-
公开(公告)号:US12189624B1
公开(公告)日:2025-01-07
申请号:US18162622
申请日:2023-01-31
Applicant: Splunk Inc.
Inventor: Liang Han , Vishal Patel , Sundar R. Vasan , Eric Woo
IPC: G06F16/2453 , G06F16/2458
Abstract: Embodiments described herein are directed to facilitating management and storage of configurations. In one embodiment, a request to provide configurations associated with a user-application pair is identified. Based on the user-application pair, a user-defined configuration cache is accessed to obtain user-defined configurations, an application-defined configuration cache is accessed to obtain application-defined configurations, and a system-defined configuration cache is accessed to obtain system-defined configurations. Thereafter, at least a portion of the user-defined configurations, the application-defined configurations, and the system-defined configurations are aggregated or merged to generate a set of configurations associated with the user-application pair. Such a set of configurations associated with the user-application pair are provided for use in performing a task.
-
公开(公告)号:US11921693B1
公开(公告)日:2024-03-05
申请号:US17305650
申请日:2021-07-12
Applicant: Splunk Inc.
Inventor: Itay Alfred Neeman , Glenn Block , Lin Ma , Mitch Blank , Vishal Patel
IPC: G06F16/23 , G06F16/22 , G06F16/28 , G06F16/951
CPC classification number: G06F16/2322 , G06F16/22 , G06F16/282 , G06F16/951
Abstract: A data intake and query system receives a message including raw machine via an internet protocol (IP) such as the hypertext transfer protocol (HTTP). The message includes a distinct payload portion and a distinct custom field portion. The payload portion includes raw machine data, while the custom field portion includes values for fields. An event that includes the raw machine data and the values is generated from the payload portion and the values are extracted from the custom field portion. The event is then stored such that the values are associated with the event.
-
公开(公告)号:US11914552B1
公开(公告)日:2024-02-27
申请号:US18160123
申请日:2023-01-26
Applicant: Splunk Inc.
IPC: G06F17/30 , G06F16/17 , G06F16/20 , G06F16/174
CPC classification number: G06F16/1734 , G06F16/174 , G06F16/20
Abstract: Embodiments are directed towards managing and tracking item identification of a plurality of items to determine if an item is a new or existing item, where an existing item has been previously processed. In some embodiments, two or more item identifiers may be generated. In one embodiment, generating the two or more item identifiers may include analyzing the item using a small item size characteristic, a compressed item, or for an identifier collision. The two or more item identifiers may be employed to determine if the item is a new or existing item. In one embodiment, the two or more item identifiers may be compared to a record about an existing item to determine if the item is a new or existing item. If the item is an existing item, then the item may be further processed to determine if the existing item has actually changed.
-
公开(公告)号:US11580071B2
公开(公告)日:2023-02-14
申请号:US17080416
申请日:2020-10-26
Applicant: SPLUNK INC.
IPC: G06F17/30 , G06F16/17 , G06F16/20 , G06F16/174
Abstract: Embodiments are directed towards managing and tracking item identification of a plurality of items to determine if an item is a new or existing item, where an existing item has been previously processed. In some embodiments, two or more item identifiers may be generated. In one embodiment, generating the two or more item identifiers may include analyzing the item using a small item size characteristic, a compressed item, or for an identifier collision. The two or more item identifiers may be employed to determine if the item is a new or existing item. In one embodiment, the two or more item identifiers may be compared to a record about an existing item to determine if the item is a new or existing item. If the item is an existing item, then the item may be further processed to determine if the existing item has actually changed.
-
公开(公告)号:US11055300B2
公开(公告)日:2021-07-06
申请号:US15339909
申请日:2016-10-31
Applicant: Splunk Inc.
Inventor: Steve Yu Zhang , Ledion Bitincka , Vishal Patel , David E. Simmen
IPC: G06F16/248 , G06F16/22 , G06F16/25 , G06F16/28 , G06F16/901 , G06F16/951 , G06F16/242 , G06F16/2455 , G06F16/2458 , G06F16/835 , G06F16/9038 , G06F16/9535 , G06F16/903 , H04L29/08 , G06F3/0481 , H04L12/26 , G06T11/20
Abstract: The disclosed embodiments include a method performed by a data intake and query system. The method includes receiving a real-time search query including search criteria, and receiving a stream of metrics, where each metric includes a measured value taken of a computing device. The method further includes filtering the metrics to obtain filtered metrics satisfying the search criteria, creating an in-memory summarization data structure based on the filtered metrics, communicating the summarization data to a search head, and providing search results including the summarization data, where the summarization data or data indicative of the summarization data is displayed on a display of a display device.
