公开(公告)号：US12124441B1

公开(公告)日：2024-10-22

申请号：US18075970

申请日：2022-12-06

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Fang I. Hsiao ,  Arun Ramani

IPC: G06F16/24 ,  G06F3/04847 ,  G06F11/30 ,  G06F16/2452 ,  G06F16/2457 ,  G06Q10/0639 ,  G06Q10/10 ,  G06T11/20

CPC classification number: G06F16/24528 ,  G06F3/04847 ,  G06F11/30 ,  G06F16/24573 ,  G06Q10/06393 ,  G06Q10/10 ,  G06T11/206 ,  G06T2200/24

Abstract: An example method of utilizing shared search queries for defining multiple key performance indicators (KPIs) comprises: receiving input specifying one or more service definitions, each service definition of the one or more service definitions specifying an entity definition for an entity providing a service of one or more services executing in an information technology (IT) environment, wherein the IT environment is monitored by the service monitoring system, wherein the service monitoring system uses first machine data of a first entity specified by a first service definition of the one or more service definitions to monitor a first KPI for a first service of the one or more services, and wherein the service monitoring system uses second machine data of a second entity specified by a second service definition of the one or more service definitions to monitor a second KPI for a second service of the one or more services; determining that the first machine data and the second machine data include common machine data; defining, based on the first machine data and the second machine data including common machine data, a shared base search query for the first KPI and the second KPI; executing the shared based search query to generated shared base search query results for the first KPI and the second KPI; and generating, using results from executing the shared base search query, a first value for the first KPI and a second value for the second KPI.

公开(公告)号：US11093518B1

公开(公告)日：2021-08-17

申请号：US16049628

申请日：2018-07-30

Applicant: Splunk Inc.

Inventor： Ai-chi Lu ,  Arun Ramani ,  Nicholas Matthew Tankersley

IPC: G06F7/00 ,  G06F16/00 ,  G06F16/248 ,  G06F3/0484 ,  G06F16/9535

Abstract: Data intake and query system (DIQS) instances supporting applications including lower-tier, focused, work group oriented applications, are tailored to display the metrics for the needs of the user. An interface caused by operation of an entity monitoring system (EMS) operating in conjunction with the lower-tier DIQS displays the monitored entities as individual representations. The user selects a metric and a metric threshold. The EMS causes a display of an interface having a representation for each monitored entity. Each representation includes a metric value and indicates an entity status based on the metric value and the threshold. The user can dynamically change the threshold on the interface for easy visualization of aggregation of monitored entities to determine the performance of the infrastructure. The interface also provides the user with the ability to select an entity and click through to the entity analysis workspace for more detailed information.

公开(公告)号：US10558614B2

公开(公告)日：2020-02-11

申请号：US15884999

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Venkata Kuruvada ,  Fang I Hsiao ,  Nicholas Matthew Tankersley

IPC: G06F16/14 ,  G06F16/22 ,  G06F16/951 ,  G06F3/06 ,  G06Q10/06

Abstract: A server group of a data intake and query system (DIQS) establishes connections with multiple source data network nodes. Data from the multiple sources comports with a variety of different data modes and may be received via the established network connections on a periodic or continuous basis for ongoing capture as modal entries of modal buckets of a common networked storage volume. Rates of data reception across the network connections influences a process to maintain a measured utilization of storage volume capacity at, near, or below a targeted level.

公开(公告)号：US11755559B1

公开(公告)日：2023-09-12

申请号：US17549802

申请日：2021-12-13

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Mingrui Wei ,  Arun Ramani

IPC: G06F16/00 ,  G06F16/23 ,  G06F16/28 ,  G06F16/2457 ,  G06F11/30 ,  G06F11/34

CPC classification number: G06F16/2358 ,  G06F16/2365 ,  G06F16/24573 ,  G06F16/288 ,  G06F11/3006 ,  G06F11/3409

Abstract: Automated discovery of relationships between entities within an IT environment. A technique is performed by a relationship module that performs a discovery search for entity relationships to produce a set of relationship search results. The relationship module then generates a set of relationship definitions from the set of relationship search results which are stored to a relationship collection in a data store. A technique for automatically updating entity and relationship definitions and removing outdated entity and relationship definitions stored to a data store. An update module automatically updates entity and relationship definitions at predetermined time intervals. The update history in each definition is also modified to reflect the update process. A retire module automatically removes outdated definitions using the update history in each definition.

公开(公告)号：US11580067B1

公开(公告)日：2023-02-14

申请号：US17482196

申请日：2021-09-22

Applicant: Splunk Inc.

Inventor： Venkata Kuruvada ,  Fang I. Hsiao ,  Nicholas Matthew Tankersley

IPC: G06F16/27 ,  G06F16/901 ,  G06F16/951 ,  G06F21/62 ,  G06Q10/10 ,  G06F16/14 ,  G06Q10/063 ,  G06F3/06 ,  G06F16/22

Abstract: A network storage volume stores first entries in a first-mode storage bucket and a second entries in a second-mode storage bucket. The first-mode storage bucket has first bucket metadata, and the second-mode storage bucket has second bucket metadata. A computer-implemented method includes comparing a utilized capacity of the network storage volume to a target capacity information of the network storage volume to obtain a comparison result. Based on the comparison result, at least one bucket is selected to be purged from the buckets of the network storage volume based at least in part on bucket metadata of the buckets. The method further includes causing a purge of the at least one selected bucket from the network storage volume.

