公开(公告)号：US20160226720A1

公开(公告)日：2016-08-04

申请号：US15012848

申请日：2016-02-01

Applicant: Splunk Inc.

Inventor： Leonid Alexseyev ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: H04L12/24 ,  G06F17/30 ,  G06F3/0482 ,  H04L12/26 ,  G06F3/0484

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: Raw machine data are captured and may be organized as events. Entity definitions representing machine entities that perform a service identify the machine data pertaining to respective entities. KPI search queries each define a KPI. Each KPI search query derives one or more values for the KPI from machine data identified in the entity definitions. The derivation may be performed on a per-entity basis and on the aggregate. The derived values may then be translated into a state value domain using per-entity thresholds, aggregate thresholds, or a combination.

Abstract translation: 原始机器数据被捕获并且可以被组织为事件。 表示执行服务的机器实体的实体定义识别与各实体有关的机器数据。 KPI搜索查询每个定义一个KPI。 每个KPI搜索查询从实体定义中标识的机器数据中获取KPI的一个或多个值。 衍生可以在每个实体的基础上和聚合上进行。 然后可以使用每个实体阈值，聚合阈值或组合将派生值转换为状态值域。

公开(公告)号：US20160216855A1

公开(公告)日：2016-07-28

申请号：US15014017

申请日：2016-02-03

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F3/0482 ,  G06F3/0484

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F11/321 ,  G06F11/34 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16 ,  Y04S10/54

Abstract: A service monitoring system executing on one or more processors may have operations that are determined by control information. Control over the operation of the service monitoring system can be exerted through the use of a graphical interface. The graphical interface may present the control information of a new or existing correlation search definition for user interaction. The service monitoring system may maintain a data store of key performance indicator (KPI) data, where a KPI value in the data store is produced by a KPI-defining search query that derives the value from machine data associated with one or more entities that perform a monitored service. A correlation search definition of the service monitoring system determines how a search of the KPI data is conducted, how its data is evaluated to determine whether a triggering condition has been met, and, if so, determines what triggered action is to be initiated.

Abstract translation: 在一个或多个处理器上执行的服务监视系统可以具有由控制信息确定的操作。 可以通过使用图形界面来实现对服务监视系统的操作的控制。 图形界面可以呈现用于用户交互的新的或现有的相关搜索定义的控制信息。 服务监视系统可以维护关键性能指标（KPI）数据的数据存储，其中数据存储器中的KPI值由KPI限定搜索查询产生，该搜索查询从与执行的一个或多个实体相关联的机器数据获得值 受监控的服务。 服务监控系统的相关搜索定义确定如何进行KPI数据的搜索，如何对其数据进行评估以确定触发条件是否已被满足，如果是，则确定触发的动作将被启动。

公开(公告)号：US20160105330A1

公开(公告)日：2016-04-14

申请号：US14611200

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: H04L12/24 ,  G06F3/0484 ,  G06F3/0482 ,  H04L12/26 ,  G06F17/30

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices cause display of a graphical user interface (GUI) that includes a correlation search portion that enables a user to specify information for a key performance indicator (KPI) correlation search definition. The KPI correlation search definition includes search information and trigger determination information. The search information identifies KPI values, indicative of the KPI states, in a data store. The trigger determination information includes trigger criteria. The trigger determination evaluates the identified KPI values using the trigger criteria to determine whether to cause a defined action. A contribution threshold for a particular KPI definition is received via the GUI. The contribution threshold corresponds to a particular KPI state. The contribution threshold is stored as trigger criteria information. Each of the KPI values is derived from machine data pertaining to entities identified in a service definition using a search query specified by a KPI definition for the service.

