公开(公告)号：US11574242B1

公开(公告)日：2023-02-07

申请号：US16399964

申请日：2019-04-30

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Gyanendra Rana ,  Sergey Slepian ,  Andrew Stein ,  Iryna Vogler-Ivashchanka

IPC: G06F7/02 ,  G06F16/00 ,  G06N20/00 ,  G06F3/048 ,  G06F16/248 ,  G06F16/2458

Abstract: Techniques are described for providing a ML data analytics application including guided ML workflows that facilitate the end-to-end training and use of various types of ML models, where such guided workflows may also be referred to as ML “experiments.” For example, the ML data analytics application may enable users to create experiments related to prediction of numeric fields (for example, using linear regression techniques), predicting categorical fields (for example, using logistic regression), detecting numerical outliers (for example, using various distribution statistics), detecting categorical outliers (for example, using probabilistic statistics), forecasting time series data, and clustering numeric events (for example, using k-means, density-based spatial clustering of applications with noise (DBSCAN), spectral clustering, or other techniques), among other possible uses of various types of ML models to analyze data.

公开(公告)号：US11068452B2

公开(公告)日：2021-07-20

申请号：US15956131

申请日：2018-04-18

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/22 ,  G06F16/24 ,  G06F16/2455

Abstract: A search interface is displayed in a table format that includes a plurality of columns, each column including data items of an event attribute, the data items being of a set of events, each column being selectable by a user, and a plurality of rows forming cells with the one or more columns, each cell comprising one or more of the data items of the event attribute of a corresponding column. Based on the user selecting one or more of the columns, a list of options is displayed corresponding to the selected one or more columns, and one or more commands are added to a search query that corresponds to the set of events. The one or more commands are based on at least an option that is selected from the list of options and the event attribute of each of the selected one or more columns.

公开(公告)号：US11003337B2

公开(公告)日：2021-05-11

申请号：US16275207

申请日：2019-02-13

Applicant: SPLUNK INC.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F17/00 ,  G06F3/0484 ,  G06F3/0482 ,  G06F16/22 ,  G06F16/242 ,  G06F16/248 ,  G06F16/25 ,  G06F16/951 ,  G06F16/2455 ,  G06F40/18 ,  G06K9/20 ,  G06F9/451

Abstract: In embodiments of statistics value chart interface cell mode drill down, a first interface displays in a table format that includes columns each with field values of an event field, and each column having a column heading of a different one of the event fields, and includes rows each with one or more of the field values, each field value in a row associated with a different one of the event fields, and having an aggregated metric that represents a number of events with field-value pairs that match all of the field values listed in a respective row and the corresponding event fields listed in the respective columns. A cell can be emphasized that includes one of the field values in a row that corresponds to one of the different event fields in a column, and in response, a menu displays options to transition to a second interface.

公开(公告)号：US10558651B2

公开(公告)日：2020-02-11

申请号：US15221392

申请日：2016-07-27

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Marc V. Robichaud ,  Cory Eugene Burke

IPC: G06F7/00 ,  G06F17/30 ,  G06F16/242 ,  G06F16/248 ,  G06F16/2455

Abstract: A method includes causing display to a user of at least one event of a first result set from a first pipelined search on events at an event source. Each event comprises a time stamp and a portion of machine data. A selection of a command is received from the user. The selection is to extend the first pipelined search with the selected command in a second pipelined search. The system selects between the first result set and the event source for execution of the second pipelined search based on an analysis of the selected command and at least one command of the first pipelined search. Based on the selecting being of the first result set, display to the user is caused of at least one event of a second result set from the execution of the second pipelined search on the first result set.

公开(公告)号：US20190179824A1

公开(公告)日：2019-06-13

申请号：US16260998

申请日：2019-01-29

Applicant: Splunk Inc.

Inventor： Nicholas John Filippi ,  Katherine Kyle Feeney ,  Cory Eugene Burke ,  Abhinav Prasad Nekkanti ,  Marc Vincent Robichaud ,  Irina Korobova

IPC: G06F16/2455 ,  G06F16/9536 ,  G06F9/54

Abstract: Custom communication alert techniques are described. In one or more implementations, a triggering condition is detected by one or more computing devices that is found by searching data using one or more extraction rules of a late-binding schema. Responsive to the detection of the triggering condition of the alert, a communication is formed by the one or more computing devices that corresponds to the alert and that includes one or more tokens based on one or more values of the data taken from fields defined by the one or more extraction rules. The communication is caused to be transmitted by the one or more computing device via a network for receipt by at least one computing device of an intended recipient of the communication.

公开(公告)号：US20180032570A1

公开(公告)日：2018-02-01

申请号：US15221392

申请日：2016-07-27

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Marc V. Robichaud ,  Cory Eugene Burke

IPC: G06F17/30

CPC classification number: G06F16/2425 ,  G06F16/2428 ,  G06F16/2455 ,  G06F16/248

Abstract: A method includes causing display to a user of at least one event of a first result set from a first pipelined search on events at an event source. Each event comprises a time stamp and a portion of machine data. A selection of a command is received from the user. The selection is to extend the first pipelined search with the selected command in a second pipelined search. The system selects between the first result set and the event source for execution of the second pipelined search based on an analysis of the selected command and at least one command of the first pipelined search. Based on the selecting being of the first result set, display to the user is caused of at least one event of a second result set from the execution of the second pipelined search on the first result set.

