公开(公告)号：US20240346049A1

公开(公告)日：2024-10-17

申请号：US18666603

申请日：2024-05-16

Applicant: SPLUNK Inc.

Inventor： Nishant Agarwal ,  Houwu Bai ,  Darshan Patel ,  Rajesh Raman ,  Joseph Ari Ross

IPC: G06F16/28 ,  G06F16/2455 ,  G06F16/2458 ,  H04L43/08

CPC classification number: G06F16/287 ,  G06F16/24568 ,  G06F16/2477 ,  H04L43/08

Abstract: Described are systems, methods, and techniques for collecting, analyzing, processing, and storing time series data and for evaluating and dynamically estimating a resolution of one or more streams of data points and updating an output resolution. Responsive to receiving a stream of data points, a data resolution can be derived and an output resolution can be set to a first value. When a change to the data resolution is detected, the output resolution can be changed, modifying a frequency at which output data points are generated and/or transmitted. In some instances, a detector can be implemented to trigger an alert responsive to ingested data points corresponding with triggering parameters. An output resolution for the detector can be dynamically modified based on dynamically detecting a change to the data resolution of the stream of data.

公开(公告)号：US11928046B1

公开(公告)日：2024-03-12

申请号：US17515272

申请日：2021-10-29

Applicant: Splunk Inc.

Inventor： Phillip Liu ,  Arijit Mukherji ,  Rajesh Raman

IPC: G06F11/36 ,  G06F11/30 ,  G06F11/32 ,  G06F16/2455

CPC classification number: G06F11/3644 ,  G06F11/3006 ,  G06F11/3082 ,  G06F16/24568 ,  G06F11/323

Abstract: An analysis system receives data streams generated by instances of instrumented software executing on external systems. The analysis system evaluates an expression using data values of the data streams over a plurality of time intervals. For example, the analysis system may aggregate data values of data streams for each time interval. The analysis system determines whether or not a data stream is considered for a time interval based on when the data value arrives during the time interval. The analysis system determines a maximum expected delay value for each data stream being processed. The analysis system evaluates the expression using data values that arrive before their maximum expected delay values. The analysis system also determines a failure threshold value for a data stream. If a data value of a data stream fails to arrive before the failure threshold value, the analysis system marks the data stream as dead.

公开(公告)号：US11010278B2

公开(公告)日：2021-05-18

申请号：US16542318

申请日：2019-08-16

Applicant: Splunk Inc.

Inventor： Phillip Liu ,  Arijit Mukherji ,  Rajesh Raman ,  Kris Grandy ,  Jack Lindamood

IPC: G06F11/36 ,  G06F11/30 ,  G06F11/34

Abstract: A data analysis system processes data generated by instrumented software. The data analysis system receives data streams generated by instances of instrumented software executing on systems. The data analysis system also receives metadata describing data streams. The data analysis system receives an expression based on the metadata. The data analysis system receives data of data streams for each time interval and computes the result of the expression based on the received data values. The data analysis system repeats these steps for each time interval. The data analysis system may quantize data values of data streams for each time interval by generating an aggregate value for the time interval based on data received for each data stream for that time interval. The data analysis system evaluates the expression using the quantized data for the time interval.

公开(公告)号：US11947528B1

公开(公告)日：2024-04-02

申请号：US17589677

申请日：2022-01-31

Applicant: Splunk Inc.

Inventor： Ankit Bhagat ,  Steven Karis ,  Amin Moshgabadi ,  Rajesh Raman

IPC: G06F16/242 ,  G06F16/2452 ,  G06F16/2455 ,  G06F16/248

CPC classification number: G06F16/2428 ,  G06F16/2452 ,  G06F16/2455 ,  G06F16/248

Abstract: Systems and methods are described for generation of a query using a non-textual input. For example, the query can be generated using a point and click input. A selection of a data source can be identified and an initial query can be automatically generated based on the selection of the data source. A graphical user interface can be displayed and populated with one or more selectable parameters based on the initial query. A selection of the one or more selectable parameters can be received as a non-textual input and a query can be automatically generated based on the selection. For example, a query for execution by a data intake and query system can be generated based on the selection. The query can be provided to the data intake and query system. The data intake and query system may then execute the query on a set of data.

