公开(公告)号：US12039046B1

公开(公告)日：2024-07-16

申请号：US18311799

申请日：2023-05-03

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Trenton John Beals ,  Glenn Gallien ,  Govind Salinas

IPC: G06F21/55 ,  G06F9/451 ,  G06F11/07 ,  G06F11/34 ,  H04L9/40 ,  H04L41/0631

CPC classification number: G06F21/554 ,  G06F9/453 ,  G06F11/0793 ,  G06F11/3438 ,  H04L41/0631 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441

Abstract: The technology presented herein improves incident handling in an IT environment. In a particular example, a method provides identifying a first incident in the IT environment. From incident handling information that indicates how a plurality of previous incidents were handled by one or more users, the method provides identifying first information of the incident handling information corresponding to one or more first previous incidents of the plurality of previous incidents that are similar to the first incident. The method further provides determining a suggested course of action from the first information and presenting the suggested course of action to a user of the information technology environment.

公开(公告)号：US11675900B2

公开(公告)日：2023-06-13

申请号：US17161309

申请日：2021-01-28

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Trenton John Beals ,  Glenn Gallien ,  Govind Salinas

IPC: G06F21/55 ,  H04L9/40 ,  G06F9/451 ,  G06F11/07 ,  H04L41/0631 ,  G06F11/34

CPC classification number: G06F21/554 ,  G06F9/453 ,  G06F11/0793 ,  G06F11/3438 ,  H04L41/0631 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441

Abstract: The technology presented herein improves incident handling in an IT environment. In a particular example, a method provides identifying a first incident in the IT environment. From incident handling information that indicates how a plurality of previous incidents were handled by one or more users, the method provides identifying first information of the incident handling information corresponding to one or more first previous incidents of the plurality of previous incidents that are similar to the first incident. The method further provides determining a suggested course of action from the first information and presenting the suggested course of action to a user of the information technology environment.

公开(公告)号：US11182163B1

公开(公告)日：2021-11-23

申请号：US16119238

申请日：2018-08-31

Applicant: Splunk Inc.

Inventor： Trenton John Beals ,  Glenn Gallien ,  Govind Salinas ,  Sourabh Satish

IPC: G06F9/30

Abstract: Examples described herein relate to customization of courses of action for responding to incidents in information technology (IT) environments. An incident management service executes incident response monitoring, identification and remediation across an IT environment for one or more entities that may have their own configuration of computing assets (computing environment) within the IT environment. A course of action outlines remediation actions for responding to specific types of incidents within an IT environment. A course of action is customized for implementation within a particular computing environment associated with an entity. Customization of a course of action comprises generation and implementation of instruction sets that are usable to tailor remedial actions for execution in computing environments of different entities. An instruction set provides commands/calls that are specific to computing assets associated with an entity, which are usable to execute remedial actions for a specific type of incident.

公开(公告)号：US11734008B1

公开(公告)日：2023-08-22

申请号：US17506440

申请日：2021-10-20

Applicant: Splunk Inc.

Inventor： Trenton John Beals ,  Glenn Gallien ,  Govind Salinas ,  Sourabh Satish

IPC: G06F9/30

CPC classification number: G06F9/3017

Abstract: Examples described herein relate to customization of courses of action for responding to incidents in information technology (IT) environments. An incident management service executes incident response monitoring, identification and remediation across an IT environment for one or more entities that may have their own configuration of computing assets (computing environment) within the IT environment. A course of action outlines remediation actions for responding to specific types of incidents within an IT environment. A course of action is customized for implementation within a particular computing environment associated with an entity. Customization of a course of action comprises generation and implementation of sets of instructions that are usable to tailor remedial actions for execution in computing environments of different entities. A set of instructions provides commands/calls that are specific to computing assets associated with an entity, which are usable to execute remedial actions for a specific type of incident.

