-
公开(公告)号:US09922099B2
公开(公告)日:2018-03-20
申请号:US14528951
申请日:2014-10-30
Applicant: Splunk, Inc.
Inventor: Divanny I. Lamas , Marc Vincent Robichaud , Carl Sterling Yestrau
IPC: G06F17/30 , G06F3/0484 , G06F3/0482 , G06F3/0481
CPC classification number: G06F17/30557 , G06F3/04817 , G06F3/0482 , G06F3/04842 , G06F17/30383 , G06F17/30477 , G06F17/30551 , G06F17/30572 , G06F17/30991
Abstract: An event limited field picker for a search user interface is described. In one or more implementations, a service may operate to collect and store data as events each of which includes a portion of the data correlated with a point in time. Clients may use a search user interface perform searches by input of search criteria. Responsive to receiving search criteria, the service may operate to apply a late binding schema to extract events that match the search criteria and provide search results for display via the search user interface. The search user interface exposes an event limited field picker operable to make selections of fields with respect to individual events in a view of the search results. In response to receiving an indication of a fields selected via the picker, visibility of selected fields may be updated to control which field and values are included in different views.
-
公开(公告)号:US09916385B2
公开(公告)日:2018-03-13
申请号:US15339951
申请日:2016-11-01
Applicant: Splunk Inc.
Inventor: Ledion Bitincka , Steve Zhang , Igor Stojanovski , Stephen Sorkin
IPC: G06F17/30
CPC classification number: G06F17/30864 , G06F17/30477 , G06F17/30516 , G06F17/30545 , G06F17/30979
Abstract: A search request received at a computer of a search support system is processed by analyzing the received search request to identify request parameters and connecting to a system index of the search support system that is referenced in the request parameters. An external result provider (ERP) process is initiated that establishes communication between the search support system and a data source external to the search support system, for a virtual index referenced in the request parameters. Thus, the ERP process provides an interface between the search support system and external data sources, such as by third parties. The ERP process can operate in a streaming mode (providing real-time search results with minimal processing) and/or a reporting mode (providing results with a greater delay and processing extent) and can switch between modes. The search request results are received from the connected system indexes and the referenced virtual indexes.
-
公开(公告)号:US09900332B2
公开(公告)日:2018-02-20
申请号:US15616889
申请日:2017-06-07
Applicant: Splunk Inc.
Inventor: Sudhakar Muddu , Christos Tryfonas , Ravi Prasad Bulusu
IPC: G06F21/00 , H04L29/06 , G06F17/30 , G06N99/00 , G06N7/00 , G06F3/0484 , G06F3/0482 , G06F17/22 , H04L12/24 , G06N5/04 , G06K9/20 , H04L12/26
CPC classification number: H04L63/1416 , G06F3/0482 , G06F3/0484 , G06F3/04842 , G06F3/04847 , G06F17/2235 , G06F17/30061 , G06F17/3053 , G06F17/30563 , G06F17/30598 , G06F17/30958 , G06K9/2063 , G06N5/04 , G06N7/005 , G06N99/005 , H04L41/0893 , H04L41/145 , H04L41/22 , H04L43/00 , H04L43/045 , H04L43/062 , H04L43/08 , H04L63/06 , H04L63/1408 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/20 , H04L2463/121
Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.
-
公开(公告)号:US09864797B2
公开(公告)日:2018-01-09
申请号:US14700110
申请日:2015-04-29
Applicant: Splunk Inc.
Inventor: Tristan Antonio Fletcher , Alok Anant Bhide
IPC: H04L12/24 , G06F17/30 , G06F3/0484 , G06Q10/06 , G06F3/0482 , H04L29/08 , H04L12/26 , H04L29/06
CPC classification number: G06F17/30675 , G06F3/0482 , G06F3/04842 , G06F17/30964 , G06Q10/06393 , H04L29/08072 , H04L41/0686 , H04L41/069 , H04L41/22 , H04L41/5009 , H04L41/5032 , H04L43/04 , H04L63/145
Abstract: A system, method and graphical user interface (GUI) for creating a new correlation search based on a set of displayed graph lanes. The graph lanes may provide graphical visualizations of key performance indicators (KPIs) associated with one or more services and may assist a user in identifying a situation (e.g., problem or a pattern of interest) in the performance of the services. A user may adjust (e.g., add graph lanes, zooming-in) the graph lanes in order to display the situation, at which point the user may submit a request to create a new correlation search to detect if the situation reoccurs. The system may generate the new correlation search by iterating through the set of graph lanes and analyzing the fluctuations of each KPI to determine triggering criteria. The system may then run the correlation search and generate a notable event or alarm when the situation reoccurs.
-
公开(公告)号:US09853946B2
公开(公告)日:2017-12-26
申请号:US14806510
申请日:2015-07-22
Applicant: Splunk Inc.
