公开(公告)号：US11733829B2

公开(公告)日：2023-08-22

申请号：US16412310

申请日：2019-05-14

Applicant: SPLUNK INC.

Inventor： Tristan Fletcher ,  Cary Glen Noel ,  Alok Bhide

IPC: G06F9/455 ,  G06F3/0484 ,  G06F11/34 ,  G06F3/0482 ,  H04L41/22 ,  G06F3/04842 ,  G06F11/32 ,  H10N30/01

CPC classification number: G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F9/45533 ,  G06F11/323 ,  H04L41/22 ,  H10N30/01 ,  G06F11/3409 ,  G06F2201/815 ,  G06F2203/04803

Abstract: In some embodiments, in response to the user selecting a first node in the tree to be pinned, the system displays a first detail panel for the first node, wherein the first detail panel displays state information for the first node, wherein the state information is frozen at the time of pinning. Moreover, in response to the user selecting a second node in the tree to be pinned, the system displays a second detail panel for the second node, wherein the second detail panel displays state information for the second node, wherein the state information is frozen at the time of pinning. Note that the first detail panel is displayed concurrently with the second detail panel to facilitate comparing state information between the first and second nodes.

公开(公告)号：US11263229B1

公开(公告)日：2022-03-01

申请号：US16657987

申请日：2019-10-18

Applicant: Splunk Inc.

Inventor： Chandrashekar Basavaiah ,  Jindrich Dinga ,  Elizabeth Li ,  Cary Glen Noel ,  Isabelle Park ,  Eric Tschetter ,  Joshua Walters ,  Mei Chun Yeh

IPC: G06F16/00 ,  G06F16/25 ,  G06F16/245 ,  G06F16/22

Abstract: Systems and methods are disclosed for efficiently detecting alert states within unstructured event data. Alert states are illustratively defined as occurring when a threshold number of journey instances are present within the unstructured event data, each journey instance representing a series of events within the event data representing steps within a pre-defined journey. Detecting journey instances within unstructured event data can require significant computational resources, and thus attempting to detect alert states directly from unstructured event data can lead to inefficiencies. Embodiments of this disclosure enable a structured data set of journey instances to be generated from unstructured event data, and for the structured data set to be evaluated based on criteria of multiple alert states. By utilizing a single structured data set to support evaluation based on multiple alert states, detecting alert states from unstructured event data is rendered more efficient.

公开(公告)号：US09754395B2

公开(公告)日：2017-09-05

申请号：US14801721

申请日：2015-07-16

Applicant: Splunk Inc.

Inventor： Tristan Fletcher ,  Cary Glen Noel

IPC: G06T11/20

CPC classification number: G06T11/206

Abstract: The disclosed embodiments relate to a system that displays performance data for a computing environment. During operation, the system first determines values for a performance metric for a plurality of entities that comprise the computing environment. Next, the system displays the computing environment as a set of nodes representing the plurality of entities. While displaying the nodes, the system displays a chart with a line illustrating how a value of the performance metric for the selected node varies over time, wherein the line is displayed against a background illustrating how a distribution of the performance metric for a reference subset of the set of nodes varies over time.

公开(公告)号：US20160330093A1

公开(公告)日：2016-11-10

申请号：US15215191

申请日：2016-07-20

Applicant: Splunk Inc.

Inventor： Tristan Fletcher ,  Cary Glen Noel

IPC: H04L12/26 ,  H04L12/46

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/451 ,  G06F9/45558 ,  G06F11/324 ,  G06F11/3409 ,  G06F11/3433 ,  G06F2009/4557 ,  G06F2201/815 ,  G06F2201/835 ,  G06F2201/86 ,  G06T11/206 ,  G06T2200/24 ,  G09G5/36 ,  H04L12/44 ,  H04L12/4641 ,  H04L41/22 ,  H04L43/062 ,  H04L43/0817 ,  H04L43/0876 ,  H04L43/16 ,  H04L67/10

Abstract: A system that displays performance data for a computing environment. During operation, the system determines performance states for a plurality of entities that comprise the computing environment based on values of a performance metric for the entities. Next, the system displays the computing environment as a tree comprising nodes representing the plurality of entities and edges representing parent-child relationships between the plurality of entities. Then, for each parent node in the tree, the system determines counts of one or more performance states for descendants of the parent node in the tree. Finally, the system displays a graphical representation of the determined counts while displaying the parent node. In some embodiments, displaying the graphical representation of the determined counts includes displaying a circular ring comprising visually distinct sections associated with different performance states, wherein the visually distinct sections are sized proportionately with the determined counts for the associated performance states.

