公开(公告)号：US10572541B2

公开(公告)日：2020-02-25

申请号：US15955990

申请日：2018-04-18

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Hemendra Singh Choudhary ,  Clint Sharp

IPC: G06F15/173 ,  G06F16/903 ,  G06Q10/06 ,  H04L29/08 ,  G06F16/26 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L12/24 ,  G06F11/34 ,  G06F11/32 ,  G06F17/30 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  G06T11/20

Abstract: Techniques are disclosed for providing an aggregate key performance indicator (KPI) that spans multiple services and for providing adjustment to KPI factors via a GUI that enables an aggregate KPI to be configured with feedback that better characterizes the performance of the services. The GUI may enable selection of KPIs and adjustment to weights (e.g., importance) associated with the KPIs. The weight of a KPI may affect the influence a value of the KPI has on the calculation of an aggregate KPI value (e.g., score). The GUI may provide near real-time feedback concerning the effect the weights have on the aggregate KPI value by displaying the aggregate KPI value (e.g., score) and updating the aggregate KPI value as the weights are adjusted.

公开(公告)号：US10334085B2

公开(公告)日：2019-06-25

申请号：US14609292

申请日：2015-01-29

Applicant: Splunk Inc.

Inventor： Fang I Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Clint Sharp

IPC: H04L12/26 ,  H04L29/06

Abstract: The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.

公开(公告)号：US20160226944A1

公开(公告)日：2016-08-04

申请号：US14609292

申请日：2015-01-29

Applicant: SPLUNK INC.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Clint Sharp

IPC: H04L29/06 ,  H04L12/26

CPC classification number: H04L69/22 ,  H04L43/028 ,  H04L43/0876

Abstract: The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.

Abstract translation: 所公开的实施例提供了一种用于从网络分组中提取定制内容的系统。 在操作过程中，系统接收到一个数据包流。 然后系统解析流中的数据包，以确定每个数据包的协议。 接下来，系统对与目标协议相关联的每个分组应用自定义内容提取规则以获得提取的内容。 然后，系统将所提取的内容存储在数据存储器中的事件中，以便于涉及提取的内容的后续查询。

公开(公告)号：US10956362B1

公开(公告)日：2021-03-23

申请号：US16177358

申请日：2018-10-31

Applicant: SPLUNK INC.

Inventor： Clint Sharp ,  Petter Eriksson ,  Ledion Bitincka ,  Jason Szeto ,  Elizabeth Lin ,  Nima Haddadkaveh

IPC: G06F16/00 ,  G06F16/11 ,  G06F16/22

Abstract: Raw data in distributed servers is divided into groups of data called buckets containing raw data that have timestamps that fall within a specific time range. When a bucket becomes inactive a server can archive the bucket to an external storage system. The external storage system containing archived data may be specified in a search query. Archived data from the external storage system is obtained, processed, and a search performed on the processed archived data using the search query.

公开(公告)号：US10521409B2

公开(公告)日：2019-12-31

申请号：US15663747

申请日：2017-07-29

Applicant: Splunk Inc.

Inventor： Leonid Alekseyev ,  Brent Boe ,  Clint Sharp

IPC: H04L12/24 ,  G06F16/22 ,  G06F9/54 ,  G06F16/16 ,  G06F16/245 ,  G06F16/23 ,  G06F3/0484

Abstract: A computer system exposes an interface for the specification of filter criteria. The filter criteria may identify control information of a service monitoring system (SMS) that defines entities in an IT environment monitored by the SMS. An association of identified entities with a monitored service may be made to direct the ongoing operation of the SMS toward the service.

公开(公告)号：US10152480B2

公开(公告)日：2018-12-11

申请号：US14611225

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Clint Sharp ,  Petter Eriksson ,  Ledion Bitincka ,  Jason Szeto ,  Elizabeth Lin ,  Nima Haddadkaveh

IPC: G06F17/30

Abstract: Raw data in distributed servers is divided into groups of data called buckets containing raw data that have timestamps that fall within a specific time range. When a bucket becomes inactive a server can archive the bucket to an external storage system. The external storage system containing archived data may be specified in a search query. Archived data from the external storage system is obtained, processed, and a search performed on the processed archived data using the search query.

公开(公告)号：US20180089290A1

公开(公告)日：2018-03-29

申请号：US15339912

申请日：2016-10-31

Applicant: Splunk Inc.

