公开(公告)号：US11615073B2

公开(公告)日：2023-03-28

申请号：US16260962

申请日：2019-01-29

Applicant: SPLUNK INC.

Inventor： Jesse Miller ,  Marc V. Robichaud ,  Cory Burke ,  Alexander James ,  Jeffrey Thomas Lloyd

IPC: G06F16/23 ,  G06F16/33 ,  G06F16/2458 ,  G06F16/242 ,  G06F16/26 ,  G06F16/00 ,  G06F16/2453 ,  G06F16/2455 ,  G06F3/0484 ,  G06F21/62 ,  G06T11/20 ,  G06F3/04842 ,  G06F3/0482 ,  G06Q10/00 ,  G06F40/18 ,  G06F40/134 ,  G06F40/174 ,  G06F40/177 ,  G06Q10/10

Abstract: A method includes displaying events that correspond to search results of a search query, the events comprising data items of event attributes, the events displayed in a table. The table includes columns corresponding to an event attribute, rows corresponding events, cells populated data items, and interactive regions corresponding to at least one data item and selectable to add one or more commands to the search query. A reference event attribute is determined based on an analysis of a data object. A supplemental column corresponding to a supplemental event attribute is added to the table based on the reference event attribute. Supplemental interactive regions are added to the table and correspond to supplemental data items.

公开(公告)号：US11500866B2

公开(公告)日：2022-11-15

申请号：US17128913

申请日：2020-12-21

Applicant: SPLUNK Inc.

Inventor： Marc V. Robichaud ,  Jesse Miller ,  Cory Burke ,  Alexander James ,  Jeffrey Thomas Lloyd

IPC: G06F16/2452 ,  G06F16/00 ,  G06F16/26 ,  G06F16/33 ,  G06F16/23 ,  G06F16/242 ,  G06F16/2458 ,  G06F16/2453 ,  G06F16/2455 ,  G06F16/22 ,  G06F3/0484 ,  G06F21/62 ,  G06F40/177 ,  G06T11/20 ,  G06Q10/00 ,  G06F3/0482 ,  G06F3/04842 ,  G06Q10/10

Abstract: A method includes causing display of events that correspond to search results of a search query in a table. The table includes rows representing events comprising data items of event attributes, columns forming cells with the row, the columns representing respective event attributes, and interactive regions corresponding to one or more data items of the displayed data items. The method also includes in response to the user selecting a designated interactive region, causing display of a list of options, each displayed option corresponding to an interface template for composing query commands, and based on the user selecting an option in the displayed list of options, causing one or more commands to be added to the search query, the one or more commands composed based on the one or more data items that corresponds to the designated interactive region according to instructions of the interface template of the selected option.

公开(公告)号：US10915583B2

公开(公告)日：2021-02-09

申请号：US14610717

申请日：2015-01-30

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/93 ,  G06F16/9038 ,  G06F16/242 ,  G06F3/0482 ,  G06F16/2458 ,  G06F16/248

Abstract: A based on a selection by a user of first one or more values of one or more events displayed in a graphical interface, an extraction rule is automatically determined that is capable of extracting a field label-value pair at least partially within at least the selected one or more values. An option is displayed that correspond to the determined extraction rule in the graphical interface. Based on the user selecting the option in the graphical interface, display is caused of second one or more values of one or more field label-value pairs extracted from the one or more events using the extraction rule. The one or more events may be displayed in a table format, and the first one or more value may be selected by the user selecting one or more cells, columns, or text portions in the table format.

公开(公告)号：US10719558B2

公开(公告)日：2020-07-21

申请号：US14610717

申请日：2015-01-30

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/93 ,  G06F3/0482 ,  G06F16/242 ,  G06F16/2458 ,  G06F16/248 ,  G06F16/9038

Abstract: A based on a selection by a user of first one or more values of one or more events displayed in a graphical interface, an extraction rule is automatically determined that is capable of extracting a field label-value pair at least partially within at least the selected one or more values. An option is displayed that correspond to the determined extraction rule in the graphical interface. Based on the user selecting the option in the graphical interface, display is caused of second one or more values of one or more field label-value pairs extracted from the one or more events using the extraction rule. The one or more events may be displayed in a table format, and the first one or more value may be selected by the user selecting one or more cells, columns, or text portions in the table format.

公开(公告)号：US20190155804A1

公开(公告)日：2019-05-23

申请号：US16260985

申请日：2019-01-29

Applicant: Splunk Inc.

Inventor： Jesse Miller ,  Marc V. Robichaud ,  Cory Burke ,  Jeffrey Thomas Lloyd ,  Alexander James ,  Andrew Robbins

IPC: G06F16/23 ,  G06F16/2455 ,  G06F17/24 ,  G06F16/33 ,  G06F16/2458 ,  G06F16/242 ,  G06F16/26 ,  G06F16/00 ,  G06F3/0484 ,  G06F16/2453 ,  G06F21/62 ,  G06T11/20 ,  G06F3/0482 ,  G06Q10/00

Abstract: In some embodiments, a method may include display of a data summary view of a set of events that correspond to query results of a query. Each event of the set of events may include data items of a plurality of event attributes. In embodiments, the data summary view can include various summary reports. Each summary report can include summary entries and a summary graph that each present a summary of data items of a selected event attribute, of the plurality of event attributes. At least one summary report can include summary entries that are selectable by a user. The method may further include filtering the set of event, in response to, and based on, selection of one or more of the selectable summary entries by the user and updating of at least the first and second summary graphs to correspond to the filtered set of events.