Abstract translation: 显示计算环境的性能数据的系统。 在操作期间，系统基于实体的性能度量的值来确定构成计算环境的多个实体的性能状态。 接下来，系统将计算环境显示为包括表示多个实体的节点的树，以及表示多个实体之间的父子关系的边。 然后，对于树中的每个父节点，系统确定树中父节点的后代的一个或多个性能状态的计数。 最后，系统在显示父节点时显示确定的计数的图形表示。 在一些实施例中，显示确定的计数的图形表示包括显示包括与不同性能状态相关联的视觉上不同部分的圆形环，其中视觉上不同的部分与所确定的相关联的执行状态的计数成比例地确定大小。

公开(公告)号：US20160330090A1

公开(公告)日：2016-11-10

申请号：US15215097

申请日：2016-07-20

Applicant: Splunk Inc.

Inventor： Tristan Fletcher ,  Cary Glen Noel

IPC: H04L12/26 ,  H04L12/46

CPC classification number: H04L43/045 ,  G06F9/45533 ,  G06F11/323 ,  G06F11/3409 ,  G06F2201/815 ,  H04L12/4641 ,  H04L43/065 ,  H04L43/0847 ,  H04L43/0876 ,  H04L43/106

Abstract: The disclosed embodiments relate to a system that displays performance data for a computing environment. During operation, the system first determines values for a performance metric for entities that comprise the computing environment. Next, the system displays the computing environment as a tree comprising nodes representing the entities and edges representing parent-child relationships between the entities. While displaying the tree, the system displays the child nodes for each parent in sorted order based on values of the performance metric associated with the child nodes.

Abstract translation: 所公开的实施例涉及显示计算环境的性能数据的系统。 在操作期间，系统首先确定构成计算环境的实体的性能度量值。 接下来，系统将计算环境显示为包括表示实体的节点的树，以及表示实体之间的父子关系的边。 在显示树时，系统根据与子节点相关联的性能度量的值，按排序顺序显示每个父级的子节点。

公开(公告)号：US09419870B2

公开(公告)日：2016-08-16

申请号：US14609045

申请日：2015-01-29

Applicant: Splunk Inc.

Inventor： Tristan Fletcher ,  Cary Glen Noel

IPC: G06F9/46 ,  H04L12/26 ,  G09G5/36 ,  G06F3/0484 ,  G06T11/20 ,  H04L12/24 ,  G06F11/32 ,  G06F11/34

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/451 ,  G06F9/45558 ,  G06F11/324 ,  G06F11/3409 ,  G06F11/3433 ,  G06F2009/4557 ,  G06F2201/815 ,  G06F2201/835 ,  G06F2201/86 ,  G06T11/206 ,  G06T2200/24 ,  G09G5/36 ,  H04L12/44 ,  H04L12/4641 ,  H04L41/22 ,  H04L43/062 ,  H04L43/0817 ,  H04L43/0876 ,  H04L43/16 ,  H04L67/10

Abstract: A system that displays performance data for a computing environment. During operation, the system determines performance states for a plurality of entities that comprise the computing environment based on values of a performance metric for the entities. Next, the system displays the computing environment as a tree comprising nodes representing the plurality of entities and edges representing parent-child relationships between the plurality of entities. Then, for each parent node in the tree, the system determines counts of one or more performance states for descendants of the parent node in the tree. Finally, the system displays a graphical representation of the determined counts while displaying the parent node. In some embodiments, displaying the graphical representation of the determined counts includes displaying a circular ring comprising visually distinct sections associated with different performance states, wherein the visually distinct sections are sized proportionately with the determined counts for the associated performance states.

公开(公告)号：US20160127180A1

公开(公告)日：2016-05-05

申请号：US14528932

申请日：2014-10-30

Applicant: Splunk Inc.

