公开(公告)号：US10225136B2

公开(公告)日：2019-03-05

申请号：US15421353

申请日：2017-01-31

Applicant: Splunk Inc.

Inventor： Brian Bingham ,  Tristan Fletcher ,  Alok Anant Bhide

IPC: G06F11/32 ,  G06F11/34 ,  G06F9/455 ,  H04L12/24

Abstract: The disclosed system and method acquire and store performance measurements relating to performance of a component in an information technology (IT) environment and log data produced by the IT environment, in association with corresponding time stamps. The disclosed system and method correlate at least one of the performance measurements with at least one of the portions of log data.

公开(公告)号：US09960970B2

公开(公告)日：2018-05-01

申请号：US15418766

申请日：2017-01-29

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Fang I. Hsiao

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/26 ,  H04L29/08 ,  G06F17/30 ,  G06F12/00

CPC classification number: H04L41/22 ,  G06F17/3051 ,  G06F17/30551 ,  G06F17/30595 ,  G06F17/30864 ,  H04L29/08072 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5045 ,  H04L43/045 ,  H04L43/16 ,  H04L67/02

Abstract: Services in an operating environment are represented by stored service definitions that identify entities that perform the service. Entity definitions identify machine data pertaining to the entity. A key performance indicator (KPI) of the service characterizes the service on the whole or some aspect of it. Each KPI is defined by a search query that derives a value from machine data identified in the entity definitions. Processing devices cause display of a service-monitoring page having a services summary region and a services aspects region. The summary region displays interactive summary tiles that each correspond to a service and present information about an aggregate KPI that characterizes the service. The aspects region displays interactive aspect tiles that each correspond to a KPI characterizing some aspect of an associated service. Additional information may be included in the service-monitoring page and interaction features enable a user to navigate to enhanced information displays.

公开(公告)号：US09864797B2

公开(公告)日：2018-01-09

申请号：US14700110

申请日：2015-04-29

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: H04L12/24 ,  G06F17/30 ,  G06F3/0484 ,  G06Q10/06 ,  G06F3/0482 ,  H04L29/08 ,  H04L12/26 ,  H04L29/06

CPC classification number: G06F17/30675 ,  G06F3/0482 ,  G06F3/04842 ,  G06F17/30964 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L63/145

Abstract: A system, method and graphical user interface (GUI) for creating a new correlation search based on a set of displayed graph lanes. The graph lanes may provide graphical visualizations of key performance indicators (KPIs) associated with one or more services and may assist a user in identifying a situation (e.g., problem or a pattern of interest) in the performance of the services. A user may adjust (e.g., add graph lanes, zooming-in) the graph lanes in order to display the situation, at which point the user may submit a request to create a new correlation search to detect if the situation reoccurs. The system may generate the new correlation search by iterating through the set of graph lanes and analyzing the fluctuations of each KPI to determine triggering criteria. The system may then run the correlation search and generate a notable event or alarm when the situation reoccurs.

公开(公告)号：US09760240B2

公开(公告)日：2017-09-12

申请号：US14859233

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Sonal Maheshwari ,  Manish Sainani ,  Leonid Alekseyev ,  Alan Hardin ,  Jacob Barton Leverich ,  Adam Jamison Oliner ,  Brian Reyes ,  Alok Anant Bhide

IPC: G06F15/16 ,  G06F3/0481 ,  G06T11/20 ,  G06F17/30 ,  H04L29/08

CPC classification number: G06F3/0481 ,  G06F3/04812 ,  G06F17/30548 ,  G06F17/30554 ,  G06Q10/00 ,  G06T11/206 ,  H04L67/1095

Abstract: Techniques are disclosed for providing a graphical user interface (GUI) for displaying and configuring adaptive or static thresholds for Key Performance Indicators (KPIs). The GUI may include one or more presentation schedules that may display threshold information associated with time policies. Each presentation schedule may include multiple time slots and span a portion of one or more time cycles. Some of the time slots may be associated with a specific time policy and may have a unifying appearance that distinguishes the time slots from timeslots associated with other time policies. The presentation schedules may arrange the time slots in a time grid arrangement (e.g., calendar grid view) or a graph arrangement with depictions (e.g., points, lines) that may illustrate KPI values and threshold markers that may illustrate the threshold values.

公开(公告)号：US09614736B2

公开(公告)日：2017-04-04

申请号：US14815919

申请日：2015-07-31

Applicant: Splunk, Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06F17/30 ,  G06F7/00 ,  H04L12/24 ,  G06Q10/06 ,  H04L29/08 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: A service monitoring system receives a selection of key performance indicators (KPIs) that each indicate a different aspect of how a service provided by one or more entities is performing. Each entity of the one or more entities produces machine data or wherein each entity has its operation reflected in machine data not produced by the entity. Each KPI is defined by a different search query that derives one or more values from the machine data pertaining to the one or more entities providing the service, where each of the one or more values is associated with a point in time and representing the aspect of how the service is performing at the associated point in time. For each of the selected KPIs, the service monitoring system derives the one or more values and causes display of a graphical visualization of the derived one or more values for the KPI along a time-based graph lane. The graph lanes for the selected KPIs are parallel to each other and the graphical visualizations in the graph lanes are all calibrated to a same time scale.

公开(公告)号：US20160103909A1

公开(公告)日：2016-04-14

申请号：US14934126

申请日：2015-11-05

Applicant: Splunk Inc.

