公开(公告)号：US12050507B1

公开(公告)日：2024-07-30

申请号：US17582995

申请日：2022-01-24

Applicant: Splunk, Inc.

Inventor： Abraham Starosta ,  Francis Beckert ,  Chandrima Sarkar

IPC: G06F11/07 ,  G06F16/2455 ,  G06F16/2458

CPC classification number: G06F11/0781 ,  G06F16/24561 ,  G06F16/2471

Abstract: A computerized method is disclosed for automated handling of data ingestion anomalies. The method features training a data model based on a first volume of data associated with a first time period. Thereafter, using the data model, a predictive analysis is conducted on a second volume of data associated with a second time period subsequent to the first time period to produce a predicted data ingestion volume. After, a correlative analysis between the predicted data ingestion volume and an actual data ingestion volume during the second time period is conducted to produce a prediction error. A notification is generated based on the prediction error.

公开(公告)号：US12039046B1

公开(公告)日：2024-07-16

申请号：US18311799

申请日：2023-05-03

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Trenton John Beals ,  Glenn Gallien ,  Govind Salinas

IPC: G06F21/55 ,  G06F9/451 ,  G06F11/07 ,  G06F11/34 ,  H04L9/40 ,  H04L41/0631

CPC classification number: G06F21/554 ,  G06F9/453 ,  G06F11/0793 ,  G06F11/3438 ,  H04L41/0631 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441

Abstract: The technology presented herein improves incident handling in an IT environment. In a particular example, a method provides identifying a first incident in the IT environment. From incident handling information that indicates how a plurality of previous incidents were handled by one or more users, the method provides identifying first information of the incident handling information corresponding to one or more first previous incidents of the plurality of previous incidents that are similar to the first incident. The method further provides determining a suggested course of action from the first information and presenting the suggested course of action to a user of the information technology environment.

公开(公告)号：US20240220497A1

公开(公告)日：2024-07-04

申请号：US18609798

申请日：2024-03-19

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Arindam Bhattacharjee

IPC: G06F16/2453 ,  G06F16/21 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/25 ,  G06F16/28 ,  G06F40/205

CPC classification number: G06F16/24535 ,  G06F16/219 ,  G06F16/24554 ,  G06F16/24568 ,  G06F16/2471 ,  G06F16/25 ,  G06F16/288 ,  G06F40/205

Abstract: Systems and methods are disclosed for executing a query that includes an indication to process data managed by an external data system. The system identifies the external data system that manages the data to be processed and generates a subquery for the external data system indicating that the results of the subquery are to be sent to one worker node of multiple worker nodes. The system instructs the one worker node to distribute the results received from the external data system to multiple worker nodes for processing.

公开(公告)号：US12019939B1

公开(公告)日：2024-06-25

申请号：US17347289

申请日：2021-06-14

Applicant: SPLUNK INC.

Inventor： Jesse Chor ,  Varun Gupta ,  Tuba Rafi ,  Benjamin Weaver ,  Glen Wong

IPC: G09G3/30 ,  G06F3/14 ,  G06F16/9038 ,  G09G3/36

CPC classification number: G06F3/1446 ,  G06F3/1438 ,  G06F16/9038

Abstract: Various embodiments set forth a computer-implemented method of displaying content of a visualization environment, comprising receiving, by a display controller coupled to a display device included in a plurality of display devices, a configuration that includes a display mode and identifies a dashboard to be displayed, determining a position of the display device relative to positions of other display devices, retrieving a set of values associated with the dashboard, where the set of values is provided by a remote data source based on a query executed on raw machine data associated with the dashboard, determining, based on the position, at least a portion of the dashboard to display in the display device, and causing, by the display controller, the display device to display at least a portion of the set of values within at least the portion of the dashboard.

公开(公告)号：US12007996B2

公开(公告)日：2024-06-11

申请号：US18051481

申请日：2022-10-31

Applicant: Splunk Inc.

Inventor： Balaji Rao ,  Jindrich Dinga ,  Kieran Cairney ,  Manuel Martinez ,  Nitilaksha Halakatti ,  Ningxuan He ,  Arindam Bhattacharjee ,  Sourav Pal ,  Alexandros Batsakis

IPC: G06F15/16 ,  G06F8/61 ,  G06F16/2453 ,  G06F16/2458 ,  H04L9/08 ,  H04L41/0806 ,  H04L67/10 ,  H04L67/52

CPC classification number: G06F16/24547 ,  G06F8/61 ,  G06F16/2465 ,  H04L9/0866 ,  H04L41/0806 ,  H04L67/10 ,  H04L67/52

Abstract: Systems and methods are described for establishing and managing components of a distributed computing framework implemented in a data intake and query system. The distributed computing framework may include a master and a plurality of worker nodes. The master may selectively operate on a search head captain that is chosen from the search heads of the data intake and query system. The search head captain may distribute configuration information for the master and the distributed computing framework to the other search heads, which in turn, may distribute that configuration information to indexers of the data intake and query system. Worker nodes may be selectively activated for operation on the indexers based on the configuration information, and the worker nodes may additionally use the configuration information to contact the master and join the distributed computing framework. This approach may provide numerous benefits, including improved security, flexibility in the selection of worker nodes, and redundancy for failures of physical components of the data intake and query system.