-
Patent Agency Ranking
公开(公告)号:US20210042269A1
公开(公告)日:2021-02-11
申请号:US17080416
申请日:2020-10-26
Applicant: SPLUNK INC.
IPC: G06F16/17 , G06F16/20 , G06F16/174
Abstract: Embodiments are directed towards managing and tracking item identification of a plurality of items to determine if an item is a new or existing item, where an existing item has been previously processed. In some embodiments, two or more item identifiers may be generated. In one embodiment, generating the two or more item identifiers may include analyzing the item using a small item size characteristic, a compressed item, or for an identifier collision. The two or more item identifiers may be employed to determine if the item is a new or existing item. In one embodiment, the two or more item identifiers may be compared to a record about an existing item to determine if the item is a new or existing item. If the item is an existing item, then the item may be further processed to determine if the existing item has actually changed.
-
公开(公告)号:US10268755B2
公开(公告)日:2019-04-23
申请号:US14700844
申请日:2015-04-30
Applicant: Splunk Inc.
Inventor: Vishal Patel , Jagannath Kerai , Hasan Alayli
IPC: G06F17/30
Abstract: The present disclosure is directed to providing dynamic indexer discovery. An index manager, which may also be known as a cluster master, is configured to track the statuses and capabilities of indexers and provide the statuses and capabilities obtained from the indexers to data collectors, such as forwarders. The data collectors may use the statuses and capabilities associated with the indexers to load balance transmission of data to the indexers. Dynamic indexer discovery may eliminate the need to manually reconfigure data collectors when the status of an indexer changes because the information may be obtained from the index manager without the need to reinitialize the data collectors.
-
公开(公告)号:US20190098071A1
公开(公告)日:2019-03-28
申请号:US16202990
申请日:2018-11-28
Applicant: Splunk Inc.
Inventor: Ledion Bitincka , Vishal Patel , Geoffrey Hendrey , Eric Woo
CPC classification number: H04L67/06 , H04L29/08072 , H04L41/0813 , H04L41/0843 , H04L41/0856 , H04L67/34 , H04L69/329
Abstract: In a computer-implemented method for configuring a distributed computer system comprising a plurality of nodes of a plurality of node classes, configuration files for a plurality of nodes of each of the plurality of node classes are stored in a central repository. The configuration files include information representing a desired system state of the distributed computer system, and the distributed computer system operates to keep an actual system state of the distributed computer system consistent with the desired system state. The plurality of node classes includes forwarder nodes for receiving data from an input source, indexer nodes for indexing the data, and search head nodes for searching the data. Responsive to receiving changes to the configuration files, the changes are propagated to nodes of the plurality of nodes impacted by the changes based on a node class of the nodes impacted by the changes.
-
公开(公告)号:US10083190B2
公开(公告)日:2018-09-25
申请号:US14014059
申请日:2013-08-29
Applicant: Splunk Inc.
Inventor: Amritpal Singh Bath , Mitchell Neuman Blank , Vishal Patel , Stephen Phillip Sorkin
IPC: G06F17/30
CPC classification number: G06F16/21 , G06F16/1734
Abstract: Embodiments are directed towards a dynamic change evaluation mechanism, whereby items having a detected possible change are scheduled for re-evaluation for possible changes at a higher frequency than items detected to not have previously changed, while those items detected as not to have changed are dynamically scheduled for re-evaluation based on an evaluation backlog that may be in turn based, in part, on a time from when an item is assigned an expiration time to when the item is evaluated. In one embodiment, a possibly changed item may be assigned a new expiration time independent of the evaluation backlog. In another embodiment, if no change is detected, then the item may be assigned a new expiration time as a function of a previous expiration time and on the evaluation backlog.
-
公开(公告)号:US09984129B2
公开(公告)日:2018-05-29
申请号:US14815974
申请日:2015-08-01
Applicant: Splunk Inc.
Inventor: Vishal Patel , Mitchell Neuman Blank, Jr. , Sundar Renegarajan Vasan , Stephen Phillip Sorkin
CPC classification number: G06F17/30528 , G06F3/0617 , G06F3/065 , G06F3/067 , G06F11/20 , G06F11/2094 , G06F17/30241 , G06F17/30336 , G06F17/30575 , G06F17/30581 , G06F17/30867 , G06F17/3087 , H04L67/1097
Abstract: Embodiments are directed towards managing within a cluster environment having a plurality of indexers for data storage using redundancy the data being managed using a generation identifier, such that a primary indexer is designated for a given generation of data. When a master device for the cluster fails, data may continue to be stored using redundancy, and data searches performed may still be performed.
-
-
-
-
-
-
-
-
-
Search Results
72
records
(took 0.027 seconds)