Abstract translation: 一个或多个处理设备引起显示图形用户界面（GUI），该图形用户界面（GUI）包括能够使用户指定关键性能指标（KPI）相关搜索定义的信息的相关搜索部分。 KPI相关搜索定义包括搜索信息和触发确定信息。 搜索信息在数据存储中标识表示KPI状态的KPI值。 触发判定信息包括触发准则。 触发确定使用触发条件来评估所识别的KPI值，以确定是否导致定义的动作。 通过GUI接收特定KPI定义的贡献阈值。 贡献阈值对应于特定的KPI状态。 贡献阈值被存储为触发条件信息。 每个KPI值都是从使用由服务的KPI定义指定的搜索查询在服务定义中标识的实体的机器数据中导出的。

公开(公告)号：US10650051B2

公开(公告)日：2020-05-12

申请号：US15376516

申请日：2016-12-12

Applicant: Splunk Inc.

Inventor： Leonid Viktorovich Alekseyev ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: G06F16/903 ,  G06Q10/06 ,  H04L29/08 ,  G06F16/26 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L12/24 ,  G06F11/34 ,  G06F11/32 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  G06T11/20

Abstract: Raw machine data are captured and may be organized as events. Entity definitions representing machine entities that perform a service identify the machine data pertaining to respective entities. KPI search queries each define a KPI. Each KPI search query derives one or more values for the KPI from machine data identified in the entity definitions. The derivation may be performed on a per-entity basis and on the aggregate. The derived values may then be translated into a state value domain using per-entity thresholds, aggregate thresholds, or a combination.

公开(公告)号：US10152561B2

公开(公告)日：2018-12-11

申请号：US15014017

申请日：2016-02-03

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F15/173 ,  G06F17/30 ,  G06Q10/06 ,  H04L12/24 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  H04L29/08 ,  G06T11/20

Abstract: A service monitoring system executing on one or more processors may have operations that are determined by control information. Control over the operation of the service monitoring system can be exerted through the use of a graphical interface. The graphical interface may present the control information of a new or existing correlation search definition for user interaction. The service monitoring system may maintain a data store of key performance indicator (KPI) data, where a KPI value in the data store is produced by a KPI-defining search query that derives the value from machine data associated with one or more entities that perform a monitored service. A correlation search definition of the service monitoring system determines how a search of the KPI data is conducted, how its data is evaluated to determine whether a triggering condition has been met, and, if so, determines what triggered action is to be initiated.

公开(公告)号：US09838280B2

公开(公告)日：2017-12-05

申请号：US14815942

申请日：2015-07-31

Applicant: Splunk, Inc.

Inventor： Brent Boe ,  Alan Hardin ,  Brian C. Reyes ,  Fang I. Hsiao

IPC: G06F15/16 ,  H04L12/26 ,  G06F17/30 ,  H04L29/08 ,  H04L29/06 ,  G06F12/00 ,  H04L12/24

CPC classification number: H04L43/045 ,  G06F17/30315 ,  G06F17/30339 ,  G06F17/30386 ,  G06F17/30604 ,  H04L29/08072 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5045 ,  H04L41/5083 ,  H04L43/08 ,  H04L43/0817 ,  H04L63/0227

Abstract: Processing devices receive a file having entries having data items separated by delimiters. Each data item has an ordinal position. The processing device(s) cause display of a table, having rows and columns, in a graphical user interface. Each data items of a particular entry appears in a respective column of the same row. Each column corresponds to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each of the data items of the particular entry a value of an element of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared.

公开(公告)号：US09521047B2

公开(公告)日：2016-12-13

申请号：US15012848

申请日：2016-02-01

Applicant: Splunk Inc.

Inventor： Leonid Viktorovich Alekseyev ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/26 ,  G06F3/0484 ,  G06F3/0482 ,  G06F17/30 ,  G06F12/00

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: Raw machine data are captured and may be organized as events. Entity definitions representing machine entities that perform a service identify the machine data pertaining to respective entities. KPI search queries each define a KPI. Each KPI search query derives one or more values for the KPI from machine data identified in the entity definitions. The derivation may be performed on a per-entity basis and on the aggregate. The derived values may then be translated into a state value domain using per-entity thresholds, aggregate thresholds, or a combination.

