公开(公告)号：US11836148B1

公开(公告)日：2023-12-05

申请号：US17246452

申请日：2021-04-30

Applicant: Splunk Inc.

Inventor： Paul Boster ,  Keith Kramer ,  Cary Noel ,  Isabelle Park

IPC: G06F16/248 ,  G06F16/25 ,  G06F3/04842

CPC classification number: G06F16/248 ,  G06F16/252 ,  G06F3/04842

Abstract: Systems and methods are disclosed for implementing a data stream correlation user interface. The data stream correlation user interface enables users to view information from two sets of records, and identify fields in the two sets of records that can be matched together to “glue” together multiple records. For example, a user may specify that values in an “AcctID” field in one set of records can be matched to values in an “Account_ID” field of a second set of records. Additional identifying fields may be selected, such that multiple values can be chained together. The system can match the records of multiple sets together using designated fields, enabling users to view how many records from one set have a corresponding record in another set.

公开(公告)号：US20230171169A1

公开(公告)日：2023-06-01

申请号：US18162595

申请日：2023-01-31

Applicant: Splunk Inc.

Inventor： Qianjie Zhong ,  Geng Qin ,  Ting Wang ,  Min Zhang ,  Micah Delfino ,  Jef Bekes ,  D. Randall Young ,  Cary Noel ,  Feng Shao ,  Dritan Bitincka

IPC: H04L43/045 ,  H04L41/22 ,  H04L41/12 ,  H04L43/0817

CPC classification number: H04L43/045 ,  H04L41/22 ,  H04L41/12 ,  H04L43/0817

Abstract: Techniques and mechanisms are disclosed that enable collection of various types of data from cloud computing services and the generation of various dashboards and visualizations to view information about collections of cloud computing resources. A user can configure collection of data from one or more cloud computing services and view visualizations using an application platform referred to herein as a cloud computing management application. A cloud computing management application further may be configured to generate and cause display of interactive topology map representations of cloud computing resources based on the collected data, where an interactive topology map enables users to view an intuitive visualization of a collection of computing resources, efficiently cause performance of actions with respect to various resources displayed in the topology map, and analyze the collection of resources in ways that are not possible using conventional cloud computing service management consoles.

公开(公告)号：US11611493B2

公开(公告)日：2023-03-21

申请号：US17443228

申请日：2021-07-22

Applicant: Splunk Inc.

Inventor： Qianjie Zhong ,  Geng Qin ,  Ting Wang ,  Min Zhang ,  Micah Delfino ,  Jef Bekes ,  D. Randall Young ,  Cary Noel ,  Feng Shao ,  Dritan Bitincka

IPC: H04L43/045 ,  H04L41/22 ,  H04L41/12 ,  H04L43/0817

Abstract: Techniques and mechanisms are disclosed that enable collection of various types of data from cloud computing services and the generation of various dashboards and visualizations to view information about collections of cloud computing resources. A user can configure collection of data from one or more cloud computing services and view visualizations using an application platform referred to herein as a cloud computing management application. A cloud computing management application further may be configured to generate and cause display of interactive topology map representations of cloud computing resources based on the collected data, where an interactive topology map enables users to view an intuitive visualization of a collection of computing resources, efficiently cause performance of actions with respect to various resources displayed in the topology map, and analyze the collection of resources in ways that are not possible using conventional cloud computing service management consoles.

公开(公告)号：US11422686B2

公开(公告)日：2022-08-23

申请号：US16850967

申请日：2020-04-16

Applicant: SPLUNK INC.

Inventor： Nicholas Filippi ,  Siegfried Puchbauer-Schnabel ,  Cary Noel

IPC: G06F3/04847

Abstract: Provided are systems and methods for determining and displaying automatically binned information via a graphical user interface. A graphical user interface (GUI) may include a first graphical element representing a first metric value for a first time window and a second graphical element representing a second metric value for a second time window. An indication of a selection of the first time window may be received via the GUI. An updated GUI comprising a third graphical element representing a third metric value for the third time window and a fourth graphical element representing the fourth metric value for the fourth time window may be displayed, wherein the third time window and the fourth time window may be sub-ranges of the first time window.

