公开(公告)号：US10942946B2

公开(公告)日：2021-03-09

申请号：US16049757

申请日：2018-07-30

Applicant: Splunk Inc.

Inventor： Adam Jamison Oliner ,  Kristal Curtis ,  Iman Makaremi ,  Ross Andrew Lazerowitz

IPC: H04L12/24 ,  G06F16/28 ,  G06F16/21 ,  G06F9/54 ,  G06Q10/06 ,  G06Q10/00 ,  G06F16/903 ,  G06Q10/10 ,  H04L29/08

Abstract: Machine data of an operating environment is conveyed by a network to a data intake and query system (DIQS) which reflects the machine data as timestamped entries of a field-searchable datastore. Monitoring functionality may search the machine data to identify notable event instances. A notable event processing system correlates the notable event instance to one or more triaging models which are executed against the notable event to produce a modeled result. Information of the received notable event and the modeled results are combined into an enhanced representation of a notable event instance. The enhanced representation conditions downstream processing to automatically perform or assist triaging of notable event instances to optimize application of computing resources to highest priority conditions in the operating environment.

公开(公告)号：US12014255B1

公开(公告)日：2024-06-18

申请号：US18334996

申请日：2023-06-14

Applicant: Splunk Inc.

Inventor： Iryna Vogler-Ivashchanka ,  Iman Makaremi

IPC: G06N20/00 ,  G06F16/9038 ,  G06F17/18

CPC classification number: G06N20/00 ,  G06F16/9038 ,  G06F17/18

Abstract: Techniques are described for providing a machine learning (ML) data analytics application including guided ML workflows that facilitate the end-to-end training and use of various types of ML models, where such guided workflows may also be referred to as ML “experiments.” One such model is an outlier detection model to assist in the monitoring of computer network traffic and computer performance. For example, the ML data analytics application may generate an outlier detection model using user-identified data from a data source and parameter information. The generates outlier detection model can include distribution functions of distribution types selected from a plurality of distribution types by a distribution fitting algorithm.

公开(公告)号：US11921799B1

公开(公告)日：2024-03-05

申请号：US18162632

申请日：2023-01-31

Applicant: Splunk Inc.

Inventor： Iman Makaremi ,  Gyanendra Rana ,  Iryna Vogler-Ivashchanka ,  Adam Oliner ,  Harsh Keswani ,  Manish Sainani ,  Alexander Kim

IPC: H04L41/069 ,  G06F16/2458 ,  G06F16/951 ,  G06F40/30 ,  H04L41/0686 ,  H04L67/01 ,  H04L67/141

CPC classification number: G06F16/951 ,  G06F16/2471 ,  G06F40/30 ,  H04L41/0686 ,  H04L41/069 ,  H04L67/01 ,  H04L67/141

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of an automatic data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive the disparate data and ingest certain of the data as measurement entries of a DIQS metrics datastore that is searchable for DIQS query processing. The DIQS may receive search queries to process against the received and ingested data via an exposed network interface. In one example embodiment, a query building component conducts a user interface using a network attached client device. The query building component may elicit search criteria via the user interface using a natural language interface, construct a proper query therefrom, and present new information based on results returned from the DIQS.

公开(公告)号：US11720824B1

公开(公告)日：2023-08-08

申请号：US17969538

申请日：2022-10-19

Applicant: Splunk Inc.

Inventor： Iryna Vogler-Ivashchanka ,  Iman Makaremi

IPC: G06N20/00 ,  G06F16/9038 ,  G06F17/18

CPC classification number: G06N20/00 ,  G06F16/9038 ,  G06F17/18

Abstract: Techniques are described for providing a machine learning (ML) data analytics application including guided ML workflows that facilitate the end-to-end training and use of various types of ML models, where such guided workflows may also be referred to as ML “experiments.” One such model is an outlier detection model to assist in the monitoring of computer network traffic and computer performance. For example, the ML data analytics application may generate an outlier detection model using user-identified data from a data source and parameter information. The generates outlier detection model can include distribution functions of distribution types selected from a plurality of distribution types by a distribution fitting algorithm.

公开(公告)号：US11537942B1

公开(公告)日：2022-12-27

申请号：US16528478

申请日：2019-07-31

Applicant: Splunk Inc.

Inventor： Iryna Vogler-Ivashchanka ,  Iman Makaremi

IPC: G06N20/00 ,  G06F16/9038 ,  G06F17/18

Abstract: Techniques are described for providing a machine learning (ML) data analytics application including guided ML workflows that facilitate the end-to-end training and use of various types of ML models, where such guided workflows may also be referred to as ML “experiments.” One such model is an outlier detection model to assist in the monitoring of computer network traffic and computer performance. For example, the ML data analytics application may generate an outlier detection model using user-identified data from a data source and parameter information. The generates outlier detection model can include distribution functions of distribution types selected from a plurality of distribution types by a distribution fitting algorithm.

