公开(公告)号：US20160105338A1

公开(公告)日：2016-04-14

申请号：US14800672

申请日：2015-07-15

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Hemendra Singh Choudhary ,  Clint Sharp

IPC: H04L12/26

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: Techniques are disclosed for providing an aggregate key performance indicator (KPI) that spans multiple services and for providing user adjustment to KPI factors via a GUI that enables a user to configure an aggregate KPI with feedback that better characterizes the performance of the services. The GUI may enable a user to select KPIs and to adjust weights (e.g., importance) associated with the KPIs. The weight of a KPI may affect the influence a value of the KPI has on the calculation of an aggregate KPI value (e.g., score). The GUI may provide near real-time feedback concerning the effect the weights have on the aggregate KPI value by displaying the aggregate KPI value (e.g., score) and updating the aggregate KPI value as the user adjusts the weights.

Abstract translation: 公开了用于提供涵盖多个服务的聚合关键性能指标（KPI）和用于通过GUI提供用户对KPI因素的调整的技术，所述GUI使用户能够通过更好地表征服务性能的反馈来配置聚合KPI。 GUI可以使得用户能够选择KPI并且调整与KPI相关联的权重（例如，重要性）。 KPI的权重可能会影响KPI的值对计算总体KPI值（例如，得分）的影响。 GUI可以通过在用户调整权重时显示聚合KPI值（例如，分数）和更新聚合KPI值来提供关于权重对总体KPI值的影响的接近实时反馈。

公开(公告)号：US20160104091A1

公开(公告)日：2016-04-14

申请号：US14700108

申请日：2015-04-29

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06Q10/06

CPC classification number: G06Q10/06393 ,  G06F3/04847 ,  H04L41/0681 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5045 ,  H04L41/5054 ,  H04L43/04

Abstract: A system, method, and graphical user interface (GUI) are disclosed for defining and applying time varying static thresholds. Time varying static thresholds may enable a user (e.g., IT manager) to define multiple sets of key performance indicator (KPI) thresholds that vary over time, for example, one set may apply during week-days and another set may apply on weekends. This may enable a user to have thresholds that take into account cyclical patterns of behavior (e.g., repeat every week). The KPI thresholds may be based on any unit of time, such as an hour of the day, days of the week, a month of the year (such as a holiday season). Each set may include KPI thresholds that specify values that when exceeded may initiate an alert or some other action.

Abstract translation: 公开了一种用于定义和应用时变静态阈值的系统，方法和图形用户界面（GUI）。 时变静态阈值可以使得用户（例如，IT管理者）可以定义随时间变化的多组关键性能指标（KPI）阈值，例如，一组可以在周日期间应用，另一组可能在周末应用。 这可以使得用户具有考虑周期性行为模式（例如每周重复）的阈值。 KPI阈值可以基于任何时间单位，例如一天中的一小时，一周中的几天，一年中的一个月（如假日季节）。 每个集合可以包括KPI阈值，其指定超出时可以发起警报或其他动作的值。

公开(公告)号：US20160103887A1

公开(公告)日：2016-04-14

申请号：US14700110

申请日：2015-04-29

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06F17/30

CPC classification number: G06F17/30675 ,  G06F3/0482 ,  G06F3/04842 ,  G06F17/30964 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L63/145

Abstract: A system, method and graphical user interface (GUI) for creating a new correlation search based on a set of displayed graph lanes. The graph lanes may provide graphical visualizations of key performance indicators (KPIs) associated with one or more services and may assist a user in identifying a situation (e.g., problem or a pattern of interest) in the performance of the services. A user may adjust (e.g., add graph lanes, zooming-in) the graph lanes in order to display the situation, at which point the user may submit a request to create a new correlation search to detect if the situation reoccurs. The system may generate the new correlation search by iterating through the set of graph lanes and analyzing the fluctuations of each KPI to determine triggering criteria. The system may then run the correlation search and generate a notable event or alarm when the situation reoccurs.

