公开(公告)号：US20200067790A1

公开(公告)日：2020-02-27

申请号：US16670816

申请日：2019-10-31

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Cary Glen Noel

IPC: H04L12/24 ,  H04L12/26

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display, on a computer system, a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements for managing one or more ephemeral event streams that contain temporarily generated time-series event data from the network packets, wherein managing the one or more ephemeral event streams comprises modifying an end time for terminating the capture of time-series event data in an ephemeral event stream. The system then updates the configuration information based on input received through the first set of user-interface elements.

公开(公告)号：US20200014593A1

公开(公告)日：2020-01-09

申请号：US16573937

申请日：2019-09-17

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Wei Jiang ,  Vladimir A. Shcherbakov ,  Ramkumar Chandrasekharan ,  Clayton S. Ching

IPC: H04L12/24 ,  G06F3/0482 ,  G06F3/0484 ,  G06F16/26

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements containing a set of statistics associated with one or more event streams that comprise the time-series event data. The system then causes for display, in the GUI, one or more graphs comprising one or more values from the set of statistics. Finally, the system causes for display, in the GUI, a value of a statistic from the set of statistics based on a position of a cursor over the one or more graphs.

公开(公告)号：US20180234307A1

公开(公告)日：2018-08-16

申请号：US15955565

申请日：2018-04-17

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Fang I. Hsiao

IPC: H04L12/24 ,  H04L29/08 ,  H04L12/26 ,  G06F17/30

CPC classification number: H04L41/22 ,  G06F16/24565 ,  G06F16/2477 ,  G06F16/284 ,  G06F16/951 ,  H04L29/08072 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5045 ,  H04L43/045 ,  H04L43/16 ,  H04L67/02 ,  H04L69/329

Abstract: Services in an operating environment are represented by stored service definitions that identify entities that perform the service. Entity definitions identify machine data pertaining to the entity. A key performance indicator (KPI) of the service characterizes the service on the whole or some aspect of it. Each KPI is defined by a search query that derives a value from machine data identified in the entity definitions. Processing devices cause display of a service-monitoring page having services summary information and services aspects information. The summary information displays interactive summary tiles that each correspond to a service and present information about an aggregate KPI that characterizes the service. The aspects information displays interactive aspect tiles that each correspond to a KPI characterizing some aspect of an associated service. Additional information may be included in the service-monitoring page and interaction features enable a user to navigate to enhanced information displays.

公开(公告)号：US09590877B2

公开(公告)日：2017-03-07

申请号：US14933919

申请日：2015-11-05

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Fang I. Hsiao

IPC: G06F15/16 ,  H04L12/26 ,  G06F17/30 ,  H04L29/08 ,  H04L12/24 ,  G06F12/00

CPC classification number: H04L41/22 ,  G06F17/3051 ,  G06F17/30551 ,  G06F17/30595 ,  G06F17/30864 ,  H04L29/08072 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5045 ,  H04L43/045 ,  H04L43/16 ,  H04L67/02

Abstract: Services in an operating environment are represented by stored service definitions that identify entities that perform the service. Entity definitions identify machine data pertaining to the entity. A key performance indicator (KPI) of the service characterizes the service on the whole or some aspect of it. Each KPI is defined by a search query that derives a value from machine data identified in the entity definitions. Processing devices cause display of a service-monitoring page having a services summary region and a services aspects region. The summary region displays interactive summary tiles that each correspond to a service and present information about an aggregate KPI that characterizes the service. The aspects region displays interactive aspect tiles that each correspond to a KPI characterizing some aspect of an associated service. Additional information may be included in the service-monitoring page and interaction features enable a user to navigate to enhanced information displays.

Abstract translation: 操作环境中的服务由标识执行服务的实体的存储的服务定义来表示。 实体定义识别与实体有关的机器数据。 该服务的关键性能指标（KPI）表示服务的整体或某个方面。 每个KPI由搜索查询定义，该搜索查询从实体定义中标识的机器数据中导出值。 处理设备导致显示具有服务摘要区域和服务方面区域的服务监视页面。 摘要区域显示每个对应于服务的交互式摘要图块，并显示关于表征服务的聚合KPI的信息。 方面区域显示交互式方面图块，其各自对应于表征相关联服务的某些方面的KPI。 附加信息可能包含在服务监控页面中，交互功能使用户能够浏览到增强的信息显示。

公开(公告)号：US20160294606A1

公开(公告)日：2016-10-06

申请号：US15088087

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Asmita Puri ,  Alan Vincent Hardin ,  Fang I. Hsiao ,  Alok Anant Bhide

IPC: H04L12/24 ,  H04L29/08 ,  H04L12/26

CPC classification number: H04L41/0695 ,  G06Q10/06393 ,  H04L43/04 ,  H04L67/22

Abstract: An automatic service monitor in an information-technology environment performs regular search queries against generated machine data to derive performance measurements. The information technology environment is defined in terms of services provided by entities, and the performance measurements are defined as key performance indicators (KPIs) of the services. Generated machine data used by the search queries pertain to the entities performing the service. Definitional information for the services, entities, and KPIs is administered by a user to control the operation of the service monitor. Various aspects of such definitional information as well as related performance measurement information may be presented in a unified console display tailored to, and organized around, a particular service. The console display may serve as a central launch point by supporting user interaction to navigate to other specialized monitoring interfaces.

