公开(公告)号：US11586722B2

公开(公告)日：2023-02-21

申请号：US17106001

申请日：2020-11-27

Applicant: Splunk Inc.

Inventor： Govind Salinas ,  Sourabh Satish ,  Robert John Truesdell

IPC: G06F21/45 ,  G06F21/60 ,  H04L9/40 ,  G06F21/44

Abstract: Described herein are improvements for responding to incidents in an information technology (IT) environment. In one example, a method includes, in an incident response system, receiving authentication information for use by a first component for responding to an incident in an information technology (IT) environment. The method further includes encrypting the authentication information and storing the authentication information in the incident response system along with encrypted parameters for operating the first component. In the incident response system, upon determining that the first component requires the authentication information for an interaction, the method provides retrieving the authentication information and providing the authentication information to the first component.

公开(公告)号：US11579860B2

公开(公告)日：2023-02-14

申请号：US17563598

申请日：2021-12-28

Applicant: Splunk Inc.

Inventor： Yanpei Chen ,  Archana Ganapathi

IPC: G06F8/61 ,  G06F8/65 ,  G06K9/62 ,  G06F9/445

Abstract: Disclosed are embodiments of a installed software program that receive a model from a product management system. The model is trained to select one of a plurality of predefined states based on operational parameter values of the installation of the software program. Each of the plurality of predefined states define configuration values of the installation of the software program. The defined configuration values indicate, in some embodiments, updates to operational parameter values of the installation of the software program.

公开(公告)号：US11579764B1

公开(公告)日：2023-02-14

申请号：US16945477

申请日：2020-07-31

Applicant: SPLUNK INC.

Inventor： Nathan Argroves ,  Christopher Chan ,  Bruce McLaren ,  Benjamin Weaver

IPC: G06F3/0486 ,  G06F3/0482 ,  H04L65/1066 ,  G06F16/903 ,  G06F16/242 ,  G06F9/451 ,  G06F16/9038

Abstract: A computing device is coupled to a display device, and includes a data monitoring software application program executing on a processor within a data monitoring system. Via the data monitoring software application program, various techniques are performed for generating user interfaces for data monitoring and event response. In a first technique, the data monitoring software application program displays a user interface that includes a first region including a data visualization and a second region including one or more images of a video stream. In a second technique, the data monitoring software application program generates a user interface associated with an event, receive an input corresponding to interaction with a user interface element in the user interface, and initiates an event channel associated with the event in response to the input.

公开(公告)号：USD977476S1

公开(公告)日：2023-02-07

申请号：US29768604

申请日：2021-01-29

Applicant: SPLUNK Inc.

Designer： Timothy Tully ,  Tishan Mills ,  Jesse Chor ,  Robert Fullerton

公开(公告)号：US11575693B1

公开(公告)日：2023-02-07

申请号：US17125130

申请日：2020-12-17

Applicant: Splunk Inc.

Inventor： Sudhakar Muddu ,  Christos Tryfonas ,  Ravi Prasad Bulusu ,  Marios Iliofotou

IPC: H04L9/40 ,  G06F3/04847 ,  G06F3/04842 ,  H04L41/0893 ,  H04L43/045 ,  H04L43/08 ,  G06N5/04 ,  H04L41/14 ,  H04L41/22 ,  G06N5/02 ,  G06N20/00 ,  G06F16/25 ,  G06F16/28 ,  G06F16/44 ,  G06F16/901 ,  G06F16/2457 ,  H04L43/00 ,  G06F40/134 ,  G06N20/20 ,  G06N7/00 ,  G06F3/0482 ,  G06F3/0484 ,  H04L43/062 ,  G06V10/22

Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

公开(公告)号：US11574242B1

公开(公告)日：2023-02-07

申请号：US16399964

申请日：2019-04-30

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Gyanendra Rana ,  Sergey Slepian ,  Andrew Stein ,  Iryna Vogler-Ivashchanka

IPC: G06F7/02 ,  G06F16/00 ,  G06N20/00 ,  G06F3/048 ,  G06F16/248 ,  G06F16/2458

Abstract: Techniques are described for providing a ML data analytics application including guided ML workflows that facilitate the end-to-end training and use of various types of ML models, where such guided workflows may also be referred to as ML “experiments.” For example, the ML data analytics application may enable users to create experiments related to prediction of numeric fields (for example, using linear regression techniques), predicting categorical fields (for example, using logistic regression), detecting numerical outliers (for example, using various distribution statistics), detecting categorical outliers (for example, using probabilistic statistics), forecasting time series data, and clustering numeric events (for example, using k-means, density-based spatial clustering of applications with noise (DBSCAN), spectral clustering, or other techniques), among other possible uses of various types of ML models to analyze data.

