公开(公告)号：US12164889B1

公开(公告)日：2024-12-10

申请号：US18539646

申请日：2023-12-14

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Sydney Flak ,  Colin Fagan ,  Jeffery Roberts ,  Govinda Salinas ,  Philip Royer

IPC: G06F9/44 ,  G06F8/36 ,  G06F8/658 ,  G06F8/71 ,  G06F9/445

Abstract: Techniques are described for enabling users of an information technology (IT) and security operations application to create highly reusable custom functions for playbooks. The creation and execution of playbooks using an IT and security operations application generally enables users to automate operations related to an IT environment responsive to the identification of various types of incidents or other triggering conditions. Users can create playbooks to automate operations such as, for example, modifying firewall settings, quarantining devices, restarting servers, etc., to improve users' ability to efficiently respond to various types of incidents operational issues that arise from time to time in IT environments.

公开(公告)号：US11886844B1

公开(公告)日：2024-01-30

申请号：US17950848

申请日：2022-09-22

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Sydney Flak ,  Colin Fagan ,  Jeffery Roberts ,  Govinda Salinas ,  Philip Royer

IPC: G06F9/44 ,  G06F8/36 ,  G06F9/445 ,  G06F8/658 ,  G06F8/71

CPC classification number: G06F8/36 ,  G06F8/658 ,  G06F8/71 ,  G06F9/44521

Abstract: Techniques are described for enabling users of an information technology (IT) and security operations application to create highly reusable custom functions for playbooks. The creation and execution of playbooks using an IT and security operations application generally enables users to automate operations related to an IT environment responsive to the identification of various types of incidents or other triggering conditions. Users can create playbooks to automate operations such as, for example, modifying firewall settings, quarantining devices, restarting servers, etc., to improve users' ability to efficiently respond to various types of incidents operational issues that arise from time to time in IT environments.

公开(公告)号：US11714683B1

公开(公告)日：2023-08-01

申请号：US17163320

申请日：2021-01-29

Applicant: Splunk Inc.

Inventor： Jeffery Roberts ,  Matthew Hanson ,  Ryan Connor Means ,  Jeffrey Roecks ,  Taotao Yu

IPC: G06F15/173 ,  G06F9/50 ,  G06F9/455

CPC classification number: G06F9/5027 ,  G06F9/45558 ,  G06F2009/45562 ,  G06F2009/45587

Abstract: A playbook execution architecture used to efficiently execute playbooks by distributing the execution of playbook function blocks to multiple independent “worker” sub-processes is described. Each worker process hosts an independent execution environment used to execute playbook function blocks independently from other worker processes, where each worker process can host an execution environment that is the same as or different from execution environments hosted by other work processes, enabling the playbook execution engine to support function blocks written in multiple different programming language versions or programming languages entirely. The described playbook execution architecture enables an IT and security operations application to vertically scale the computing resources used to execute playbooks, provides users with more control over an amount of computing resources devoted to the execution of playbooks, and enables more expressiveness in the types of actions and efficiency of playbooks by providing support for multiple programming languages and programming language versions.

公开(公告)号：US11924284B1

公开(公告)日：2024-03-05

申请号：US18326830

申请日：2023-05-31

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Jacob Davis ,  Zhi Peng Zhou ,  James Harris ,  Jacob Andrew Edward Moore ,  Austin Tyler Hariri ,  Shiying Tu ,  Daniel Trenkner ,  Kavita Varadarajan

IPC: H04L67/133

CPC classification number: H04L67/133

Abstract: Described herein are techniques are provided for enabling a security orchestration, automation, and response (SOAR) service to automatically manage apps used to interface with an integrated security operations service and other related devices and services. Further described herein is a SOAR app generator service or application used to automate the creation of apps for a SOAR service based on application programming interfaces (API) specifications for related devices or services, as well as visual playbook editor interfaces for a SOAR service that enable the configuration of complex action input parameters including arrays and objects.

公开(公告)号：US11487513B1

公开(公告)日：2022-11-01

申请号：US16945574

申请日：2020-07-31

Applicant: Splunk Inc.

Inventor： Matthew Hanson ,  Sydney Flak ,  Colin Fagan ,  Jeffery Roberts ,  Govinda Salinas ,  Philip Royer

IPC: G06F9/44 ,  G06F8/36 ,  G06F9/445 ,  G06F8/71 ,  G06F8/658

Abstract: Techniques are described for enabling users of an information technology (IT) and security operations application to create highly reusable custom functions for playbooks. The creation and execution of playbooks using an IT and security operations application generally enables users to automate operations related to an IT environment responsive to the identification of various types of incidents or other triggering conditions. Users can create playbooks to automate operations such as, for example, modifying firewall settings, quarantining devices, restarting servers, etc., to improve users' ability to efficiently respond to various types of incidents operational issues that arise from time to time in IT environments.