公开(公告)号：US11363047B2

公开(公告)日：2022-06-14

申请号：US17018360

申请日：2020-09-11

Applicant: Splunk Inc.

Inventor： Vijay Chauhan ,  Cary Noel ,  Wenhui Yu ,  Luke Murphey ,  Alexander Raitz ,  David Hazekamp

IPC: H04L9/40 ,  G06F3/0484 ,  G06F16/25 ,  G06F16/248 ,  G06F16/2458 ,  H04L43/026 ,  G06F40/169 ,  G06F21/62 ,  H04L43/06

Abstract: Techniques and mechanisms are disclosed that enable network security analysts and other users to efficiently conduct network security investigations and to produce useful representations of investigation results. As used herein, a network security investigation generally refers to an analysis by an analyst (or team of analysts) of one or more detected network events that may pose internal and/or external threats to a computer network under management. A network security application provides various interfaces that enable users to create investigation timelines, where the investigation timelines display a collection of events related to a particular network security investigation. A network security application further provides functionality to monitor and log user interactions with the network security application, where particular logged user interactions may also be added to one or more investigation timelines.

公开(公告)号：US10693743B2

公开(公告)日：2020-06-23

申请号：US14902848

申请日：2015-09-21

Applicant: Splunk Inc.

Inventor： Qianjie Zhong ,  Geng Qin ,  Ting Wang ,  Min Zhang ,  Micah Delfino ,  Jef Bekes ,  D. Randall Young ,  Cary Noel ,  Feng Shao ,  Dritan Bitincka

IPC: H04L12/24 ,  G06F16/44 ,  H04L12/26 ,  G06F3/0482 ,  G06F3/0486 ,  H04L29/08

Abstract: Techniques and mechanisms are disclosed that enable collection of various types of data from cloud computing services and the generation of various dashboards and visualizations to view information about collections of cloud computing resources. A user can configure collection of data from one or more cloud computing services and view visualizations using an application platform referred to herein as a cloud computing management application. A cloud computing management application further may be configured to generate and cause display of interactive topology map representations of cloud computing resources based on the collected data, where an interactive topology map enables users to view an intuitive visualization of a collection of computing resources, efficiently cause performance of actions with respect to various resources displayed in the topology map, and analyze the collection of resources in ways that are not possible using conventional cloud computing service management consoles.

公开(公告)号：US20180069887A1

公开(公告)日：2018-03-08

申请号：US15799906

申请日：2017-10-31

Applicant: Splunk Inc,

Inventor： Vijay Chauhan ,  Cary Noel ,  Wenhui Yu ,  Luke Murphey ,  Alexander Raitz ,  David Hazekamp

IPC: H04L29/06 ,  G06F21/62 ,  G06F17/30 ,  H04L12/26 ,  G06F3/0484 ,  G06F17/24

CPC classification number: H04L63/1425 ,  G06F3/0484 ,  G06F17/241 ,  G06F17/30551 ,  G06F17/30554 ,  G06F17/30557 ,  G06F21/629 ,  G06F2221/2151 ,  H04L43/026 ,  H04L43/06

Abstract: Techniques and mechanisms are disclosed that enable network security analysts and other users to efficiently conduct network security investigations and to produce useful representations of investigation results. As used herein, a network security investigation generally refers to an analysis by an analyst (or team of analysts) of one or more detected network events that may pose internal and/or external threats to a computer network under management. A network security application provides various interfaces that enable users to create investigation timelines, where the investigation timelines display a collection of events related to a particular network security investigation. A network security application further provides functionality to monitor and log user interactions with the network security application, where particular logged user interactions may also be added to one or more investigation timelines.

公开(公告)号：US20170034196A1

公开(公告)日：2017-02-02

申请号：US15143566

申请日：2016-04-30

Applicant: Splunk Inc.