公开(公告)号：US11899670B1

公开(公告)日：2024-02-13

申请号：US17589558

申请日：2022-01-31

Applicant: Splunk Inc.

Inventor： Ankit Bhagat ,  Steven Karis ,  Amin Moshgabadi ,  Rajesh Raman

IPC: G06F16/2455 ,  G06F16/22 ,  G06F16/2458 ,  G06F21/62

CPC classification number: G06F16/24568 ,  G06F16/22 ,  G06F16/2471 ,  G06F21/6227

Abstract: Systems and methods are described for generation of queries for execution by a separate system. In order establish a connection with the separate system, credentials can be obtained. For example, the credentials may be based on a user identifier and/or a login identifier. Indices can be identified that correspond to the credentials and a query can be identified that includes a selection of at least one of the indices. For example, the query may identify a set of log data ingested and indexed by the separate system. A request that includes the query, the credentials, and a connection identifier can be communicated to the separate system. In response to the request, a set of data can be received from the separate system. The set of data can be provided to a computing device. For example, the set of data can be provided to a computing device providing the query.

公开(公告)号：US11733982B1

公开(公告)日：2023-08-22

申请号：US17175330

申请日：2021-02-12

Applicant: Splunk Inc.

Inventor： Rajesh Raman ,  Arijit Mukherji ,  Kris Grandy ,  Phillip Liu

IPC: G06F16/2455 ,  G06F11/34 ,  G06F11/30 ,  G06F9/54 ,  G06F8/41 ,  G06F16/16 ,  G06F11/07 ,  G06F9/46 ,  G06F11/36

CPC classification number: G06F8/443 ,  G06F9/466 ,  G06F9/542 ,  G06F11/07 ,  G06F11/3086 ,  G06F11/34 ,  G06F11/3452 ,  G06F11/3466 ,  G06F11/3604 ,  G06F16/164 ,  G06F16/24568 ,  G06F11/3006 ,  G06F11/3072 ,  G06F11/3409 ,  G06F2201/81 ,  G06F2201/835 ,  G06F2201/86 ,  G06F2201/88

Abstract: An instrumentation analysis system processes data streams by executing instructions specified using a data stream language program. The data stream language allows users to specify a search condition using a find block for identifying the set of data streams processed by the data stream language program. The set of identified data streams may change dynamically. The data stream language allows users to group data streams into sets of data streams based on distinct values of one or more metadata attributes associated with the input data streams. The data stream language allows users to specify a threshold block for determining whether data values of input data streams are outside boundaries specified using low/high thresholds. The elements of the set of data streams input to the threshold block can dynamically change. The low/high threshold values can be specified as data streams and can dynamically change.

公开(公告)号：US12013879B2

公开(公告)日：2024-06-18

申请号：US17721248

申请日：2022-04-14

Applicant: SPLUNK Inc.

Inventor： Nishant Agarwal ,  Houwu Bai ,  Darshan Patel ,  Rajesh Raman ,  Joseph Ari Ross

IPC: G06F16/2458 ,  G06F16/2455 ,  G06F16/28 ,  H04L43/08

CPC classification number: G06F16/287 ,  G06F16/24568 ,  G06F16/2477 ,  H04L43/08

Abstract: Described are systems, methods, and techniques for collecting, analyzing, processing, and storing time series data and for evaluating and dynamically estimating a resolution of one or more streams of data points and updating an output resolution. Responsive to receiving a stream of data points, a data resolution can be derived and an output resolution can be set to a first value. When a change to the data resolution is detected, the output resolution can be changed, modifying a frequency at which output data points are generated and/or transmitted. In some instances, a detector can be implemented to trigger an alert responsive to ingested data points corresponding with triggering parameters. An output resolution for the detector can be dynamically modified based on dynamically detecting a change to the data resolution of the stream of data.