Inventor： Thomas Allan Haggie ,  Clint Sharp ,  Alexander Douglas James ,  David Ryan Marquardt ,  Hailun Yan ,  Christopher Pride ,  Vishal Patel ,  Amrittpal Singh Bath ,  Pratiksha Shah ,  Murugan Kandaswamy ,  Steve Yu Zhang ,  Ledion Bitincka ,  David E. Simmen ,  Marc Andre Chene ,  Esguerra Ma Kharisma ,  Igor Stojanovski

IPC: G06F17/30

CPC classification number: G06F16/248 ,  G06F3/0481 ,  G06F16/22 ,  G06F16/2228 ,  G06F16/2255 ,  G06F16/2425 ,  G06F16/2455 ,  G06F16/24568 ,  G06F16/2462 ,  G06F16/2477 ,  G06F16/25 ,  G06F16/285 ,  G06F16/8373 ,  G06F16/901 ,  G06F16/90335 ,  G06F16/9038 ,  G06F16/951 ,  G06F16/9535 ,  G06T11/206 ,  G06T2200/24 ,  H04L43/08 ,  H04L67/02 ,  H04L67/025

Abstract: The disclosed embodiments include a method performed by a data intake and query system. The method includes ingesting each metric including at least one key value and a measured value taken of a computing resource, and storing each metric in an index of a metrics store, where the index defines at least one dimension populated with the at least one key value and a measure populated with the measured value. The method further includes cataloging metadata in a metrics catalog, where the metadata is related to the metrics stored in the metrics store, performing an analysis of metrics data included in the metrics store and/or the metrics catalog to obtain results, and causing display of the results or an indication of the results on a display device.

公开(公告)号：US20170270132A1

公开(公告)日：2017-09-21

申请号：US14611227

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Clint Sharp ,  Jesse Miller ,  Jason Szeto ,  Nima Haddadkaveh

IPC: G06F17/30

CPC classification number: G06F16/134 ,  G06F16/148 ,  G06F16/168 ,  G06F16/182

Abstract: A search support system allows a customer to browse data contained in files stored on an external storage system. The search support system allows a customer to specify data processing tasks to be performed on raw data retrieved from a file stored on the external storage system. The customer specifies each data processing task and the search support system performs each task as it is selected by the customer on raw data retrieved from the file. The search support system concurrently displays the results of each data processing task in real time in a graphical user interface. The search support system saves the customer's settings as a late binding schema that can be applied to raw data retrieved from the external storage system in order to parse the raw data and to create, index, and search timestamped events derived from the raw data.

公开(公告)号：US09491059B2

公开(公告)日：2016-11-08

申请号：US14800675

申请日：2015-07-15

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Clint Sharp

IPC: G06F15/16 ,  H04L12/24 ,  H04L29/08 ,  G06F3/0482 ,  G06F3/0484 ,  H04L12/26 ,  G06Q10/06

CPC classification number: H04L41/5032 ,  G06F3/0482 ,  G06F3/04842 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/12 ,  H04L41/22 ,  H04L41/5006 ,  H04L41/5009 ,  H04L43/04 ,  H04L43/045 ,  H04L43/16 ,  H04L67/16 ,  H04L67/2809

Abstract: Techniques are disclosed for providing a topology navigator that may enable a user to view performance information for multiple IT services associated with a user's IT environment. The topology navigator may include multiple display components for displaying information about the services. A first display component may display multiple services as a graph of interdependent service nodes and a second display component may display information about one or more of the service nodes. The topology navigator may enable a user to visually inspect the aggregate KPI (e.g., health score) of multiple services to identify dependent services that are of interest (e.g., low performance) and navigate through the services to identify dependent services that may adversely affect a service of interest to the user. In one example, the second display component may display key performance indicators (KPIs) associated with the dependent service and the user may select one or more of the KPIs to add them to another display component for further analysis.

Abstract translation: 公开了用于提供拓扑导航器的技术，其可以使得用户能够查看与用户的IT环境相关联的多个IT服务的性能信息。 拓扑导航器可以包括用于显示关于服务的信息的多个显示组件。 第一显示组件可以将多个服务显示为相互依赖的服务节点的图，并且第二显示组件可以显示关于一个或多个服务节点的信息。 拓扑导航器可以使用户能够目视地检查多个服务的聚合KPI（例如，健康评分）以识别感兴趣的依赖服务（例如，低性能），并且浏览服务以识别可能不利地影响 用户感兴趣的服务。 在一个示例中，第二显示组件可以显示与依赖服务相关联的关键性能指标（KPI），并且用户可以选择一个或多个KPI以将它们添加到另一显示组件以进一步分析。

公开(公告)号：US20160224570A1

公开(公告)日：2016-08-04

申请号：US14611225

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Clint Sharp ,  Petter Eriksson ,  Ledion Bitincka ,  Jason Szeto ,  Elizabeth Lin ,  Nima Haddadkaveh

IPC: G06F17/30

CPC classification number: G06F17/30073 ,  G06F17/30336 ,  G06F17/30427

Abstract: Raw data in distributed servers is divided into groups of data called buckets containing raw data that have timestamps that fall within a specific time range. When a bucket becomes inactive a server can archive the bucket to an external storage system. The external storage system containing archived data may be specified in a search query. Archived data from the external storage system is obtained, processed, and a search performed on the processed archived data using the search query.

Abstract translation: 分布式服务器中的原始数据被划分为称为存储桶的数据组，其中包含具有落在特定时间范围内的时间戳的原始数据。 当桶变为不活动时，服务器可以将存储桶存储到外部存储系统。 可以在搜索查询中指定包含归档数据的外部存储系统。 获取，处理来自外部存储系统的存档数据，并使用搜索查询对已处理归档数据执行搜索。