Abstract translation: 信息技术环境中的自动服务监视器针对生成的机器数据执行定期搜索查询以导出性能测量。 信息技术环境根据实体提供的服务来定义，性能测量被定义为服务的关键绩效指标（KPI）。 搜索查询使用的生成的机器数据与执行服务的实体有关。 服务，实体和KPI的定义信息由用户管理以控制服务监视器的操作。 这种定义信息的各个方面以及相关的性能测量信息可以被呈现在针对特定服务定制并组织的统一的控制台显示中。 控制台显示可以通过支持用户交互来导航到其他专门的监控接口，作为中心发射点。

公开(公告)号：US09210056B1

公开(公告)日：2015-12-08

申请号：US14611216

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Fang I. Hsiao

IPC: G06F15/173 ,  G06F7/00 ,  H04L12/26 ,  H04L12/24 ,  G06F17/30 ,  G06F3/048 ,  G06Q40/00

CPC classification number: H04L41/22 ,  G06F17/3051 ,  G06F17/30551 ,  G06F17/30595 ,  G06F17/30864 ,  H04L29/08072 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5045 ,  H04L43/045 ,  H04L43/16 ,  H04L67/02

Abstract: One or more processing devices cause display of a service-monitoring page having a services summary region and a services aspects region. The services summary region contains an ordered plurality of interactive summary tiles, each summary tile corresponding to a respective service and providing a character or graphical representation of at least one value for an aggregate key performance indicator (KPI) characterizing the respective service as a whole. The services aspects region contains an ordered plurality of interactive aspect tiles, each aspect tile corresponding to a respective aspect KPI and providing a character or graphical representation of one or more values for the respective aspect KPI, each aspect KPI having an associated service and typifying performance for an aspect of the associated service. Each KPI is associated with a service having a service definition, each service definition has one or more entity definitions, each entity definition having information to identity machine data related to the entity, each KPI has a definition including a search query that produces a value derived from machine data identified using one or more of the entity definitions included in the service definition, and each value is indicative of how the service in whole or part is performing at a point in time or during a period of time.

Abstract translation: 一个或多个处理装置引起显示具有服务摘要区域和服务方面区域的服务监视页面。 服务摘要区域包含有序的多个交互式摘要瓦片，每个概要瓦片对应于相应的服务，并且提供表征作为整体的各个服务的聚合密钥性能指标（KPI）的至少一个值的字符或图形表示。 服务方面区域包含有序的多个交互方面瓦片，每个方面瓦片对应于相应的方面KPI并且提供用于各个方面KPI的一个或多个值的字符或图形表示，每个方面KPI具有相关联的服务和代表性能 对于相关服务的一个方面。 每个KPI与具有服务定义的服务相关联，每个服务定义具有一个或多个实体定义，每个实体定义具有用于识别与该实体相关的机器数据的信息，每个KPI具有包括产生一个值的搜索查询的定义 来自使用服务定义中包括的一个或多个实体定义来识别的机器数据，并且每个值指示整个或部分服务如何在时间点或一段时间内执行。

公开(公告)号：US20150295780A1

公开(公告)日：2015-10-15

申请号：US14610457

申请日：2015-01-30

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Cary Glen Noel

IPC: H04L12/24 ,  G06F3/0484

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display, on a computer system, a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements for managing one or more ephemeral event streams that contain temporarily generated time-series event data from the network packets, wherein managing the one or more ephemeral event streams comprises modifying an end time for terminating the capture of time-series event data in an ephemeral event stream. The system then updates the configuration information based on input received through the first set of user-interface elements.

