公开(公告)号：US11822640B1

公开(公告)日：2023-11-21

申请号：US17347025

申请日：2021-06-14

Applicant: Splunk Inc.

Inventor： Jagannath Kerai ,  Rama Gopalan

IPC: G06F21/45 ,  G06F21/62 ,  G06F21/30 ,  H04L9/40

CPC classification number: G06F21/45 ,  G06F21/30 ,  G06F21/62 ,  G06F21/6218 ,  G06F21/6227 ,  H04L63/10

Abstract: Provided are systems and methods for verifying user credentials for performing a search. Verifying user credentials include receiving a search request at a search server, determining, at the search server, whether a set of user credentials of a user has been updated within a threshold period of time. The set of user credentials are received from an identity provider server and cached at the search server. Responsive to determining that the cached set of user credentials have not been updated within the threshold period of time, the identity provider server is queried for a current set of user credentials associated with the user. The current set of user credentials from the identity provider server, and used to determine that the user is authorized to perform the search. The search of the datastore is launched responsive to determining that the user is authorized.

公开(公告)号：US11556592B1

公开(公告)日：2023-01-17

申请号：US17236855

申请日：2021-04-21

Applicant: Splunk Inc.

Inventor： Anish A. Shrigondekar ,  Eric Bond ,  Dhananjay Koshe ,  Jagannath Kerai ,  Michael C. Lin

IPC: G06F7/00 ,  G06F16/903 ,  G06F16/901 ,  G06F16/904 ,  G06F16/25

Abstract: Disclosed herein is a data estimation technique for a data intake and query system. The system receives user inputs indicative that a first data source is to be the subject of a storage related estimate. The system receives a first plurality of events generated by the first data source. The system indexes only a sample of the received first plurality of events, based on a sampling criterion, where the sample is fewer than all of the first plurality of events. The system generates the storage related estimate based on at least some of the first plurality of events, and causes an indication of the estimate to be output to a user.

公开(公告)号：US11550829B2

公开(公告)日：2023-01-10

申请号：US16353886

申请日：2019-03-14

Applicant: Splunk Inc

Inventor： Vishal Patel ,  Jagannath Kerai ,  Hasan Alayli

IPC: G06F17/00 ,  G06F16/31 ,  G06F16/17

Abstract: The present invention is related to a method for providing dynamic indexer discovery. The method comprises receiving, from an index manager, a status indication associated with a plurality of indexers, wherein each of the plurality of indexers indexes events of raw machine-generated data received from a plurality of data collectors. The method further comprises determining a weight associated with each of the plurality of indexers and selecting an indexer from the plurality of indexers. Subsequently, the method comprises allocating data to the indexer in accordance with a respective weight assigned to the indexer and transmitting the allocated data to the indexer.

公开(公告)号：US09853946B2

公开(公告)日：2017-12-26

申请号：US14806510

申请日：2015-07-22

Applicant: Splunk Inc.

Inventor： Hassan Alayli ,  Jagannath Kerai

IPC: G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  H04L29/06 ,  G06F17/30

CPC classification number: H04L63/029 ,  G06F17/30312 ,  G06F17/30424 ,  G06F17/30557 ,  H04L63/08

Abstract: Disclosed herein are a method, apparatus and system that authenticate a first data forwarder, of a distributed machine data acquisition and search system (MDASS), to a node that regulates traversal of a firewall that protects a protected environment within which the data forwarder operates. The authentication may be performed by using a SOCKS5 authentication process. The method further includes, only after successful completion of the SOCKS5 authentication process, establishing a first connection, through a network, between the first data forwarder and a first indexer of the distributed MDASS, where the first indexer operates outside the protected environment, and sending machine data acquired by the first data forwarder from a machine data source, to the first indexer via the first connection.

公开(公告)号：US20170026340A1

公开(公告)日：2017-01-26

申请号：US14806510

申请日：2015-07-22

Applicant: Splunk Inc.

Inventor： Hassan Alayli ,  Jagannath Kerai

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04L63/029 ,  G06F17/30312 ,  G06F17/30424 ,  G06F17/30557 ,  H04L63/08

Abstract: Disclosed herein are a method, apparatus and system that authenticate a first data forwarder, of a distributed machine data acquisition and search system (MDASS), to a node that regulates traversal of a firewall that protects a protected environment within which the data forwarder operates. The authentication may be performed by using a SOCKS5 authentication process. The method further includes, only after successful completion of the SOCKS5 authentication process, establishing a first connection, through a network, between the first data forwarder and a first indexer of the distributed MDASS, where the first indexer operates outside the protected environment, and sending machine data acquired by the first data forwarder from a machine data source, to the first indexer via the first connection.

Abstract translation: 本文公开了一种方法，装置和系统，其将分布式机器数据获取和搜索系统（MDASS）的第一数据转发器认证到调节保护数据转发器在其中运行的受保护环境的防火墙的遍历的节点。 可以通过使用SOCKS5认证处理来执行认证。 该方法还包括仅在SOCKS5认证过程成功完成之后，通过网络建立第一数据转发器与分布式MDASS的第一索引器之间的第一连接，其中第一索引器在受保护的环境之外操作，并且发送 由第一数据转发器从机器数据源获取的机器数据通过第一连接到第一分度器。