公开(公告)号：US20210224259A1

公开(公告)日：2021-07-22

申请号：US17143063

申请日：2021-01-06

Applicant: Splunk Inc.

Inventor： Vladimir A. Shcherbakov ,  Stewart Smith ,  Nicholas Matthew Tankersley ,  Junyu Wang ,  Peter Wu

IPC: G06F16/248 ,  G06F16/26

Abstract: Systems and methods are described to determine relationships between one or more components of an isolated execution environment system based on data obtained from a data intake and query system. Based on the determined relationships, an interactive visualization is generated that indicates the hierarchical relationship of the components. In some cases, to illustrate the relationship between components of the isolated execution environment system, the visualization can include one or more display objects displayed in a subordinate or superior relationship to other display objects. In certain cases, based on an interaction with a display object, the system can generate a query and/or display additional information and/or visualizations based on the results of the query.

公开(公告)号：US11567960B2

公开(公告)日：2023-01-31

申请号：US17143063

申请日：2021-01-06

Applicant: Splunk Inc.

Inventor： Vladimir A. Shcherbakov ,  Stewart Smith ,  Nicholas Matthew Tankersley ,  Junyu Wang ,  Peter Wu

IPC: G06F16/30 ,  G06F16/248 ,  G06F16/26 ,  G06F3/0482 ,  G06F3/04817

Abstract: Systems and methods are described to determine relationships between one or more components of an isolated execution environment system based on data obtained from a data intake and query system. Based on the determined relationships, an interactive visualization is generated that indicates the hierarchical relationship of the components. In some cases, to illustrate the relationship between components of the isolated execution environment system, the visualization can include one or more display objects displayed in a subordinate or superior relationship to other display objects. In certain cases, based on an interaction with a display object, the system can generate a query and/or display additional information and/or visualizations based on the results of the query.

公开(公告)号：US11526511B1

公开(公告)日：2022-12-13

申请号：US17473435

申请日：2021-09-13

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Fang I. Hsiao ,  Arun Ramani

IPC: G06F16/64 ,  G06F16/2452 ,  G06F3/04847 ,  G06T11/20 ,  G06F16/2457 ,  G06F11/30 ,  G06Q10/06 ,  G06Q10/10

Abstract: An example method of implementing a monitoring interface for an information technology environment comprises: identifying machine data reflecting activity in the information technology environment comprising a plurality of entities providing a service; executing a search query to derive, from the machine data, a value of a key performance indicator (KPI) reflecting performance of the service; and causing display of a monitoring interface including: an identifier of the service, a color coded indication of a state of the KPI, and a visual representation of time series data associated with the service.

公开(公告)号：US20210342337A1

公开(公告)日：2021-11-04

申请号：US17373580

申请日：2021-07-12

Applicant: Splunk Inc.

Inventor： Ai-Chi Lu ,  Arun Ramani ,  Nicholas Matthew Tankersley

IPC: G06F16/248 ,  G06F3/0484 ,  G06F16/9535

Abstract: Data intake and query system (DIQS) instances supporting applications including lower-tier, focused, work group oriented applications, are tailored to display the metrics for the needs of the user. An interface caused by operation of an entity monitoring system (EMS) operating in conjunction with the lower-tier DIQS displays the monitored entities as individual representations. The user selects a metric and a metric threshold. The EMS causes a display of an interface having a representation for each monitored entity. Each representation includes a metric value and indicates an entity status based on the metric value and the threshold. The user can dynamically change the threshold on the interface for easy visualization of aggregation of monitored entities to determine the performance of the infrastructure. The interface also provides the user with the ability to select an entity and click through to the entity analysis workspace for more detailed information.

公开(公告)号：US11144545B1

公开(公告)日：2021-10-12

申请号：US16528137

申请日：2019-07-31

Applicant: Splunk Inc.

Inventor： Nicholas Matthew Tankersley ,  Fang I. Hsiao ,  Arun Ramani

IPC: G06F3/0484 ,  G06F16/2452 ,  G06F16/2457 ,  G06Q10/10 ,  G06F11/30 ,  G06T11/20 ,  G06Q10/06

Abstract: An automatic service monitor in an information-technology environment performs regular search queries against generated machine data to derive performance measurements. The information technology environment is defined in terms of services provided by entities, and the performance measurements are defined as key performance indicators (KPIs) of the services. Generated machine data used by the search queries pertain to the entities performing the service. Definitional information for the services, entities, and KPIs is administered by a user to control the operation of the service monitor. Various aspects of such definitional information as well as related performance measurement information may be presented in a unified console display tailored to, and organized around, a particular entity. The console display may serve as a central launch point by supporting user interaction to navigate to other specialized monitoring interfaces.