公开(公告)号：US20150227614A1

公开(公告)日：2015-08-13

申请号：US14691195

申请日：2015-04-20

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Philip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nocholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F17/30

CPC classification number: G06F17/30604 ,  G06F11/3476 ,  G06F17/2785 ,  G06F17/30368 ,  G06F17/30477 ,  G06F17/30507 ,  G06F17/30525 ,  G06F17/30551 ,  G06F17/30598 ,  G06F17/30619 ,  G06F17/30657 ,  G06F17/30705 ,  G06K9/6217 ,  H04L63/1425 ,  H04L63/20

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

Abstract translation: 与本发明一致的方法和设备提供组织和构建由各种信息处理环境生成的机器数据的理解的能力。 机器数据是信息处理系统（例如，活动日志，配置文件，消息，数据库记录）的产物，并且表示已经发生并以原始数据格式记录的特定事件的证据。 在一个实施例中，机器数据通过将机器数据组织到事件中并将事件链接在一起而变成机器数据网。

公开(公告)号：US20150227612A1

公开(公告)日：2015-08-13

申请号：US14691135

申请日：2015-04-20

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Philip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nocholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F17/30 ,  H04L29/08 ,  G06F17/27

CPC classification number: G06F17/30604 ,  G06F11/3476 ,  G06F17/2785 ,  G06F17/30368 ,  G06F17/30477 ,  G06F17/30507 ,  G06F17/30525 ,  G06F17/30551 ,  G06F17/30598 ,  G06F17/30619 ,  G06F17/30657 ,  G06F17/30705 ,  G06K9/6217 ,  H04L63/1425 ,  H04L63/20

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

公开(公告)号：US20150154250A1

公开(公告)日：2015-06-04

申请号：US14611228

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Phillip Murphy ,  Stephen Phillip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nicholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F17/30 ,  G06F17/22

CPC classification number: G06F16/285 ,  G06F11/3476 ,  G06F16/2358 ,  G06F16/2455 ,  G06F16/24564 ,  G06F16/24573 ,  G06F16/2477 ,  G06F16/288 ,  G06F16/316 ,  G06F16/3331 ,  G06F16/35 ,  G06F17/2785 ,  G06F2216/03 ,  G06K9/6217 ,  H04L63/1425 ,  H04L63/20

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

Abstract translation: 与本发明一致的方法和设备提供组织和构建由各种信息处理环境生成的机器数据的理解的能力。 机器数据是信息处理系统（例如，活动日志，配置文件，消息，数据库记录）的产物，并且表示已经发生并以原始数据格式记录的特定事件的证据。 在一个实施例中，机器数据通过将机器数据组织到事件中并将事件链接在一起而变成机器数据网。

公开(公告)号：US08943056B2

公开(公告)日：2015-01-27

申请号：US14266831

申请日：2014-05-01

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Philip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nicholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F17/30 ,  G06F7/00 ,  G06F17/22 ,  G06K9/62 ,  G06F11/34

CPC classification number: G06F17/30604 ,  G06F11/3476 ,  G06F17/2785 ,  G06F17/30368 ,  G06F17/30477 ,  G06F17/30507 ,  G06F17/30525 ,  G06F17/30551 ,  G06F17/30598 ,  G06F17/30619 ,  G06F17/30657 ,  G06F17/30705 ,  G06K9/6217 ,  H04L63/1425 ,  H04L63/20

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

公开(公告)号：US20140236971A1

公开(公告)日：2014-08-21

申请号：US14266839

申请日：2014-05-01

Applicant: Splunk Inc.

Inventor： R. David Carasso ,  Micah James Delfino ,  Johnvey Hwang

IPC: G06F7/24

CPC classification number: G06F7/24 ,  G06F17/30551

Abstract: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.