Abstract translation: 一种用于基于一组显示的图形通道创建新的相关搜索的系统，方法和图形用户界面（GUI）。 图形通道可以提供与一个或多个服务相关联的关键性能指标（KPI）的图形可视化，并且可以帮助用户识别服务执行中的情况（例如，问题或感兴趣的模式）。 用户可以调整（例如，添加图形通道，放大）图形通道以便显示情况，在该点，用户可以提交创建新的相关搜索的请求以检测情况是否再次出现。 系统可以通过迭代图形通道并分析每个KPI的波动来确定触发标准来生成新的相关搜索。 然后，系统可以运行相关搜索，并在情况复现时产生显着的事件或警报。

公开(公告)号：US09294361B1

公开(公告)日：2016-03-22

申请号：US14611200

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/26 ,  G06F17/30 ,  G06F3/0482 ,  G06F3/0484 ,  G06F12/00

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices cause display of a graphical user interface (GUI) that includes a correlation search portion that enables a user to specify information for a key performance indicator (KPI) correlation search definition. The KPI correlation search definition includes search information and trigger determination information. The search information identifies KPI values, indicative of the KPI states, in a data store. The trigger determination information includes trigger criteria. The trigger determination evaluates the identified KPI values using the trigger criteria to determine whether to cause a defined action. A contribution threshold for a particular KPI definition is received via the GUI. The contribution threshold corresponds to a particular KPI state. The contribution threshold is stored as trigger criteria information. Each of the KPI values is derived from machine data pertaining to entities identified in a service definition using a search query specified by a KPI definition for the service.

Abstract translation: 一个或多个处理设备引起显示图形用户界面（GUI），该图形用户界面（GUI）包括能够使用户指定关键性能指标（KPI）相关搜索定义的信息的相关搜索部分。 KPI相关搜索定义包括搜索信息和触发确定信息。 搜索信息在数据存储中标识表示KPI状态的KPI值。 触发判定信息包括触发准则。 触发确定使用触发条件来评估所识别的KPI值，以确定是否导致定义的动作。 通过GUI接收特定KPI定义的贡献阈值。 贡献阈值对应于特定的KPI状态。 贡献阈值被存储为触发条件信息。 每个KPI值都是从使用由服务的KPI定义指定的搜索查询在服务定义中标识的实体的机器数据中导出的。

公开(公告)号：US09208463B1

公开(公告)日：2015-12-08

申请号：US14528894

申请日：2014-10-30

Applicant: Splunk Inc.

Inventor： Alok Anant Bhide ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian Reyes

IPC: G06F15/16 ,  G06Q10/06 ,  H04L29/08 ,  G06F12/00

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices access a service definition for a service provided by one or more entities that each produce machine data or about which machine data is generated. The service definition identifies the entities that provide the service and, for each entity, identifying information for locating machine data pertaining to that entity. The processing devices access a key performance indicator (KPI) for the service that is defined by a search query that produces a value derived from the machine data pertaining to the entities identified in the service definition. The value indicates how the service is performing at a point in time or during a period of time and indicates a state of the KPI. A graphical interface is displayed and an indication of at least one threshold, which defines an end of a range of values representing a state of the KPI, for the KPI is received.

Abstract translation: 一个或多个处理设备访问由一个或多个实体提供的服务的服务定义，每个实体产生机器数据或关于哪个机器数据被生成。 服务定义识别提供服务的实体，并且为每个实体标识用于定位与该实体有关的机器数据的信息。 处理设备访问由搜索查询定义的服务的关键性能指标（KPI），该搜索查询产生从与服务定义中标识的实体相关的机器数据导出的值。 该值指示服务在某个时间点或一段时间内的运行情况，并指示KPI的状态。 显示图形界面，并且接收至少一个阈值的指示，其定义表示KPI的KPI的状态的范围的范围的结束。

公开(公告)号：US11870558B1

公开(公告)日：2024-01-09

申请号：US18125994

申请日：2023-03-24

Applicant: Splunk Inc.

