公开(公告)号：US11516069B1

公开(公告)日：2022-11-29

申请号：US17086232

申请日：2020-10-30

Applicant: Splunk Inc.

Inventor： Sourabh Satish ,  Paul Agbabian ,  Anurag Singla

IPC: H04L41/0631 ,  H04L9/40 ,  H04L41/22 ,  H04L41/0604 ,  H04L43/045 ,  H04L43/067

Abstract: Techniques are described for an IT and security operations application to automatically generate aggregate (or “bulk,” “group,” or “composite”) notable events by identifying notable events sharing common characteristics and aggregating the related notable events into a single aggregate notable event entity that can be displayed and operated upon. The IT and security operations application identifies related notable events based on notable events generated by a common correlation search, notable events having common event attributes, based on user-specified relatedness criteria, or other such criteria. Once identified, in some embodiments, the IT and security operations application displays, in notable event lists and other interfaces, a singular aggregate notable event to users representing each of the identified related notable events.