公开(公告)号：US11709661B2

公开(公告)日：2023-07-25

申请号：US16547559

申请日：2019-08-21

Applicant: Splunk Inc.

Inventor： Rajesh Raman ,  Arijit Mukherji ,  Kris Grandy ,  Phillip Liu

IPC: G06F8/41 ,  G06F11/36 ,  G06F16/16 ,  G06F16/2455 ,  G06F11/34 ,  G06F11/07 ,  G06F11/30 ,  G06F9/46 ,  G06F9/54

CPC classification number: G06F8/443 ,  G06F9/466 ,  G06F9/542 ,  G06F11/07 ,  G06F11/3086 ,  G06F11/34 ,  G06F11/3452 ,  G06F11/3466 ,  G06F11/3604 ,  G06F16/164 ,  G06F16/24568 ,  G06F11/3006 ,  G06F11/3072 ,  G06F11/3409 ,  G06F2201/81 ,  G06F2201/835 ,  G06F2201/86 ,  G06F2201/88

Abstract: An instrumentation analysis system processes data streams by executing instructions specified using a data stream language program. The data stream language allows users to specify a search condition using a find block for identifying the set of data streams processed by the data stream language program. The set of identified data streams may change dynamically. The data stream language allows users to group data streams into sets of data streams based on distinct values of one or more metadata attributes associated with the input data streams. The data stream language allows users to specify a threshold block for determining whether data values of input data streams are outside boundaries specified using low/high thresholds. The elements of the set of data streams input to the threshold block can dynamically change. The low/high threshold values can be specified as data streams and can dynamically change.

公开(公告)号：US20230118988A1

公开(公告)日：2023-04-20

申请号：US17721248

申请日：2022-04-14

Applicant: SPLUNK Inc.

Inventor： Nishant Agarwal ,  Houwu Bai ,  Darshan Patel ,  Rajesh Raman ,  Joseph Ari Ross

IPC: G06F16/28 ,  G06F16/2455 ,  G06F16/2458

Abstract: Described are systems, methods, and techniques for collecting, analyzing, processing, and storing time series data and for evaluating and dynamically estimating a resolution of one or more streams of data points and updating an output resolution. Responsive to receiving a stream of data points, a data resolution can be derived and an output resolution can be set to a first value. When a change to the data resolution is detected, the output resolution can be changed, modifying a frequency at which output data points are generated and/or transmitted. In some instances, a detector can be implemented to trigger an alert responsive to ingested data points corresponding with triggering parameters. An output resolution for the detector can be dynamically modified based on dynamically detecting a change to the data resolution of the stream of data.

公开(公告)号：US10949180B2

公开(公告)日：2021-03-16

申请号：US15697451

申请日：2017-09-07

Applicant: Splunk Inc.

Inventor： Rajesh Raman ,  Arijit Mukherji ,  Kris Grandy ,  Phillip Liu

IPC: G06F8/41 ,  G06F11/36 ,  G06F16/16 ,  G06F16/2455 ,  G06F11/34 ,  G06F11/07 ,  G06F11/30 ,  G06F9/46 ,  G06F9/54

Abstract: An instrumentation analysis system processes data streams by executing instructions specified using a data stream language program. The data stream language allows users to specify a search condition using a find block for identifying the set of data streams processed by the data stream language program. The set of identified data streams may change dynamically. The data stream language allows users to group data streams into sets of data streams based on distinct values of one or more metadata attributes associated with the input data streams. The data stream language allows users to specify a threshold block for determining whether data values of input data streams are outside boundaries specified using low/high thresholds. The elements of the set of data streams input to the threshold block can dynamically change. The low/high threshold values can be specified as data streams and can dynamically change.