公开(公告)号：US11704285B1

公开(公告)日：2023-07-18

申请号：US17163255

申请日：2021-01-29

Applicant: Splunk Inc.

Inventor： Adam Nicholas Lamar ,  Daniel Kokodoko ,  Jay Kabin Slay ,  Gayathri Pandyaram

IPC: G06F16/17 ,  G06F16/14 ,  G06F11/32 ,  G06F11/30 ,  G06F11/34

CPC classification number: G06F16/1734 ,  G06F11/3075 ,  G06F11/324 ,  G06F11/3409 ,  G06F16/144

Abstract: A data intake and query system establishes a network connection with an instrumented target system. The instrumented target system collects metrics in accordance with an instrumentation platform, whereby the instrumentation platform defines an instrumentation platform query. The metrics are stored in the data intake and query system. A data intake and query system query for a subset of metrics is transmitted. The data intake and query system query replicates the instrumentation platform query of the instrumentation platform. From the data store, log data for the instrumented target system, and correlated with the metrics to obtain correlated results.

公开(公告)号：US20230214386A1

公开(公告)日：2023-07-06

申请号：US18181900

申请日：2023-03-10

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Arindam Bhattacharjee

IPC: G06F16/2453 ,  G06F16/242 ,  G06F16/25 ,  G06F16/22

CPC classification number: G06F16/24535 ,  G06F16/2425 ,  G06F16/258 ,  G06F16/22

Abstract: Systems and methods are disclosed for receiving, at a data intake and query system, a query that includes an indication to process data managed by a third-party data storage and processing system that supports a different query language than the data intake and query system. The data intake and query system identifies a third-party data storage and processing system that manages the data to be processed and generates a subquery for execution by the third-party data storage and processing system, generates instructions for one or more worker nodes to receive and process results of the subquery from the third-party data storage and processing system, and instructs the worker nodes to provide results of the processing to the data intake and query system.

公开(公告)号：US11693761B1

公开(公告)日：2023-07-04

申请号：US17731327

申请日：2022-04-28

Applicant: SPLUNK INC.

Inventor： Mayank Agarwal ,  John Bley ,  Angel Colberg ,  Jonathan Dillman ,  Shashwat Sehgal ,  Justin Smith

IPC: G06F11/36 ,  G06F16/245 ,  G06F16/23

CPC classification number: G06F11/3636 ,  G06F16/2379 ,  G06F16/245

Abstract: A method of rendering a service graph responsive to a query comprises generating a plurality of frontend traces and a plurality of backend traces associated with an application or website. The method also comprises determining connection information between one or more frontend traces of the plurality of frontend traces and corresponding backend traces of the plurality of backend traces. Further, the method comprises consolidating the one or more frontend traces with the corresponding backend traces to form one or more end-to-end traces using the connection information. Responsive to the query, the method comprises retrieving a set of exemplary end-to-end traces from the one or more end-to-end traces and rendering a service graph in accordance with constraints applied in the query using the set of exemplary end-to-end traces and the connection information.

公开(公告)号：US11677780B2

公开(公告)日：2023-06-13

申请号：US17104537

申请日：2020-11-25

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Oliver Friedrichs ,  Atif Mahadik ,  Govind Salinas

IPC: H04L9/40 ,  G06F21/55 ,  G06F16/28 ,  H04L47/2425

CPC classification number: H04L63/1441 ,  G06F16/285 ,  G06F21/554 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/20 ,  H04L47/2425

Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.

公开(公告)号：US20230177062A1

公开(公告)日：2023-06-08

申请号：US18160901

申请日：2023-01-27

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer ,  Ruyuan Ge

IPC: G06F16/248 ,  G06F16/27 ,  G06F16/16 ,  G06F16/2455

CPC classification number: G06F16/248 ,  G06F16/27 ,  G06F16/164 ,  G06F16/2455

Abstract: Systems and methods are disclosed for generating one or more files to visualize query results. The systems and methods can include parsing one or more files that include one or more queries and computer-executable instructions for displaying results of the one or more queries. The one or more queries can identify a set of data to be processed and a manner of processing the set of data. The systems and methods can further include generating one or more files that include the results of the queries and computer-executable instructions for displaying one or more visualizations of the results.

