公开(公告)号：US10810771B2

公开(公告)日：2020-10-20

申请号：US16034143

申请日：2018-07-12

Applicant: Splunk Inc

Inventor： Nicholas Filippi ,  Simon Fishel ,  Siegfried Puchbauer-Schnabel ,  Mathew Elting ,  Carl Yestrau

IPC: G06T11/20 ,  G06F16/9038

Abstract: Embodiments of the disclosure are systems and methods for providing third party visualizations. In one embodiment, a method is provided that includes receiving, via an API, computer-executable instructions configured to render a visualization using events and a variable field; rendering the visualization using the events; causing displaying of a graphical user interface (GUI) comprising a visualization panel and a variable element; receiving, via the variable element of the GUI, an indication of a first change in the value of the variable field to a first value; re-rendering the visualization using the events and the first value; and causing display of the GUI with an updated visualization panel and the variable element.

公开(公告)号：US10778710B2

公开(公告)日：2020-09-15

申请号：US16177394

申请日：2018-10-31

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: H04L29/06 ,  G06F9/54 ,  G06F16/21 ,  G06F16/33 ,  G06F16/903 ,  H04L29/08 ,  H04L12/24 ,  H04L12/58

Abstract: The disclosed embodiments relate to a system that generates an alert based on information extracted from search results generated by a query. During operation, the system executes the query to generate the search results. The system also obtains configuration information for the alert, wherein the configuration information identifies information associated with the search results, and also specifies a trigger condition for the alert. Next, when the trigger condition for the alert is met, the system uses the configuration information to generate a payload containing the identified information associated with the search results. The system then invokes alert-generating functionality and provides the payload as input to the alert-generating functionality. This enables the alert-generating functionality to use the information from the search results while performing one or more alert actions association with the alert.

公开(公告)号：US10394802B1

公开(公告)日：2019-08-27

申请号：US15011654

申请日：2016-01-31

Applicant: Splunk Inc.

Inventor： Michael Porath ,  Siegfried Puchbauer-Schnabel

IPC: G06F16/242 ,  G06F16/2457 ,  G06F16/951 ,  G06F16/29 ,  G06F16/248 ,  G06F3/0484

Abstract: A data intake and query system may store raw machine data that includes location information. A client system may include a user interface for searching the data intake and query system. The user interface allows a user to define a field search query and to define one or more ad-hoc boundary regions on a map. A combined query is transmitted to the data intake and query system, the combined query including both the field search query and location search information that is based on the ad-hoc boundary regions. The data intake and query system runs the combined query and returns responsive results, which are displayed at the client user interface.

公开(公告)号：US20160323306A1

公开(公告)日：2016-11-03

申请号：US14698724

申请日：2015-04-28

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: H04L29/06 ,  G06F9/54 ,  G06F17/30

CPC classification number: H04L63/1425 ,  G06F9/542 ,  G06F17/30289 ,  G06F17/30657 ,  G06F17/30985 ,  H04L41/0686 ,  H04L41/22 ,  H04L51/30 ,  H04L65/608 ,  H04L67/02

Abstract: The disclosed embodiments relate to a system that generates an alert based on information extracted from search results generated by a query. During operation, the system executes the query to generate the search results. The system also obtains configuration information for the alert, wherein the configuration information identifies information associated with the search results, and also specifies a trigger condition for the alert. Next, when the trigger condition for the alert is met, the system uses the configuration information to generate a payload containing the identified information associated with the search results. The system then invokes alert-generating functionality and provides the payload as input to the alert-generating functionality. This enables the alert-generating functionality to use the information from the search results while performing one or more alert actions association with the alert.

Abstract translation: 所公开的实施例涉及基于从查询生成的搜索结果中提取的信息生成警报的系统。 在运行期间，系统执行查询以生成搜索结果。 系统还获取警报的配置信息，其中配置信息识别与搜索结果相关联的信息，并且还指定警报的触发条件。 接下来，当满足警报的触发条件时，系统使用配置信息来生成包含与搜索结果相关联的识别信息的有效载荷。 然后系统调用警报生成功能，并将有效负载作为警报生成功能的输入。 这使得警报生成功能能够在执行与警报相关联的一个或多个警报动作时使用来自搜索结果的信息。

公开(公告)号：US20160321327A1

公开(公告)日：2016-11-03

申请号：US14698716

申请日：2015-04-28

Applicant: Splunk Inc.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: G06F17/30 ,  G06F3/0484

CPC classification number: G06F17/30554 ,  G06F3/04842 ,  G06F3/04847

Abstract: A system that enables a user to configure alert actions based on search results generated by a query is disclosed. During operation, the system presents an alert user interface (UI) to a user, wherein the alert UI enables the user to configure one or more alert actions to be performed based on the search results. Next, the system receives alert configuration information from the user through the alert UI, wherein the alert configuration information includes tokens representing parameters associated with the query and the search results. Then, while generating an alert associated with the search results, the system performs a token substitution operation that substitutes tokens in the alert configuration information with corresponding parameters from the search results to generate a payload that is communicated to alert-generating functionality. This token substitution allows the parameters to be used by the alert-generating functionality while performing the one or more alert actions.

