公开(公告)号：US20220244934A1

公开(公告)日：2022-08-04

申请号：US17563598

申请日：2021-12-28

Applicant: Splunk Inc.

Inventor： Yanpei Chen ,  Archana Ganapathi

IPC: G06F8/61 ,  G06K9/62 ,  G06F9/445 ,  G06F8/65

Abstract: Disclosed are embodiments of a installed software program that receive a model from a product management system. The model is trained to select one of a plurality of predefined states based on operational parameter values of the installation of the software program. Each of the plurality of predefined states define configuration values of the installation of the software program. The defined configuration values indicate, in some embodiments, updates to operational parameter values of the installation of the software program.

公开(公告)号：USD958177S1

公开(公告)日：2022-07-19

申请号：US29826205

申请日：2022-02-10

Applicant: SPLUNK Inc.

Designer： Alexandra Victoria Nuttbrown ,  Samo Drole ,  Danika Patrick ,  Arturo Diaz Rodriguez

公开(公告)号：US11386133B1

公开(公告)日：2022-07-12

申请号：US16430708

申请日：2019-06-04

Applicant: SPLUNK INC.

Inventor： Alice Emily Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Vincent Robichaud ,  Divanny Lamas

IPC: G06F16/338 ,  G06F3/0482 ,  G06F16/901 ,  G06F16/2458 ,  G06F16/34 ,  G06F16/335 ,  G06F16/33 ,  G06F16/248 ,  G06F16/26 ,  G06F3/04847 ,  G06F3/04842 ,  G06F16/9535 ,  G06T11/20 ,  G06F16/2457

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

公开(公告)号：US11386109B2

公开(公告)日：2022-07-12

申请号：US16259837

申请日：2019-01-28

Applicant: SPLUNK INC.

Inventor： Ledio Ago ,  Declan Gerard Shanaghy

IPC: G06F16/27 ,  G06F16/25 ,  H04W4/60 ,  G06F16/951 ,  H04L67/10 ,  G06F16/215 ,  G06F16/22 ,  G06F16/2455 ,  H04L9/40

Abstract: Various embodiments describe multi-site cluster-based data intake and query systems, including cloud-based data intake and query systems. Using a hybrid search system that includes cloud-based data intake and query systems working in concert with so-called “on-premises” data intake and query systems can promote the scalability of search functionality. In addition, the hybrid search system can enable data isolation in a manner in which sensitive data is maintained “on premises” and information or data that is not sensitive can be moved to the cloud-based system. Further, the cloud-based system can enable efficient leveraging of data that may already exist in the cloud.

公开(公告)号：US11379530B2

公开(公告)日：2022-07-05

申请号：US16527854

申请日：2019-07-31

Applicant: Splunk Inc.

Inventor： Karthikeyan Sabhanatarajan ,  David Ryan Marquardt ,  Steve Zhang ,  Nicholas Romito

IPC: G06F17/30 ,  G06F16/903 ,  G06F16/901

Abstract: Embodiments of the present disclosure provide techniques for performing searches of event records by leveraging reference values in an inverted index. A method of searching comprises accessing a query associated with a first set of event records in a field searchable data store, each event record comprising a time-stamped portion of raw machine data. The method further comprises evaluating the query and generating results for the query by accessing an inverted index, wherein each entry in the inverted index comprises at least one field, a corresponding at least one field value and a reference value that identifies a location in the field searchable data store where an associated event record is stored. The method further comprises performing a search to filter out a second set of event records and retrieving the second set of event records from the field searchable data store using reference values in the inverted index.

公开(公告)号：US11379475B2

公开(公告)日：2022-07-05

申请号：US16858477

申请日：2020-04-24

Applicant: Splunk Inc.

Inventor： Gergely Danyi ,  Steven Flanders ,  Joseph Ari Ross ,  Justin Smith ,  Eric Wohlstadter ,  Chengyu Yang

IPC: G06F16/245 ,  G06F11/34 ,  G06F11/30

Abstract: A computer-implemented method for analyzing spans and traces associated with a microservices-based application executing in a distributed computing environment comprises aggregating a plurality of ingested spans associated with one or more applications executing in the distributed computing environment into a plurality of traces, wherein each of the plurality of ingested spans is associated with a plurality of tags. The method further comprises comparing durations of a set of related traces of the plurality of traces to determine patterns for the plurality of tags and generating a histogram that represents a distribution of the durations of the set of related traces. The method also comprises providing alerts for one or more tags from the plurality of tags associated with traces having a duration above a threshold based on the distribution of the durations.

