公开(公告)号：US11450419B1

公开(公告)日：2022-09-20

申请号：US16399610

申请日：2019-04-30

Applicant: Splunk Inc.

Inventor： Gleb Esman

IPC: G16H20/13 ,  G06F3/04842 ,  G06F3/0482

Abstract: Medication security and healthcare privacy analytics systems are described that enable users to search for and process stored healthcare environment data. The medication security and healthcare privacy analytics systems receive and correlate data from a plurality of data sources, including medication dispensing systems, healthcare employee records, and patient records, including user behavior or interaction data with the foregoing data sources. The medication security and healthcare privacy analytics systems include graphical user interfaces (GUIs) that enable users to select elements to filter the processed healthcare environment data and generate visualizations of filtered datasets. The visualizations are created using datasets generated by clustering algorithms and can indicate those users from a plurality of users whose interactions with various systems are anomalous (e.g., indicative of unexpected or non-customary user behavior).

公开(公告)号：US11449371B1

公开(公告)日：2022-09-20

申请号：US16945645

申请日：2020-07-31

Applicant: Splunk Inc.

Inventor： Shalabh Goyal ,  Anish Shrigondekar ,  Bhavin Thaker ,  Zhenghui Xie ,  Ruochen Zhang

IPC: G06F9/54 ,  G06F11/34 ,  G06F11/30

Abstract: As an indexer indexes and groups events, it can generate data slices that include events. Based on a slice rollover policy, the indexer can add a particular slice to an aggregate slice. Based on an aggregate slice backup policy, the indexer can store a copy of the aggregate slice to a shared storage system. The aggregate slice can be used for restore purposes in the event the indexer fails or becomes unresponsive.

公开(公告)号：US20220292021A1

公开(公告)日：2022-09-15

申请号：US17652635

申请日：2022-02-25

Applicant: Splunk Inc.

Inventor： Ledion Bitincka ,  Alexandros Batsakis ,  Paul J. Lucas ,  Nicholas Robert Romito

IPC: G06F12/0875 ,  G06F16/172 ,  G06F16/951 ,  G06F16/957 ,  G06F3/06 ,  G06F12/0802 ,  G06F16/14 ,  G06F12/0862 ,  G06F12/0866 ,  G06F12/0868 ,  G06F12/0871 ,  G06F12/0873

Abstract: Embodiments are disclosed for performing cache aware searching. In response to a search query, a first bucket and a second bucket in remote storage for processing the search query. A determination is made that a first file in the first bucket is present in a cache when the search query is received. In response to the search query, a search is performed using the first file based on the determination that the first file is present in the cache when the search query is received, and the search is performed using a second file from the second bucket once the second file is stored in the cache.

公开(公告)号：USD963676S1

公开(公告)日：2022-09-13

申请号：US29768596

申请日：2021-01-29

Applicant: SPLUNK Inc.

Designer： Uladzimir Bahatyrevich ,  Anthony Barbato

公开(公告)号：US11442935B2

公开(公告)日：2022-09-13

申请号：US16397930

申请日：2019-04-29

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Arindam Bhattacharjee ,  Asha Andrade

IPC: G06F16/00 ,  G06F16/2453 ,  G06F16/2455 ,  G06F9/50 ,  G06F16/2458

Abstract: Systems and methods are described for determining a record generation estimate related to a particular processing task. The system obtains a sample set of data that includes multiple records. The system applies a processing task, such as a transform or regular expression rule to the sample set of data and determines how many records are generated by the processing task. Based on the number of records generated, the system determines a record generation estimate. The system can use the record generation estimate to allocate compute resources or determine a query execution time for at least a portion of the query based on the record generation estimate.

公开(公告)号：US11436116B1

公开(公告)日：2022-09-06

申请号：US16778511

申请日：2020-01-31

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis ,  Mehul Goyal ,  Ashish Mathew ,  Douglas Rapp ,  Igor Stojanovski ,  Eric Woo

IPC: G06F11/00 ,  G06F11/30 ,  G06F16/182 ,  G06F11/32 ,  G06F16/17

Abstract: Systems and methods are described for improving data availability and/or resiliency of indexers of a data intake and query system. A data intake and query system can index large amounts of data using one or more indexers. An indexer can store a copy of the data that the indexer is assigned to process in the shared storage system, and a cluster master can track the storage of the data and the indexer assigned to process the data. In the event an indexer fails or is otherwise unable to index data that it has been assigned to index, the cluster master can assign one or more second indexers to process the data. The second indexer can download the data from the shared storage system.