Inventor： Alok Anant Bhide ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian Reyes

IPC: G06F17/30 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/0484

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices access a service definition for a service provided by one or more entities that each produce machine data or about which machine data is generated. The service definition identifies the entities that provide the service and, for each entity, identifying information for locating machine data pertaining to that entity. The processing devices access a key performance indicator (KPI) for the service that is defined by a search query that produces a value derived from the machine data pertaining to the entities identified in the service definition. The value indicates how the service is performing at a point in time or during a period of time and indicates a state of the KPI. A graphical interface is displayed and an indication of at least one threshold, which defines an end of a range of values representing a state of the KPI, for the KPI is received.

Abstract translation: 一个或多个处理设备访问由一个或多个实体提供的服务的服务定义，每个实体产生机器数据或关于哪个机器数据被生成。 服务定义识别提供服务的实体，并且为每个实体标识用于定位与该实体有关的机器数据的信息。 处理设备访问由搜索查询定义的服务的关键性能指标（KPI），该搜索查询产生从与服务定义中标识的实体相关的机器数据导出的值。 该值指示服务在某个时间点或一段时间内的运行情况，并指示KPI的状态。 显示图形界面，并且接收至少一个阈值的指示，其定义表示KPI的KPI的状态的范围的范围的结束。

公开(公告)号：US09146962B1

公开(公告)日：2015-09-29

申请号：US14611213

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Alok Anant Bhide ,  Sonal Maheshwari

IPC: G06F15/16 ,  G06F17/30 ,  G06F9/54 ,  H04L12/24 ,  G06F12/00

CPC classification number: G06F17/30321 ,  G06F3/0484 ,  G06F9/542 ,  G06F17/30126 ,  G06F17/30353 ,  G06F17/30424 ,  H04L41/0213 ,  H04L41/22 ,  H04L41/5012 ,  H04L41/5032 ,  H04L41/5045

Abstract: A computer system determines if events in a machine data store satisfy event selection criteria, the event selection criteria including a first field-value pair. To determine if one of the events satisfies the event selection criteria, the computer system compares the first field-value pair of the event selection criteria with a second field-value pair from an entity definition associated with the event by using a third field-value pair from data corresponding to the event in the machine data store.

Abstract translation: 计算机系统确定机器数据存储器中的事件是否满足事件选择标准，事件选择标准包括第一字段值对。 为了确定事件中的一个是否满足事件选择标准，计算机系统通过使用第三字段值将事件选择标准的第一字段值对与来自与事件相关联的实体定义的第二字段值对进行比较 从与机器数据存储中的事件相对应的数据对。

公开(公告)号：US11651011B1

公开(公告)日：2023-05-16

申请号：US17316225

申请日：2021-05-10

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06F16/34 ,  G06F16/33 ,  G06F16/903 ,  H04L41/5009 ,  H04L43/04 ,  H04L41/069 ,  H04L41/50 ,  G06Q10/0639 ,  G06F3/0482 ,  H04L41/22 ,  G06F3/04842 ,  H04L69/329 ,  H04L41/0686 ,  H04L9/40

CPC classification number: G06F16/334 ,  G06F3/0482 ,  G06F3/04842 ,  G06F16/903 ,  G06Q10/06393 ,  H04L41/069 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L69/329 ,  H04L41/0686 ,  H04L63/145

Abstract: One or more processing devices derive values indicative of various aspects of how a particular service in an information technology (IT) environment is performing at a point in time or for a period of time. The values are derived by a search query over machine data associated with the one or more entities that provide the service. The one or more processing devices define and apply time varying static thresholds in respect to the values. A user (e.g., IT manager) may be enabled to manipulate or define multiple sets of KPI thresholds that vary over time.

公开(公告)号：US11522769B1

公开(公告)日：2022-12-06

申请号：US17141192

申请日：2021-01-04

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Fang I. Hsiao

IPC: H04L41/22 ,  G06F16/28 ,  G06F16/951 ,  G06F16/2458 ,  G06F16/2455 ,  H04L41/50 ,  H04L41/5009 ,  H04L69/329 ,  H04L43/045 ,  H04L41/5041 ,  H04L67/02 ,  H04L43/16

Abstract: A method is disclosed that includes receiving a request to display a service-monitoring user interface that illustrates performance of one or more services that are each provided by one or more entities. Each service is associated with a stored service definition that identifies the one or more entities, and each entity is associated with stored entity definition information that identifies machine data produced by or about the entity from one or more sources. The method further includes causing display of the service-monitoring user interface illustrating performance of each service via an aggregate key performance indicator (KPI) that characterizes a respective service as a whole, and a plurality of aspect KPIs that each characterize an aspect of an associated service. Each KPI is defined by a search query that produces a value derived from the machine data identified by the entity definition information, the value indicative of a measure of the service at a point in time or during a period of time. The machine data is produced by one or more components within an information technology environment and reflects activity within the information technology environment.

公开(公告)号：US11061967B2

公开(公告)日：2021-07-13

申请号：US15464589

申请日：2017-03-21

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06F17/00 ,  G06F7/00 ,  G06F16/903 ,  G06Q10/06 ,  H04L29/08 ,  G06F16/26 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L12/24 ,  G06F11/34 ,  G06F11/32 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  G06T11/20

Abstract: A service monitoring system receives a selection of key performance indicators (KPIs) that each indicate a different aspect of how a service provided by one or more entities is performing. Each entity of the one or more entities produces machine data or wherein each entity has its operation reflected in machine data not produced by the entity. Each KPI is defined by a different search query that derives one or more values from the machine data pertaining to the one or more entities providing the service, where each of the one or more values is associated with a point in time and representing the aspect of how the service is performing at the associated point in time. For each of the selected KPIs, the service monitoring system derives the one or more values and causes display of a graphical visualization of the derived one or more values for the KPI along a time-based graph lane. The graph lanes for the selected KPIs are parallel to each other and the graphical visualizations in the graph lanes are all calibrated to a same time scale.