-
公开(公告)号:US10904295B2
公开(公告)日:2021-01-26
申请号:US16817070
申请日:2020-03-12
Applicant: Splunk Inc.
Inventor: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas , Ryan Russell
Abstract: Systems, methods, and software described herein provide for identifying recommended feature sets for new security applications. In one example, a method of providing recommended feature sets for a new security application includes identifying a request for the new security application, and determining a classification for the new security application. The method further provides identifying related applications to the new security application based on the classification, and identifying a feature set for the new security application based on features provided in the related applications.
-
公开(公告)号:US20210011932A1
公开(公告)日:2021-01-14
申请号:US17038472
申请日:2020-09-30
Applicant: SPLUNK Inc.
Inventor: Vijay Chauhan , Banipal Shahbaz , David Hazekamp
IPC: G06F16/28 , G06F16/22 , G06F16/2458
Abstract: In various implementations, a computer-implemented method for remotely managing settings of applications includes receiving a network communication from a managed device, the received network communication including a client-side hash value. The method further includes identifying settings for an application on the managed device in response to the receiving of the network communication, where the identified settings include configuration instructions for the application. Based on a comparison between the received client-side hash value and a server-side hash value that corresponds to the identified settings, at least some of the identified settings are transmitted to the managed device. The transmitting of the at least some of the identified settings can be based on the comparison indicating a mismatch between the received client-side hash value and the server-side hash value. The method may also include completing processing of the received network communication after the transmitting of the at least some of the identified settings.
-
公开(公告)号:US20210011925A1
公开(公告)日:2021-01-14
申请号:US16919400
申请日:2020-07-02
Applicant: SPLUNK Inc.
Inventor: Marc Vincent Robichaud
Abstract: First one or more values are extracted from a plurality of events using a first extraction rule. The extracted first one or more values are assigned to a first field of the plurality of events as a first set of field-data item pairs. Second one or more values are extracted from the plurality of the events using a second extraction rule. The second extraction rule identifies the second one or more values and a field label corresponding to the second one or more values in the extracted first one or more values of the first set of field-data item pairs. The extracted second one or more values are assigned to a second field of the plurality of events as a second set of field-data item pairs. The field label extracted using the second extraction rule or a modified version thereof may be assigned to the second field.
-
284.发明授权公开(公告)号:US10891792B1
公开(公告)日:2021-01-12
申请号:US16264504
申请日:2019-01-31
Applicant: SPLUNK INC.
Inventor: Devin Bhushan , Jesse Chor , Glen Wong
Abstract: A mobile device executes an augmented reality (AR) software application that detects an orientation of a client device. The AR software application projects a line from a reference position on the client device to a physical object. The AR software application identifies a first location on the physical object that intersects with the line. The AR software application determines an x-coordinate and a y-coordinate of a portion of the physical object included in an image displayed on the client device based on the first location. The AR software application receives a z-coordinate of the portion of the physical object. In response to receiving user input via the client device, the AR software application anchors an augmented reality object at a second location that corresponds to the x-coordinate, the y-coordinate, and the z-coordinate. The orientation of the augmented reality object corresponds to the orientation of the client device.
-
公开(公告)号:US20210004205A1
公开(公告)日:2021-01-07
申请号:US17028755
申请日:2020-09-22
Applicant: SPLUNK INC.
Inventor: R. David Carasso , Micah James Delfino , Johnvey Hwang
IPC: G06F7/24 , G06F16/2458
Abstract: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.
-
Patent Agency Ranking
公开(公告)号:US10860591B2
公开(公告)日:2020-12-08
申请号:US16193781
申请日:2018-11-16
Applicant: Splunk Inc.
Inventor: Steve Yu Zhang , Stephen P. Sorkin
IPC: G06F16/2457 , G06F16/22 , G06F16/24 , G06F16/182 , G06F16/248 , G06F16/33 , G06F16/951 , G06F16/23 , G06F16/2455 , G06F16/2458 , G06F16/9038 , G06F16/9535 , G06F16/9032 , H04L12/24 , H04L29/08
Abstract: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US10860537B2
公开(公告)日:2020-12-08
申请号:US15663652
申请日:2017-07-28
Applicant: Splunk Inc.
IPC: G06F17/30 , G06F16/17 , G06F16/20 , G06F16/174
Abstract: Embodiments are directed towards managing and tracking item identification of a plurality of items to determine if an item is a new or existing item, where an existing item has been previously processed. In some embodiments, two or more item identifiers may be generated. In one embodiment, generating the two or more item identifiers may include analyzing the item using a small item size characteristic, a compressed item, or for an identifier collision. The two or more item identifiers may be employed to determine if the item is a new or existing item. In one embodiment, the two or more item identifiers may be compared to a record about an existing item to determine if the item is a new or existing item. If the item is an existing item, then the item may be further processed to determine if the existing item has actually changed.
-
公开(公告)号:US10855718B2
公开(公告)日:2020-12-01
申请号:US16042283
申请日:2018-07-23
Applicant: Splunk Inc.
Inventor: Sourabh Satish , Oliver Friedrichs , Atif Mahadik , Govind Salinas
IPC: H04L29/06 , G06F21/55 , G06F16/28 , H04L12/851
Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.
-
公开(公告)号:US10833942B2
公开(公告)日:2020-11-10
申请号:US16051001
申请日:2018-07-31
Applicant: Splunk Inc.
Inventor: George Apostolopoulos , Zhuxuan Jin
Abstract: One or more embodiments are directed behavioral based device clustering. A network traffic log of devices in the network is received. Features of devices are extracted from the network traffic log and aggregated into an aggregated feature matrix on a per device basis. By applying a topic modeling algorithm to the aggregated feature matrix, the devices are clustered into device groups according to behavior groups. A device is assigned to the device group to create an assignment.
-
公开(公告)号:US10831804B2
公开(公告)日:2020-11-10
申请号:US15582671
申请日:2017-04-29
Applicant: SPLUNK, Inc.
Inventor: R. David Carasso , Micah James Delfino , Johnvey Hwang
IPC: G06F16/34 , G06F16/242 , G06F16/2458 , G06F3/0484 , H04L29/08 , G06F40/40 , G06F40/166 , G06F40/174 , G06F17/24 , G06F17/28
Abstract: Embodiments are directed towards real time display of event records and extracted values based on at least one extraction rule, such as a regular expression. A user interface may be employed to enable a user to have an extraction rule automatically generate and/or to manually enter an extraction rule. The user may be enabled to manually edit a previously provided extraction rule, which may result in real time display of updated extracted values. The extraction rule may be utilized to extract values from each of a plurality of records, including event records of unstructured machine data. Statistics may be determined for each unique extracted value, and may be displayed to the user in real time. The user interface may also enable the user to select at least one unique extracted value to display those event records that include an extracted value that matches the selected value.
-
-
-
-
-
-
-
-
-
Search Results
2242
records
(took 0.029 seconds)
