公开(公告)号：US11768776B1

公开(公告)日：2023-09-26

申请号：US18045421

申请日：2022-10-10

Applicant: Splunk Inc.

Inventor： Bharath Aleti ,  Alexandros Batsakis ,  Paul J. Lucas ,  Igor Stojanovski

IPC: G06F12/121 ,  G06F16/22 ,  G06F16/2455

CPC classification number: G06F12/121 ,  G06F16/2282 ,  G06F16/24553 ,  G06F2212/1044

Abstract: Systems and methods are disclosed for making space available in a local storage of a data intake and query system. A cache manager of the data intake and query system may determine an amount of storage space of a local data store that is available for use to perform a query. The cache manager may then use one or more eviction policies associated with content stored at the local data store to purge content items to evict from the local storage. The system may then retrieve content for performing the query from a remote storage and store the retrieved content at the local storage.

公开(公告)号：US11762442B1

公开(公告)日：2023-09-19

申请号：US16945723

申请日：2020-07-31

Applicant: SPLUNK INC.

Inventor： Matteo Merli ,  Karthikeyan Ramasamy ,  Ram Sriharsha

IPC: G06F1/26 ,  G06F1/3296 ,  G06N20/00 ,  H04L67/12

CPC classification number: G06F1/266 ,  G06F1/3296 ,  G06N20/00 ,  H04L67/12

Abstract: Various implementations of the present application set forth a computer-implemented method comprising obtaining, by a low-power hub device, a first set of data published by an edge device, where the low-power hub device subscribes to at least a subset of data published by the edge device, generating, by the low-power hub device, a second set of data from the first set of data by inputting the first set of data into a machine learning (ML) model executing on the low-power hub device, and transmitting the second set of data to a remote server computer system.

公开(公告)号：US11755453B1

公开(公告)日：2023-09-12

申请号：US17973394

申请日：2022-10-25

Applicant: SPLUNK Inc.

Inventor： Tigran Najaryan ,  Aunsh Bharat Chaudhari ,  Morgan James McLean ,  Yiqing Pei

IPC: G06F9/44 ,  G06F11/34

CPC classification number: G06F11/3495

Abstract: In response to receiving a selection of an option to discover uninstrumented entities within a monitored environment, information retrieved from monitoring agents currently installed on instrumented entities within a system is analyzed to discover additional entities within the system that are connected to the instrumented entities. Each of these discovered entities is analyzed to determine whether a monitoring agent is able to be installed within the entity; if installation is possible, such installation is automatically performed (or a guided manual installation is implemented utilizing an interface). After a monitoring agent is installed within a discovered entity, information is retrieved from that monitoring agent may be used to discover additional entities within the system that are connected to that discovered entity. In this way, an iterative discovery of all entities within a system may be performed. Results of this iterative discovery may be presented via an interface.

公开(公告)号：US20230273936A1

公开(公告)日：2023-08-31

申请号：US18313240

申请日：2023-05-05

Applicant: SPLUNK INC.

Inventor： Da XU ,  Sundar VASAN ,  Dhruva Kumar BHAGI

IPC: G06F16/27 ,  G06F16/22 ,  G06F11/30 ,  G06F11/20 ,  G06F11/34 ,  H04L67/1097 ,  G06F11/32

CPC classification number: G06F16/27 ,  G06F16/2272 ,  G06F11/3006 ,  G06F11/2094 ,  G06F11/3476 ,  H04L67/1097 ,  G06F11/3409 ,  G06F11/32 ,  G06F11/3072 ,  G06F3/0617

Abstract: A method for performing disaster recovery in a clustered environment comprises identifying, at a master device, a first indexer from a set of indexers to serve as a primary indexer for responding to queries pertaining to a subset of data. The method also comprises assigning, at the master device, a generation identifier indicating that the first indexer is the primary indexer for the subset of data. Responsive to an event prompting a change in a primary indexer designation for the subset of data, the method comprises identifying, at the master device, a second indexer from the set of indexers to serve as the primary indexer for responding to queries pertaining to the subset of data. Further, the method comprises assigning, at the master device, a new generation identifier indicating that the second indexer is the primary indexer for the subset of data.

公开(公告)号：USD997188S1

公开(公告)日：2023-08-29

申请号：US29812102

申请日：2021-10-19

Applicant: SPLUNK Inc.

Designer： Jindrich Dinga ,  Jacob Sebastian Stark ,  Mudit Mittal ,  Clark E Mullen

Abstract: The sole FIGURE is a front view of a display screen or portion thereof having a graphical user interface showing my new design.
The outermost broken-line rectangle depicts the perimeter of a display screen or portion thereof having a graphical user interface and forms no part of the claimed design. The remaining broken lines depict portions of a graphical user interface and form no part of the claimed design.