Abstract translation: 公开了一种使得用户能够基于由查询产生的搜索结果来配置警报动作的系统。 在操作期间，系统向用户呈现警报用户界面（UI），其中警报UI使得用户能够基于搜索结果来配置要执行的一个或多个警报动作。 接下来，系统通过警报UI从用户接收警报配置信息，其中警报配置信息包括表示与查询和搜索结果相关联的参数的令牌。 然后，在生成与搜索结果相关联的警报的同时，系统执行令牌替换操作，其将具有来自搜索结果的相应参数的警报配置信息中的令牌代替，以生成传达给警报生成功能的有效载荷。 该令牌替换允许在执行一个或多个警报动作时由警报生成功能使用参数。

公开(公告)号：US11798209B1

公开(公告)日：2023-10-24

申请号：US17731310

申请日：2022-04-28

Applicant: Splunk Inc.

Inventor： Nicholas Filippi ,  Simon Fishel ,  Siegfried Puchbauer-Schnabel ,  Mathew Elting ,  Carl Yestrau

IPC: G06T11/20 ,  G06F16/9038

CPC classification number: G06T11/206 ,  G06F16/9038 ,  G06T2200/24

Abstract: Embodiments of the disclosure are systems and methods for updating third party visualizations in response to a query. In one embodiment, a method is provided that includes receiving input data comprising events, where the events comprise time-stamped machine- generated data. The method also comprises receiving a modular visualization that includes a variable field associated with a visualization and instructions for rendering the visualization using the input data and the variable field. Further, the method comprises rendering the visualization based on the input data and a value associated with the variable field. Additionally, the method comprises updating the value of the variable field and obtaining updated input data using a search query that is generated using the updated value. The visualization is re-rendered based on the updated input data and the updated value.

公开(公告)号：US11422686B2

公开(公告)日：2022-08-23

申请号：US16850967

申请日：2020-04-16

Applicant: SPLUNK INC.

Inventor： Nicholas Filippi ,  Siegfried Puchbauer-Schnabel ,  Cary Noel

IPC: G06F3/04847

Abstract: Provided are systems and methods for determining and displaying automatically binned information via a graphical user interface. A graphical user interface (GUI) may include a first graphical element representing a first metric value for a first time window and a second graphical element representing a second metric value for a second time window. An indication of a selection of the first time window may be received via the GUI. An updated GUI comprising a third graphical element representing a third metric value for the third time window and a fourth graphical element representing the fourth metric value for the fourth time window may be displayed, wherein the third time window and the fourth time window may be sub-ranges of the first time window.

公开(公告)号：US11348294B2

公开(公告)日：2022-05-31

申请号：US17013115

申请日：2020-09-04

Applicant: Splunk Inc

Inventor： Nicholas Filippi ,  Simon Fishel ,  Siegfried Puchbauer-Schnabel ,  Mathew Elting ,  Carl Yestrau

IPC: G06T11/20 ,  G06F16/9038

Abstract: Embodiments of the disclosure are systems and methods for updating third party visualizations in response to a query. In one embodiment, a method is provided that includes receiving input data comprising events, where the events comprise time-stamped machine-generated data. The method also comprises receiving a modular visualization that includes a variable field associated with a visualization and instructions for rendering the visualization using the input data and the variable field. Further, the method comprises rendering the visualization based on the input data and a value associated with the variable field. Additionally, the method comprises updating the value of the variable field and obtaining updated input data using a search query that is generated using the updated value. The visualization is re-rendered based on the updated input data and the updated value.

公开(公告)号：US20210026849A1

公开(公告)日：2021-01-28

申请号：US17063444

申请日：2020-10-05

Applicant: SPLUNK INC.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: G06F16/248 ,  G06F3/0484

Abstract: A system that enables a user to configure alert actions based on search results generated by a query is disclosed. During operation, the system presents an alert user interface (UI) to a user, wherein the alert UI enables the user to configure one or more alert actions to be performed based on the search results. Next, the system receives alert configuration information from the user through the alert UI, wherein the alert configuration information includes tokens representing parameters associated with the query and the search results. Then, while generating an alert associated with the search results, the system performs a token substitution operation that substitutes tokens in the alert configuration information with corresponding parameters from the search results to generate a payload that is communicated to alert-generating functionality. This token substitution allows the parameters to be used by the alert-generating functionality while performing the one or more alert actions.

公开(公告)号：US20190213765A1

公开(公告)日：2019-07-11

申请号：US16034143

申请日：2018-07-12

Applicant: Splunk Inc

Inventor： Nicholas Filippi ,  Simon Fishel ,  Siegfried Puchbauer-Schnabel ,  Mathew Elting ,  Carl Yestrau

IPC: G06T11/20 ,  G06F16/9038

CPC classification number: G06T11/206 ,  G06F16/9038 ,  G06T2200/24

Abstract: Embodiments of the disclosure are systems and methods for providing third party visualizations. In one embodiment, a method is provided that includes receiving, via an API, computer-executable instructions configured to render a visualization using events and a variable field; rendering the visualization using the events; causing displaying of a graphical user interface (GUI) comprising a visualization panel and a variable element; receiving, via the variable element of the GUI, an indication of a first change in the value of the variable field to a first value; re-rendering the visualization using the events and the first value; and causing display of the GUI with an updated visualization panel and the variable element.