公开(公告)号：US20230177047A1

公开(公告)日：2023-06-08

申请号：US18162646

申请日：2023-01-31

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Arindam Bhattacharjee

IPC: G06F16/2453 ,  G06F16/25 ,  G06F16/21 ,  G06F16/28 ,  G06F16/2455 ,  G06F16/2458 ,  G06F40/205

CPC classification number: G06F16/24535 ,  G06F16/25 ,  G06F16/219 ,  G06F16/288 ,  G06F16/24554 ,  G06F16/24568 ,  G06F16/2471 ,  G06F40/205

Abstract: Systems and methods are disclosed for executing a query that includes an indication to process data managed by an external data system. The system identifies the external data system that manages the data to be processed and generates a subquery for the external data system indicating that the results of the subquery are to be sent to one worker node of multiple worker nodes. The system instructs the one worker node to distribute the results received from the external data system to multiple worker nodes for processing.

公开(公告)号：US11669533B1

公开(公告)日：2023-06-06

申请号：US17376021

申请日：2021-07-14

Applicant: Splunk Inc.

Inventor： Li Li ,  Yongxin Su ,  Ting Yuan ,  Qian Jie Zhong ,  Yiyun Zhu

IPC: G06F16/2458 ,  H04L67/10 ,  G06F3/04847

CPC classification number: G06F16/2465 ,  G06F3/04847 ,  H04L67/10

Abstract: Embodiments of the present invention are directed to validating extraction rules. In embodiments, a set of events for which field extraction is desired is obtained. Thereafter, an extraction rule is applied to the set of events to extract fields of the events. The application of the extraction rule can be monitored to determine that the applied extraction rule is invalid. Based on the applied extraction rule being invalid, a new extraction rule can be generated to apply to the set of events.

公开(公告)号：US11663244B2

公开(公告)日：2023-05-30

申请号：US17448196

申请日：2021-09-20

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Bradley Hall ,  Brian Philip Murphy ,  Stephen Phillip Sorkin ,  Andre David Stechert ,  Erik M. Swan ,  Rory Greene ,  Nicholas Christian Mealy ,  Christina Frances Regina Noren

IPC: G06F9/54 ,  G06F16/28

CPC classification number: G06F16/285 ,  G06F9/54 ,  G06F9/541 ,  G06F9/542

Abstract: Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together.

公开(公告)号：US11658998B2

公开(公告)日：2023-05-23

申请号：US17306703

申请日：2021-05-03

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Oliver Friedrichs ,  Atif Mahadik ,  Govind Salinas

IPC: H04L9/40 ,  G06F21/55 ,  G06F16/28 ,  H04L47/2425

CPC classification number: H04L63/1441 ,  G06F16/285 ,  G06F21/554 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/20 ,  H04L47/2425

Abstract: Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.

公开(公告)号：US20230156093A1

公开(公告)日：2023-05-18

申请号：US18093980

申请日：2023-01-06

Applicant: SPLUNK Inc.

Inventor： Gergely Danyi ,  Joseph Ari Ross

IPC: H04L67/146 ,  G06F16/906 ,  G06F16/955

CPC classification number: H04L67/146 ,  G06F16/906 ,  G06F16/9566

Abstract: A method of normalizing URLs associated with a real user session comprises extracting uniform resource locators (URLs) from ingested spans where at least a portion of the URLs comprise unique URL strings. The method also comprises decomposing each of the URLs into a sequence of tokens and grouping together subsets of related URLs. Also, the method comprises representing each subset of related URLs with a normalized URL string.