公开(公告)号：US10915579B1

公开(公告)日：2021-02-09

申请号：US16403550

申请日：2019-05-05

Applicant: Splunk Inc.

Inventor： Alok Anant Bhide ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: A63F13/358 ,  G06F16/903 ,  H04L12/24 ,  G06F16/9535 ,  G06F16/9038 ,  G06F16/901 ,  G06F16/2455 ,  G06F16/951 ,  G06F16/33 ,  G06F16/25 ,  G06F16/248 ,  G06F16/26 ,  G06Q10/06 ,  H04L12/26 ,  G06F11/32 ,  G06F16/2453 ,  G06F9/54 ,  H04L29/08 ,  G06F11/34 ,  G06F3/0484 ,  G06F3/0482 ,  G06F3/0481 ,  G06T11/20

Abstract: One or more processing devices access a service definition for a service provided by one or more entities that each produce machine data or about which machine data is generated. The service definition identifies the entities that provide the service and, for each entity, definitional information includes information for identifying machine data pertaining to that entity. The processing devices access a key performance indicator (KPI) for the service that is defined by a search query that produces a value derived from the machine data pertaining to the entities identified in the service definition. The value indicates how the service is performing at a point in time or during a period of time and indicates a state of the KPI. A graphical interface is displayed and an indication of at least one threshold, which defines an end of a range of values representing a state of the KPI, for the KPI is received.

公开(公告)号：US10911470B2

公开(公告)日：2021-02-02

申请号：US16581094

申请日：2019-09-24

Applicant: Splunk Inc.

Inventor： Sudhakar Muddu ,  Christos Tryfonas ,  Fumei Lam ,  Georgios Apostolopoulos

IPC: H04L29/06 ,  G06N5/02 ,  H04L12/24 ,  G06N5/04 ,  G06F17/22 ,  G06F3/0484 ,  H04L12/26 ,  G06K9/20 ,  G06F3/0482 ,  G06N7/00 ,  G06F16/2457 ,  G06F16/901 ,  G06F16/44 ,  G06F16/28 ,  G06F16/25 ,  G06N20/00 ,  G06F40/134

Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

公开(公告)号：US10911369B2

公开(公告)日：2021-02-02

申请号：US15493073

申请日：2017-04-20

Applicant: Splunk Inc.

Inventor： Ioannis Vlachogiannis ,  Panagiotis Papadomitsos ,  Vassilis Karampinas ,  Maria Nasioti

IPC: H04L12/911 ,  G06F16/248 ,  G06F16/2458 ,  G06F16/9535 ,  H04L12/24 ,  H04L29/08

Abstract: A system of dynamically-instantiated data server components provides access to a data repository. Different data server components are assigned to different data collections in the repository. A distribution component receives messages and, based on data collection identifiers associated with the messages, routes the messages to corresponding data server components. Based on the messages, the data server components perform data operations with respect to their corresponding data collections. Data server components may be terminated when their assigned data collections are not in use. When an incoming message is associated with a data collection for which no data server component exists, the distribution component dynamically instantiates a new data server component for the data collection. In an embodiment, data server components make working copies of their respectively assigned data collections in a high-speed memory. By terminating inactive data server components, the system makes room in the memory for active data collections.

公开(公告)号：US10909772B2

公开(公告)日：2021-02-02

申请号：US16051340

申请日：2018-07-31

Applicant: Splunk Inc.

Inventor： Devin Bhushan ,  Jesse Chor ,  Glen Wong

IPC: G09G5/00 ,  G06T19/20 ,  G06F3/01 ,  G06F3/0346 ,  G06T3/00 ,  G06F3/0484

Abstract: A mobile device is fitted with a camera and an extended reality (XR) software application program executing on a processor within an XR system. Via the XR software application program, various techniques are performed for manipulating virtual objects in an XR environment. In a first technique, the XR software application program facilitates the movement of a virtual object from a first location to a second location. In a second technique, the XR software application program facilitates the rotation of a virtual object. In a third technique, the XR software application program facilitates the scaling of a virtual object along one or more axes.

公开(公告)号：US20210026849A1

公开(公告)日：2021-01-28

申请号：US17063444

申请日：2020-10-05

Applicant: SPLUNK INC.

Inventor： Nicholas J. Filippi ,  Siegfried Puchbauer-Schnabel ,  Carl S. Yestrau ,  Vivian Shen ,  J. Mathew Elting

IPC: G06F16/248 ,  G06F3/0484

Abstract: A system that enables a user to configure alert actions based on search results generated by a query is disclosed. During operation, the system presents an alert user interface (UI) to a user, wherein the alert UI enables the user to configure one or more alert actions to be performed based on the search results. Next, the system receives alert configuration information from the user through the alert UI, wherein the alert configuration information includes tokens representing parameters associated with the query and the search results. Then, while generating an alert associated with the search results, the system performs a token substitution operation that substitutes tokens in the alert configuration information with corresponding parameters from the search results to generate a payload that is communicated to alert-generating functionality. This token substitution allows the parameters to be used by the alert-generating functionality while performing the one or more alert actions.