公开(公告)号：US20200320145A1

公开(公告)日：2020-10-08

申请号：US16904168

申请日：2020-06-17

Applicant: SPLUNK Inc.

Inventor： Iman Makaremi ,  Gyanendra Rana ,  Iryna Vogler-Ivashchanka ,  Adam Oliner ,  Harsh Keswani ,  Manish Sainani ,  Alexander Kim

IPC: G06F16/951 ,  H04L12/24 ,  H04L29/08 ,  H04L29/06 ,  G06F16/2458 ,  G06F40/30

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of an automatic data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive the disparate data and ingest certain of the data as measurement entries of a DIQS metrics datastore that is searchable for DIQS query processing. The DIQS may receive search queries to process against the received and ingested data via an exposed network interface. In one example embodiment, a query building component conducts a user interface using a network attached client device. The query building component may elicit search criteria via the user interface using a natural language interface, construct a proper query therefrom, and present new information based on results returned from the DIQS.

公开(公告)号：US20180349482A1

公开(公告)日：2018-12-06

申请号：US16049748

申请日：2018-07-30

Applicant: Splunk Inc.

Inventor： Adam Jamison Oliner ,  Kristal Curtis ,  Iman Makaremi ,  Ross Andrew Lazerowitz

IPC: G06F17/30 ,  G06F9/451

CPC classification number: G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30964 ,  G06Q10/06393 ,  G06Q10/20 ,  H04L41/0604 ,  H04L41/0681 ,  H04L41/069 ,  H04L41/22 ,  H04L41/5009 ,  Y04S10/54

Abstract: Network connections are established between machines of an operating environment to be monitored and a server group of a data intake and query system (DIQS). Data reflecting machine and component operations of the environment is conveyed via the network to the DIQS where it is reflected as timestamped entries in a field-searchable datastore. Monitoring components may search the datastore and identify and record instances of notable events. Triaging models are selectively applied against the notable event instances to produce an enhanced notable event instance representation with modeled results effective to automatically perform or assist in triaging the notable events so they are dispatched in an optimal, effective, and efficient, manner.

公开(公告)号：US12198021B2

公开(公告)日：2025-01-14

申请号：US17190751

申请日：2021-03-03

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Sergey Slepian ,  Iman Makaremi ,  Adam Jamison Oliner ,  Jacob Leverich ,  Di Lu

IPC: G06N20/00 ,  G06N5/025 ,  H04L41/00 ,  H04L41/16 ,  H04L41/22

Abstract: Disclosed herein is a computer-implemented tool that facilitates data analysis by use of machine learning (ML) techniques. The tool cooperates with a data intake and query system and provides a graphical user interface (GUI) that enables a user to train and apply a variety of different ML models on user-selected datasets of stored machine data. The tool can provide active guidance to the user, to help the user choose data analysis paths that are likely to produce useful results and to avoid data analysis paths that are less likely to produce useful results.

公开(公告)号：US11593443B1

公开(公告)日：2023-02-28

申请号：US17449545

申请日：2021-09-30

Applicant: SPLUNK INC.

Inventor： Iman Makaremi ,  Gyanendra Rana ,  Iryna Vogler-Ivashchanka ,  Adam Oliner ,  Harsh Keswani ,  Manish Sainani ,  Alexander Kim

IPC: H04L41/069 ,  H04L67/141 ,  H04L41/0686 ,  G06F16/951 ,  G06F16/2458 ,  G06F40/30 ,  H04L67/01

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of an automatic data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive the disparate data and ingest certain of the data as measurement entries of a DIQS metrics datastore that is searchable for DIQS query processing. The DIQS may receive search queries to process against the received and ingested data via an exposed network interface. In one example embodiment, a query building component conducts a user interface using a network attached client device. The query building component may elicit search criteria via the user interface using a natural language interface, construct a proper query therefrom, and present new information based on results returned from the DIQS.

公开(公告)号：US11188600B2

公开(公告)日：2021-11-30

申请号：US16904168

申请日：2020-06-17

Applicant: SPLUNK Inc.

Inventor： Iman Makaremi ,  Gyanendra Rana ,  Iryna Vogler-Ivashchanka ,  Adam Oliner ,  Harsh Keswani ,  Manish Sainani ,  Alexander Kim

IPC: G06F16/951 ,  H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  G06F16/2458 ,  G06F40/30

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of an automatic data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive the disparate data and ingest certain of the data as measurement entries of a DIQS metrics datastore that is searchable for DIQS query processing. The DIQS may receive search queries to process against the received and ingested data via an exposed network interface. In one example embodiment, a query building component conducts a user interface using a network attached client device. The query building component may elicit search criteria via the user interface using a natural language interface, construct a proper query therefrom, and present new information based on results returned from the DIQS.