公开(公告)号：US20160092045A1

公开(公告)日：2016-03-31

申请号：US14528939

申请日：2014-10-30

Applicant: Splunk, Inc.

Inventor： Divanny I. Lamas ,  Marc Vincent Robichaud ,  Carl Sterling Yestrau

IPC: G06F3/0482 ,  G06F3/0484 ,  G06F17/30

CPC classification number: G06F16/2428 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/04847 ,  G06F11/0766 ,  G06F16/248 ,  G06F2203/04803 ,  H04L41/22

Abstract: An event view selector for a search user interface is described. In one or more implementations, a service may operate to collect and store data as events and apply a late binding schema to extract events that match the search criteria and provide search results for display via the search user interface. The search user interface exposes an event view selector operable to enable transitions between multiple different views of the events associated with different levels of detail. The views may include at least a raw view, a list view, and a table view. Responsive to receiving an indication of a view selected via the event view selector, the selected view may be exposed via the search user interface.

Abstract translation: 描述用于搜索用户界面的事件视图选择器。 在一个或多个实现中，服务可以操作以收集和存储数据作为事件，并且应用后期绑定模式来提取与搜索条件匹配的事件，并且通过搜索用户界面提供用于显示的搜索结果。 搜索用户界面公开了可操作的事件视图选择器，以启用与不同细节级别相关联的事件的多个不同视图之间的转换。 视图可以至少包括原始视图，列表视图和表视图。 响应于接收通过事件视图选择器选择的视图的指示，所选择的视图可以经由搜索用户界面公开。

公开(公告)号：US09152682B2

公开(公告)日：2015-10-06

申请号：US14068651

申请日：2013-10-31

Applicant: Splunk Inc.

Inventor： Archana Sulochana Ganapathi ,  Alice Emily Neels ,  Marc Vincent Robichaud ,  Stephen Phillip Sorkin ,  Steve Yu Zhang

IPC: G06F17/30

CPC classification number: G06F17/30395 ,  G06F17/30424 ,  G06F17/30477 ,  G06F17/30554

Abstract: Embodiments are directed towards determining and tracking metadata for the generation of visualizations of requested data. A user may request data by providing a query that may be employed to search for the requested data. The query may include a plurality of commands, which may be employed in a pipeline to perform the search and to generate a table of the requested data. In some embodiments, each command may be executed to perform an action on a set of data. The execution of a command may generate one or more columns to append and/or insert into the table of requested data. Metadata for each generated column may be determined based on the actions performed by executing the commands. The table of requested data and the column metadata may be employed to generate and display a visualization of at least a portion of the requested data to a user.

Abstract translation: 实施例旨在确定和跟踪用于生成所请求数据的可视化的元数据。 用户可以通过提供可用于搜索所请求的数据的查询来请求数据。 该查询可以包括多个命令，其可以在流水线中用于执行搜索并生成所请求的数据的表。 在一些实施例中，可以执行每个命令以对一组数据执行动作。 命令的执行可以生成一个或多个列来附加和/或插入到所请求的数据的表中。 可以基于通过执行命令执行的动作来确定每个生成的列的元数据。 可以使用所请求的数据和列元数据的表来生成并向用户显示所请求的数据的至少一部分的可视化。

公开(公告)号：US11868364B1

公开(公告)日：2024-01-09

申请号：US17809830

申请日：2022-06-29

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud

IPC: G06F16/25 ,  G06F16/31 ,  G06F11/32 ,  G06F11/30 ,  G06F11/34

CPC classification number: G06F16/254 ,  G06F11/30 ,  G06F11/3006 ,  G06F11/3072 ,  G06F11/321 ,  G06F11/3452 ,  G06F16/313

Abstract: First one or more values are extracted from a plurality of events using a first extraction rule. The extracted first one or more values are assigned to a first field of the plurality of events as a first set of field-data item pairs. Second one or more values are extracted from the plurality of the events using a second extraction rule. The second extraction rule identifies the second one or more values and a field label corresponding to the second one or more values in the extracted first one or more values of the first set of field-data item pairs. The extracted second one or more values are assigned to a second field of the plurality of events as a second set of field-data item pairs. The field label extracted using the second extraction rule or a modified version thereof may be assigned to the second field.

