公开(公告)号：US20170147681A1

公开(公告)日：2017-05-25

申请号：US15402184

申请日：2017-01-09

Applicant: Splunk Inc.

Inventor： Nicholas Matthew Tankersley ,  George Iordanov Daloukov ,  Arun Ramani

IPC: G06F17/30 ,  G06F11/30 ,  G06F11/34 ,  H04L29/08

CPC classification number: G06F11/3409 ,  G06F3/04847 ,  G06F11/3006 ,  G06F16/24573 ,  G06Q10/00 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L67/16

Abstract: The operation of an automatic service monitoring system (SMS) is directed by stored control information. Methods and mechanisms are provided to create portable control modules based on the control information. The portable modules may be transmitted or otherwise conveyed to a second SMS and imported there to establish the control information that directs and determines operational aspects of the second SMS.

公开(公告)号：US20170083572A1

公开(公告)日：2017-03-23

申请号：US15088075

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Nicholas Matthew Tankersley ,  Fang I Hsiao ,  Arun Ramani

IPC: G06F17/30 ,  G06T11/20 ,  G06F3/0484

Abstract: An automatic service monitor in an information-technology environment performs regular search queries against generated machine data to derive performance measurements. The information technology environment is defined in terms of services provided by entities, and the performance measurements are defined as key performance indicators (KPIs) of the services. Generated machine data used by the search queries pertain to the entities performing the service. Definitional information for the services, entities, and KPIs is administered by a user to control the operation of the service monitor. Various aspects of such definitional information as well as related performance measurement information may be presented in a unified console display tailored to, and organized around, a particular entity. The console display may serve as a central launch point by supporting user interaction to navigate to other specialized monitoring interfaces.

公开(公告)号：US11843528B2

公开(公告)日：2023-12-12

申请号：US17451940

申请日：2021-10-22

Applicant: Splunk Inc.

Inventor： Alan Vincent Hardin ,  Kan Wu ,  Arun Ramani ,  Nicholas Matthew Tankersley ,  Tristan Fletcher ,  Alok Bhide

IPC: G06F17/30 ,  H04L43/04 ,  G06F8/61 ,  H04L43/00 ,  G06F16/951 ,  H04L43/0817

CPC classification number: H04L43/04 ,  G06F8/61 ,  G06F16/951 ,  H04L43/0817 ,  H04L43/14

Abstract: One or more lower-tier system monitoring components are installed and operated prior to installing a higher-tier system monitoring component. A lower-tier system may be an individual server, network device, or local area network. A higher-tier system may include an enterprise or organization wide network or service that includes at least a part of the lower-tier system. Once the higher-tier system monitoring component is installed, the higher-tier and lower-tier system monitoring components use an interface to operate with one another to form a single larger instance of an organization wide monitoring system. The combination of the higher-tier system monitoring component and the one or more lower-tier system operating components performs monitoring aspects of the overall information technology environment based at least in part on machine data produced and made searchable to provide monitoring results.

公开(公告)号：US11573955B1

公开(公告)日：2023-02-07

申请号：US16657664

申请日：2019-10-18

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Andrew Peters ,  Arun Ramani

IPC: G06F16/00 ,  G06F7/04 ,  G06F16/242 ,  G06F16/9035 ,  G06F16/2458 ,  G06F16/28 ,  G06F16/25

Abstract: Systems and methods are disclosed for flexibly applying a query term to heterogeneous data. A query system can receive a query that includes a data-determinant query term. As the system executes the query it can generate interim search results. As the system query processes the interim search results based on the query, it can apply the data-determinant query term to records of the interims search results based on the structure of the records.

公开(公告)号：US20220156267A1

公开(公告)日：2022-05-19

申请号：US17586590

申请日：2022-01-27

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Scott Calvert ,  Manu Jose ,  Andrew Peters ,  Christopher Madden Pride ,  Arun Ramani

IPC: G06F16/2457 ,  G06F16/907 ,  G06F16/2455 ,  G06F40/30

Abstract: Systems and methods are disclosed for annotating a metadata catalog in a data intake and query system based on a query received by the data intake and query system. The metadata catalog can store information about datasets associated with the data intake and query system, including dataset configuration records of the datasets, which can be used to process queries for execution by the data intake and query system. The data intake and query system can receive a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system can parse the query to identify datasets and/or data fields associated with the query. Based on the identified datasets and/or fields, the data intake and query system can generate one or more annotations, and use the annotations to update the metadata catalog.