公开(公告)号：US20210150026A1

公开(公告)日：2021-05-20

申请号：US17161309

申请日：2021-01-28

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Trenton John Beals ,  Glenn Gallien ,  Govind Salinas

IPC: G06F21/55 ,  G06F11/07 ,  G06F9/451 ,  H04L12/24 ,  H04L29/06 ,  G06F11/34

Abstract: The technology presented herein improves incident handling in an IT environment. In a particular example, a method provides identifying a first incident in the IT environment. From incident handling information that indicates how a plurality of previous incidents were handled by one or more users, the method provides identifying first information of the incident handling information corresponding to one or more first previous incidents of the plurality of previous incidents that are similar to the first incident. The method further provides determining a suggested course of action from the first information and presenting the suggested course of action to a user of the information technology environment.

公开(公告)号：US11755405B1

公开(公告)日：2023-09-12

申请号：US17713971

申请日：2022-04-05

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  David Wayman ,  Glenn Gallien ,  Akshay Dongaonkar

IPC: G06F11/00 ,  G06F11/07 ,  G06Q10/0631 ,  G06F9/451

CPC classification number: G06F11/0793 ,  G06F9/451 ,  G06F11/0769 ,  G06Q10/06316

Abstract: An information technology (IT) operations platform is described that enables users to execute one or more executable actions from a set of executable actions presented in a prioritized order based on historical data. In response to identifying an occurrence of a type of incident in an IT environment, the IT operations platform generates a workbook based on a customizable workbook template. The customizable workbook template includes a plurality of tasks grouped into a plurality of phases for responding to occurrences of the type of incident, and each task of the plurality of tasks is associated with a respective set of suggested executable actions for completing the corresponding task. The IT operations platform then causes the display of a graphical user interface (GUI) including a representation of the workbook, including interface elements representing the respective set of suggested executable actions displayed in the prioritized order.

公开(公告)号：US11604877B1

公开(公告)日：2023-03-14

申请号：US16119954

申请日：2018-08-31

Applicant: Splunk Inc.

Inventor： Glenn Gallien ,  Sourabh Satish

IPC: G06F21/50 ,  G06F21/56 ,  G06F21/55 ,  H04L9/40

Abstract: Described herein are systems and methods for improving incident response in an information technology (IT) environment. In one implementation, an incident service initiates execution of a course of action and identifies a step in the first course of action that determines data in a first format. The incident service further determines a format requirement for a second step in the course of action and translates the data from the first format to the second format in accordance with the format requirement.

公开(公告)号：US11327827B1

公开(公告)日：2022-05-10

申请号：US16429043

申请日：2019-06-02

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  David Wayman ,  Glenn Gallien ,  Akshay Dongaonkar

IPC: G06F11/00 ,  G06F11/07 ,  G06F9/451 ,  G06Q10/06

Abstract: An information technology (IT) operations platform is described that enables users to execute one or more executable actions from a set of executable actions presented in a prioritized order based on historical data. In response to identifying an occurrence of a type of incident in an IT environment, the IT operations platform generates a workbook based on a customizable workbook template. The customizable workbook template includes a plurality of tasks grouped into a plurality of phases for responding to occurrences of the type of incident, and each task of the plurality of tasks is associated with a respective set of suggested executable actions for completing the corresponding task. The IT operations platform then causes the display of a graphical user interface (GUI) including a representation of the workbook, including interface elements representing the respective set of suggested executable actions displayed in the prioritized order.

公开(公告)号：US10936716B1

公开(公告)日：2021-03-02

申请号：US16051278

申请日：2018-07-31

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Trenton John Beals ,  Glenn Gallien ,  Govind Salinas

IPC: G06F21/55 ,  H04L29/06 ,  G06F9/451 ,  G06F11/07 ,  H04L12/24 ,  G06F11/34

Abstract: The technology presented herein improves incident handling in an IT environment. In a particular example, a method provides identifying a first incident in the IT environment. From incident handling information that indicates how a plurality of previous incidents were handled by one or more users, the method provides identifying first information of the incident handling information corresponding to one or more first previous incidents of the plurality of previous incidents that are similar to the first incident. The method further provides determining a suggested course of action from the first information and presenting the suggested course of action to a user of the information technology environment.