公开(公告)号：US11868158B1

公开(公告)日：2024-01-09

申请号：US17952950

申请日：2022-09-26

Applicant: SPLUNK Inc.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F7/00 ,  G06F3/04842 ,  G06F3/0482 ,  G06F16/22 ,  G06F16/242 ,  G06F16/248 ,  G06F16/25 ,  G06F16/951 ,  G06F16/2455 ,  G06F40/18 ,  G06V10/22 ,  G06F3/04847 ,  G06F9/451

CPC classification number: G06F3/04842 ,  G06F3/0482 ,  G06F3/04847 ,  G06F16/221 ,  G06F16/242 ,  G06F16/248 ,  G06F16/2455 ,  G06F16/252 ,  G06F16/951 ,  G06F40/18 ,  G06V10/22 ,  G06F9/451 ,  G06F16/2425

Abstract: In embodiments of field value search drill down, a search system exposes a search interface that displays one or more events returned as a search result set. A field-value pair can be emphasized in the field-value pairs of an event displayed in the search interface, and a menu is displayed with search options that are selectable to operate on the emphasized field-value pair of the event. The menu includes the search options to add search criteria of the emphasized field-value pair to a search command in a search bar of the search interface, exclude the search criteria of the emphasized field-value pair from a search, or create a new data search based on the emphasized field-value pair. A selection of one of the search options in the menu can be received, and the search command in the search bar is updated based on the search option that is selected.

公开(公告)号：US11841908B1

公开(公告)日：2023-12-12

申请号：US17964556

申请日：2022-10-12

Applicant: Splunk Inc.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/93 ,  G06F3/0482 ,  G06F16/242 ,  G06F16/2458 ,  G06F16/248 ,  G06F16/9038

CPC classification number: G06F16/93 ,  G06F3/0482 ,  G06F16/248 ,  G06F16/2428 ,  G06F16/2477 ,  G06F16/9038

Abstract: Based on a selection by a user of first one or more values of one or more events displayed in a graphical interface, an extraction rule is automatically determined that is capable of extracting a field label-value pair at least partially within at least the selected one or more values. An option is displayed that correspond to the determined extraction rule in the graphical interface. Based on the user selecting the option in the graphical interface, display is caused of second one or more values of one or more field label-value pairs extracted from the one or more events using the extraction rule. The one or more events may be displayed in a table format, and the first one or more value may be selected by the user selecting one or more cells, columns, or text portions in the table format.

公开(公告)号：US11687219B2

公开(公告)日：2023-06-27

申请号：US17647797

申请日：2022-01-12

Applicant: SPLUNK INC.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F15/16 ,  G06F3/04842 ,  G06F3/0482 ,  G06F16/22 ,  G06F16/242 ,  G06F16/248 ,  G06F16/25 ,  G06F16/2455 ,  G06F3/04847 ,  G06F16/951 ,  G06F40/18 ,  G06V10/22 ,  G06F9/451

CPC classification number: G06F3/04842 ,  G06F3/0482 ,  G06F3/04847 ,  G06F16/221 ,  G06F16/242 ,  G06F16/248 ,  G06F16/2455 ,  G06F16/252 ,  G06F16/951 ,  G06F40/18 ,  G06V10/22 ,  G06F9/451 ,  G06F16/2425

Abstract: In embodiments of statistics chart row mode drill down, a first interface is displayed in a table format that includes columns and rows, where each row is associated with an event and each column includes field for a respective event. The rows can further include one or more aggregated metrics representing a number of events associated with a respective row. A row can be emphasized in the first interface and, in response a menu can be displayed with selectable options to transition to a second interface, where the data displayed by the second interface is based on an option selected from the menu.