公开(公告)号：US20220121689A1

公开(公告)日：2022-04-21

申请号：US17072833

申请日：2020-10-16

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Shyam Mundhra ,  Manikandan Vellore Muneeswaran ,  Arun Ramani ,  Thor Taylor ,  Steve Zhang

IPC: G06F16/28 ,  G06F16/2455 ,  G06F16/2453 ,  G06F9/30

Abstract: Systems and methods for rule-based data stream processing by data collection, indexing, and visualization systems. An example method includes: receiving, by the computer system, an input data stream comprising raw machine data; processing the raw machine data by a data processing pipeline that produces transformed machine data, wherein the data processing pipeline comprises an ordered plurality of pipeline stages, wherein a pipeline stage of the ordered plurality of pipeline stages applies a rule of a set of rules to an input of the pipeline stage, wherein the rule specifies an action to be performed on the input of the pipeline stage responsive to evaluating a conditional expression applied to the input of the pipeline stage, wherein the action generates an output of the pipeline stage, and wherein the rule is selected based on a source type associated with the input data stream; and supplying the transformed machine data to a data collection, indexing, and visualization system.

公开(公告)号：US11238049B1

公开(公告)日：2022-02-01

申请号：US16264019

申请日：2019-01-31

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Scott Calvert ,  Manu Jose ,  Andrew Peters ,  Christopher Madden Pride ,  Arun Ramani

IPC: G06F16/00 ,  G06F16/2457 ,  G06F16/907 ,  G06F16/2455 ,  G06F40/30

Abstract: Systems and methods are disclosed for annotating a metadata catalog in a data intake and query system based on a query received by the data intake and query system. The metadata catalog can store information about datasets associated with the data intake and query system, including dataset configuration records of the datasets, which can be used to process queries for execution by the data intake and query system. The data intake and query system can receive a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system can parse the query to identify datasets and/or data fields associated with the query. Based on the identified datasets and/or fields, the data intake and query system can generate one or more annotations, and use the annotations to update the metadata catalog.

公开(公告)号：US11159397B2

公开(公告)日：2021-10-26

申请号：US15884637

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Alan Vincent Hardin ,  Kan Wu ,  Arun Ramani ,  Nicholas Matthew Tankersley ,  Tristan Fletcher ,  Alok Bhide

IPC: H04L12/26 ,  G06F8/61 ,  G06F16/951

Abstract: One or more lower-tier system monitoring components are installed and operated prior to installing a higher-tier system monitoring component. A lower-tier system may be an individual server, network device, or local area network. A higher-tier system may include an enterprise or organization wide network or service that includes at least a part of the lower-tier system. Once the higher-tier system monitoring component is installed, the higher-tier and lower-tier system monitoring components use an interface to operate with one another to form a single larger instance of an organization wide monitoring system. The combination of the higher-tier system monitoring component and the one or more lower-tier system operating components performs monitoring aspects of the overall information technology environment based at least in part on machine data produced and made searchable to provide monitoring results.

公开(公告)号：US11093564B1

公开(公告)日：2021-08-17

申请号：US16147129

申请日：2018-09-28

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Manu Jose ,  Sourav Pal ,  Christopher Madden Pride ,  Nicholas Robert Romito ,  Igor Braylovskiy ,  Arun Ramani ,  Ankit Jain

IPC: G06F16/00 ,  G06F16/9535 ,  G06F9/54 ,  G06F16/242 ,  G06F40/205

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system parses the query and uses a metadata catalog to dynamically identify configuration parameters of datasets and/or rules associated with the query. The identified configuration parameters are communicated to a query processing component of the data intake and query system for use in executing the query.

公开(公告)号：US10417225B2

公开(公告)日：2019-09-17

申请号：US15088075

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Nicholas Matthew Tankersley ,  Fang I Hsiao ,  Arun Ramani

IPC: G06F16/2452 ,  G06F3/0484 ,  G06T11/20 ,  G06F16/2457 ,  G06F11/30 ,  G06Q10/06 ,  G06Q10/10

Abstract: An automatic service monitor in an information-technology environment performs regular search queries against generated machine data to derive performance measurements. The information technology environment is defined in terms of services provided by entities, and the performance measurements are defined as key performance indicators (KPIs) of the services. Generated machine data used by the search queries pertain to the entities performing the service. Definitional information for the services, entities, and KPIs is administered by a user to control the operation of the service monitor. Various aspects of such definitional information as well as related performance measurement information may be presented in a unified console display tailored to, and organized around, a particular entity. The console display may serve as a central launch point by supporting user interaction to navigate to other specialized monitoring interfaces.