-
41.发明授权公开(公告)号:US11886475B1
公开(公告)日:2024-01-30
申请号:US17745848
申请日:2022-05-16
申请人: Splunk Inc.
发明人: Arvind Swaminathan , Xiang Zhou
CPC分类号: G06F16/334 , G06N5/022
摘要: A service monitoring system (SMS) transforms machine data from a monitored information technology (IT) environment into meaningful key performance indicators (KPIs) that each represents some measure of a service implemented by the environment on an ongoing basis. An overall health score for the service is determined from the KPIs and a prediction is made for a future health score. Data regarding a particular KPI and other KPIs is transformed to predicted future values for the particular KPI over a prediction window. Additionally, predicted future KPI scores may be used to determine a KPI impact score reflecting some measure of the degree to which the KPI, its related components, or processing related thereto, can influence the actual future health score. The KPI impact scores condition or direct the future operation of one or more SMS processes. Production of an impactor list identifying priority targets for interventive processing may be produced based at least on KPI impact scores and may also condition or direct the future operation of one or more SMS processes.
-
公开(公告)号:US11886464B1
公开(公告)日:2024-01-30
申请号:US18100329
申请日:2023-01-23
申请人: Splunk Inc.
IPC分类号: H04L41/0604 , G06F16/28 , G06F16/21 , G06F9/54 , H04L41/22 , H04L41/069 , H04L41/5009 , H04L41/0681 , G06Q10/0639 , G06Q10/20 , G06F16/903 , G06Q10/10 , H04L67/50
CPC分类号: G06F16/282 , G06F9/542 , G06F16/213 , G06F16/903 , G06Q10/06393 , G06Q10/10 , G06Q10/20 , H04L41/0604 , H04L41/069 , H04L41/0681 , H04L41/22 , H04L41/5009 , H04L67/535
摘要: Machine data of an operating environment is conveyed by a network to a data intake and query system (DIQS) which reflects the machine data as timestamped entries of a field-searchable datastore. Monitoring functionality may search the machine data to identify notable event instances. A notable event processing system correlates the notable event instance to one or more triaging models which are executed against the notable event to produce a modeled result. Information of the received notable event and the modeled results are combined into an enhanced representation of a notable event instance. The enhanced representation conditions downstream processing to automatically perform or assist triaging of notable event instances to optimize application of computing resources to highest priority conditions in the operating environment.
-
43.发明公开公开(公告)号:US20240031397A1
公开(公告)日:2024-01-25
申请号:US18231715
申请日:2023-08-08
申请人: Splunk Inc.
CPC分类号: H04L63/1441 , H04L63/20 , H04L63/1416 , G06F21/554 , G06F16/285 , H04L63/1433 , H04L63/0236 , H04L63/1425 , H04L47/2425
摘要: Systems, methods, and software described herein provide enhancements for implementing security actions in a computing environment. In one example, a method of operating an advisement system to provide actions in a computing environment includes identifying a security incident in the computing environment, identifying a criticality rating for the asset, and obtaining enrichment information for the security incident from one or more internal or external sources. The method also provides identifying a severity rating for the security incident based on the enrichment information, and determining one or more security actions based on the enrichment information. The method further includes identifying effects of the one or more security actions on operations of the computing environment based on the criticality rating and the severity rating, and identifying a subset of the one or more security actions to respond to the security incident based on the effects.
-
公开(公告)号:US11882099B1
公开(公告)日:2024-01-23
申请号:US17162941
申请日:2021-01-29
申请人: SPLUNK INC.
发明人: Jesse Chor , Michael Emery
IPC分类号: H04L9/40 , H04L12/46 , H04L9/30 , G06F16/27 , G06F16/951
CPC分类号: H04L63/029 , G06F16/27 , G06F16/951 , H04L9/30 , H04L12/4633 , H04L63/0442 , H04L63/08
摘要: Various embodiments of the present application set forth a computer-implemented method that includes receiving, by a trusted tunnel bridge and from a first application executing in a first network, a first encrypted data packet, where the first encrypted data packet includes an encrypted portion of data, and a destination device identifier (DDI). The method further includes determining, by the trusted tunnel bridge, a particular device in a second network and associated with the DDI included in the first encrypted data packet. The method further includes sending, by the trusted tunnel bridge directly to the particular device, the first encrypted data packet.
-
公开(公告)号:US11870673B2
公开(公告)日:2024-01-09
申请号:US17451518
申请日:2021-10-20
申请人: SPLUNK INC.