公开(公告)号：US10204132B2

公开(公告)日：2019-02-12

申请号：US14815924

申请日：2015-07-31

Applicant: SPLUNK INC.

Inventor： Jesse Miller ,  Marc V. Robichaud ,  Cory Burke ,  Alexander James ,  Jeffrey Thomas Lloyd

IPC: G06F17/30 ,  G06Q10/00

Abstract: A method includes displaying events that correspond to search results of a search query, the events comprising data items of event attributes, the events displayed in a table. The table includes columns corresponding to an event attribute, rows corresponding events, cells populated data items, and interactive regions corresponding to at least one data item and selectable to add one or more commands to the search query. A reference event attribute is determined based on an analysis of a data object. A supplemental column corresponding to a supplemental event attribute is added to the table based on the reference event attribute. Supplemental interactive regions are added to the table and correspond to supplemental data items.

公开(公告)号：US10203842B2

公开(公告)日：2019-02-12

申请号：US14815927

申请日：2015-07-31

Applicant: SPLUNK INC.

Inventor： Jesse Miller ,  Marc V. Robichaud ,  Cory Burke ,  Alexander James ,  Jeffrey Thomas Lloyd

IPC: G06F17/30 ,  G06F3/0482 ,  G06F3/0484 ,  G06F17/24

Abstract: A method includes receiving, in a first query interface, a query composed by the user by typing commands into a query box of the first query interface and based on the receiving of the query, causing events corresponding to query results of the query to be displayed in the first query interface with fields corresponding to the events. Based on the selection by the user of an option, a second query interface is displayed with a table that includes events that correspond to query results of a loaded query. The table includes columns corresponding to event attributes, rows corresponding to events. Cells are populated with the data items of event attributes, where one of the columns corresponds to a field of the fields displayed in the first query interface. The table also includes interactive regions selectable by the user to add one or more commands to the loaded query.

公开(公告)号：US10061824B2

公开(公告)日：2018-08-28

申请号：US14611002

申请日：2015-01-30

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd ,  Jesse Miller

IPC: G06F17/30 ,  G06F3/0484 ,  G06F17/24

Abstract: A search interface is displayed in a table format that includes one or more columns, each column including data items of an event attribute, the data items being of a set of events, and a plurality of rows forming cells with the one or more columns, each cell including one or more of the data items of the event attribute of a corresponding column. Based on a user selecting one or more of the cells, a list of options if displayed corresponding to the selection, and one or more commands are added to a search query that corresponds to the set of events, the one or more commands being based on at least an option that is selected from the list of options and the event attribute for each of the one or more of the data items of each of the selected one or more cells.

公开(公告)号：US20170031659A1

公开(公告)日：2017-02-02

申请号：US14815954

申请日：2015-07-31

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Jacob Barton Leverich ,  Jeffrey Thomas Lloyd ,  Adam Jamison Oliner ,  Marc Vincent Robichaud

IPC: G06F9/44 ,  G06F17/30

Abstract: A facility for defining an event subtype using examples is described. The facility displays events identified among machine-generated data. The facility receives user input selecting a first subset of the events as examples of an event subtype. In response to receiving the user input, the facility displays a second subset of the events predicted to belong to the event subtype on the basis of the examples of the event subtype.

Abstract translation: 描述使用示例来定义事件子类型的设施。 设备显示在机器生成的数据之间标识的事件。 该设施接收选择事件的第一子集的用户输入，作为事件子类型的示例。 响应于接收到用户输入，设施基于事件子类型的示例显示预测属于事件子类型的事件的第二子集。

公开(公告)号：US20160224676A1

公开(公告)日：2016-08-04

申请号：US14815932

申请日：2015-07-31

Applicant: SPLUNK INC.

Inventor： Jesse Miller ,  Marc V. Robichaud ,  Cory Burke ,  Jeffrey Thomas Lloyd ,  Alexander James ,  Andrew Robbins

IPC: G06F17/30 ,  G06F17/24

CPC classification number: G06F17/245 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F17/30 ,  G06F17/30365 ,  G06F17/30374 ,  G06F17/30392 ,  G06F17/30466 ,  G06F17/30507 ,  G06F17/30551 ,  G06F17/30572 ,  G06F17/30634 ,  G06F17/30663 ,  G06F21/6227 ,  G06Q10/10

Abstract: In some embodiments, a method may include display of a data summary view of a set of events that correspond to query results of a query. Each event of the set of events may include data items of a plurality of event attributes. In embodiments, the data summary view can include various summary reports. Each summary report can include summary entries and a summary graph that each present a summary of data items of a selected event attribute, of the plurality of event attributes. At least one summary report can include summary entries that are selectable by a user. The method may further include filtering the set of event, in response to, and based on, selection of one or more of the selectable summary entries by the user and updating of at least the first and second summary graphs to correspond to the filtered set of events.

Abstract translation: 在一些实施例中，方法可以包括显示与查询的查询结果相对应的一组事件的数据摘要视图。 事件集合的每个事件可以包括多个事件属性的数据项。 在实施例中，数据摘要视图可以包括各种总结报告。 每个总结报告可以包括摘要条目和总结图，每个摘要图表显示多个事件属性中所选事件属性的数据项的摘要。 至少一个摘要报告可以包括可由用户选择的摘要条目。 该方法可以进一步包括响应于并且基于用户对一个或多个可选择的摘要条目的选择来过滤事件集合，并且至少更新第一和第二摘要图表以对应于过滤的集合 事件