Inventor： Vladimir A. Shcherbakov ,  Michael R. Dickey ,  Cary Glen Noel ,  Kishore R. Ramasayam ,  Mignon L. Belongie

IPC: H04L12/24 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/0484

CPC classification number: G06F3/0482 ,  H04L41/0613 ,  H04L41/0622 ,  H04L41/0681 ,  H04L41/0686 ,  H04L41/22 ,  H04L43/026 ,  H04L43/045 ,  H04L43/12

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system provides a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system provides, in the GUI, a first set of user-interface elements for including one or more event attributes in the time-series event data of an event stream associated with a protocol classification of the network packets. The system then includes the one or more event attributes specified through the first set of user-interface elements in the configuration information.

Abstract translation: 所公开的实施例提供了有助于网络数据的处理的系统。 在操作期间，系统提供图形用户界面（GUI），用于获得用于配置由一个或多个远程捕获代理捕获的网络分组生成时间序列事件数据的配置信息。 接下来，系统在GUI中提供用于在与网络分组的协议分类相关联的事件流的时间序列事件数据中包括一个或多个事件属性的第一组用户界面元素。 然后，该系统包括通过配置信息中的第一组用户界面元素指定的一个或多个事件属性。

公开(公告)号：US09286413B1

公开(公告)日：2016-03-15

申请号：US14528882

申请日：2014-10-30

Applicant: Splunk Inc.

Inventor： John Robert Coates ,  Poorva Malviya ,  Brian John Bingham ,  Cary Glen Noel

IPC: G06F7/00 ,  G06F17/30 ,  G06F3/0484

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices cause display of a service-monitoring dashboard that includes one or more key performance indicator (KPI) widgets. Each KPI widget provides a numerical or graphical representation of one or more values for a corresponding KPI indicating how a service provided by one or more entities is performing at one or more points in time. Each entity of the one or more entities is associated with machine data. A KPI is defined by a search query that derives the one or more values represented by the corresponding KPI widget from the machine data associated with the one or more entities that provide the service whose performance is reflected by the KPI.

Abstract translation: 一个或多个处理设备引起显示包括一个或多个关键性能指标（KPI）小部件的服务监视仪表板。 每个KPI小部件提供用于对应的KPI的一个或多个值的数字或图形表示，其指示由一个或多个实体提供的服务如何在一个或多个时间点执行。 一个或多个实体的每个实体与机器数据相关联。 KPI由搜索查询定义，该搜索查询从与提供其性能由KPI反映的服务的一个或多个实体相关联的机器数据中导出由相应的KPI小部件表示的一个或多个值。

公开(公告)号：US20140074850A1

公开(公告)日：2014-03-13

申请号：US13660910

申请日：2012-10-25

Applicant: SPLUNK INC.

Inventor： Cary Glen Noel ,  Kirubakaran Pakkirisamy ,  Alex Raitz ,  Pierre Tsai

IPC: G06F17/30

CPC classification number: G06F11/079 ,  G06F9/542 ,  G06F11/0709 ,  G06F11/0712 ,  G06F11/0721 ,  G06F11/0751 ,  G06F11/0769 ,  G06F11/0787 ,  G06N5/022 ,  G06N5/048

Abstract: Embodiments are directed towards the visualization of machine data received from computing clusters. Embodiments may enable improved analysis of computing cluster performance, error detection, troubleshooting, error prediction, or the like. Individual cluster nodes may generate machine data that includes information and data regarding the operation and status of the cluster node. The machine data is received from each cluster node for indexing by one or more indexing applications. The indexed machine data including the complete data set may be stored in one or more index stores. A visualization application enables a user to select one or more analysis lenses that may be used to generate visualizations of the machine data. The visualization application employs the analysis lens to produce visualizations of the computing cluster machine data.

公开(公告)号：US11531679B1

公开(公告)日：2022-12-20

申请号：US16666090

申请日：2019-10-28

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Cary Glen Noel

IPC: H04L41/5009 ,  H04L41/50 ,  G06F16/248 ,  G06F16/2455 ,  H04L69/329 ,  G06F16/26 ,  H04L41/0213 ,  G06F9/54 ,  G06F16/242

Abstract: A computing machine performs a correlation search against KPI data for one or more services using a selection criteria and a triggering condition. When the triggering condition is satisfied a notable event or incident is created and information about the notable event is presented using a user interface that may have interactive elements.