公开(公告)号：US10936643B1

公开(公告)日：2021-03-02

申请号：US16283679

申请日：2019-02-22

Applicant: Splunk Inc.

Inventor： Sara Alspaugh ,  Adam Jamison Oliner

IPC: G06F16/35 ,  G06F16/31 ,  G06N5/04 ,  G06F9/54 ,  G06F16/901

Abstract: Machine data reflecting operation of a monitored system is ingested and made available for search by a data intake and query system (DIQS). Ingested data includes log data entries produced by an application that represent low-level instances of user interface or interaction events. Inference processing generates a new collection of data instances that each identifies a higher-level task performed by a user in a sequence of the low-level events without regard to any explicit task affiliation data component of the low-level instances. Information for the task may include a measure of confidence that each low-level event of the sequence is properly associated with the task. Tasks of the new collection may be advantageously visualized and included in downstream processing.

公开(公告)号：US20200311518A1

公开(公告)日：2020-10-01

申请号：US16901985

申请日：2020-06-15

Applicant: SPLUNK Inc.

Inventor： Adam Jamison Oliner ,  Nghi Huu Nguyen ,  Jacob Leverich ,  Zidong Yang

IPC: G06N3/04 ,  G06F16/26 ,  G06F16/25

Abstract: Systems and methods include obtaining a set of events, each event in the set of events comprising a time-stamped portion of raw machine data, the raw machine data produced by one or more components within an information technology or security environment and reflects activity within the information technology or security environment. Thereafter, a first neural network is used to automatically identify variable text to extract as a field from the set of events. An indication of the variable text is provided as a field extraction recommendation, for example, to a user device for presentation to a user.

公开(公告)号：US10776719B2

公开(公告)日：2020-09-15

申请号：US16244817

申请日：2019-01-10

Applicant: Splunk Inc.

Inventor： Sonal Maheshwari ,  Manish Sainani ,  Leonid Alekseyev ,  Alan Hardin ,  Jacob Barton Leverich ,  Adam Jamison Oliner ,  Brian Reyes ,  Alok Anant Bhide

IPC: H04L29/06 ,  G06N20/00

Abstract: Techniques are disclosed for providing adaptive thresholding technology for Key Performance Indicators (KPIs) that are updated using training data. Adaptive thresholding technology may automatically assign new values or adjust existing values for one or more thresholds of one or more time policies. Assigning threshold values using adaptive thresholding may involve identifying training data (e.g., historical data, simulated data, or example data) for the time frames and analyzing the training data to identify variations within the data (e.g., patterns, distributions, trends). A threshold value may be determined based on the variations and may be assigned to one or more of the thresholds without additional user intervention.

公开(公告)号：US10607150B2

公开(公告)日：2020-03-31

申请号：US15050785

申请日：2016-02-23

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Sergey Slepian ,  Iman Makaremi ,  Adam Jamison Oliner ,  Jacob Leverich ,  Di Lu

IPC: G06N20/00 ,  H04L12/24

Abstract: Disclosed herein is a computer-implemented tool that facilitates data analysis by use of machine learning (ML) techniques. The tool cooperates with a data intake and query system and provides a graphical user interface (GUI) that enables a user to train and apply a variety of different ML models on user-selected datasets of stored machine data. The tool can provide active guidance to the user, to help the user choose data analysis paths that are likely to produce useful results and to avoid data analysis paths that are less likely to produce useful results.

公开(公告)号：US20180218285A1

公开(公告)日：2018-08-02

申请号：US15420618

申请日：2017-01-31

Applicant: SPLUNK INC.

