公开(公告)号：US10462004B2

公开(公告)日：2019-10-29

申请号：US14699807

申请日：2015-04-29

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Wei Jiang ,  Vladimir A. Shcherbakov ,  Ramkumar Chandrasekharan ,  Clayton S. Ching

IPC分类号： G06F16/00 ,  H04L12/24 ,  G06F3/0482 ,  G06F3/0484 ,  G06F16/26 ,  G06F3/0481 ,  H04L29/08

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements containing a set of statistics associated with one or more event streams that comprise the time-series event data. The system then causes for display, in the GUI, one or more graphs comprising one or more values from the set of statistics. Finally, the system causes for display, in the GUI, a value of a statistic from the set of statistics based on a position of a cursor over the one or more graphs.

公开(公告)号：US20190303385A1

公开(公告)日：2019-10-03

申请号：US16442338

申请日：2019-06-14

申请人： Splunk Inc.

发明人： Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Matthew S. Zises

IPC分类号： G06F16/26 ,  H04L12/26 ,  H04L12/24 ,  H04L29/06

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements comprising event stream information for one or more ephemeral event streams used to temporarily generate the time-series event data from the network packets. The system then causes for display, in the GUI, a mechanism for navigating between the event stream information and creation information for one or more creators of the one or more ephemeral event streams.

公开(公告)号：US20190268446A1

公开(公告)日：2019-08-29

申请号：US16404644

申请日：2019-05-06

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Clint Sharp

IPC分类号： H04L29/06 ,  H04L12/26

摘要： The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.

公开(公告)号：US20150295779A1

公开(公告)日：2015-10-15

申请号：US14610438

申请日：2015-01-30

申请人： Splunk Inc.

发明人： Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Matthew S. Zises

IPC分类号： H04L12/24 ,  H04L29/06

CPC分类号： G06F16/26 ,  H04L41/22 ,  H04L43/022 ,  H04L43/045 ,  H04L63/1433

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements comprising event stream information for one or more ephemeral event streams used to temporarily generate the time-series event data from the network packets. The system then causes for display, in the GUI, a mechanism for navigating between the event stream information and creation information for one or more creators of the one or more ephemeral event streams.

摘要翻译： 所公开的实施例提供了有助于网络数据的处理的系统。 在操作期间，系统使得显示图形用户界面（GUI），用于获得用于配置从一个或多个远程捕获代理捕获的网络分组生成时间序列事件数据的配置信息。 接下来，系统导致在GUI中显示第一组用户界面元素，其包括用于从网络分组临时生成时间序列事件数据的一个或多个临时事件流的事件流信息。 然后，系统在GUI中显示用于在事件流信息和用于一个或多个临时事件流的一个或多个创建者的创建信息之间导航的机制。

公开(公告)号：US11086897B2

公开(公告)日：2021-08-10

申请号：US16442338

申请日：2019-06-14

申请人： Splunk Inc.

发明人： Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Matthew S. Zises

IPC分类号： G06F16/26 ,  H04L12/26 ,  H04L29/06 ,  H04L12/24

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements comprising event stream information for one or more ephemeral event streams used to temporarily generate the time-series event data from the network packets. The system then causes for display, in the GUI, a mechanism for navigating between the event stream information and creation information for one or more creators of the one or more ephemeral event streams.

公开(公告)号：US20200336390A1

公开(公告)日：2020-10-22

申请号：US16908564

申请日：2020-06-22

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Cary Glen Noel

IPC分类号： H04L12/24 ,  H04L12/26

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system obtains a set of event streams from one or more remote capture agents over one or more networks, wherein the set of event streams comprises time-series event data generated from network packets captured by the one or more remote capture agents. Next, the system causes for display, within a graphical user interface (GUI), a first set of user interface elements, wherein the first set of user interface elements includes event stream information for an event stream in the set of event streams and a first graph of a metric associated with the time-series event data in the event stream. The system then updates the first graph in real-time with the time-series event data from the one or more remote capture agents.

公开(公告)号：US10523521B2

公开(公告)日：2019-12-31

申请号：US14610457

申请日：2015-01-30

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Cary Glen Noel

IPC分类号： H04L12/24 ,  H04L12/26

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display, on a computer system, a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements for managing one or more ephemeral event streams that contain temporarily generated time-series event data from the network packets, wherein managing the one or more ephemeral event streams comprises modifying an end time for terminating the capture of time-series event data in an ephemeral event stream. The system then updates the configuration information based on input received through the first set of user-interface elements.

公开(公告)号：US20150341212A1

公开(公告)日：2015-11-26

申请号：US14699807

申请日：2015-04-29

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Wei Jiang ,  Vladimir A. Shcherbakov ,  Ramkumar Chandrasekharan ,  Clayton S. Ching

IPC分类号： H04L12/24 ,  G06F3/0482 ,  G06F3/0484 ,  G06F17/30

CPC分类号： H04L41/0813 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/04842 ,  G06F16/26 ,  H04L41/22 ,  H04L67/12 ,  H04L67/36

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements containing a set of statistics associated with one or more event streams that comprise the time-series event data. The system then causes for display, in the GUI, one or more graphs comprising one or more values from the set of statistics. Finally, the system causes for display, in the GUI, a value of a statistic from the set of statistics based on a position of a cursor over the one or more graphs.

摘要翻译： 所公开的实施例提供了有助于网络数据的处理的系统。 在操作期间，该系统导致显示用于从由一个或多个远程捕获代理捕获的网络分组生成时间序列事件数据的图形用户界面（GUI）。 接下来，系统导致在GUI中显示包含与包括时间序列事件数据的一个或多个事件流相关联的一组统计信息的第一组用户界面元素。 然后，系统在GUI中显示包括来自该组统计信息中的一个或多个值的一个或多个图形。 最后，系统导致在GUI中根据一个或多个图形上的光标的位置从该组统计显示统计值的值。

公开(公告)号：US20150295778A1

公开(公告)日：2015-10-15

申请号：US14609223

申请日：2015-01-29

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Cary Glen Noel

IPC分类号： H04L12/24 ,  G06F3/0484

CPC分类号： H04L41/22 ,  H04L43/045 ,  H04L43/0894

摘要： The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system obtains a set of event streams from one or more remote capture agents over one or more networks, wherein the set of event streams comprises time-series event data generated from network packets captured by the one or more remote capture agents. Next, the system causes for display, within a graphical user interface (GUI), a first set of user interface elements, wherein the first set of user interface elements includes event stream information for an event stream in the set of event streams and a first graph of a metric associated with the time-series event data in the event stream. The system then updates the first graph in real-time with the time-series event data from the one or more remote capture agents.

摘要翻译： 所公开的实施例提供了有助于网络数据的处理的系统。 在操作期间，系统通过一个或多个网络从一个或多个远程捕获代理获得一组事件流，其中该组事件流包括由一个或多个远程捕获代理捕获的网络分组生成的时间序列事件数据。 接下来，系统导致在图形用户界面（GUI）内显示第一组用户界面元素，其中第一组用户界面元素包括事件流集合中的事件流的事件流信息，以及第一组 与事件流中的时间序列事件数据相关联的度量图。 系统随后使用来自一个或多个远程捕获代理程序的时间序列事件数据实时更新第一个图形。

公开(公告)号：US20220124183A1

公开(公告)日：2022-04-21

申请号：US17466665

申请日：2021-09-03

申请人： Splunk Inc.

发明人： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Clint Sharp

IPC分类号： H04L69/22 ,  H04L43/028

摘要： The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.