公开(公告)号：US11886844B1

公开(公告)日：2024-01-30

申请号：US17950848

申请日：2022-09-22

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Sydney Flak ,  Colin Fagan ,  Jeffery Roberts ,  Govinda Salinas ,  Philip Royer

IPC: G06F9/44 ,  G06F8/36 ,  G06F9/445 ,  G06F8/658 ,  G06F8/71

CPC classification number: G06F8/36 ,  G06F8/658 ,  G06F8/71 ,  G06F9/44521

Abstract: Techniques are described for enabling users of an information technology (IT) and security operations application to create highly reusable custom functions for playbooks. The creation and execution of playbooks using an IT and security operations application generally enables users to automate operations related to an IT environment responsive to the identification of various types of incidents or other triggering conditions. Users can create playbooks to automate operations such as, for example, modifying firewall settings, quarantining devices, restarting servers, etc., to improve users' ability to efficiently respond to various types of incidents operational issues that arise from time to time in IT environments.

公开(公告)号：US12120124B1

公开(公告)日：2024-10-15

申请号：US17588843

申请日：2022-01-31

Applicant: Splunk Inc.

Inventor： Jacob Davis ,  Dekel Shahaff ,  Jeffrey Roecks ,  Sydney Flak ,  Navya Mehta ,  Ian Forrest ,  Sydney Karimi ,  Elton Xue

IPC: G06F8/20 ,  G06F8/30 ,  G06F8/33 ,  G06F8/41 ,  G06F8/71 ,  H04L9/40 ,  G06F8/72 ,  G06F8/77 ,  G06F11/34 ,  G06F11/36

CPC classification number: H04L63/105 ,  G06F8/30 ,  G06F8/71 ,  H04L63/102 ,  G06F8/33 ,  G06F8/72 ,  G06F8/77 ,  G06F11/3438 ,  G06F11/3688 ,  G06F11/3692

Abstract: Techniques are described for providing a built-in “app” editor for an information technology (IT) and security operations application that enables users to create, modify, and test operation of apps under development within the editor. Some IT and security operations applications enable users to extend the applications by adding connectivity to third party technologies to run custom actions. For example, a user might create a custom app to enable an IT and security operations application to connect to an external service providing information about malicious Internet Protocol (IP) addresses, to connect to a relevant cloud provider service, or to interact with a firewall or other type of computing device used in a user's computing environment. Given the broad set of technologies that can be orchestrated by an IT and security operations application, apps broadly enable users to add custom functionality to interface with virtually any technology of interest.

公开(公告)号：US12164889B1

公开(公告)日：2024-12-10

申请号：US18539646

申请日：2023-12-14

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Sydney Flak ,  Colin Fagan ,  Jeffery Roberts ,  Govinda Salinas ,  Philip Royer

IPC: G06F9/44 ,  G06F8/36 ,  G06F8/658 ,  G06F8/71 ,  G06F9/445

Abstract: Techniques are described for enabling users of an information technology (IT) and security operations application to create highly reusable custom functions for playbooks. The creation and execution of playbooks using an IT and security operations application generally enables users to automate operations related to an IT environment responsive to the identification of various types of incidents or other triggering conditions. Users can create playbooks to automate operations such as, for example, modifying firewall settings, quarantining devices, restarting servers, etc., to improve users' ability to efficiently respond to various types of incidents operational issues that arise from time to time in IT environments.

公开(公告)号：US11429354B2

公开(公告)日：2022-08-30

申请号：US17082676

申请日：2020-10-28

Applicant: Splunk Inc.

Inventor： Allison Drake ,  Daniel Trenker ,  Sydney Flak

IPC: G06F9/44 ,  G06F8/34 ,  H04L9/40 ,  G06F9/451 ,  G06F9/54

Abstract: Techniques are described for enabling users to add custom code function blocks and multi-prompt blocks to customizable playbooks that can be executed by an orchestration, automation, and response (OAR) platform. At a high level, a playbook comprises computer program code and possibly other data that can be executed by an OAR platform to carry out an automated set of actions. A playbook is comprised of one or more functions or codeblocks, where each codeblock contains program code that performs defined functionality when the codeblock is encountered during execution of the playbook of which it is a part. For example, a first codeblock may implement an action that is performed relative to one or more IT assets, another codeblock might filter data generated by the first codeblock in some manner, and so forth.

公开(公告)号：US11768666B1

公开(公告)日：2023-09-26

申请号：US17871493

申请日：2022-07-22

Applicant: Splunk Inc.

Inventor： Allison Drake ,  Daniel Trenker ,  Sydney Flak

IPC: G06F9/44 ,  G06F8/34 ,  H04L9/40 ,  G06F9/451 ,  G06F9/54

CPC classification number: G06F8/34 ,  G06F9/451 ,  G06F9/543 ,  H04L63/101

Abstract: Techniques are described for enabling users to add custom code function blocks and multi-prompt blocks to customizable playbooks that can be executed by an orchestration, automation, and response (OAR) platform. At a high level, a playbook comprises computer program code and possibly other data that can be executed by an OAR platform to carry out an automated set of actions. A playbook is comprised of one or more functions or codeblocks, where each codeblock contains program code that performs defined functionality when the codeblock is encountered during execution of the playbook of which it is a part. For example, a first codeblock may implement an action that is performed relative to one or more IT assets, another codeblock might filter data generated by the first codeblock in some manner, and so forth.

公开(公告)号：US11487513B1

公开(公告)日：2022-11-01

申请号：US16945574

申请日：2020-07-31

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Sydney Flak ,  Colin Fagan ,  Jeffery Roberts ,  Govinda Salinas ,  Philip Royer

IPC: G06F9/44 ,  G06F8/36 ,  G06F9/445 ,  G06F8/71 ,  G06F8/658

Abstract: Techniques are described for enabling users of an information technology (IT) and security operations application to create highly reusable custom functions for playbooks. The creation and execution of playbooks using an IT and security operations application generally enables users to automate operations related to an IT environment responsive to the identification of various types of incidents or other triggering conditions. Users can create playbooks to automate operations such as, for example, modifying firewall settings, quarantining devices, restarting servers, etc., to improve users' ability to efficiently respond to various types of incidents operational issues that arise from time to time in IT environments.