公开(公告)号：US11714698B1

公开(公告)日：2023-08-01

申请号：US17587877

申请日：2022-01-28

Applicant: Splunk, Inc.

Inventor： Kristal Curtis ,  William Deaderick ,  Wei Jie Gao ,  Tanner Gilligan ,  Chandrima Sarkar ,  Alexander Stojanovic ,  Ralph Donald Thompson ,  Sichen Zhong ,  Poonam Yadav

IPC: G06F11/30 ,  G06F11/07 ,  G06F18/214 ,  G06F18/21

CPC classification number: G06F11/0781 ,  G06F11/0769 ,  G06F18/214 ,  G06F18/2178

Abstract: A computerized method is disclosed for generating a prioritized listing of alerts based on scoring by a machine learning model and retraining the model based on user feedback. Operations of the method include receiving a plurality of alerts, generating a score for each of the plurality of alerts through evaluation of each of the plurality of alerts by a machine learning model, generating a prioritized listing of the plurality of alerts based on the generated scores, receiving user feedback on the prioritized listing, retraining the machine learning model based on the user feedback by generating a set of labeled alert pairs, wherein a labeled alert pair includes a first alert, a second alert, and an indication as to which of the first alert or the second alert is a higher priority in accordance with the user feedback, and evaluating subsequently received alerts with the retrained machine learning model.

公开(公告)号：US11687438B1

公开(公告)日：2023-06-27

申请号：US17248612

申请日：2021-01-29

Applicant: Splunk Inc.

Inventor： Ian Edward Torbett ,  Lila Fridley ,  Tristan Antonio Fletcher ,  Ayyappa Muthusami ,  Tanner Gilligan

IPC: G06F11/34 ,  G06F11/30 ,  G06F11/32

CPC classification number: G06F11/3466 ,  G06F11/3075 ,  G06F11/324 ,  G06F11/3428

Abstract: Systems and methods are described for performing adaptive thresholding on key performance indicator (KPI) values using an online machine learning algorithm as the KPI values or the data from which the KPI values are derived is being ingested. For example, the system can identify outliers in a moving window of KPI values. To implement the adaptive thresholding, the system may identify seasonality and/or trend components in historical KPI values. When a new KPI value is obtained, the system may remove the identified seasonality and/or trend components from the KPI value, and determine whether the modified KPI value is an outlier using sketches or quantiles. The system can then repeat this process for each subsequently received KPI value.

公开(公告)号：US11663109B1

公开(公告)日：2023-05-30

申请号：US17384491

申请日：2021-07-23

Applicant: SPLUNK INC.

Inventor： William Deaderick ,  Tanner Gilligan ,  Joseph Ari Ross

IPC: G06F11/34 ,  G06F16/245 ,  G06F11/30

CPC classification number: G06F11/3452 ,  G06F11/3006 ,  G06F16/245

Abstract: Embodiments are directed to facilitating identifying seasonal frequencies. In particular, a set of candidate seasonal frequencies associated with a time series data set are determined based on ACF peaks identified in association with a representation of the time series data set. Thereafter, the filters are applied to analyze the candidate seasonal frequencies and update the candidate seasonal frequencies by removing any candidate seasonal frequencies that fail a filter. An example filter can include comparing ACF peaks with peaks associated with SDF peaks. Thereafter, a candidate seasonal frequency of the updated candidate seasonal frequencies can be identified as a seasonal frequency for the time series data set, and such a seasonal frequency can be provided (e.g., to a user or another process) for use in performing data analysis.