公开(公告)号：US11681900B2

公开(公告)日：2023-06-20

申请号：US16901985

申请日：2020-06-15

Applicant: SPLUNK Inc.

Inventor： Adam Jamison Oliner ,  Nghi Huu Nguyen ,  Jacob Leverich ,  Zidong Yang

IPC: G06F16/00 ,  G06N3/045 ,  G06F16/26 ,  G06F16/25

CPC classification number: G06N3/045 ,  G06F16/254 ,  G06F16/26 ,  G06F2221/2151

Abstract: Systems and methods include obtaining a set of events, each event in the set of events comprising a time-stamped portion of raw machine data, the raw machine data produced by one or more components within an information technology or security environment and reflects activity within the information technology or security environment. Thereafter, a first neural network is used to automatically identify variable text to extract as a field from the set of events. An indication of the variable text is provided as a field extraction recommendation, for example, to a user device for presentation to a user.

公开(公告)号：US10922625B2

公开(公告)日：2021-02-16

申请号：US15885395

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Lin Ma ,  Jacob Leverich ,  Adam Oliner ,  Alex Cruise ,  Hongyang Zhang

IPC: G06F17/00 ,  G06N20/00 ,  G06F7/08 ,  H04L29/08 ,  H04L29/06 ,  G06F16/28 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/903 ,  H04L12/24

Abstract: Embodiments of the present invention are directed to facilitating distributed data processing for machine learning. In accordance with aspects of the present disclosure, a set of commands in a query to process at an external computing service is identified. For each command in the set of commands, at least one compute unit including at least one operation to perform at the external computing service is identified. Each of the at least one compute unit associated with each command is analyzed to identify an optimized manner in which to execute the set of commands at the external computing service. An indication of the optimized manner in which to execute the set of commands and a corresponding set of data is provided to the external computing service to utilize for executing the set of commands at the external computing service.

公开(公告)号：US10909140B2

公开(公告)日：2021-02-02

申请号：US15276693

申请日：2016-09-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F16/00 ,  G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US10375098B2

公开(公告)日：2019-08-06

申请号：US15420737

申请日：2017-01-31

Applicant: SPLUNK INC.

Inventor： Adam Jamison Oliner ,  Jonathan La ,  Colleen Kinross ,  Hongyang Zhang ,  Jacob Leverich ,  Shang Cai ,  Mihai Ganea ,  Alex Cruise ,  Toufic Boubez ,  Manish Sainani

IPC: H04L29/06 ,  G06N3/04 ,  G06N3/08

Abstract: In some implementations, sequences of time series values determined from machine data are obtained. Each sequence corresponds to a respective time series. A plurality of predictive models is generated for a first time series from the sequences of time series values. Each predictive model is to generate predicted values associated with the first time series using values of a second time series. For each of the plurality of predictive models, an error is determined between the corresponding predicted values and values associated with the first time series. A predictive model is selected for anomaly detection based on the determined error of the predictive model. Transmission is caused of an indication of an anomaly detected using the selected predictive model.

公开(公告)号：US11755938B2

公开(公告)日：2023-09-12

申请号：US16776302

申请日：2020-01-29

Applicant: SPLUNK INC.

Inventor： Nghi Nguyen ,  Jacob Leverich ,  Adam Oliner

IPC: G06N7/01 ,  G06N20/00 ,  G06F3/00

CPC classification number: G06N7/01 ,  G06F3/00 ,  G06N20/00

Abstract: Methods and systems for determining event probabilities and anomalous events are provided. In one implementation, a method includes: receiving source data, where the source data is configured as a plurality of events with associated timestamps; searching the source data, where the searching provides a search result including N events from the plurality of events, where N is an integer greater than one, where each event of the N events includes a plurality of field values, where at least one event of the N events can include one or more categorical field values and one or more numerical field values; and for an event of the N events, determining a probability of occurrence for each field value of the plurality of field values; and using probabilities determined for the plurality of field values, determining a probability of occurrence for the event.

公开(公告)号：US11741396B1

公开(公告)日：2023-08-29

申请号：US17969569

申请日：2022-10-19

Applicant: SPLUNK Inc.