公开(公告)号：US20170124220A1

公开(公告)日：2017-05-04

申请号：US14929150

申请日：2015-10-30

Applicant: SPLUNK INC.

Inventor： Brian Krueger ,  Katherine Kyle Feeney ,  Andrew E. Robbins ,  Jesse Brandau Miller ,  Elizabeth Dystra-Erickson ,  Jeffrey Thomas Lloyd ,  Cory Eugene Burke ,  Marc V. Robichaud

IPC: G06F17/30

CPC classification number: G06F16/2425

Abstract: In various embodiments, methods and systems for presenting a search interface with search query history based functionality is provided. A search query history store comprising search queries is accessed. The search query history store includes search queries executed in a search computing system. A search query comprises one or more commands. A plurality of search queries retrieved from the search query history store is displayed on the search interface using a placement style. A placement style, such as an indent style, provides a structure for separating and arranging commands of a plurality of search queries displayed. The search interface further provides for receiving a selection of at least a portion of a search query from the plurality of search queries to initiate actions or execute actions based on the selection. The search interface includes a search input interface, such as a search bar, where the selection of the portion of the search query is displayed based on a selected action.

公开(公告)号：US20160098485A1

公开(公告)日：2016-04-07

申请号：US14526406

申请日：2014-10-28

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F17/30 ,  G06F3/0484 ,  G06F3/0482

CPC classification number: G06F3/04842 ,  G06F3/0482 ,  G06F3/04847 ,  G06F9/451 ,  G06F17/246 ,  G06F17/30315 ,  G06F17/30389 ,  G06F17/30395 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30864 ,  G06K9/2054

Abstract: In embodiments of field value search drill down, a search system exposes a search interface that displays one or more events returned as a search result set. A field-value pair can be emphasized in the field-value pairs of an event displayed in the search interface, and a menu is displayed with search options that are selectable to operate on the emphasized field-value pair of the event. The menu includes the search options to add search criteria of the emphasized field-value pair to a search command in a search bar of the search interface, exclude the search criteria of the emphasized field-value pair from a search, or create a new data search based on the emphasized field-value pair. A selection of one of the search options in the menu can be received, and the search command in the search bar is updated based on the search option that is selected.

Abstract translation: 在字段值搜索向下钻取的实施例中，搜索系统公开了显示作为搜索结果集返回的一个或多个事件的搜索界面。 可以在搜索界面中显示的事件的字段值对中强调字段值对，并且显示具有可选择以在事件的强调字段值对上操作的搜索选项的菜单。 该菜单包括搜索选项，以将搜索条件增加到搜索接口的搜索栏中的搜索命令，从搜索中排除强调字段值对的搜索条件，或创建新数据 基于强调的字段值对进行搜索。 可以接收菜单中的一个搜索选项的选择，并且基于所选择的搜索选项来更新搜索栏中的搜索命令。

公开(公告)号：US20160098409A1

公开(公告)日：2016-04-07

申请号：US14526430

申请日：2014-10-28

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F17/30 ,  G06F3/0484 ,  G06F3/0482

Abstract: In embodiments of statistics value chart interface row mode drill down, a first interface is displayed in a table format that includes columns each with field values of an event field, and each column having a column heading of a different one of the event fields, and includes rows each with one or more of the field values, where each field value in a row is associated with a different one of the event fields, and each row includes an aggregated metric that represents a number of events having field-value pairs that match all of the one or more field values listed in a respective row and the corresponding event fields listed in the respective columns. A row can be emphasized in the first interface, and in response, a menu is displayed with selectable options to transition to a second interface that displays a listing of the events based on a selected one of the options.

Abstract translation: 在统计值图表接口行方式向下钻取的实施例中，以表格格式显示第一接口，该格式包括各自具有事件字段的字段值的列，并且每列具有不同的事件字段的列标题，以及 包括每个具有一个或多个字段值的行，其中，行中的每个字段值与事件字段中的不同的一个相关联，并且每行包括表示具有匹配的字段值对的事件的数量的聚合度量 在相应行中列出的所有一个或多个字段值以及相应列中列出的相应事件字段。 在第一个界面中可以强调一行，作为响应，显示一个带有可选择选项的菜单，以转换到第二个界面，该界面基于选定的一个选项显示事件列表。

公开(公告)号：US12189931B1

公开(公告)日：2025-01-07

申请号：US18313987

申请日：2023-05-08

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F15/16 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/22 ,  G06F16/242 ,  G06F16/2455 ,  G06F16/248 ,  G06F16/25 ,  G06F16/951 ,  G06F40/18 ,  G06V10/22 ,  G06F9/451

Abstract: In embodiments of statistics chart row mode drill down, a first interface is displayed in a table format that includes columns and rows, where each row is associated with an event and each column includes field for a respective event. The rows can further include one or more aggregated metrics representing a number of events associated with a respective row. A row can be emphasized in the first interface and, in response a menu can be displayed with selectable options to transition to a second interface, where the data displayed by the second interface is based on an option selected from the menu.