公开(公告)号：US10904080B2

公开(公告)日：2021-01-26

申请号：US16575285

申请日：2019-09-18

Applicant: Splunk Inc.

Inventor： Dejan Deklich ,  Ledio Ago ,  Richard Braun

IPC: G06F3/00 ,  H04L12/24 ,  G06F15/177 ,  G06F9/50 ,  G06F3/0484

Abstract: Systems and methods are provided for provisioning a hosted computing environment in accordance with customer requirements relating to a service. In some embodiments, a computer-implemented method is provided. The method includes generating a graphical interface on a computing device and receiving input corresponding to an indication of one or more requirements, wherein the input is received using the graphical interface, and wherein the one or more requirements correspond to a hosted computing environment. The method further comprises converting each indication of the one or more requirements into one or more entries of a provisioning template, wherein the provisioning template includes multiple entries, and wherein the provisioning template is associated with the hosted computing environment. The method further comprises providing the provisioning template to a provisioning program to provision the hosted computing environment.

公开(公告)号：US10901811B2

公开(公告)日：2021-01-26

申请号：US15665123

申请日：2017-07-31

Applicant: Splunk Inc.

Inventor： Dipock Das ,  Aungon Nag Radon ,  Dayanand Pochugari ,  Adam Oliner

IPC: G06F16/00 ,  G06F9/54 ,  G06F16/242 ,  G06F16/2452 ,  G06N5/02 ,  G06N5/04

Abstract: In various embodiments, a natural language (NL) application enables users to more effectively access various data storage systems based on NL requests. As described, the NL application includes functionality for selecting an optimal interpretation algorithm, generating a dashboard, and/or generating an alert based on an NL request. Advantageously, the operations performed by the NL application reduce the amount of time and user effort associated with accessing data storage systems and increase the likelihood of properly addressing NL requests.

公开(公告)号：US10896175B2

公开(公告)日：2021-01-19

申请号：US15885546

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud

IPC: G06F16/2453 ,  G06F16/242

Abstract: A dependency is created between a first search query and a second search query. The first search query defines a first data processing pipeline and the second search query defines a second data processing pipeline that extends the first data processing pipeline. A modification is detected to the first data processing pipeline defined by the first search query. Based on the modification to the first data processing pipeline being detected, the dependency is enforced such that the second data processing pipeline is modified to extend the modified first data processing pipeline. The modification to the first data processing pipeline can include a first set of pipelined commands corresponding to the first search query being modified, and the dependency can be enforced by causing a second set of pipelined commands corresponding to the second search query to be modified to include the modified first set of pipelined commands.

公开(公告)号：US10885125B2

公开(公告)日：2021-01-05

申请号：US15663554

申请日：2017-07-28

Applicant: Splunk Inc.

Inventor： Ramesh Panuganty

IPC: G06F16/951

Abstract: Improved crawling and curation of data and metadata from diverse data sources is described. In some embodiments, improvements are achieved by interpreting the context, vocabulary and relationships of data element, to enable relational data search capability for users. The user querying process is improved by systematic identification of the data objects, context, and relationships across data objects and elements, aggregation methods and operators on the data objects and data elements as identified in the curation process. User query suggestions and recommendations can be adjusted based on the context, relationships between the data elements, user profile, and the data sources. When the user query is executed, the query text is translated into an equivalent of one or more query statements, such as SQL or PostGre statements, and the query is performed on the identified data sources. Results are assembled to present the answer in a meaningful visualization for the user query.

公开(公告)号：US10860655B2

公开(公告)日：2020-12-08

申请号：US15688323

申请日：2017-08-28

Applicant: Splunk Inc.

Inventor： Lucas Murphey ,  David Hazekamp

IPC: G06F17/00 ,  G06F16/903 ,  G06F16/9032 ,  G06F16/906 ,  G06F16/907 ,  G06F17/30

Abstract: One or more processing devices receive a definition of a search query for a correlation search of a data store, the data store comprising time-stamped events that each comprise a portion of raw machine data reflecting activity in an information technology environment and produced by a component of the information technology environment, receive a definition of a triggering condition to be applied to a dataset that is produced by the search query, receive a definition of one or more actions to be performed when the dataset produced by the search query satisfies the triggering condition, test the search query with the triggering condition, and cause, based on results of the testing, generation of the correlation search using the defined search query, the triggering condition, and the one or more actions, the correlation search comprising search processing language having the search query and a processing command for criteria on which the triggering condition is based.