Abstract translation: 所公开的实施例提供了有助于网络数据的处理的系统。 在操作期间，系统导致在计算机系统上显示用于从由一个或多个远程捕获代理捕获的网络分组生成时间序列事件数据的配置信息的图形用户界面（GUI）。 接下来，系统导致在GUI中显示第一组用户界面元素，用于管理从网络分组中包含临时生成的时间序列事件数据的一个或多个临时事件流，其中管理一个或多个短暂事件 流包括修改用于终止在短暂事件流中捕获时间序列事件数据的结束时间。 然后，系统基于通过第一组用户界面元素接收的输入来更新配置信息。

公开(公告)号：US09130832B1

公开(公告)日：2015-09-08

申请号：US14611190

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Alan Hardin ,  Brian C. Reyes ,  Fang I. Hsiao

IPC: G06F15/16 ,  H04L12/26 ,  G06F17/30 ,  H04L29/08 ,  G06F12/00

CPC classification number: H04L43/045 ,  G06F17/30315 ,  G06F17/30339 ,  G06F17/30386 ,  G06F17/30604 ,  H04L29/08072 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5045 ,  H04L41/5083 ,  H04L43/08 ,  H04L43/0817 ,  H04L63/0227

Abstract: Processing devices receive a file having entries having data items separated by delimiters. Each data item has an ordinal position. The processing device(s) cause display of a table, having rows and columns, in a graphical user interface. Each data items of a particular entry appears in a respective column of the same row. Each column corresponds to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each of the data items of the particular entry a value of an element of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared.

Abstract translation: 处理设备接收具有由分隔符分隔的数据项的条目的文件。 每个数据项都有一个序数位置。 处理设备使得在图形用户界面中显示具有行和列的表。 特定条目的每个数据项出现在同一行的相应列中。 每列对应于其相应数据项的序数位置。 接收到用户输入，为每个相应列指定相应列所属的字段名称和实体定义组件类型，并且为特定条目的每个数据项存储实体定义的元素的值。 元素具有为数据项出现的相应列指定的元素名称，并且与具有指定数据项出现的相应列的类型的实体定义组件相关联。

公开(公告)号：US11853361B1

公开(公告)日：2023-12-26

申请号：US17835542

申请日：2022-06-08

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian John Bingham ,  Fang I. Hsiao ,  Brian Reyes

IPC: H04L43/16 ,  G06F9/54 ,  H04L43/04 ,  H04L41/5009 ,  H04L41/50 ,  G06F3/0482 ,  H04L41/0806 ,  H04L43/045 ,  H04L41/22 ,  H04L67/51 ,  G06F16/951 ,  G06F16/9535 ,  G06F16/25 ,  G06F3/04847 ,  G06F3/0481 ,  G06Q10/0637 ,  G06F16/901 ,  G06F16/248 ,  G06F16/2453 ,  G06F3/04842 ,  G06F11/34 ,  G06F16/903 ,  G06F3/04817 ,  G06F16/26 ,  G06F16/2455 ,  H04L69/329 ,  H04L41/0213 ,  G06F16/33 ,  G06F16/9038 ,  G06F3/0484 ,  H04L43/091 ,  H04L43/55 ,  G06Q10/0639 ,  H04L67/10 ,  G06F11/32 ,  G06T11/20

CPC classification number: G06F16/903 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04817 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F11/321 ,  G06F11/34 ,  G06F16/248 ,  G06F16/2455 ,  G06F16/24542 ,  G06F16/252 ,  G06F16/26 ,  G06F16/334 ,  G06F16/9024 ,  G06F16/9038 ,  G06F16/90335 ,  G06F16/951 ,  G06F16/9535 ,  G06Q10/0637 ,  G06Q10/0639 ,  G06Q10/06393 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L43/045 ,  H04L43/091 ,  H04L43/16 ,  H04L43/55 ,  H04L67/10 ,  H04L67/51 ,  H04L69/329 ,  G06T11/206 ,  G06T2200/24

Abstract: A service monitoring system executing on one or more processors may have operations that are determined by control information. Control over the operation of the service monitoring system can be exerted through the use of a graphical interface. The graphical interface may present the control information of a new or existing correlation search definition for user interaction. The service monitoring system may maintain a data store of key performance indicator (KPI) data, where a KPI value in the data store is produced by a KPI-defining search query that derives the value from machine data associated with one or more entities that perform a monitored service. A correlation search definition of the service monitoring system determines how a search of the KPI data is conducted, how its data is evaluated to determine whether a triggering condition has been met, and, if so, determines what triggered action is to be initiated.

公开(公告)号：US11526511B1

公开(公告)日：2022-12-13

申请号：US17473435

申请日：2021-09-13

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Fang I. Hsiao ,  Arun Ramani

IPC: G06F16/64 ,  G06F16/2452 ,  G06F3/04847 ,  G06T11/20 ,  G06F16/2457 ,  G06F11/30 ,  G06Q10/06 ,  G06Q10/10

Abstract: An example method of implementing a monitoring interface for an information technology environment comprises: identifying machine data reflecting activity in the information technology environment comprising a plurality of entities providing a service; executing a search query to derive, from the machine data, a value of a key performance indicator (KPI) reflecting performance of the service; and causing display of a monitoring interface including: an identifier of the service, a color coded indication of a state of the KPI, and a visual representation of time series data associated with the service.