公开(公告)号：US11743285B2

公开(公告)日：2023-08-29

申请号：US16528397

申请日：2019-07-31

Applicant: Splunk Inc.

Inventor： Brian Luger

IPC: H04L9/40

CPC classification number: H04L63/145 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1483 ,  H04L63/308

Abstract: Techniques and mechanisms are disclosed enabling efficient collection of forensic data from client devices, also referred to herein as endpoint devices, of a networked computer system. Embodiments described herein further enable correlating forensic data with other types of non-forensic data from other data sources. A network security application described herein further enables generating various dashboards, visualizations, and other interfaces for managing forensic data collection, and displaying information related to collected forensic data and information related to identified correlations between items of forensic data and other items of non-forensic data.

公开(公告)号：US11741131B1

公开(公告)日：2023-08-29

申请号：US17162300

申请日：2021-01-29

Applicant: Splunk Inc.

Inventor： Akash Dwivedi ,  Himanshu Gupta ,  Eric Tschetter ,  Rahul Gidwani

IPC: G06F16/22 ,  G06F16/248 ,  G06F16/28 ,  G06F16/2455

CPC classification number: G06F16/287 ,  G06F16/22 ,  G06F16/248 ,  G06F16/24553 ,  G06F16/288

Abstract: Systems and methods are disclosed for efficiently uploading event data of a data intake and processing system and building journey instances using the uploaded event data in a distributed manner. Each journey instance is illustratively associated with a series of events within the event data occurring over a journey duration. For example, a cloud-based hosting system can implement a cloud-based distributed system that receives fragmented uploads of event data from the data intake and query system. Once received, the cloud-based hosting system can combine the event data from one or more uploads and re-stitch portions of the uploaded event data using a set of worker nodes to build journey instances.

公开(公告)号：US11741089B1

公开(公告)日：2023-08-29

申请号：US17589661

申请日：2022-01-31

Applicant: Splunk Inc.

Inventor： Michael Porath ,  Siegfried Puchbauer-Schnabel

IPC: G06F16/242 ,  G06F16/29 ,  G06F16/248 ,  G06F16/951 ,  G06F16/2457 ,  G06F3/04842

CPC classification number: G06F16/2428 ,  G06F3/04842 ,  G06F16/248 ,  G06F16/24578 ,  G06F16/29 ,  G06F16/951

Abstract: A data intake and query system may store raw machine data that includes location information. A client system may include a user interface for searching the data intake and query system. The user interface allows a user to define a field search query and to define one or more ad-hoc boundary regions on a map. A combined query is transmitted to the data intake and query system, the combined query including both the field search query and location search information that is based on the ad-hoc boundary regions. The data intake and query system runs the combined query and returns responsive results, which are displayed at the client user interface.

公开(公告)号：US11741086B2

公开(公告)日：2023-08-29

申请号：US17121935

申请日：2020-12-15

Applicant: SPLUNK Inc.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F16/242 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847

CPC classification number: G06F16/2428 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847

Abstract: A search interface is displayed in a table format that includes one or more columns, each column including data items of an event attribute, the data items being of a set of events, and a plurality of rows forming cells with the one or more columns, each cell displaying a textual representation of at least one of the data items of the event attribute of a corresponding column. Based on a user selecting a portion of the textual representation in a corresponding cell, a list of options is displayed that corresponds to the selected portion of the textual representation. Furthermore, one or more commands are added to a search query that corresponds to the set of events, the one or more commands being based on at least an option that is selected from the list of options and the selected portion of the textual representation in the corresponding cell.

公开(公告)号：US11736452B1

公开(公告)日：2023-08-22

申请号：US17246536

申请日：2021-04-30

Applicant: SPLUNK INC.

Inventor： Christopher Chan ,  Ryan O'Connor ,  Philippe Tang ,  Simon Tam ,  Sterling Trafford

IPC: H04L9/40

CPC classification number: H04L63/0428 ,  H04L63/0272 ,  H04L63/0869

Abstract: In various embodiments, a computer-implemented method comprises determining that a first property associated with a dashboard is modified at a first device, determining that the dashboard is accessible at a second device, where the first device and the second device are coupled via a trusted tunnel bridge, and in a real-time response to determining that the first property was modified, transmitting, to the second device via the trusted tunnel bridge, an update that causes the second device modify the dashboard based on the modified first property.