公开(公告)号：US11429354B2

公开(公告)日：2022-08-30

申请号：US17082676

申请日：2020-10-28

Applicant: Splunk Inc.

Inventor： Allison Drake ,  Daniel Trenker ,  Sydney Flak

IPC: G06F9/44 ,  G06F8/34 ,  H04L9/40 ,  G06F9/451 ,  G06F9/54

Abstract: Techniques are described for enabling users to add custom code function blocks and multi-prompt blocks to customizable playbooks that can be executed by an orchestration, automation, and response (OAR) platform. At a high level, a playbook comprises computer program code and possibly other data that can be executed by an OAR platform to carry out an automated set of actions. A playbook is comprised of one or more functions or codeblocks, where each codeblock contains program code that performs defined functionality when the codeblock is encountered during execution of the playbook of which it is a part. For example, a first codeblock may implement an action that is performed relative to one or more IT assets, another codeblock might filter data generated by the first codeblock in some manner, and so forth.

公开(公告)号：US11416561B1

公开(公告)日：2022-08-16

申请号：US16429044

申请日：2019-06-02

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  David Wayman ,  Kavita Varadarajan

IPC: G06F16/906 ,  H04L9/40 ,  G06F16/907 ,  G06F16/9038 ,  G06F16/11 ,  G06F3/0482

Abstract: Techniques are described for enabling analysts and other users of an IT operations platform to identify certain data objects managed by the platform (for example, events, files, notes, actions results, etc.) as “evidence” when such data objects are believed to be of particular significance to an investigation or other matter. For example, an event generated based on data ingested from an anti-virus service and representing a security-related incident might include artifacts indicating an asset identifier, a hash value of a suspected malicious file, a file path on the infected endpoint, and so forth. An analyst can use various interfaces and interface elements of an IT operations platform to indicate which of such events and/or artifacts, if any, represent evidence in the context of the investigation that the analyst is conducting. In response, the IT operations platform can perform various automated actions.

公开(公告)号：US11410403B1

公开(公告)日：2022-08-09

申请号：US17163148

申请日：2021-01-29

Applicant: SPLUNK INC.

Inventor： Devin Bhushan ,  Jesse Chor ,  Glen Wong

IPC: G09G5/00 ,  G06T19/20 ,  G06F3/01 ,  G06T3/00 ,  G06F3/04845 ,  G06F3/0346

Abstract: A mobile device is fitted with a camera and an extended reality (XR) software application program executing on a processor within an XR system. Via the XR software application program, various techniques are performed for manipulating virtual objects in an XR environment. In a first technique, the XR software application program facilitates the movement of a virtual object from a first location to a second location. In a second technique, the XR software application program facilitates the rotation of a virtual object. In a third technique, the XR software application program facilitates the scaling of a virtual object along one or more axes.

公开(公告)号：US11409756B1

公开(公告)日：2022-08-09

申请号：US16147714

申请日：2018-09-29

Applicant: Splunk Inc.

Inventor： Isabelle Park ,  Horst Werner

IPC: G06F16/00 ,  G06F7/00 ,  G06F16/248 ,  G06F16/23 ,  G06F16/28 ,  G06F16/904

Abstract: An integrated data analytics tool is described that enables users to efficiently create and communicate data analysis flows or storylines. The data analytics tool includes graphical user interfaces (GUIs) that enable users to create data analysis “pipelines” that serve as both a visual and technical representation of a data analysis flow. Among other features, a data analysis pipeline enables users to easily add and link related data visualizations in a pipeline, to update datasets and filters associated with data visualizations in a pipeline and to have those updates be propagated automatically to other visualizations in the pipeline, and to create side-by-side comparisons of visualizations based on different datasets/filters. Users presented with such data visualization pipelines can also interact with the visualizations and dynamically update a displayed analysis by selecting different datasets, filters, pipeline paths, and so forth.