Inventor： Adam Jamison Oliner ,  Hongyang Zhang ,  Sergey Slepian ,  Di Lu ,  XiaoYu Jia ,  Peter Chongjin Kim ,  Manish Sainani

IPC: G06N99/00 ,  G06N5/04 ,  G06F17/30

CPC classification number: G06N20/00 ,  G06F16/2457 ,  G06N5/04

Abstract: Embodiments of the present invention are directed to facilitating search input recommendations. In accordance with aspects of the present disclosure, a set of events determined from raw machine data is obtained. The events are analyzed to generate a temporal map associated with the set of events. Generally, the temporal map associates candidate terms with temporally related terms that occur within a period of time corresponding with the candidate terms. A search term input into a search field is received. Based on the input search term, the temporal map is used to identify one or more temporally related term recommendations.

公开(公告)号：US20160103838A1

公开(公告)日：2016-04-14

申请号：US14859248

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Adam Jamison Oliner ,  Jacob Barton Leverich ,  Leonid Alekseyev ,  Sonal Barton Maheshwari

IPC: G06F17/30 ,  G06F3/0488

CPC classification number: G06F3/0488 ,  H04L41/22 ,  H04L41/5012 ,  H04L41/5032 ,  H04L41/5045

Abstract: Techniques are disclosed for anomaly detection. A search query can be executed over a period of time to produce values for a key performance indicator (KPI), the search query defining the KPI and deriving a value indicative of the performance of a service at a point in time or during a period of time, the value derived from machine data pertaining to one or more entities that provide the service. A graphical user interface (GUI) enabling a user to indicate a sensitivity setting can be displayed. A user input indicating the sensitivity setting can be received via the GUI. Zero or more of the values as anomalies can be identified in consideration of the sensitivity setting indicated by the user input. A GUI including information related to the values identified as anomalies can be d

Abstract translation: 公开了用于异常检测的技术。 可以在一段时间内执行搜索查询以产生关键性能指标（KPI）的值，搜索查询定义KPI并且在一个时间点或在一段时间内导出指示服务的性能的值 时间，从提供服务的一个或多个实体的机器数据导出的值。 可以显示使用户能够指示灵敏度设置的图形用户界面（GUI）。 可以通过GUI接收指示灵敏度设置的用户输入。 可以考虑由用户输入指示的灵敏度设置来识别零个或多个作为异常的值。 包括与识别为异常的值相关的信息的GUI可以是d

公开(公告)号：US20160103559A1

公开(公告)日：2016-04-14

申请号：US14859233

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Sonal Maheshwari ,  Manish Sainani ,  Leonid Alekseyev ,  Alan Hardin ,  Jacob Barton Leverich ,  Adam Jamison Oliner ,  Brian Reyes ,  Alok Anant Bhide

IPC: G06F3/0481 ,  G06F17/30 ,  G06T11/20

CPC classification number: G06F3/0481 ,  G06F3/04812 ,  G06F17/30548 ,  G06F17/30554 ,  G06Q10/00 ,  G06T11/206 ,  H04L67/1095

Abstract: Techniques are disclosed for providing a graphical user interface (GUI) for displaying and configuring adaptive or static thresholds for Key Performance Indicators (KPIs). The GUI may include one or more presentation schedules that may display threshold information associated with time policies. Each presentation schedule may include multiple time slots and span a portion of one or more time cycles. Some of the time slots may be associated with a specific time policy and may have a unifying appearance that distinguishes the time slots from timeslots associated with other time policies. The presentation schedules may arrange the time slots in a time grid arrangement (e.g., calendar grid view) or a graph arrangement with depictions (e.g., points, lines) that may illustrate KPI values and threshold markers that may illustrate the threshold values.

Abstract translation: 公开了用于提供用于显示和配置关键性能指标（KPI）的自适应或静态阈值的图形用户界面（GUI）的技术。 GUI可以包括可以显示与时间策略相关联的阈值信息的一个或多个呈现计划。 每个呈现时间表可以包括多个时隙并跨越一个或多个时间周期的一部分。 一些时隙可以与特定时间策略相关联，并且可以具有将时隙与与其他时间策略相关联的时隙区分开的统一外观。 呈现时间表可以以时间网格布置（例如，日历网格视图）或具有可以示出可以示出阈值的KPI值和阈值标记的图示（例如，点，线）的图形排列来布置时隙。