公开(公告)号：US11934256B1

公开(公告)日：2024-03-19

申请号：US17336013

申请日：2021-06-01

Applicant: Splunk Inc.

Inventor： Vitaly Akulov ,  Amritpal Singh Bath ,  William King Colgate ,  Sarah Harun ,  Jibang Liu ,  Vishal Patel ,  Tingjin Xu

IPC: G06F16/24 ,  G06F11/07 ,  G06F11/32 ,  G06F11/34 ,  H04L43/0852 ,  H04L43/10

CPC classification number: G06F11/0757 ,  G06F11/079 ,  G06F11/328 ,  G06F11/3452 ,  G06F11/3476 ,  G06F2201/80 ,  H04L43/0852 ,  H04L43/10

Abstract: In accordance with various embodiments of the present disclosure, a first instance of a data intake and query system (DIQS) may receive latency data that indicates latency states of second instances of the DIQS, the latency states indicative of latencies associated with processing of event data by the plurality of second instances. The first instance may then determine overall latency state of the first instance based, at least in part, on determining number or percentage of the first instance and the second instances of the DIQS having one or more particular latency states, and determining whether the number or percentage of the first instance and the f second instances of the DIQS having the one or more particular latency states is equal to or exceeds a threshold. The first instance may then present the overall latency state of the first instance.

公开(公告)号：US10942897B2

公开(公告)日：2021-03-09

申请号：US15885658

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： William King Colgate ,  Sharad Kylasam

IPC: G06F16/17

Abstract: Various methods and systems for monitoring files in a computer system are provided. In this regard, aspects of the invention facilitate file monitoring without file handle use, as it pertains to file monitoring and tailing, thereby mitigating file handle locking conflicts. In various implementations, information for the monitored files is obtained from the kernel using a filter driver in the I/O path. When the filter driver detects write operations being performed on monitored files, file-write data is copied and placed in a kernel buffer, where it can be pulled by a user mode monitoring process and fed to a monitoring application. As such, there is no need for coordination between the monitoring process and the user mode processes of other third-party applications writing data to monitored files.

公开(公告)号：US09940336B2

公开(公告)日：2018-04-10

申请号：US14523167

申请日：2014-10-24

Applicant: SPLUNK INC.

Inventor： William King Colgate ,  Sharad Kylasam

IPC: G06F17/30

CPC classification number: G06F17/30144

Abstract: Various methods and systems for monitoring files in a computer system are provided. In this regard, aspects of the invention facilitate file monitoring without file handle use, as it pertains to file monitoring and tailing, thereby mitigating file handle locking conflicts. In various implementations, information for the monitored files is obtained from the kernel using a filter driver in the I/O path. When the filter driver detects write operations being performed on monitored files, file-write data is copied and placed in a kernel buffer, where it can be pulled by a user mode monitoring process and fed to a monitoring application. As such, there is no need for coordination between the monitoring process and the user mode processes of other third-party applications writing data to monitored files.

公开(公告)号：US20180203871A1

公开(公告)日：2018-07-19

申请号：US15885658

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： William King Colgate ,  Sharad Kylasam

IPC: G06F17/30

CPC classification number: G06F16/1734

Abstract: Various methods and systems for monitoring files in a computer system are provided. In this regard, aspects of the invention facilitate file monitoring without file handle use, as it pertains to file monitoring and tailing, thereby mitigating file handle locking conflicts. In various implementations, information for the monitored files is obtained from the kernel using a filter driver in the I/O path. When the filter driver detects write operations being performed on monitored files, file-write data is copied and placed in a kernel buffer, where it can be pulled by a user mode monitoring process and fed to a monitoring application. As such, there is no need for coordination between the monitoring process and the user mode processes of other third-party applications writing data to monitored files.

公开(公告)号：US20160117342A1

公开(公告)日：2016-04-28

申请号：US14523167

申请日：2014-10-24

Applicant: SPLUNK INC.

Inventor： William King Colgate ,  Sharad Kylasam

IPC: G06F17/30

CPC classification number: G06F17/30144

Abstract: Various methods and systems for monitoring files in a computer system are provided. In this regard, aspects of the invention facilitate file monitoring without file handle use, as it pertains to file monitoring and tailing, thereby mitigating file handle locking conflicts. In various implementations, information for the monitored files is obtained from the kernel using a filter driver in the I/O path. When the filter driver detects write operations being performed on monitored files, file-write data is copied and placed in a kernel buffer, where it can be pulled by a user mode monitoring process and fed to a monitoring application. As such, there is no need for coordination between the monitoring process and the user mode processes of other third-party applications writing data to monitored files.

Abstract translation: 提供了用于监视计算机系统中的文件的各种方法和系统。 在这方面，本发明的方面便于文件监视而不需要使用文件句柄，因为它涉及文件监视和拖尾，从而减轻文件句柄锁定冲突。 在各种实现中，使用I / O路径中的过滤器驱动程序从内核获取受监视文件的信息。 当过滤器驱动程序检测到对受监视文件执行的写入操作时，将文件写入数据复制并放置在内核缓冲区中，在该缓冲区中可以通过用户模式监视进程将其提取并提供给监视应用程序。 因此，监视过程和其他第三方应用程序向被监视文件写入数据的用户模式进程之间不需要协调。