公开(公告)号：US11573959B2

公开(公告)日：2023-02-07

申请号：US16042989

申请日：2018-07-23

Applicant: Splunk Inc.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd ,  Jesse Miller

IPC: G06F16/2452 ,  G06F16/00 ,  G06F16/26 ,  G06F16/33 ,  G06F16/23 ,  G06F16/242 ,  G06F16/2458 ,  G06F16/2453 ,  G06F16/2455 ,  G06F16/22 ,  G06F3/0484 ,  G06F21/62 ,  G06F40/177 ,  G06T11/20 ,  G06Q10/00 ,  G06F3/0482 ,  G06F3/04842 ,  G06Q10/10

Abstract: A search interface is displayed in a table format that includes one or more columns, each column including data items of an event attribute, the data items being of a set of events, and a plurality of rows forming cells with the one or more columns, each cell including one or more of the data items of the event attribute of a corresponding column. Based on a user selecting one or more of the cells, a list of options if displayed corresponding to the selection, and one or more commands are added to a search query that corresponds to the set of events, the one or more commands being based on at least an option that is selected from the list of options and the event attribute for each of the one or more of the data items of each of the selected one or more cells.

公开(公告)号：US10949419B2

公开(公告)日：2021-03-16

申请号：US15996226

申请日：2018-06-01

Applicant: Splunk Inc.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/242 ,  G06F3/0482 ,  G06F3/0484

Abstract: A search interface is displayed in a table format that includes one or more columns, each column including data items of an event attribute, the data items being of a set of events, and a plurality of rows forming cells with the one or more columns, each cell displaying a textual representation of at least one of the data items of the event attribute of a corresponding column. Based on a user selecting a portion of the textual representation in a corresponding cell, a list of options is displayed that corresponds to the selected portion of the textual representation. Furthermore, one or more commands are added to a search query that corresponds to the set of events, the one or more commands being based on at least an option that is selected from the list of options and the selected portion of the textual representation in the corresponding cell.

公开(公告)号：US20210004144A1

公开(公告)日：2021-01-07

申请号：US17029773

申请日：2020-09-23

Applicant: SPLUNK INC.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F3/0484 ,  G06F3/0482 ,  G06F16/22 ,  G06F16/242 ,  G06F16/248 ,  G06F16/25 ,  G06F16/951 ,  G06F16/2455 ,  G06F40/18 ,  G06K9/20

Abstract: In embodiments of statistics value chart interface row mode drill down, a first interface is displayed in a table format that includes columns each with field values of an event field, and each column having a column heading of a different one of the event fields, and includes rows each with one or more of the field values, where each field value in a row is associated with a different one of the event fields, and each row includes an aggregated metric that represents a number of events having field-value pairs that match all of the one or more field values listed in a respective row and the corresponding event fields listed in the respective columns. A row can be emphasized in the first interface, and in response, a menu is displayed with selectable options to transition to a second interface that displays a listing of the events based on a selected one of the options.

公开(公告)号：US10762138B2

公开(公告)日：2020-09-01

申请号：US14610717

申请日：2015-01-30

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/93 ,  G06F3/0482 ,  G06F16/242 ,  G06F16/2458 ,  G06F16/248 ,  G06F16/9038

Abstract: A based on a selection by a user of first one or more values of one or more events displayed in a graphical interface, an extraction rule is automatically determined that is capable of extracting a field label-value pair at least partially within at least the selected one or more values. An option is displayed that correspond to the determined extraction rule in the graphical interface. Based on the user selecting the option in the graphical interface, display is caused of second one or more values of one or more field label-value pairs extracted from the one or more events using the extraction rule. The one or more events may be displayed in a table format, and the first one or more value may be selected by the user selecting one or more cells, columns, or text portions in the table format.