公开(公告)号：US20230031327A1

公开(公告)日：2023-02-02

申请号：US17811821

申请日：2022-07-11

Applicant: Splunk Inc.

Inventor： Benoit Bourbie ,  Nikhil Mungel ,  Peigen Sun

IPC: G06F16/9032 ,  G06F16/9035 ,  G06F40/205

Abstract: Systems and methods are disclosed for recommending query parameters to a user based on tenant information. The system can identify a token query parameter from a portion of a query entered in a user interface. The token query parameter can correspond to a system query parameter, such as a query command, a function, etc., or to a user query parameter. The system can identify a tenant of a distributed data intake and query system that is associated with the query. Based on the token query parameter, the system can identify at least one query parameter associated with the tenant. The at least one query parameter can include one or more query parameters previously entered by the user or other users of the tenant, etc. The system can cause the user interface to display one or more recommended query parameters for inclusion in the query.

公开(公告)号：US11567978B2

公开(公告)日：2023-01-31

申请号：US17332070

申请日：2021-05-27

Applicant: Splunk Inc.

Inventor： Itay Neeman ,  Bradford H. Lovering

IPC: G06F16/33 ,  G06F16/80 ,  G06F16/338 ,  G06F16/242 ,  G06F16/9032 ,  G06F16/903

Abstract: Technologies are described herein for executing queries expressed with reference to a structured query language against unstructured data. A user issues a structured query through a traditional structured data management (“SDM”) application. Upon receiving the structured query, an SDM driver analyzes the structured query and extracts a data structure from the unstructured data, if necessary. The structured query is then converted to an unstructured query based on the extracted data structure. The converted unstructured query may then be executed against the unstructured data. Results from the query are reorganized into structured data utilizing the extracted data structure and are then presented to the user through the SDM application.

公开(公告)号：US20230015186A1

公开(公告)日：2023-01-19

申请号：US17944065

申请日：2022-09-13

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  David Ryan Marquardt ,  Karthikeyan Sabhanatarajan

IPC: G06F16/2453 ,  G06F16/2458

Abstract: A method includes receiving an initial pipeline including a sequence of commands for execution on a computing system, and obtaining, for each command in the sequence of commands, semantic information. The sequence of commands includes a command with incomplete semantic information. The method further includes generating an abstract semantic tree (AST) with the semantic information and a placeholder for the incomplete semantic information, and manipulating the AST to generate a revised AST. The revised AST corresponds to a revised pipeline that reduces an execution time on the computing system. The method further includes executing the revised pipeline.

公开(公告)号：US11550772B2

公开(公告)日：2023-01-10

申请号：US17243967

申请日：2021-04-29

Applicant: Splunk Inc.

Inventor： Michael Joseph Baum ,  R. David Carasso ,  Robin Kumar Das ,  Rory Greene ,  Bradley Hall ,  Nicholas Christian Mealy ,  Brian Philip Murphy ,  Stephen Phillip Sorkin ,  Andre David Stechert ,  Erik M. Swan

IPC: G06F16/00 ,  G06F16/22 ,  G06F16/248 ,  G06F16/951 ,  G06F16/23 ,  G06F16/2458 ,  G06F16/2455 ,  G06F16/2457

Abstract: Methods and apparatus consistent with the invention provide the ability to organize, index, search, and present time series data based on searches. Time series data are sequences of time stamped records occurring in one or more usually continuous streams, representing some type of activity. In one embodiment, time series data is stored as discrete events time stamps. A search is received and relevant event information is retrieved based in whole or in part on the time stamp, a keyword indexing mechanism, or statistical indices calculated at the time of the search.