公开(公告)号：US20230244660A1

公开(公告)日：2023-08-03

申请号：US17588079

申请日：2022-01-28

Applicant: Splunk Inc.

Inventor： Jagmohan Singh ,  Hongxun Liu ,  Saketh Kurnool

IPC: G06F16/245

CPC classification number: G06F16/245

Abstract: A first processing node of a cluster of processing nodes issues a first alert when first event data satisfies a trigger condition, and sends, to an alert data store external to the cluster, a first alert record of the first alert and suppression information based at least in part on the first alert. A second processing node of the cluster determines that second event data satisfies the trigger condition, obtains, from the alert data store, the suppression information indicating that an expiration time for suppressing the first alert is unexpired, and sends, to the alert data store, a second alert record of a second alert without issuing the second alert.

公开(公告)号：US20230237049A1

公开(公告)日：2023-07-27

申请号：US17586634

申请日：2022-01-27

Applicant: Splunk Inc.

Inventor： Jagmohan Singh ,  Michael Bach Soohoo ,  Hongxun Liu ,  Manu Jose, JR.

IPC: G06F16/23

CPC classification number: G06F16/2379

Abstract: Artifact life tracking storage techniques include performing an artifact request of an artifact at an artifact storage node. A current time to live (TTL) value is identified. A determination is made whether to increment a TTL flag of the artifact. Responsive to determining that the TTL tag should be incremented, the TTL flag is incremented to a subsequent value in a TTL extender list. Responsive to incrementing the TTL tag, the TTL modified tag value is set to the current time value.

公开(公告)号：US12135710B2

公开(公告)日：2024-11-05

申请号：US17586634

申请日：2022-01-27

Applicant: Splunk Inc.

Inventor： Jagmohan Singh ,  Michael Bach Soohoo ,  Hongxun Liu ,  Manu Jose, Jr.

IPC: G06F16/23 ,  G06F16/2458

Abstract: Artifact life tracking storage techniques include performing an artifact request of an artifact at an artifact storage node. A current time to live (TTL) value is identified. A determination is made whether to increment a TTL flag of the artifact. Responsive to determining that the TTL tag should be incremented, the TTL flag is incremented to a subsequent value in a TTL extender list. Responsive to incrementing the TTL tag, the TTL modified tag value is set to the current time value.

公开(公告)号：US12197431B2

公开(公告)日：2025-01-14

申请号：US17588079

申请日：2022-01-28

Applicant: Splunk Inc.

Inventor： Jagmohan Singh ,  Hongxun Liu ,  Saketh Kurnool

IPC: G06F16/245

Abstract: A first processing node of a cluster of processing nodes issues a first alert when first event data satisfies a trigger condition, and sends, to an alert data store external to the cluster, a first alert record of the first alert and suppression information based at least in part on the first alert. A second processing node of the cluster determines that second event data satisfies the trigger condition, obtains, from the alert data store, the suppression information indicating that an expiration time for suppressing the first alert is unexpired, and sends, to the alert data store, a second alert record of a second alert without issuing the second alert.

公开(公告)号：US12182104B1

公开(公告)日：2024-12-31

申请号：US18103374

申请日：2023-01-30

Applicant: Splunk Inc.

Inventor： Jagmohan Singh ,  Hongxun Liu ,  Saketh Kurnool

IPC: G06F16/23 ,  G06F16/22 ,  G06F16/248

Abstract: A set of alert records stored in a shared alert data store that is shared amongst a cluster of processing nodes are presented in an interface. From the interface, a request is received to delete an identified alert record from the set of alert records. A delete alert record matching the identified alert record is added to the shared alert data store. The identified alert record is deleted from the shared alert data store responsive to the request. The delete alert record is transmitted to a processing node of the cluster of processing nodes, wherein the processing node deletes a local copy of the identified alert record according to the delete alert record.