Abstract translation: 实施例针对具有先前提供的提取规则的指示的事件记录的实时显示。 可以向系统提供多个提取规则，诸如自动生成和/或用户创建的提取规则。 这些提取规则可以包括正则表达式。 可以向用户显示多个事件记录，使得在事件记录的显示中强调由提取规则定义的字段中的文本。 对于重叠字段中的文本可以提供相同的重点，或者对于不同领域的重点可能有些不同。 用户界面可以使得用户能够选择事件记录的文本的一部分，例如通过滚动或点击事件记录的被强调部分。 通过选择事件记录的部分，界面可以显示与所选部分相关联的每个提取规则。

公开(公告)号：US08694450B2

公开(公告)日：2014-04-08

申请号：US13664109

申请日：2012-10-30

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Phillip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nicholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F15/18

CPC classification number: G06F17/30604 ,  G06F11/3476 ,  G06F17/2785 ,  G06F17/30368 ,  G06F17/30477 ,  G06F17/30507 ,  G06F17/30525 ,  G06F17/30551 ,  G06F17/30598 ,  G06F17/30619 ,  G06F17/30657 ,  G06F17/30705 ,  G06K9/6217 ,  H04L63/1425 ,  H04L63/20

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

Abstract translation: 与本发明一致的方法和设备提供组织和构建由各种信息处理环境生成的机器数据的理解的能力。 机器数据是信息处理系统（例如，活动日志，配置文件，消息，数据库记录）的产物，并且表示已经发生并以原始数据格式记录的特定事件的证据。 在一个实施例中，机器数据通过将机器数据组织到事件中并将事件链接在一起而变成机器数据网。

公开(公告)号：US20130054596A1

公开(公告)日：2013-02-28

申请号：US13664109

申请日：2012-10-30

Applicant: SPLUNK INC.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Phillip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nicholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F17/30

CPC classification number: G06F17/30604 ,  G06F11/3476 ,  G06F17/2785 ,  G06F17/30368 ,  G06F17/30477 ,  G06F17/30507 ,  G06F17/30525 ,  G06F17/30551 ,  G06F17/30598 ,  G06F17/30619 ,  G06F17/30657 ,  G06F17/30705 ,  G06K9/6217 ,  H04L63/1425 ,  H04L63/20

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

Abstract translation: 与本发明一致的方法和设备提供组织和构建由各种信息处理环境生成的机器数据的理解的能力。 机器数据是信息处理系统（例如，活动日志，配置文件，消息，数据库记录）的产物，并且表示已经发生并以原始数据格式记录的特定事件的证据。 在一个实施例中，机器数据通过将机器数据组织到事件中并将事件链接在一起而变成机器数据网。

公开(公告)号：US11782678B1

公开(公告)日：2023-10-10

申请号：US17384467

申请日：2021-07-23

Applicant: Splunk Inc.

Inventor： R. David Carasso ,  Micah James Delfino ,  Johnvey Hwang

IPC: G06F3/048 ,  G06F7/24 ,  G06F16/2458

CPC classification number: G06F7/24 ,  G06F16/2477

Abstract: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.

公开(公告)号：US11709850B1

公开(公告)日：2023-07-25

申请号：US17443892

申请日：2021-07-28

Applicant: SPLUNK INC.

Inventor： R. David Carasso ,  Micah James Delfino

IPC: G06F17/00 ,  G06F16/2458 ,  G06F16/901 ,  G06F40/284

CPC classification number: G06F16/2477 ,  G06F16/9014 ,  G06F40/284

Abstract: Embodiments are directed towards a graphical user interface identify locations within event records with splittable timestamp information. A display of event records is provided using any of a variety of formats. A splittable timestamp selector allows a user to select one or more locations within event records as having time related information that may be split across the one or more locations, including, information based on date, time of day, day of the week, or other time information. Any of a plurality of mechanisms is used to associate the selected locations with the split timestamp information, including tags, labels, or header information within the event records. In other embodiments, a separate table, list, index, or the like may be generated that associates the selected locations with the split timestamp information. The split timestamp information may be used within extraction rules for selecting subsets or the event records.

公开(公告)号：US20230205791A1

公开(公告)日：2023-06-29

申请号：US18178417

申请日：2023-03-03

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Phillip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nicholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F16/28 ,  G06F9/54

CPC classification number: G06F16/285 ,  G06F9/54 ,  G06F9/541 ,  G06F9/542

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.