公开(公告)号：US11995571B1

公开(公告)日：2024-05-28

申请号：US17961533

申请日：2022-10-06

Applicant: Splunk Inc.

Inventor： Atif Mahadik ,  Govind Salinas ,  Sourabh Satish

IPC: G06Q10/0631 ,  G06F8/34 ,  G06N5/02 ,  G06N5/04

CPC classification number: G06N5/04 ,  G06N5/02 ,  G06Q10/06316 ,  G06F8/34

Abstract: Described herein are improvements for generating courses of action for an information technology (IT) environment. In one example, a method includes determining that a decision step occurs between a one step and two or more other steps of a first course of action associated with an incident type in the information technology environment. The method further includes determining possible outputs of the one step that, when used as input to the decision step, cause the first course of action to proceed from the decision step to respective steps of the two or more other steps. The method also includes incorporating logic into the decision step to direct the course of action to respective steps of the two or more other steps based on one or more of the possible outputs.

公开(公告)号：US11971778B1

公开(公告)日：2024-04-30

申请号：US18299469

申请日：2023-04-12

Applicant: Splunk Inc.

Inventor： Jacob Barton Leverich ,  Shang Cai ,  Hongyang Zhang ,  Mihai Ganea ,  Alex Cruise

IPC: G06F11/07

CPC classification number: G06F11/079 ,  G06F11/0709 ,  G06F11/0793

Abstract: A continuous anomaly detection service receives data stream and performs continuous anomaly detection on the incoming data streams. This continuous anomaly detection is performed based on anomaly detection definitions, which define a signal used for anomaly detection and an anomaly detection configuration. These anomaly detection definitions can be modified, such that continuous anomaly detection continues to be performed for the data stream and the signal, based on the new anomaly detection definition.

公开(公告)号：US11966391B2

公开(公告)日：2024-04-23

申请号：US18162646

申请日：2023-01-31

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Arindam Bhattacharjee

IPC: G06F17/00 ,  G06F16/21 ,  G06F16/2453 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/25 ,  G06F16/28 ,  G06F40/205

CPC classification number: G06F16/24535 ,  G06F16/219 ,  G06F16/24554 ,  G06F16/24568 ,  G06F16/2471 ,  G06F16/25 ,  G06F16/288 ,  G06F40/205

Abstract: Systems and methods are disclosed for executing a query that includes an indication to process data managed by an external data system. The system identifies the external data system that manages the data to be processed and generates a subquery for the external data system indicating that the results of the subquery are to be sent to one worker node of multiple worker nodes. The system instructs the one worker node to distribute the results received from the external data system to multiple worker nodes for processing.

公开(公告)号：US11956133B1

公开(公告)日：2024-04-09

申请号：US17846466

申请日：2022-06-22

Applicant: SPLUNK Inc.

Inventor： Michael Margulis ,  Bryan Browne Allen ,  David Michael Scott ,  Junyu Wang

IPC: H04L43/067 ,  H04L41/02 ,  H04L43/0817 ,  H04L67/568

CPC classification number: H04L43/067 ,  H04L41/024 ,  H04L43/0817 ,  H04L67/568

Abstract: Described are techniques for accelerating streaming analytics jobs, which may be used for generating dashboards. The disclosed techniques can reduce overhead, such as in the form of processor usage, network usage, or the like, due to duplicative or overlapping requests for streaming analytics data by implementing a caching process in which analytics data is evaluated to determine if it is likely to be requested multiple times or by multiple users, caching the analytics data, and serving future requests for the same analytics data from the cache instead of requiring separate analytics jobs for each request.

公开(公告)号：US11936764B1

公开(公告)日：2024-03-19

申请号：US17865041

申请日：2022-07-14

Applicant: Splunk Inc.

Inventor： Vladimir A. Shcherbakov ,  Michael R. Dickey

IPC: H04L69/22 ,  H04L67/10

CPC classification number: H04L69/22 ,  H04L67/10

Abstract: The disclosed embodiments provide a system that processes network data. During operation, the system obtains, at a remote capture agent, a first protocol classification for a first packet flow captured by the remote capture agent. Next, the system uses configuration information associated with the first protocol classification to build a first event stream from the first packet flow at the remote capture agent, wherein the first event stream comprises time-series event data generated from network packets in the first packet flow based on the first protocol classification. The system then transmits the first event stream over a network for subsequent storage and processing of the first event stream by one or more components on the network.