IPC分类号: H04L43/12 , H04L43/08 , H04L69/22 , H04L43/00 , H04L43/028
CPC分类号: H04L43/12 , H04L43/08 , H04L69/22 , H04L43/028 , H04L43/14
摘要: Various methods and systems for facilitating network traffic monitoring in association with an application running on a client device are provided. In this regard, aspects of the invention facilitate monitoring network traffic being transmitted to and/or from a client device, such as a mobile device, so that network performance can be analyzed. In various implementations, one or more default classes associated with an application on a device are replaced with one or more custom monitoring classes designed to facilitate monitoring data packets being communicated to or from the application. The custom monitoring classes can then be utilized to facilitate monitoring a plurality of data packets communicated to or from the application.
-
公开(公告)号:US11868411B1
公开(公告)日:2024-01-09
申请号:US17468428
申请日:2021-09-07
申请人: SPLUNK INC.
发明人: Ramesh Panuganty
IPC分类号: G06F16/951
CPC分类号: G06F16/951
摘要: Improved crawling and curation of data and metadata from diverse data sources is described. In some embodiments, improvements are achieved by interpreting the context, vocabulary and relationships of data element, to enable relational data search capability for users. The user querying process is improved by systematic identification of the data objects, context, and relationships across data objects and elements, aggregation methods and operators on the data objects and data elements as identified in the curation process. User query suggestions and recommendations can be adjusted based on the context, relationships between the data elements, user profile, and the data sources. When the user query is executed, the query text is translated into an equivalent of one or more query statements, such as SQL or PostGre statements, and the query is performed on the identified data sources. Results are assembled to present the answer in a meaningful visualization for the user query.
-
47.发明授权公开(公告)号:US11863408B1
公开(公告)日:2024-01-02
申请号:US17578206
申请日:2022-01-18
申请人: Splunk Inc.
发明人: Michael Dickey
IPC分类号: H04L43/04 , H04L41/0853 , H04L41/046 , H04L41/0816 , H04L43/106
CPC分类号: H04L43/04 , H04L41/046 , H04L41/0816 , H04L41/0856 , H04L43/106
摘要: The disclosed embodiments provide a method and system for processing network data. During operation, the system obtains, at a remote capture agent, configuration information for the remote capture agent from a configuration server over a network. Next, the system uses the configuration information to configure the generation of event data from network data obtained from network packets at the remote capture agent. The system then uses the configuration information to configure transformation of the event data or the network data into transformed event data at the remote capture agent.
-
公开(公告)号:US11860940B1
公开(公告)日:2024-01-02
申请号:US17233193
申请日:2021-04-16
申请人: Splunk Inc.
发明人: Alexandros Batsakis , Ashish Mathew , Christopher Madden Pride , Bharath Kishore Reddy Aleti , Sourav Pal , Arindam Bhattacharjee , James Monschke
IPC分类号: G06F16/901 , G06F16/903 , G06F16/2458
CPC分类号: G06F16/901 , G06F16/2477 , G06F16/90335
摘要: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system uses a search node catalog to identify search nodes that are available to execute the query and uses a bucket catalog to identify buckets to be searched. The data intake and query system executes the query using the identified bucket and search nodes.
-
公开(公告)号:US11838372B2
公开(公告)日:2023-12-05
申请号:US18093980
申请日:2023-01-06
申请人: SPLUNK Inc.
发明人: Gergely Danyi , Joseph Ari Ross
IPC分类号: G06F15/173 , H04L67/146 , G06F16/906 , G06F16/955
CPC分类号: H04L67/146 , G06F16/906 , G06F16/9566
摘要: A method of normalizing URLs associated with a real user session comprises extracting uniform resource locators (URLs) from ingested spans where at least a portion of the URLs comprise unique URL strings. The method also comprises decomposing each of the URLs into a sequence of tokens and grouping together subsets of related URLs. Also, the method comprises representing each subset of related URLs with a normalized URL string.
-
公开(公告)号:US11838351B1
公开(公告)日:2023-12-05
申请号:US17991704
申请日:2022-11-21
申请人: SPLUNK INC.
IPC分类号: H04L67/02 , H04L67/306 , H04L67/50 , H04L67/1001
CPC分类号: H04L67/02 , H04L67/1001 , H04L67/306 , H04L67/535
摘要: A deployment manager executing in a distributed computing environment generates a user behavior analytics (UBA) deployment to process structured event data. The deployment manager configures a streaming cluster to perform streaming processing on real-time data and configures a batch cluster to perform batch processing on aggregated data. A configuration manager executing in the distributed computing environment interoperates with the deployment manager to update the UBA deployment with user-provided code and configurations that define streaming and batch models, among other things. In this manner, the deployment manager provides a scalable UBA deployment that can be customized, via the configuration manager, by a user.
-
-
-
-
-
-
-
-
-
搜索结果
2848 条记录 (耗时 0.035 秒)
