公开(公告)号：US20210191909A1

公开(公告)日：2021-06-24

申请号：US17191436

申请日：2021-03-03

Applicant: Splunk Inc.

Inventor： Gleb ESMAN

IPC: G06F16/21 ,  G06F16/248 ,  G06F3/0482

Abstract: A schema consistency mechanism monitors data ingested by a data intake and query system for changes to the structure, or data schema, associated with the data. A schema consistency monitor obtains data from a data source (or, more generally, from any number of separate data sources) at a plurality of points in time. The data is analyzed to determine whether a first portion of the data received at a first point in time conforms to a first data schema and that a second portion of the data received at a second point in time conforms to a second data schema that is different from the first data schema (thereby indicating a change to the associated data schema). A graphical user interface (GUI) can be generated that includes indications of identified changes to one or more data schemas associated with data.

公开(公告)号：US20200226607A1

公开(公告)日：2020-07-16

申请号：US16836358

申请日：2020-03-31

Applicant: Splunk Inc.

Inventor： Gleb ESMAN

IPC: G06Q20/40 ,  H04L29/06

Abstract: Various embodiments of the present invention set forth techniques for monitoring risk in a computing system. The technique includes creating one or more risk objects, where each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment. The technique further includes receiving a selection of a first risk object included in the one or more risk objects and receiving a first risk definition that corresponds to the first risk object. The technique further includes performing a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data and performing an action based on identifying the risk.

公开(公告)号：US20180316695A1

公开(公告)日：2018-11-01

申请号：US15582564

申请日：2017-04-28

Applicant: Splunk Inc.

Inventor： Gleb ESMAN

IPC: H04L29/06 ,  G06Q20/40

Abstract: Various embodiments of the present invention set forth techniques for monitoring risk in a computing system. The technique includes creating one or more risk objects, where each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment. The technique further includes receiving a selection of a first risk object included in the one or more risk objects and receiving a first risk definition that corresponds to the first risk object. The technique further includes performing a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data and performing an action based on identifying the risk.

公开(公告)号：US20180300465A1

公开(公告)日：2018-10-18

申请号：US15665301

申请日：2017-07-31

Applicant: Splunk Inc.

Inventor： Gleb ESMAN

IPC: G06F21/31 ,  G06F21/32 ,  G06N3/02

Abstract: Embodiments of the present invention set forth a technique for predicting fraud based on multiple inputs including user behavior biometric data along with one or more other parameters associated with the user. The technique includes receiving cursor movement data generated via a client device. The technique further includes generating a image based on the cursor movement data. The technique further includes receiving client parameters generated via the client device. The technique further includes analyzing the image and the client parameters based on a model to generate a prediction result, where the model is generated based on second cursor movement data and a second set of client parameters associated with a first group of one or more users. The technique further includes determining, based on the prediction result, that a user of the client device is not a member of the first group.