公开(公告)号：US10650051B2

公开(公告)日：2020-05-12

申请号：US15376516

申请日：2016-12-12

Applicant: Splunk Inc.

Inventor： Leonid Viktorovich Alekseyev ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: G06F16/903 ,  G06Q10/06 ,  H04L29/08 ,  G06F16/26 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L12/24 ,  G06F11/34 ,  G06F11/32 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  G06T11/20

Abstract: Raw machine data are captured and may be organized as events. Entity definitions representing machine entities that perform a service identify the machine data pertaining to respective entities. KPI search queries each define a KPI. Each KPI search query derives one or more values for the KPI from machine data identified in the entity definitions. The derivation may be performed on a per-entity basis and on the aggregate. The derived values may then be translated into a state value domain using per-entity thresholds, aggregate thresholds, or a combination.

公开(公告)号：US10572518B2

公开(公告)日：2020-02-25

申请号：US15799403

申请日：2017-10-31

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: H04L29/06 ,  G06F16/33 ,  G06F16/903 ,  H04L12/24 ,  H04L12/26 ,  G06Q10/06 ,  G06F3/0482 ,  G06F3/0484 ,  H04L29/08

Abstract: One or more processing devices derive values indicative of various aspects of how a particular service in an information technology (IT) environment is performing at a point in time or for a period of time. The values are derived by a search query over machine data associated with the one or more entities that provide the service. The one or more processing devices define and apply time varying static thresholds in respect to the values. A user (e.g., IT manager) may be enabled to manipulate or define multiple sets of KPI thresholds that vary over time.

公开(公告)号：US10447555B2

公开(公告)日：2019-10-15

申请号：US14800674

申请日：2015-07-15

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Hemendra Singh Choudhary ,  Clint Sharp

IPC: H04L12/24 ,  G06Q10/06 ,  G06F3/0482 ,  H04L12/26 ,  G06F16/2455

Abstract: Techniques are disclosed for providing an aggregate key performance indicator (KPI) that spans multiple services and for receiving user adjustment to KPI factors to configure an aggregate KPI (e.g., heath score). The techniques may enable a user to select KPIs and to adjust weights (e.g., importance) associated with the KPIs. The weight of a KPI may affect the influence a value of the KPI has on the calculation of an aggregate KPI value. The techniques may also include the ability to create a correlation search using the selected KPIs and weights so that a notification may be generated when the aggregate KPI value exceeds a threshold.

公开(公告)号：US10152561B2

公开(公告)日：2018-12-11

申请号：US15014017

申请日：2016-02-03

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F15/173 ,  G06F17/30 ,  G06Q10/06 ,  H04L12/24 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  H04L29/08 ,  G06T11/20

Abstract: A service monitoring system executing on one or more processors may have operations that are determined by control information. Control over the operation of the service monitoring system can be exerted through the use of a graphical interface. The graphical interface may present the control information of a new or existing correlation search definition for user interaction. The service monitoring system may maintain a data store of key performance indicator (KPI) data, where a KPI value in the data store is produced by a KPI-defining search query that derives the value from machine data associated with one or more entities that perform a monitored service. A correlation search definition of the service monitoring system determines how a search of the KPI data is conducted, how its data is evaluated to determine whether a triggering condition has been met, and, if so, determines what triggered action is to be initiated.

公开(公告)号：US20180075134A1

公开(公告)日：2018-03-15

申请号：US15814320

申请日：2017-11-15

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06F17/30 ,  H04L12/24 ,  H04L12/26 ,  G06F3/0482 ,  H04L29/08 ,  G06Q10/06 ,  H04L29/06

CPC classification number: G06F16/334 ,  G06F3/0482 ,  G06F3/04842 ,  G06F16/903 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L63/145

Abstract: A system, method and graphical user interface (GUI) for creating a new correlation search based on fluctuations in key performance indicators (KPIs) displayed in a set of graph lanes. The graph lanes may provide graphical visualizations of the KPIs associated with one or more services and may assist a user in identifying a situation (e.g., problem or a pattern of interest) in the performance of the services. The graph lanes can be adjusted (e.g., add graph lanes, zooming-in) in order to display the situation, at which point a new correlation search may be generated to detect if the situation reoccurs. The system may generate the new correlation search by iterating through the set of graph lanes and analyzing the fluctuations of each KPI to determine triggering criteria. The system may then run the correlation search and generate a notable event or alarm when the situation reoccurs.

公开(公告)号：US20170141969A1

公开(公告)日：2017-05-18

申请号：US15418766

申请日：2017-01-29

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Fang I. Hsiao

IPC: H04L12/24 ,  H04L29/08 ,  G06F17/30 ,  H04L12/26

CPC classification number: H04L41/22 ,  G06F17/3051 ,  G06F17/30551 ,  G06F17/30595 ,  G06F17/30864 ,  H04L29/08072 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5045 ,  H04L43/045 ,  H04L43/16 ,  H04L67/02

Abstract: Services in an operating environment are represented by stored service definitions that identify entities that perform the service. Entity definitions identify machine data pertaining to the entity. A key performance indicator (KPI) of the service characterizes the service on the whole or some aspect of it. Each KPI is defined by a search query that derives a value from machine data identified in the entity definitions. Processing devices cause display of a service-monitoring page having a services summary region and a services aspects region. The summary region displays interactive summary tiles that each correspond to a service and present information about an aggregate KPI that characterizes the service. The aspects region displays interactive aspect tiles that each correspond to a KPI characterizing some aspect of an associated service. Additional information may be included in the service-monitoring page and interaction features enable a user to navigate to enhanced information displays.