Abstract translation: 原始机器数据被捕获并且可以被组织为事件。 表示执行服务的机器实体的实体定义识别与各实体有关的机器数据。 KPI搜索查询每个定义一个KPI。 每个KPI搜索查询从实体定义中标识的机器数据中获取KPI的一个或多个值。 衍生可以在每个实体的基础上和聚合上进行。 然后可以使用每个实体阈值，聚合阈值或组合将派生值转换为状态值域。

公开(公告)号：US09146954B1

公开(公告)日：2015-09-29

申请号：US14611195

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Alan Hardin ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F15/16 ,  G06F17/30 ,  G06F12/00

CPC classification number: G06F17/30554 ,  G06F17/30389 ,  G06F17/30867 ,  H04L41/0213 ,  H04L41/0813 ,  H04L41/22 ,  H04L41/5032 ,  H04L43/045 ,  H04L43/16

Abstract: A processing device performs a search query to produce a search result set having entries having data items. Each data item has an ordinal position. A table, having rows and columns, is displayed in a graphical user interface. Each data item of a particular entry appears in a respective column of the same row of the table. Each column corresponds to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each data item of the particular entry an element value of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared.

Abstract translation: 处理装置执行搜索查询以产生具有具有数据项的条目的搜索结果集。 每个数据项都有一个序数位置。 具有行和列的表格显示在图形用户界面中。 特定条目的每个数据项出现在表的同一行的相应列中。 每列对应于其相应数据项的序数位置。 接收到用户输入，为每个相应列指定相应列所属的字段名称和实体定义组件类型，并且为特定条目的每个数据项存储实体定义的元素值。 元素具有为数据项出现的相应列指定的元素名称，并且与具有指定数据项出现的相应列的类型的实体定义组件相关联。

公开(公告)号：US11372923B1

公开(公告)日：2022-06-28

申请号：US17135379

申请日：2020-12-28

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F9/54 ,  H04L41/22 ,  H04L41/0806 ,  H04L43/04 ,  H04L67/51 ,  H04L43/16 ,  H04L67/10 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/0481 ,  G06F3/04847 ,  H04L43/091 ,  H04L43/55 ,  G06F16/903 ,  G06Q10/06 ,  H04L69/329 ,  G06F16/26 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L41/5009 ,  G06F11/34 ,  G06F11/32 ,  H04L41/0213 ,  H04L41/50 ,  H04L43/045 ,  G06F3/04842 ,  G06T11/20

Abstract: A service monitoring system executing on one or more processors may have operations that are determined by control information. Control over the operation of the service monitoring system can be exerted through the use of a graphical interface. The graphical interface may present the control information of a new or existing correlation search definition for user interaction. The service monitoring system may maintain a data store of key performance indicator (KPI) data, where a KPI value in the data store is produced by a KPI-defining search query that derives the value from machine data associated with one or more entities that perform a monitored service. A correlation search definition of the service monitoring system determines how a search of the KPI data is conducted, how its data is evaluated to determine whether a triggering condition has been met, and, if so, determines what triggered action is to be initiated.

公开(公告)号：US10439922B2

公开(公告)日：2019-10-08

申请号：US15925570

申请日：2018-03-19

Applicant: Splunk Inc.

Inventor： Adrian Hall ,  Kenneth M. Sternberg ,  Anupadmaja Raghavan ,  Brian C. Reyes

IPC: G06F15/173 ,  H04L12/26 ,  H04L29/08 ,  G06F16/28 ,  G06F16/904 ,  G06F16/2457 ,  H04L12/24

Abstract: Provided are systems and methods for determining and displaying service performance information via a graphical user interface. In one embodiment, a system can provide, for each of one or more machines associated with a service: obtaining performance data for the machine; and comparing the performance data for the machine to one or more predefined performance thresholds for the machine to determine a health status for the machine; and determining a health status for the service based at least in part on the health status of at least one of the one or more machines associated with the service.