公开(公告)号：US20160321327A1

公开(公告)日：2016-11-03

申请号：US14698716

申请日：2015-04-28

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: G06F17/30 ,  G06F3/0484

CPC classification number: G06F17/30554 ,  G06F3/04842 ,  G06F3/04847

Abstract: A system that enables a user to configure alert actions based on search results generated by a query is disclosed. During operation, the system presents an alert user interface (UI) to a user, wherein the alert UI enables the user to configure one or more alert actions to be performed based on the search results. Next, the system receives alert configuration information from the user through the alert UI, wherein the alert configuration information includes tokens representing parameters associated with the query and the search results. Then, while generating an alert associated with the search results, the system performs a token substitution operation that substitutes tokens in the alert configuration information with corresponding parameters from the search results to generate a payload that is communicated to alert-generating functionality. This token substitution allows the parameters to be used by the alert-generating functionality while performing the one or more alert actions.

Abstract translation: 公开了一种使得用户能够基于由查询产生的搜索结果来配置警报动作的系统。 在操作期间，系统向用户呈现警报用户界面（UI），其中警报UI使得用户能够基于搜索结果来配置要执行的一个或多个警报动作。 接下来，系统通过警报UI从用户接收警报配置信息，其中警报配置信息包括表示与查询和搜索结果相关联的参数的令牌。 然后，在生成与搜索结果相关联的警报的同时，系统执行令牌替换操作，其将具有来自搜索结果的相应参数的警报配置信息中的令牌代替，以生成传达给警报生成功能的有效载荷。 该令牌替换允许在执行一个或多个警报动作时由警报生成功能使用参数。

公开(公告)号：US11722507B1

公开(公告)日：2023-08-08

申请号：US17698992

申请日：2022-03-18

Applicant: SPLUNK Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: H04L9/40 ,  G06F9/54 ,  G06F16/21 ,  G06F16/33 ,  G06F16/903 ,  H04L67/02 ,  H04L41/0686 ,  H04L51/23 ,  H04L41/22 ,  H04L65/65

CPC classification number: H04L63/1425 ,  G06F9/542 ,  G06F16/21 ,  G06F16/3331 ,  G06F16/90344 ,  H04L41/0686 ,  H04L51/23 ,  H04L67/02 ,  H04L41/22 ,  H04L65/65

Abstract: The disclosed embodiments relate to a system that generates an alert based on information extracted from search results generated by a query. During operation, the system executes the query to generate the search results. The system also obtains configuration information for the alert, wherein the configuration information identifies information associated with the search results, and also specifies a trigger condition for the alert. Next, when the trigger condition for the alert is met, the system uses the configuration information to generate a payload containing the identified information associated with the search results. The system then invokes alert-generating functionality and provides the payload as input to the alert-generating functionality. This enables the alert-generating functionality to use the information from the search results while performing one or more alert actions association with the alert.

公开(公告)号：US10810221B2

公开(公告)日：2020-10-20

申请号：US15885774

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: G06F16/248 ,  G06F3/0484

Abstract: A system that enables a user to configure alert actions based on search results generated by a query is disclosed. During operation, the system presents an alert user interface (UI) to a user, wherein the alert UI enables the user to configure one or more alert actions to be performed based on the search results. Next, the system receives alert configuration information from the user through the alert UI, wherein the alert configuration information includes tokens representing parameters associated with the query and the search results. Then, while generating an alert associated with the search results, the system performs a token substitution operation that substitutes tokens in the alert configuration information with corresponding parameters from the search results to generate a payload that is communicated to alert-generating functionality. This token substitution allows the parameters to be used by the alert-generating functionality while performing the one or more alert actions.

公开(公告)号：US20190068629A1

公开(公告)日：2019-02-28

申请号：US16177394

申请日：2018-10-31

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/24 ,  G06F17/30 ,  H04L12/58 ,  G06F9/54

CPC classification number: H04L63/1425 ,  G06F9/542 ,  G06F16/21 ,  G06F16/3331 ,  G06F16/90344 ,  H04L41/0686 ,  H04L41/22 ,  H04L51/30 ,  H04L65/608 ,  H04L67/02

Abstract: The disclosed embodiments relate to a system that generates an alert based on information extracted from search results generated by a query. During operation, the system executes the query to generate the search results. The system also obtains configuration information for the alert, wherein the configuration information identifies information associated with the search results, and also specifies a trigger condition for the alert. Next, when the trigger condition for the alert is met, the system uses the configuration information to generate a payload containing the identified information associated with the search results. The system then invokes alert-generating functionality and provides the payload as input to the alert-generating functionality. This enables the alert-generating functionality to use the information from the search results while performing one or more alert actions association with the alert.

公开(公告)号：US20180225343A1

公开(公告)日：2018-08-09

申请号：US15885774

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: G06F17/30 ,  G06F3/0484

CPC classification number: G06F16/248 ,  G06F3/04842 ,  G06F3/04847

Abstract: A system that enables a user to configure alert actions based on search results generated by a query is disclosed. During operation, the system presents an alert user interface (UI) to a user, wherein the alert UI enables the user to configure one or more alert actions to be performed based on the search results. Next, the system receives alert configuration information from the user through the alert UI, wherein the alert configuration information includes tokens representing parameters associated with the query and the search results. Then, while generating an alert associated with the search results, the system performs a token substitution operation that substitutes tokens in the alert configuration information with corresponding parameters from the search results to generate a payload that is communicated to alert-generating functionality. This token substitution allows the parameters to be used by the alert-generating functionality while performing the one or more alert actions.