公开(公告)号：US11516069B1

公开(公告)日：2022-11-29

申请号：US17086232

申请日：2020-10-30

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Paul Agbabian ,  Anurag Singla

IPC: H04L41/0631 ,  H04L9/40 ,  H04L41/22 ,  H04L41/0604 ,  H04L43/045 ,  H04L43/067

Abstract: Techniques are described for an IT and security operations application to automatically generate aggregate (or “bulk,” “group,” or “composite”) notable events by identifying notable events sharing common characteristics and aggregating the related notable events into a single aggregate notable event entity that can be displayed and operated upon. The IT and security operations application identifies related notable events based on notable events generated by a common correlation search, notable events having common event attributes, based on user-specified relatedness criteria, or other such criteria. Once identified, in some embodiments, the IT and security operations application displays, in notable event lists and other interfaces, a singular aggregate notable event to users representing each of the identified related notable events.

公开(公告)号：US11301475B1

公开(公告)日：2022-04-12

申请号：US16138266

申请日：2018-09-21

Applicant: SPLUNK INC.

Inventor： Bo Lei ,  Ryan Lee Faircloth ,  Marios Iliofotou ,  Sathyanarayanan Kavacheri ,  Sadia R. Poddar ,  Anurag Singla

IPC: G06F16/24 ,  G06F16/2455 ,  G06F9/54 ,  G06F16/22

Abstract: Transmission handling of analytics query response includes a search head, in a data intake and query system, receiving a query from an analytics system. The search head distributes at least a portion of the query to at least one indexer for processing the query. The at least one indexer transmits, bypassing the search head, and to the analytics system, events matching the query. The search head receives from the at least one indexer, data regarding the events, and sends the data regarding the events to the analytics system.

公开(公告)号：US11681707B1

公开(公告)日：2023-06-20

申请号：US17691878

申请日：2022-03-10

Applicant: SPLUNK INC.

Inventor： Bo Lei ,  Ryan Lee Faircloth ,  Marios Iliofotou ,  Sathyanarayanan Kavacheri ,  Sadia R. Poddar ,  Anurag Singla

IPC: G06F16/24 ,  G06F9/54 ,  G06F16/22 ,  G06F16/2455

CPC classification number: G06F16/24554 ,  G06F9/542 ,  G06F16/2228

Abstract: Transmission handling of analytics query response includes a search head, in a data intake and query system, receiving a query from an analytics system. The search head distributes at least a portion of the query to at least one indexer for processing the query. The at least one indexer transmits, bypassing the search head, and to the analytics system, events matching the query. The search head receives from the at least one indexer, data regarding the events, and sends the data regarding the events to the analytics system.