公开(公告)号：US11675810B2

公开(公告)日：2023-06-13

申请号：US17228429

申请日：2021-04-12

Applicant: SPLUNK, INC.

Inventor： Da Xu ,  Sundar Vasan ,  Dhruva Kumar Bhagi

IPC: G06F16/27 ,  G06F16/22 ,  G06F11/30 ,  G06F11/20 ,  G06F11/34 ,  H04L67/1097 ,  G06F11/32 ,  G06F3/06

CPC classification number: G06F16/27 ,  G06F11/2094 ,  G06F11/3006 ,  G06F11/3072 ,  G06F11/32 ,  G06F11/3409 ,  G06F11/3476 ,  G06F16/2272 ,  H04L67/1097 ,  G06F3/0617 ,  G06F2201/86

Abstract: A method for performing disaster recovery in a clustered environment comprises identifying, at a master device, a first indexer from a set of indexers to serve as a primary indexer for responding to queries pertaining to a subset of data. The method also comprises assigning, at the master device, a generation identifier indicating that the first indexer is the primary indexer for the subset of data. Responsive to an event prompting a change in a primary indexer designation for the subset of data, the method comprises identifying, at the master device, a second indexer from the set of indexers to serve as the primary indexer for responding to queries pertaining to the subset of data. Further, the method comprises assigning, at the master device, a new generation identifier indicating that the second indexer is the primary indexer for the subset of data.

公开(公告)号：US20230177085A1

公开(公告)日：2023-06-08

申请号：US18104089

申请日：2023-01-31

Applicant: Splunk Inc.

Inventor： Ram Sriharsha

IPC: G06F16/901 ,  G06F16/2458 ,  G06F16/28 ,  G06F16/23 ,  G06N20/20 ,  G06F9/38 ,  G06F9/54 ,  G06F16/2455 ,  G06F16/14 ,  G06F16/22 ,  G06F16/2453 ,  G06N20/00 ,  G06F16/16 ,  G06F17/16 ,  G06F17/18 ,  G06F16/242 ,  G06F18/214 ,  G06F18/21

CPC classification number: G06F16/901 ,  G06F16/2465 ,  G06F16/285 ,  G06F16/2379 ,  G06N20/20 ,  G06F9/3885 ,  G06F9/544 ,  G06F16/24568 ,  G06F16/144 ,  G06F16/2246 ,  G06F16/156 ,  G06F16/24534 ,  G06N20/00 ,  G06F16/168 ,  G06F17/16 ,  G06F17/18 ,  G06F16/242 ,  G06F16/23 ,  G06F18/2148 ,  G06F18/2185 ,  G06F16/22 ,  G06F16/2264 ,  G06F16/2282

Abstract: Systems and methods are described for processing ingested data using an online machine learning algorithm as the data is being ingested. For example, the online machine learning algorithm can be an adaptive thresholding algorithm used to identify outliers in a moving window of data. As another example, the online machine learning algorithm can be a sequential outlier detector that detects anomalous sequences of logs or events. As another example, the online machine learning algorithm can be a sentiment analyzer that determines whether text has a positive, negative, or neutral sentiment. As another example, the online machine learning algorithm can be a drift detector that detects whether ingested data marks the start of a change in the distribution of a time-series.

公开(公告)号：US20230171169A1

公开(公告)日：2023-06-01

申请号：US18162595

申请日：2023-01-31

Applicant: Splunk Inc.

Inventor： Qianjie Zhong ,  Geng Qin ,  Ting Wang ,  Min Zhang ,  Micah Delfino ,  Jef Bekes ,  D. Randall Young ,  Cary Noel ,  Feng Shao ,  Dritan Bitincka

IPC: H04L43/045 ,  H04L41/22 ,  H04L41/12 ,  H04L43/0817

CPC classification number: H04L43/045 ,  H04L41/22 ,  H04L41/12 ,  H04L43/0817

Abstract: Techniques and mechanisms are disclosed that enable collection of various types of data from cloud computing services and the generation of various dashboards and visualizations to view information about collections of cloud computing resources. A user can configure collection of data from one or more cloud computing services and view visualizations using an application platform referred to herein as a cloud computing management application. A cloud computing management application further may be configured to generate and cause display of interactive topology map representations of cloud computing resources based on the collected data, where an interactive topology map enables users to view an intuitive visualization of a collection of computing resources, efficiently cause performance of actions with respect to various resources displayed in the topology map, and analyze the collection of resources in ways that are not possible using conventional cloud computing service management consoles.

公开(公告)号：US20230169084A1

公开(公告)日：2023-06-01

申请号：US18160972

申请日：2023-01-27

Applicant: Splunk Inc.

Inventor： Vladimir A. Shcherbakov ,  Stewart Smith ,  Nicholas Matthew Tankersley ,  Junyu Wang ,  Peter Wu

IPC: G06F16/248 ,  G06F16/26

CPC classification number: G06F16/248 ,  G06F16/26 ,  G06F3/0482

Abstract: Systems and methods are described to determine relationships between one or more components of an isolated execution environment system based on data obtained from a data intake and query system. Based on the determined relationships, an interactive visualization is generated that indicates the hierarchical relationship of the components. In some cases, to illustrate the relationship between components of the isolated execution environment system, the visualization can include one or more display objects displayed in a subordinate or superior relationship to other display objects. In certain cases, based on an interaction with a display object, the system can generate a query and/or display additional information and/or visualizations based on the results of the query.