Inventor： Vineetha Bettaiah ,  Tristan Antonio Fletcher ,  Ross Andrew Lazerowitz ,  Hemendra Singh Choudhary

IPC: G06F16/22 ,  H04L43/04 ,  G06F16/28 ,  G06F16/2457 ,  G06F40/174 ,  G06F3/0482 ,  H04L67/1097 ,  G06F40/177

CPC classification number: H04L43/04 ,  G06F16/22 ,  G06F16/24573 ,  G06F16/24578 ,  G06F16/285 ,  G06F40/174 ,  G06F3/0482 ,  G06F40/177 ,  H04L67/1097

Abstract: An example method of identification of related event groups for a service monitoring system includes: receiving a sample set of events from a service monitoring system; choosing, based the sample set of events, a set of fieldnames for defining factors; generating a plurality of event group definitions, wherein each event group definition of the plurality of event group definitions comprises a plurality of factors, wherein each factor of the plurality of factors is represented by a respective fieldname-value pair of an event of the sample set of events, wherein a fieldname of the respective fieldname-value pair is selected from the set of fieldnames; and determining, based on the plurality of event group definitions, one or more event groups for a plurality of events.

公开(公告)号：US11601324B1

公开(公告)日：2023-03-07

申请号：US17691797

申请日：2022-03-10

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Caleb Eugene Hanson ,  Amy Katherine Hunnel Bianchi ,  Daniel M. Jones ,  Alexandros Nikolaos Kompotis ,  Ross Andrew Lazerowitz ,  William Marcum ,  Michael Margulis ,  Sean David McBride ,  Daniel Blake Partain ,  Eric Nathaniel Tschetter ,  Dipti Prabhakar Siddamsettiwar

IPC: H04L12/24 ,  H04L41/0604 ,  G06F11/07 ,  H04L41/22

Abstract: An application executing on a mobile computing platform provides independent data channels over a mobile network to multiple separate computing systems that each maintain some data pertinent to problem determination and resolution when an incident arises in a monitored information technology (IT) environment. The application maintains and separately exercises the channels to provide timely information in a user interface that composites data to present a single interface with a multi-sourced contextual rendering. Some systems may include an IT monitoring system and a separate incident management system among its sources. Channels may include extended functionality to improve security or other aspects of communication with mobile platforms.

公开(公告)号：US11501238B2

公开(公告)日：2022-11-15

申请号：US14859241

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Asmita Puri ,  Alok Anant Bhide

IPC: G06Q10/06

Abstract: A service monitoring system (SMS) produces key performance indicator (KPI) scores that indicate the performance of a service. To produce the KPI scores, the SMS may process the data for a large number of machine entities that perform the service. This data can be processed on a per-entity basis to produce a per-entity KPI score representing the contribution of a particular machine to the overall KPI. The per-entity KPI scores can be transformed to statistical representations which can be visualized as a distribution stream graph. The visualization may be presented with interactive aspects.

公开(公告)号：US11087263B2

公开(公告)日：2021-08-10

申请号：US15088093

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Brent Stephen Boe ,  Rochit Gupta ,  Rehan Mulla ,  Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06Q10/06 ,  H04L12/24

Abstract: An automatic service monitor in an information technology environment has its operation controlled by information that, in part, define entities that perform services and define key performance indicators (KPIs) that indicate measures of performance of the services. KPIs are defined in terms of search queries applied against machine data by or about the entities that perform the services. The search query aspects of multiple KPI definitions may be tied to a shared base search. Implementation of the shared base search may permit improved performance of the service monitor and may permit a reduction in administrative burden.

公开(公告)号：US10887157B1

公开(公告)日：2021-01-05

申请号：US16528253

申请日：2019-07-31

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Caleb Eugene Hanson ,  Amy Katherine Hunnel Bianchi ,  Daniel M. Jones ,  Alexandros Nikolaos Kompotis ,  Ross Andrew Lazerowitz ,  William Marcum ,  Michael Margulis ,  Sean David McBride ,  Daniel Blake Partain ,  Eric Nathaniel Tschetter ,  Dipti Prabhakar Siddamsettiwar

IPC: H04L12/24 ,  G06F11/07

Abstract: An application executing on a mobile computing platform provides independent data channels over a mobile network to multiple separate computing systems that each maintain some data pertinent to problem determination and resolution when an incident arises in a monitored information technology (IT) environment. The application maintains and separately exercises the channels to provide timely information in a user interface that composites data to present a single interface with a multi-sourced contextual rendering. Some systems may include an IT monitoring system and a separate incident management system among its sources. Channels may include extended functionality to improve security or other aspects of communication with mobile platforms.