公开(公告)号：US20220188306A1

公开(公告)日：2022-06-16

申请号：US17686239

申请日：2022-03-03

Applicant: Splunk Inc.

Inventor： Nasim Bigdelu ,  Hema Krishnamurthy Mohan ,  Amin Moshgabadi ,  Clark Eugene Mullen ,  Siri Singamneni ,  Daniel Streit

IPC: G06F16/242 ,  G06F16/25

Abstract: Systems and methods are disclosed for performing multiple queries in a single graphical user interface (GUI) displayed in a client browser. The client browser causes the display of a first user interface field in a first area of the GUI, where the first user interface field can be used to enter or edit a first query. The client browser also causes first query results generated by a data intake and query system executing the first query to be displayed in the first area. The client browser further causes the display of a second user interface field in a second area of the GUI, where the second user interface field can be used to enter or edit a second query. The client browser also causes second query results generated by the data intake and query system executing the second query to be displayed in the second area.

公开(公告)号：US11363047B2

公开(公告)日：2022-06-14

申请号：US17018360

申请日：2020-09-11

Applicant: Splunk Inc.

Inventor： Vijay Chauhan ,  Cary Noel ,  Wenhui Yu ,  Luke Murphey ,  Alexander Raitz ,  David Hazekamp

IPC: H04L9/40 ,  G06F3/0484 ,  G06F16/25 ,  G06F16/248 ,  G06F16/2458 ,  H04L43/026 ,  G06F40/169 ,  G06F21/62 ,  H04L43/06

Abstract: Techniques and mechanisms are disclosed that enable network security analysts and other users to efficiently conduct network security investigations and to produce useful representations of investigation results. As used herein, a network security investigation generally refers to an analysis by an analyst (or team of analysts) of one or more detected network events that may pose internal and/or external threats to a computer network under management. A network security application provides various interfaces that enable users to create investigation timelines, where the investigation timelines display a collection of events related to a particular network security investigation. A network security application further provides functionality to monitor and log user interactions with the network security application, where particular logged user interactions may also be added to one or more investigation timelines.

公开(公告)号：US11354322B2

公开(公告)日：2022-06-07

申请号：US16715015

申请日：2019-12-16

Applicant: Splunk Inc.

Inventor： Lucas Murphey ,  David Hazekamp

IPC: G06F16/20 ,  G06F16/2457 ,  G06F16/951 ,  G06F16/23 ,  G06F16/2458 ,  G06F16/2455 ,  G06F16/22 ,  G06F16/215

Abstract: Systems and methods for assigning scores to objects based on evaluating triggering conditions applied to datasets produced by search queries in data aggregation and analysis systems. An example method may comprise providing an interface for generating a correlation search, the interface facilitating user input of (i) one or more search criteria for a search query of the correlation search, (ii) a triggering condition to be applied to a dataset produced by the search query, and (iii) one or more actions to be performed when the dataset produced by search query satisfies the triggering condition, wherein the one or more actions comprise at least modifying a score assigned to an object to which the dataset produced by the search query pertains, and causing generation of the correlation search based on the user input.

公开(公告)号：US11354308B2

公开(公告)日：2022-06-07

申请号：US15885538

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud

IPC: G06F16/2453 ,  G06F16/31 ,  G06F16/338 ,  G06F16/44 ,  G06F16/23 ,  G06F16/2458 ,  G06F16/9537

Abstract: A request is received to display at least a portion of a first events set and at least a portion of a second events set in an interleaved and visually distinct display format, where, in the interleaved and visually distinct display format, the at least a portion of the first events set is displayed in a visually distinct manner from the at least a portion of the second events set, and data from the at least a portion of the first events set is interleaved with data from the at least a portion of the second events set. In response to receiving the request, display is caused, on a user interface, of the at least a portion of the first events set and the at least a portion of the second events set in the interleaved and visually distinct display format.