Inventor： Vijay Chauhan ,  Cary Noel ,  Wenhui Yu

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  G06F17/30551 ,  G06F17/30864 ,  G06F21/552 ,  G06F21/577 ,  G06F21/62 ,  H04L41/22 ,  H04L43/045 ,  H04L63/1408 ,  H04L63/1416

Abstract: Techniques and mechanisms are disclosed that enable network security analysts and other users to efficiently conduct network security investigations and to produce useful representations of investigation results. As used herein, a network security investigation generally refers to an analysis by an analyst (or team of analysts) of one or more detected network events that may pose internal and/or external threats to a computer network under management. A network security application provides various interfaces that enable users to create investigation timelines, where the investigation timelines display a collection of events related to a particular network security investigation. A network security application further provides functionality to monitor and log user interactions with the network security application, where particular logged user interactions may also be added to one or more investigation timelines.

Abstract translation: 公开了技术和机制，使网络安全分析师和其他用户有效地进行网络安全调查并产生调查结果的有用表示。 如本文所使用的，网络安全调查通常是指分析者（或分析师小组）对可能对管理的计算机网络造成内部和/或外部威胁的一个或多个检测到的网络事件的分析。 网络安全应用程序提供各种接口，使用户能够创建调查时间表，其中调查时间表显示与特定网络安全调查相关的事件的集合。 网络安全应用程序还提供监视和记录与网络安全应用程序的用户交互的功能，其中特定记录的用户交互也可以被添加到一个或多个调查时间线。

公开(公告)号：US20150040052A1

公开(公告)日：2015-02-05

申请号：US14265854

申请日：2014-04-30

Applicant: Splunk Inc.

Inventor： Cary Noel ,  Ian Link

IPC: G06F3/0484 ,  G06F3/0482

CPC classification number: G06F3/04847 ,  G06F17/30 ,  G06Q10/063

Abstract: Data values for various items are visualized in real-time or near real-time using radial-based techniques to produce data visualizations bearing some resemblance to, for example, pie charts, radial charts, etc. The data values are shown using indicators that encircle, or at least partially encircle, a central point. One or more characteristics of the indicator reflect the value that corresponds to the indicator. The characteristics may include, for instance, the color of the indicator and/or the distance of the indicator (or more specifically, a given point on the indicator) from the central point. The characteristics of the indicators change over time, in accordance with changes in the current values of the data items. A variety of indicators may be used, including, without limitation, points, icons, pie “wedges,” filled or partially-filled sectors of an ellipse or semi-circle, arcs or lines that span between the sides of such sectors, and so forth.

Abstract translation: 可以使用基于径向技术实时或近实时显示各种项目的数据值，以产生与例如饼图，径向图等相似的数据可视化。数据值使用围绕 ，或至少部分环绕中心点。 指标的一个或多个特征反映了与指标对应的值。 特征可以包括例如指示器的颜色和/或指示器的距离（或更具体地，指示器上的给定点）与中心点的距离。 随着时间的推移，指标的特征随着数据项的当前值的变化而变化。 可以使用各种指标，包括但不限于点，图标，馅饼“楔形”，填充或部分填充的扇形的椭圆或半圆，弧或线，跨越这些扇区的两侧，等等 向前。

公开(公告)号：US12019858B1

公开(公告)日：2024-06-25

申请号：US17474833

申请日：2021-09-14

Applicant: SPLUNK Inc.

Inventor： Jindrich Dinga ,  Simon Fishel ,  Cary Noel ,  Isabelle Park ,  Horst Werner

IPC: G06F3/04847 ,  G06F3/0482 ,  G06F16/904 ,  G06F16/9535

CPC classification number: G06F3/04847 ,  G06F3/0482 ,  G06F16/904 ,  G06F16/9535

Abstract: Systems, methods, and computer readable media are disclosed for generating and providing concurrent journey visualizations associated with different journey definitions. In computer-implemented embodiments, a data intake and query system, or a journey visualization computing tool, can be used to generate and provide concurrent representations corresponding with different journey definitions. In operation, a set of journey instances associated with a journey having a set of steps is obtained. Each step may be associated with at least one event that includes raw machine data produced by a component of an information technology environment. Upon obtaining different journey definitions specifying filters to apply to the set of journey instances, the data intake and query system can generate journey visualizations in accordance with the journey definitions. Thereafter, the journey visualizations corresponding with the journey definitions can be concurrently displayed by a computing device via a graphical user interface.