公开(公告)号：US11663219B1

公开(公告)日：2023-05-30

申请号：US17239384

申请日：2021-04-23

Applicant: Splunk Inc.

Inventor： Dragoljub Profirovic ,  Min Zhang ,  Poornima Devaraj

IPC: G06F16/2455 ,  G06F11/34 ,  G06F16/2457 ,  G06F16/2453

CPC classification number: G06F16/24568 ,  G06F11/3409 ,  G06F16/2453 ,  G06F16/2457

Abstract: Systems and methods are described for tuning parameter values of a processing pipeline in a streaming data processing system. In order to determine an optimal set of parameter values for a particular processing pipeline, a processing pipeline can be implemented with different sets of parameter values. A performance metric can be measured for each implementation to measure the performance of the processing pipeline with regards to a particular set of parameter values. The performance metrics for each implementation can be compared in order to determine optimal performance metrics. The processing pipeline can be implemented based on an optimal set of parameter values that correspond to the optimal performance metrics.

公开(公告)号：US11663212B2

公开(公告)日：2023-05-30

申请号：US17443811

申请日：2021-07-27

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Manu Jose ,  Sourav Pal ,  Christopher Madden Pride ,  Nicholas Robert Romito ,  Igor Braylovskiy ,  Arun Ramani ,  Ankit Jain

IPC: G06F16/00 ,  G06F16/2453 ,  G06F16/242 ,  G06F16/9535 ,  G06F40/205 ,  G06F9/54

CPC classification number: G06F16/24542 ,  G06F16/2425 ,  G06F16/9535 ,  G06F40/205 ,  G06F9/547

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system parses the query and uses a metadata catalog to dynamically identify configuration parameters of datasets and/or rules associated with the query. The identified configuration parameters are communicated to a query processing component of the data intake and query system for use in executing the query.

公开(公告)号：US11663109B1

公开(公告)日：2023-05-30

申请号：US17384491

申请日：2021-07-23

Applicant: SPLUNK INC.

Inventor： William Deaderick ,  Tanner Gilligan ,  Joseph Ari Ross

IPC: G06F11/34 ,  G06F16/245 ,  G06F11/30

CPC classification number: G06F11/3452 ,  G06F11/3006 ,  G06F16/245

Abstract: Embodiments are directed to facilitating identifying seasonal frequencies. In particular, a set of candidate seasonal frequencies associated with a time series data set are determined based on ACF peaks identified in association with a representation of the time series data set. Thereafter, the filters are applied to analyze the candidate seasonal frequencies and update the candidate seasonal frequencies by removing any candidate seasonal frequencies that fail a filter. An example filter can include comparing ACF peaks with peaks associated with SDF peaks. Thereafter, a candidate seasonal frequency of the updated candidate seasonal frequencies can be identified as a seasonal frequency for the time series data set, and such a seasonal frequency can be provided (e.g., to a user or another process) for use in performing data analysis.

公开(公告)号：US20230161821A1

公开(公告)日：2023-05-25

申请号：US18151364

申请日：2023-01-06

Applicant: Splunk Inc.

Inventor： Joerg Beringer ,  Isabelle Park ,  Joshua Walters ,  Eric Tschetter ,  Simon Foster Fishel

IPC: G06F16/903 ,  G06F16/28 ,  G06F16/9038

CPC classification number: G06F16/90335 ,  G06F16/287 ,  G06F16/9038

Abstract: Systems and methods are disclosed for processing events having raw machine data associated with a timestamp using one or more pivot identifiers and one or more step identifiers to generate one or more journey instances. Based on the one or more pivot identifier field, the system can relate events that have a common field value for the pivot identifier field. Based on the one or more step identifiers, the system can group the related events into a subset of events. Using the subset of events, the system can build a journey instance.

公开(公告)号：US11657065B2

公开(公告)日：2023-05-23

申请号：US17158880

申请日：2021-01-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F16/26

CPC classification number: G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US11651149B1

公开(公告)日：2023-05-16

申请号：US17874046

申请日：2022-07-26

Applicant: SPLUNK Inc.

Inventor： Jesse Miller ,  Micah James Delfino ,  Marc Robichaud ,  David Carasso

IPC: G06F3/048 ,  G06F40/174 ,  G06F16/2458

CPC classification number: G06F40/174 ,  G06F16/2477

Abstract: The technology disclosed relates to formulating and refining field extraction rules that are used at query time on raw data with a late-binding schema. The field extraction rules identify portions of the raw data, as well as their data types and hierarchical relationships. These extraction rules are executed against very large data sets not organized into relational structures that have not been processed by standard extraction or transformation methods. By using sample events, a focus on primary and secondary example events help formulate either a single extraction rule spanning multiple data formats, or multiple rules directed to distinct formats. Selection tools mark up the example events to indicate positive examples for the extraction rules, and to identify negative examples to avoid mistaken value selection. The extraction rules can be saved for query-time use, and can be incorporated into a data model for sets and subsets of event data.