Inventor: Hassan Alayli , Jagannath Kerai
CPC classification number: H04L63/029 , G06F17/30312 , G06F17/30424 , G06F17/30557 , H04L63/08
Abstract: Disclosed herein are a method, apparatus and system that authenticate a first data forwarder, of a distributed machine data acquisition and search system (MDASS), to a node that regulates traversal of a firewall that protects a protected environment within which the data forwarder operates. The authentication may be performed by using a SOCKS5 authentication process. The method further includes, only after successful completion of the SOCKS5 authentication process, establishing a first connection, through a network, between the first data forwarder and a first indexer of the distributed MDASS, where the first indexer operates outside the protected environment, and sending machine data acquired by the first data forwarder from a machine data source, to the first indexer via the first connection.
-
Patent Agency Ranking
376.发明授权公开(公告)号:US09842432B2
公开(公告)日:2017-12-12
申请号:US15421290
申请日:2017-01-31
Applicant: SPLUNK INC.
Inventor: Geoffrey R. Hendrey
IPC: G06T15/00 , G06T17/20 , A63F13/537 , B64D43/00 , G01C21/00
Abstract: A system, a method and instructions embodied on a non-transitory computer-readable storage medium that solve a 3D point-in-polygon (PIP) problem is presented. This system projects polygons that comprise a set of polyhedra onto projected polygons in a reference plane. Next, the system projects a data point onto the reference plane, and performs a 2D PIP operation in the reference plane to determine which projected polygons the projected data point falls into. For each projected polygon the projected data point falls into, the system performs a 3D crossing number operation by counting intersections between a ray projected from the corresponding data point in a direction orthogonal to the reference plane and polyhedral faces corresponding to projected polygons, to identify polyhedra the data point falls into. The system then generates a visual representation of the set of polyhedra, wherein each polyhedron is affected by data points that fall into it.
-
公开(公告)号:US09838410B2
公开(公告)日:2017-12-05
申请号:US14928985
申请日:2015-10-30
Applicant: Splunk Inc.
Inventor: Sudhakar Muddu , Christos Tryfonas , Ravi Prasad Bulusu
IPC: H04L29/06 , G06N99/00 , G06F17/30 , G06N7/00 , G06F3/0482 , G06F3/0484 , G06F17/22 , H04L12/24 , G06N5/04 , G06K9/20 , H04L12/26
CPC classification number: H04L63/1416 , G06F3/0482 , G06F3/0484 , G06F3/04842 , G06F3/04847 , G06F17/2235 , G06F17/30061 , G06F17/3053 , G06F17/30563 , G06F17/30598 , G06F17/30958 , G06K9/2063 , G06N5/04 , G06N7/005 , G06N99/005 , H04L41/0893 , H04L41/145 , H04L41/22 , H04L43/00 , H04L43/045 , H04L43/062 , H04L43/08 , H04L63/06 , H04L63/1408 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/20 , H04L2463/121
Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.
-
公开(公告)号:US09836336B2
公开(公告)日:2017-12-05
申请号:US14962970
申请日:2015-12-08
Applicant: Splunk Inc.
Inventor: Itay A. Neeman
CPC classification number: G06F9/542 , G06F8/65 , G06F8/71 , G06F9/44521 , G06F9/54 , G06F17/30477 , G06F2209/545
Abstract: A first feature (e.g., chart or table) includes a reference to a dynamic pointer. Independently, the pointer is defined to point to a second feature (e.g., a query). The first feature is automatically updated to reflect a current value of the second feature. The reference to the pointer and pointer definition are recorded in a central registry, and changes to the pointer or second feature automatically cause the first feature to be updated to reflect the change. A mapping between features can be generated using the registry and can identify interrelationships to a developer. Further, changes in the registry can be tracked, such that a developer can view changes pertaining to a particular time period and/or feature of interest (e.g., corresponding to an operation problem).
-
公开(公告)号:US09817854B2
公开(公告)日:2017-11-14
申请号:US15007185
申请日:2016-01-26
Applicant: Splunk Inc.
Inventor: David Ryan Marquardt , Stephen Phillip Sorkin , Steve Yu Zhang
CPC classification number: G06F17/30321 , G06F17/30 , G06F17/30457 , G06F17/30477 , G06F17/30554 , G06F17/30595 , G06F17/30864
Abstract: Embodiments are directed are towards the transparent summarization of events. Queries directed towards summarizing and reporting on event records may be received at a search head. Search heads may be associated with one more indexers containing event records. The search head may forward the query to the indexers the can resolve the query for concurrent execution. If a query is a collection query, indexers may generate summarization information based on event records located on the indexers. Event record fields included in the summarization information may be determined based on terms included in the collection query. If a query is a stats query, each indexer may generate a partial result set from previously generated summarization information, returning the partial result sets to the search head. Collection queries may be saved and scheduled to run and periodically update the summarization information.
-
公开(公告)号:US20170315796A1
公开(公告)日:2017-11-02
申请号:US15143438
申请日:2016-04-29
Applicant: Splunk, Inc.
Inventor: Grigori Melnik , David Searle Noble , Itay Alfred Neeman , Cecelia Campbell
Abstract: An application development and deployment system allows an application developer to develop applications for a distributed data intake and query system. The application may include information that associates portions of the application with particular server groups of the distributed data intake and query system. The application may be partitioned to generate target application packages for each of the server groups of the data intake and query system.
-
-
-
-
-
-
-
-
-
Search Results
2251
records
(took 0.1 seconds)
