公开(公告)号：US11860940B1

公开(公告)日：2024-01-02

申请号：US17233193

申请日：2021-04-16

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis ,  Ashish Mathew ,  Christopher Madden Pride ,  Bharath Kishore Reddy Aleti ,  Sourav Pal ,  Arindam Bhattacharjee ,  James Monschke

IPC: G06F16/901 ,  G06F16/903 ,  G06F16/2458

CPC classification number: G06F16/901 ,  G06F16/2477 ,  G06F16/90335

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system uses a search node catalog to identify search nodes that are available to execute the query and uses a bucket catalog to identify buckets to be searched. The data intake and query system executes the query using the identified bucket and search nodes.

公开(公告)号：US11838372B2

公开(公告)日：2023-12-05

申请号：US18093980

申请日：2023-01-06

Applicant: SPLUNK Inc.

Inventor： Gergely Danyi ,  Joseph Ari Ross

IPC: G06F15/173 ,  H04L67/146 ,  G06F16/906 ,  G06F16/955

CPC classification number: H04L67/146 ,  G06F16/906 ,  G06F16/9566

Abstract: A method of normalizing URLs associated with a real user session comprises extracting uniform resource locators (URLs) from ingested spans where at least a portion of the URLs comprise unique URL strings. The method also comprises decomposing each of the URLs into a sequence of tokens and grouping together subsets of related URLs. Also, the method comprises representing each subset of related URLs with a normalized URL string.

公开(公告)号：US11838351B1

公开(公告)日：2023-12-05

申请号：US17991704

申请日：2022-11-21

Applicant: SPLUNK INC.

Inventor： Marios Iliofotou ,  Ravi Bulusu ,  Ashwin Athalye ,  Sathya Kavacheri ,  Shekar Kesarimanglam

IPC: H04L67/02 ,  H04L67/306 ,  H04L67/50 ,  H04L67/1001

CPC classification number: H04L67/02 ,  H04L67/1001 ,  H04L67/306 ,  H04L67/535

Abstract: A deployment manager executing in a distributed computing environment generates a user behavior analytics (UBA) deployment to process structured event data. The deployment manager configures a streaming cluster to perform streaming processing on real-time data and configures a batch cluster to perform batch processing on aggregated data. A configuration manager executing in the distributed computing environment interoperates with the deployment manager to update the UBA deployment with user-provided code and configurations that define streaming and batch models, among other things. In this manner, the deployment manager provides a scalable UBA deployment that can be customized, via the configuration manager, by a user.

公开(公告)号：US11838189B1

公开(公告)日：2023-12-05

申请号：US17976453

申请日：2022-10-28

Applicant: SPLUNK Inc.

Inventor： Jeremy Hicks ,  Todd Leonard DeCapua ,  Adam James Schalock ,  Neil Douglas Erkkila ,  Samuel Halpern ,  Chad Tripod ,  Joel Schoenberg ,  David Connett

IPC: G06F15/173 ,  H04L41/5009 ,  H04L43/045 ,  H04L41/5025

CPC classification number: H04L41/5016 ,  H04L41/5025 ,  H04L43/045

Abstract: A time series is created that measures a remaining budget amount for a given time period, where the budget amount indicates a maximum number of occurrences of an event allowed for the given time period. More specifically, the given time period is divided into multiple time intervals. For each time interval, a number of occurrences of the event are calculated and detracted from the remaining budget amount to determine a remaining budget amount at the end of the time interval. These time values and associated remaining budget amounts are used to create the time series. This time series may be monitored in real-time, and actions may be taken to avoid future occurrences of the event in response to determining that the remaining budget amount falls below a threshold.

公开(公告)号：US20230388338A1

公开(公告)日：2023-11-30

申请号：US18228982

申请日：2023-08-01

Applicant: Splunk Inc.

Inventor： Sourabh SATISH ,  Oliver FRIEDRICHS ,  Atif MAHADIK ,  Govind SALINAS

IPC: H04L9/40 ,  G06F21/55 ,  G06F16/28

CPC classification number: H04L63/1441 ,  H04L63/20 ,  H04L63/1416 ,  G06F21/554 ,  G06F16/285 ,  H04L63/1433 ,  H04L63/0236 ,  H04L63/1425 ,  H04L47/2425

Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.

公开(公告)号：US11831521B1

公开(公告)日：2023-11-28

申请号：US17587740

申请日：2022-01-28

Applicant: SPLUNK Inc.

Inventor： Jeetendra Shashikant Dhake ,  Ankur Ashok Kath ,  Ayyappa Muthusami ,  Jeffrey Wen-Young Shih ,  Ian Edward Torbett

IPC: H04L41/22 ,  H04L41/0823 ,  H04L41/0894 ,  H04L41/5025 ,  H04L41/5009

CPC classification number: H04L41/5025 ,  H04L41/0823 ,  H04L41/0894 ,  H04L41/22 ,  H04L41/5009

Abstract: An example method of entity lifecycle management in a service monitoring system includes: receiving, by a software application of a service monitoring system, a policy definition specifying an entity lifecycle management policy, wherein the entity lifecycle management policy defines management rules for a plurality of entities in the network environment, wherein each entity of the plurality of entities is represented by one of: a device, an application, a service, or a user account; identifying, by applying the entity lifecycle management policy to a plurality of active entities, one or more candidate entities for retirement; retiring at least a subset of the one or more candidate entities; and excluding the retired entities from the plurality of active entities, thus preventing the retired entities from interacting with other components of the service monitoring system.