Inventor： Lin Ma ,  Jacob Leverich ,  Adam Oliner ,  Alex Cruise ,  Hongyang Zhang

IPC: G06F16/00 ,  G06N20/00 ,  G06F7/08 ,  H04L67/10 ,  H04L9/40 ,  G06F16/28 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/903 ,  H04L41/14

CPC classification number: G06N20/00 ,  G06F7/08 ,  G06F16/24564 ,  G06F16/283 ,  G06F16/90335 ,  G06F16/951 ,  H04L41/14 ,  H04L63/1416 ,  H04L67/10

Abstract: Embodiments of the present invention are directed to facilitating distributed data processing for machine learning. In accordance with aspects of the present disclosure, a set of commands in a query to process at an external computing service is identified. For each command in the set of commands, at least one compute unit including at least one operation to perform at the external computing service is identified. Each of the at least one compute unit associated with each command is analyzed to identify an optimized manner in which to execute the set of commands at the external computing service. An indication of the optimized manner in which to execute the set of commands and a corresponding set of data is provided to the external computing service to utilize for executing the set of commands at the external computing service.

公开(公告)号：US10855712B2

公开(公告)日：2020-12-01

申请号：US16446300

申请日：2019-06-19

Applicant: SPLUNK INC.

Inventor： Adam Jamison Oliner ,  Jonathan La ,  Colleen Kinross ,  Hongyang Zhang ,  Jacob Leverich ,  Shang Cai ,  Mihai Ganea ,  Alex Cruise ,  Toufic Boubez ,  Manish Sainani

IPC: G06F21/00 ,  H04L29/06 ,  G06N3/08 ,  G06N5/00 ,  G06N3/04

Abstract: In some implementations, sequences of time series values determined from machine data are obtained. Each sequence corresponds to a respective time series. A plurality of predictive models is generated for a first time series from the sequences of time series values. Each predictive model is to generate predicted values associated with the first time series using values of a second time series. For each of the plurality of predictive models, an error is determined between the corresponding predicted values and values associated with the first time series. A predictive model is selected for anomaly detection based on the determined error of the predictive model. Transmission is caused of an indication of an anomaly detected using the selected predictive model.

公开(公告)号：US20190095817A1

公开(公告)日：2019-03-28

申请号：US15885395

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Lin Ma ,  Jacob Leverich ,  Adam Oliner ,  Alex Cruise ,  Hongyang Zhang

IPC: G06N99/00 ,  G06F17/30 ,  G06F7/08 ,  H04L29/06

Abstract: Embodiments of the present invention are directed to facilitating distributed data processing for machine learning. In accordance with aspects of the present disclosure, a set of commands in a query to process at an external computing service is identified. For each command in the set of commands, at least one compute unit including at least one operation to perform at the external computing service is identified. Each of the at least one compute unit associated with each command is analyzed to identify an optimized manner in which to execute the set of commands at the external computing service. An indication of the optimized manner in which to execute the set of commands and a corresponding set of data is provided to the external computing service to utilize for executing the set of commands at the external computing service.

公开(公告)号：US20190034767A1

公开(公告)日：2019-01-31

申请号：US15665224

申请日：2017-07-31

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Sergey Slepian ,  Di Lu ,  Adam Oliner ,  Jacob Leverich ,  Iryna Vogler-Ivashchanka ,  Iman Makaremi

IPC: G06K9/62 ,  G06F17/30 ,  G06K9/00 ,  G06N99/00

CPC classification number: G06K9/6289 ,  G06F9/455 ,  G06F16/2465 ,  G06F2216/03 ,  G06K9/00067 ,  G06K9/00979 ,  G06K9/6253 ,  G06K9/6262 ,  G06N5/025 ,  G06N20/00

Abstract: Embodiments of the present invention are directed to facilitating data preprocessing for machine learning. In accordance with aspects of the present disclosure, a training set of data is accessed. A preprocessing query specifying a set of preprocessing parameter values that indicate a manner in which to preprocess the training set of data is received. Based on the preprocessing query, a preprocessing operation is performed to preprocess the training set of data in accordance with the set of preprocessing parameter values to obtain a set of preprocessed data. The set of preprocessed data can be provided for presentation as a preview. Based on an acceptance of the set of preprocessed data, the set of preprocessed data is used to train a machine learning model that can be subsequently used to predict data.

公开(公告)号：US12198021B2

公开(公告)日：2025-01-14

申请号：US17190751

申请日：2021-03-03

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Sergey Slepian ,  Iman Makaremi ,  Adam Jamison Oliner ,  Jacob Leverich ,  Di Lu

IPC: G06N20/00 ,  G06N5/025 ,  H04L41/00 ,  H04L41/16 ,  H04L41/22

Abstract: Disclosed herein is a computer-implemented tool that facilitates data analysis by use of machine learning (ML) techniques. The tool cooperates with a data intake and query system and provides a graphical user interface (GUI) that enables a user to train and apply a variety of different ML models on user-selected datasets of stored machine data. The tool can provide active guidance to the user, to help the user choose data analysis paths that are likely to produce useful results and to avoid data analysis paths that are less likely to produce useful results.