公开(公告)号：US09521047B2

公开(公告)日：2016-12-13

申请号：US15012848

申请日：2016-02-01

Applicant: Splunk Inc.

Inventor： Leonid Viktorovich Alekseyev ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/26 ,  G06F3/0484 ,  G06F3/0482 ,  G06F17/30 ,  G06F12/00

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: Raw machine data are captured and may be organized as events. Entity definitions representing machine entities that perform a service identify the machine data pertaining to respective entities. KPI search queries each define a KPI. Each KPI search query derives one or more values for the KPI from machine data identified in the entity definitions. The derivation may be performed on a per-entity basis and on the aggregate. The derived values may then be translated into a state value domain using per-entity thresholds, aggregate thresholds, or a combination.

Abstract translation: 原始机器数据被捕获并且可以被组织为事件。 表示执行服务的机器实体的实体定义识别与各实体有关的机器数据。 KPI搜索查询每个定义一个KPI。 每个KPI搜索查询从实体定义中标识的机器数据中获取KPI的一个或多个值。 衍生可以在每个实体的基础上和聚合上进行。 然后可以使用每个实体阈值，聚合阈值或组合将派生值转换为状态值域。

公开(公告)号：US20160132575A1

公开(公告)日：2016-05-12

申请号：US15000024

申请日：2016-01-18

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Cary Glen Noel ,  Brian Reyes

IPC: G06F17/30

Abstract: A services monitoring system causes display of time-based graphical visualizations that each correspond to a different key performance indicator (KPI) reflecting how a service provided by one or more entities is performing. The graphical visualizations are all calibrated to a same time scale. Each KPI is defined by a search query that derives one or more values reflected in the graphical visualization for that KPI from machine data pertaining to the one or more entities that provide the service corresponding to the KPI.

Abstract translation: 服务监视系统引起基于时间的图形可视化的显示，其每个对应于反映一个或多个实体提供的服务如何执行的不同的关键性能指标（KPI）。 图形可视化都被校准到相同的时间尺度。 每个KPI由搜索查询定义，搜索查询从与提供与KPI对应的服务的一个或多个实体有关的机器数据中导出反映在该KPI的图形可视化中的一个或多个值。

公开(公告)号：US20160105325A1

公开(公告)日：2016-04-14

申请号：US14800675

申请日：2015-07-15

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Clint Sharp

IPC: H04L12/24 ,  G06F3/0484 ,  G06F17/30 ,  H04L29/08 ,  G06F3/0482

CPC classification number: H04L41/5032 ,  G06F3/0482 ,  G06F3/04842 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/12 ,  H04L41/22 ,  H04L41/5006 ,  H04L41/5009 ,  H04L43/04 ,  H04L43/045 ,  H04L43/16 ,  H04L67/16 ,  H04L67/2809

Abstract: Techniques are disclosed for providing a topology navigator that may enable a user to view performance information for multiple IT services associated with a user's IT environment. The topology navigator may include multiple display components for displaying information about the services. A first display component may display multiple services as a graph of interdependent service nodes and a second display component may display information about one or more of the service nodes. The topology navigator may enable a user to visually inspect the aggregate KPI (e.g., health score) of multiple services to identify dependent services that are of interest (e.g., low performance) and navigate through the services to identify dependent services that may adversely affect a service of interest to the user. In one example, the second display component may display key performance indicators (KPIs) associated with the dependent service and the user may select one or more of the KPIs to add them to another display component for further analysis.

Abstract translation: 公开了用于提供拓扑导航器的技术，其可以使得用户能够查看与用户的IT环境相关联的多个IT服务的性能信息。 拓扑导航器可以包括用于显示关于服务的信息的多个显示组件。 第一显示组件可以将多个服务显示为相互依赖的服务节点的图，并且第二显示组件可以显示关于一个或多个服务节点的信息。 拓扑导航器可以使用户能够目视地检查多个服务的聚合KPI（例如，健康评分）以识别感兴趣的依赖服务（例如，低性能），并且浏览服务以识别可能不利地影响 用户感兴趣的服务。 在一个示例中，第二显示组件可以显示与依赖服务相关联的关键性能指标（KPI），并且用户可以选择一个或多个KPI以将它们添加到另一个显示组件用于进一步分析。

公开(公告)号：US20160104093A1

公开(公告)日：2016-04-14

申请号：US14859241

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Asmita Puri ,  Alok Anant Bhide

IPC: G06Q10/06

CPC classification number: G06Q10/06393

Abstract: A service monitoring system (SMS) produces key performance indicator (KPI) scores that indicate the performance of a service. To produce the KPI scores, the SMS may process the data for a large number of machine entities that perform the service. This data can be processed on a per-entity basis to produce a per-entity KPI score representing the contribution of a particular machine to the overall KPI. The per-entity KPI scores can be transformed to statistical representations which can be visualized as a distribution stream graph. The visualization may be presented with interactive aspects.

Abstract translation: 服务监控系统（SMS）产生指示服务性能的关键性能指标（KPI）分数。 为了产生KPI分数，SMS可以处理执行服务的大量机器实体的数据。 该数据可以在每个实体的基础上进行处理，以产生表示特定机器对总体KPI的贡献的每实体KPI分数。 每个实体的KPI分数可以被转换成可以被视为分布流图的统计表示。 可视化可以呈现出交互方面。