公开(公告)号：US11886475B1

公开(公告)日：2024-01-30

申请号：US17745848

申请日：2022-05-16

Applicant: Splunk Inc.

Inventor： Arvind Swaminathan ,  Xiang Zhou

IPC: G06F7/00 ,  G06F16/33 ,  G06N5/022

CPC classification number: G06F16/334 ,  G06N5/022

Abstract: A service monitoring system (SMS) transforms machine data from a monitored information technology (IT) environment into meaningful key performance indicators (KPIs) that each represents some measure of a service implemented by the environment on an ongoing basis. An overall health score for the service is determined from the KPIs and a prediction is made for a future health score. Data regarding a particular KPI and other KPIs is transformed to predicted future values for the particular KPI over a prediction window. Additionally, predicted future KPI scores may be used to determine a KPI impact score reflecting some measure of the degree to which the KPI, its related components, or processing related thereto, can influence the actual future health score. The KPI impact scores condition or direct the future operation of one or more SMS processes. Production of an impactor list identifying priority targets for interventive processing may be produced based at least on KPI impact scores and may also condition or direct the future operation of one or more SMS processes.

公开(公告)号：US11675816B1

公开(公告)日：2023-06-13

申请号：US17163258

申请日：2021-01-29

Applicant: Splunk Inc.

Inventor： Ramkumar Chandrasekharan ,  Tristan Antonio Fletcher ,  Ramprasad Siva Golla ,  Alpesh Sheth ,  Shailendra Suryawanshi ,  Xiang Zhou

IPC: G06F17/00 ,  G06F16/28 ,  G06N20/00

CPC classification number: G06F16/285 ,  G06N20/00

Abstract: Systems and methods are described for using a streaming data processor to group notable events reflecting operation of a computing system into episodes of related events reflecting an incident on the computing system, such as to enable root cause analysis of the incident. Each notable event can be generated based on one or more events detected within raw machine data. The streaming data processor can ingest a data stream of notable events, and apply a clustering algorithm to the events to cluster those events into episodes. When the episodes satisfy an action rule, the streaming data processor can take an action appropriate to that rule, such as transmitting an alert or programmatically altering operation of the computing system. The streaming data processor can utilize feedback as to the grouping of events into episodes to modify the clustering algorithm and improve accuracy of clustering.

公开(公告)号：US11366842B1

公开(公告)日：2022-06-21

申请号：US16147170

申请日：2018-09-28

Applicant: Splunk Inc.

Inventor： Arvind Swaminathan ,  Xiang Zhou

IPC: G06F7/00 ,  G06F16/33 ,  G06N5/02

Abstract: A service monitoring system (SMS) transforms machine data from a monitored information technology (IT) environment into meaningful key performance indicators (KPIs) that each represents some measure of a service implemented by the environment on an ongoing basis. An overall health score for the service is determined from the KPIs and a prediction is made for a future health score. Data regarding a particular KPI and other KPIs is transformed to predicted future values for the particular KPI over a prediction window. Additionally, predicted future KPI scores may be used to determine a KPI impact score reflecting some measure of the degree to which the KPI, its related components, or processing related thereto, can influence the actual future health score. The KPI impact scores condition or direct the future operation of one or more SMS processes. Production of an impactor list identifying priority targets for interventive processing may be produced based at least on KPI impact scores and may also condition or direct the future operation of one or more SMS processes.