公开(公告)号：US10929345B2

公开(公告)日：2021-02-23

申请号：US16532391

申请日：2019-08-05

Applicant: Tanium Inc.

Inventor： Joshua F. Stoddard ,  John R. Coates ,  Naveen Goela ,  Aaron J. Tarter ,  Christian L. Hunt

IPC: G06F16/14 ,  G06F16/182 ,  H04L29/08

Abstract: In a distributed system, each of N machines receives a similarity search query through a linear communication orbit. The similarity search query includes token identifiers corresponding to tokens in a target document. Each machine, in response, identifies files that meet predefined similarity criteria with respect to the target document. Subsequent to receiving the similarity search query, the machine generates a first report, including a count of files stored at the machine that meet the predefined similarity criteria with respect to the target document, and/or information identifying a set of files that meet the predefined similarity criteria with respect to the target document; and sends the first report to a server through the linear communication orbit. The server produces a merged report presenting information with respect to files at a set of machines, including the N machines, that meet the predefined similarity criteria with respect to the target document.

公开(公告)号：US11372938B1

公开(公告)日：2022-06-28

申请号：US16870742

申请日：2020-05-08

Applicant: Tanium Inc.

Inventor： Joshua F. Stoddard ,  Sachin P. Patel ,  Shawn M. Surber ,  Aaron J. Tarter ,  John R. Coates

IPC: G06F16/953 ,  H04L9/40 ,  H04L9/06 ,  H04L5/14 ,  G06F16/14 ,  H04L43/08 ,  G06F16/2455

Abstract: A machine in a linear communication orbit receives a query, including a set of one or more rules, through the linear communication orbit. The machine, for each respective rule: identifies files that contain content that satisfies the respective rule, generates a first report identifying a count of files at the machine that contain content satisfying the rule, and sends the first report through the linear communication orbit to a server. The machine receives an instruction packet from an external machine that includes an instruction for establishing a direct duplex connection between the respective machine and the external machine. then sends a request to the external machine to establish the direct duplex connection. The machine sends to the external machine, via the direct duplex connection, a second report including information identifying files at the machine that contain file content satisfying each rule in the set of one or more rules.

公开(公告)号：US20190312933A1

公开(公告)日：2019-10-10

申请号：US16443720

申请日：2019-06-17

Applicant: Tanium Inc.

Inventor： Ryan S. Richards ,  John R. Coates ,  James B. Evans

IPC: H04L29/08 ,  G06F16/2455

Abstract: This application is directed to a distributed data processing method performed at a server system coupled to a linear communication orbit. The server system has a plurality of function modules. Each function module is configured to collect data related to a core function from the linear communication orbit. Each function module includes an internal client configured to adaptively perform a set of data processing operations according to a schema definition, including generating a data collection request for collecting raw data items, sending the data collection request through the linear communication orbit, collecting the requested raw data items from a set of machines via the linear communication orbit, and performing analysis on the collected raw data items. In some embodiments, a central data management module of the one or more servers is configured to provide the schema definition to and receive result data reported from the function modules.

公开(公告)号：US12132784B1

公开(公告)日：2024-10-29

申请号：US18204351

申请日：2023-05-31

Applicant: Tanium Inc.

Inventor： Ryan S. Richards ,  John R. Coates ,  James B. Evans

IPC: H04L67/1097 ,  G06F16/2455

CPC classification number: H04L67/1097 ,  G06F16/24552

Abstract: A server system, coupled to a linear communication orbit, has a plurality of function modules. Each function module is configured to collect data from machines located at nodes of the linear communication orbit, process collected data according to a schema definition to generate result data, and store the result data in a database. Data collection requests, based on the schema definition, are sent through the linear communication orbit to collecting data from a set of machines via the linear communication orbit. In some embodiments, a central data management module of the one or more servers is configured to provide the schema definition to and receive result data reported from the function modules.

公开(公告)号：US11886229B1

公开(公告)日：2024-01-30

申请号：US17182083

申请日：2021-02-22

Applicant: Tanium Inc.

Inventor： Naveen Goela ,  Joshua F. Stoddard ,  John R. Coates ,  Christian L. Hunt ,  Adam Mustafa

IPC: G06F16/14 ,  G06F16/13 ,  G06F16/93 ,  G06F16/182 ,  G06F18/22

CPC classification number: G06F16/156 ,  G06F16/137 ,  G06F16/144 ,  G06F16/182 ,  G06F16/93 ,  G06F18/22

Abstract: In a distributed system that includes a collection of machines, a server system generates a global dictionary from sampling responses received from machines in the collection of machine, at least a subject of the sampling responses including information indicating one or more terms in a corpus of information stored at a respective machine in the collection of machines. The global dictionary includes global document frequency values corresponding to the document frequencies of terms in the corpora of information stored in the collection of machines. The server system generates a similarity search query for a target document, the similarity search query including identifiers of terms in the target document and optionally document frequency information for those terms, obtained from the global dictionary, and sends, through one or more linear communication orbits, the similarity search query to one or more respective machines in the collection of machines.

公开(公告)号：US11700303B1

公开(公告)日：2023-07-11

申请号：US17503023

申请日：2021-10-15

Applicant: Tanium Inc.

Inventor： Ryan S. Richards ,  John R. Coates ,  James B. Evans

IPC: H04L67/1097 ,  G06F16/2455

CPC classification number: H04L67/1097 ,  G06F16/24552

Abstract: A server system, coupled to a linear communication orbit, has a plurality of function modules. Each function module is configured to collect data from machines located at nodes of the linear communication orbit, process collected data according to a schema definition to generate result data, and store the result data in a database. Data collection requests, based on the schema definition, are sent through the linear communication orbit to collecting data from a set of machines via the linear communication orbit. In some embodiments, a central data management module of the one or more servers is configured to provide the schema definition to and receive result data reported from the function modules.

公开(公告)号：US11153383B2

公开(公告)日：2021-10-19

申请号：US16443720

申请日：2019-06-17

Applicant: Tanium Inc.

Inventor： Ryan S. Richards ,  John R. Coates ,  James B. Evans

IPC: H04L29/08 ,  G06F16/2455

Abstract: This application is directed to a distributed data processing method performed at a server system coupled to a linear communication orbit. The server system has a plurality of function modules. Each function module is configured to collect data related to a core function from the linear communication orbit. Each function module includes an internal client configured to adaptively perform a set of data processing operations according to a schema definition, including generating a data collection request for collecting raw data items, sending the data collection request through the linear communication orbit, collecting the requested raw data items from a set of machines via the linear communication orbit, and performing analysis on the collected raw data items. In some embodiments, a central data management module of the one or more servers is configured to provide the schema definition to and receive result data reported from the function modules.