中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

2251 records (took 0.067 seconds)

    Event selector to generate alternate views
    352.
    发明授权
    Event selector to generate alternate views 有权

    公开(公告)号:US10185740B2

    公开(公告)日:2019-01-22

    申请号:US15011284

    申请日:2016-01-29

    Applicant: SPLUNK, INC.

    Inventor: Divanny I. Lamas Marc Vincent Robichaud Carl Sterling Yestrau

    IPC: G06F17/30 G06F3/0482 G06F3/0481 G06F3/0484 H04L12/24 G06F11/07

    Abstract: An event view selector for a search user interface is described. In one or more implementations, a service may operate to collect and store data as events and apply a late binding schema to extract events that match the search criteria and provide search results for display via the search user interface. The search user interface exposes an event view selector operable to enable transitions between multiple different views of the events associated with different levels of detail. The views may include at least a raw view, a list view, and a table view. Responsive to receiving an indication of a view selected via the event view selector, the selected view may be exposed via the search user interface.

    Central repository for storing configuration files of a distributed computer system
    353.
    发明授权
    Central repository for storing configuration files of a distributed computer system 有权

    公开(公告)号:US10178152B2

    公开(公告)日:2019-01-08

    申请号:US15143472

    申请日:2016-04-29

    Applicant: Splunk Inc.

    Inventor: Ledion Bitincka Vishal Patel Geoffrey Hendrey Eric Woo

    IPC: H04L12/24 G06F15/16 H04L29/08

    Abstract: In a computer-implemented method for configuring a distributed computer system comprising a plurality of nodes of a plurality of node classes, configuration files for a plurality of nodes of each of the plurality of node classes are stored in a central repository. The configuration files include information representing a desired system state of the distributed computer system, and the distributed computer system operates to keep an actual system state of the distributed computer system consistent with the desired system state. The plurality of node classes includes forwarder nodes for receiving data from an input source, indexer nodes for indexing the data, and search head nodes for searching the data. Responsive to receiving changes to the configuration files, the changes are propagated to nodes of the plurality of nodes impacted by the changes based on a node class of the nodes impacted by the changes.

    Interactive display of aggregated search result information
    354.
    发明授权
    Interactive display of aggregated search result information 有权

    公开(公告)号:US10162863B2

    公开(公告)日:2018-12-25

    申请号:US14530692

    申请日:2014-11-01

    Applicant: Splunk Inc.

    Inventor: Steve Yu Zhang Stephen P. Sorkin

    IPC: G06F17/30 H04L12/24 H04L29/08

    Abstract: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.

    Detection of potential security threats based on categorical patterns
    355.
    发明授权
    Detection of potential security threats based on categorical patterns 有权

    公开(公告)号:US10091227B2

    公开(公告)日:2018-10-02

    申请号:US15339955

    申请日:2016-11-01

    Applicant: Splunk Inc.

    Inventor: Munawar Monzy Merza John Coates James M Hansen Lucas Murphey David Hazekamp Michael Kinsley Alexander Raitz

    IPC: H04L29/06 G06F21/55 G06F17/30

    Abstract: A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.

    Machine-generated traffic detection (beaconing)
    356.
    发明授权
    Machine-generated traffic detection (beaconing) 有权

    公开(公告)号:US10069849B2

    公开(公告)日:2018-09-04

    申请号:US14929184

    申请日:2015-10-30

    Applicant: Splunk Inc.

    Inventor: Sudhakar Muddu Christos Tryfonas Marios Iliofotou

    IPC: H04L29/06 G06N99/00 G06F17/30 G06N7/00 G06F3/0482 G06K9/20 G06F3/0484 H04L12/24 H04L12/26

    Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

    Collection query driven generation of inverted index for raw machine data
    359.
    发明授权
    Collection query driven generation of inverted index for raw machine data 有权

    公开(公告)号:US10061807B2

    公开(公告)日:2018-08-28

    申请号:US15421236

    申请日:2017-01-31

    Applicant: SPLUNK INC.

    Inventor: David Ryan Marquardt Mitchell Blank Stephen Sorkin

    IPC: G06F17/30

    CPC classification number: G06F16/2455 G06F16/221 G06F16/2272 G06F16/2379 G06F16/951

    Abstract: Embodiments of the present disclosure provide a method for generating an inverted index in accordance with a user generated collection query. The method comprises providing a field searchable data store that comprises a plurality of event records, each event record comprising a time-stamped portion of raw machine data. The method further comprises receiving a collection query that references a field name. Further, responsive to the collection query, an inverted index is generated by: a) determining an extraction rule associated with the field name; b) extracting a field value corresponding to the field name from one or more event records in the field searchable data store using the extraction rule; and c) populating the inverted index responsive to each extracted field value, wherein each entry comprises the field name, the corresponding field value and a reference value that identifies a location in the field searchable data store where an associated event record is stored.

Patent Agency Ranking