公开(公告)号：US11829746B1

公开(公告)日：2023-11-28

申请号：US17589717

申请日：2022-01-31

Applicant: Splunk Inc.

Inventor： Akash Dwivedi ,  Simon Foster Fishel ,  Isabelle Park ,  Vivian Shen ,  Eric Tschetter ,  Joshua Walters

IPC: G06F8/65 ,  G06F8/71 ,  H04L67/025 ,  G06F16/9038 ,  G06F3/0482 ,  G06F16/903

CPC classification number: G06F8/65 ,  G06F3/0482 ,  G06F8/71 ,  G06F16/9038 ,  G06F16/90335 ,  H04L67/025

Abstract: Systems and methods are disclosed for providing a multi-component application, including a first and second component. Functionality of the application may be easily and rapidly modified by modification to the first component, without requiring modification to the second component. The first component may be implemented locally at a client device, while the second component is implemented remotely. While modification of the second component may require privileges of a remote location, a user of a client device may modify the first component while maintaining interoperability and compatibility with the second component, thereby enabling the end user to modify functionality of the multi-component application. In some instances, different versions of a first component are provided, and an end user of a client device is enabled to specify which version of the first component should be used.

公开(公告)号：US11823407B1

公开(公告)日：2023-11-21

申请号：US17163309

申请日：2021-01-29

Applicant: SPLUNK INC.

Inventor： Devin Bhushan ,  Seunghee Han ,  Caelin Thomas Jackson-King ,  Jamie Kuppel ,  Stanislav Yazhenskikh ,  Jim Jiaming Zhu

IPC: G06T7/529 ,  G06T7/73 ,  G06T7/40 ,  G06T17/20

CPC classification number: G06T7/529 ,  G06T7/40 ,  G06T7/73 ,  G06T17/205 ,  G06T2207/20132

Abstract: A client device that includes a camera and an extended reality client application program is employed by a user in a physical space, such as an industrial or campus environment. The user aims the camera within the mobile device at a real-world asset, such as a computer system, classroom, or vehicle. The client device acquires a digital representation, comprising a 2D representation of a physical space and a depth map, and detects 3D objects included in the acquired representation that corresponds to one or more anchors. The client device queries a data intake and query system for asset content associated with the detected anchors. Upon receiving the asset content from the data intake and query system, the client device generates visualizations of the asset content and presents the visualizations via a display device.

公开(公告)号：US11822640B1

公开(公告)日：2023-11-21

申请号：US17347025

申请日：2021-06-14

Applicant: Splunk Inc.

Inventor： Jagannath Kerai ,  Rama Gopalan

IPC: G06F21/45 ,  G06F21/62 ,  G06F21/30 ,  H04L9/40

CPC classification number: G06F21/45 ,  G06F21/30 ,  G06F21/62 ,  G06F21/6218 ,  G06F21/6227 ,  H04L63/10

Abstract: Provided are systems and methods for verifying user credentials for performing a search. Verifying user credentials include receiving a search request at a search server, determining, at the search server, whether a set of user credentials of a user has been updated within a threshold period of time. The set of user credentials are received from an identity provider server and cached at the search server. Responsive to determining that the cached set of user credentials have not been updated within the threshold period of time, the identity provider server is queried for a current set of user credentials associated with the user. The current set of user credentials from the identity provider server, and used to determine that the user is authorized to perform the search. The search of the datastore is launched responsive to determining that the user is authorized.

公开(公告)号：US11822597B2

公开(公告)日：2023-11-21

申请号：US16993167

申请日：2020-08-13

Applicant: Splunk Inc.

Inventor： Jesse Chor ,  Michael Emery ,  Christopher Chan ,  Glen Wong ,  Devin Bhushan

IPC: G06F16/583 ,  G06T7/00 ,  H04W4/38 ,  H04W4/021 ,  H04L67/131 ,  G06N7/01 ,  G06V20/20 ,  G06V30/10

CPC classification number: G06F16/5838 ,  G06N7/01 ,  G06T7/0004 ,  G06V20/20 ,  H04L67/131 ,  H04W4/021 ,  H04W4/38 ,  G06V30/10

Abstract: A mobile device that includes a camera and an extended reality software application program is employed by a user in an operating environment, such as an industrial environment. One or more objects within a geofence may be identified. A device crosses within the geofence and acquires sensor data associated with an object within the geofence. The sensor data may include image data and/or audio data. The device or a server system may then determine an object identifier associated with the object based on a comparison of the sensor data with data associated with object identifiers corresponding to objects within the geofence. Based on the object identifier, data associated with the object are obtained. The data associated with the object may be presented via the device, such as an extended reality overlay over a view of the object in the device.