公开(公告)号：US20150295778A1

公开(公告)日：2015-10-15

申请号：US14609223

申请日：2015-01-29

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Cary Glen Noel

IPC: H04L12/24 ,  G06F3/0484

CPC classification number: H04L41/22 ,  H04L43/045 ,  H04L43/0894

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system obtains a set of event streams from one or more remote capture agents over one or more networks, wherein the set of event streams comprises time-series event data generated from network packets captured by the one or more remote capture agents. Next, the system causes for display, within a graphical user interface (GUI), a first set of user interface elements, wherein the first set of user interface elements includes event stream information for an event stream in the set of event streams and a first graph of a metric associated with the time-series event data in the event stream. The system then updates the first graph in real-time with the time-series event data from the one or more remote capture agents.

Abstract translation: 所公开的实施例提供了有助于网络数据的处理的系统。 在操作期间，系统通过一个或多个网络从一个或多个远程捕获代理获得一组事件流，其中该组事件流包括由一个或多个远程捕获代理捕获的网络分组生成的时间序列事件数据。 接下来，系统导致在图形用户界面（GUI）内显示第一组用户界面元素，其中第一组用户界面元素包括事件流集合中的事件流的事件流信息，以及第一组 与事件流中的时间序列事件数据相关联的度量图。 系统随后使用来自一个或多个远程捕获代理程序的时间序列事件数据实时更新第一个图形。

公开(公告)号：US12189577B1

公开(公告)日：2025-01-07

申请号：US18095941

申请日：2023-01-11

Applicant: Splunk Inc.

Inventor： Venkata Kuruvada ,  Fang I. Hsiao ,  Nicholas Matthew Tankersley

IPC: G06F3/06 ,  G06F16/14 ,  G06F16/22 ,  G06F16/951 ,  G06Q10/063

Abstract: A network storage volume stores a first entry in a first-mode storage bucket and a second entry in a second-mode storage bucket, the first-mode storage bucket having first bucket metadata, and the second-mode storage bucket having second bucket metadata. At least one bucket to be purged from the buckets of the network storage volume are selected based at least in part on bucket metadata of the plurality of buckets, where the buckets include the first-mode storage bucket and the second-mode storage bucket. The selected bucket is caused to be purged from the network storage volume.

公开(公告)号：US12028208B1

公开(公告)日：2024-07-02

申请号：US18330299

申请日：2023-06-06

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Wei Jiang ,  Vladimir A. Shcherbakov ,  Ramkumar Chandrasekharan ,  Clayton S. Ching

IPC: G06F16/00 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/04842 ,  G06F16/26 ,  H04L41/0813 ,  H04L41/22 ,  H04L67/12 ,  H04L67/75

CPC classification number: H04L41/0813 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/04842 ,  G06F16/26 ,  H04L41/22 ,  H04L67/12 ,  H04L67/75

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements containing a set of statistics associated with one or more event streams that comprise the time-series event data. The system then causes for display, in the GUI, one or more graphs comprising one or more values from the set of statistics. Finally, the system causes for display, in the GUI, a value of a statistic from the set of statistics based on a position of a cursor over the one or more graphs.

公开(公告)号：US11451453B2

公开(公告)日：2022-09-20

申请号：US16670816

申请日：2019-10-31

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Cary Glen Noel

IPC: H04L41/22 ,  H04L43/022 ,  H04L43/045

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display, on a computer system, a graphical user interface (GUI) for obtaining configuration information for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements for managing one or more ephemeral event streams that contain temporarily generated time-series event data from the network packets, wherein managing the one or more ephemeral event streams comprises modifying an end time for terminating the capture of time-series event data in an ephemeral event stream. The system then updates the configuration information based on input received through the first set of user-interface elements.

公开(公告)号：US11157446B1

公开(公告)日：2021-10-26

申请号：US16732323

申请日：2020-01-01

Applicant: Splunk Inc.

Inventor： Venkata Kuruvada ,  Fang I. Hsiao ,  Nicholas Matthew Tankersley

IPC: G06F3/06 ,  G06F16/14 ,  G06F16/22 ,  G06F16/951 ,  G06Q10/06

Abstract: A server group of a data intake and query system (DIQS) establishes connections with multiple source data network nodes. Data from the multiple sources comports with a variety of different data modes and may be received via the established network connections on a periodic or continuous basis for ongoing capture as modal entries of modal buckets of a common networked storage volume. Rates of data reception across the network connections influences a process to maintain a measured utilization of storage volume capacity at, near, or below a targeted level.

公开(公告)号：US11106442B1

公开(公告)日：2021-08-31

申请号：US16049495

申请日：2018-07-30

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Ai-chi Lu ,  Nicholas Matthew Tankersley

IPC: G06F7/00 ,  G06F16/00 ,  G06F8/61 ,  G06F16/26 ,  G06F16/951 ,  G06F3/0483 ,  G06F3/0484

Abstract: Data intake and query system (DIQS) instances supporting applications including lower-tier, focused, work group oriented applications may be tailored to meet the specific needs of the users. Rather than offer pre-configured options, the DIQS-based application offers the user the ability to customize data collection before deploying the collectors for specified host entities within an IT environment. Once the user selects the metrics and/or log sources for data collection at a custom interface, the lower-tier DIQS generates custom script operable to establish collection of the source data having the selected metrics and events associated with selected log sources from the specified host entities. The user can display and analyze the collected data.

公开(公告)号：US10700950B2

公开(公告)日：2020-06-30

申请号：US14699787

申请日：2015-04-29

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Wei Jiang ,  Vladimir A. Shcherbakov ,  Ramkumar Chandrasekharan ,  Clayton S. Ching

IPC: G06F15/16 ,  H04L12/26 ,  H04L12/24

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements for managing one or more event streams containing the time-series event data, wherein managing the one or more event streams includes enabling the generation of a set of statistics from an event stream without subsequently storing and processing at least a first portion of the event stream by one or more components on a network. The GUI then updates the configuration information based on input received through the first set of user-interface elements.

公开(公告)号：US10693742B2

公开(公告)日：2020-06-23

申请号：US14609223

申请日：2015-01-29

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Cary Glen Noel

IPC: H04L12/24 ,  H04L12/26

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system obtains a set of event streams from one or more remote capture agents over one or more networks, wherein the set of event streams comprises time-series event data generated from network packets captured by the one or more remote capture agents. Next, the system causes for display, within a graphical user interface (GUI), a first set of user interface elements, wherein the first set of user interface elements includes event stream information for an event stream in the set of event streams and a first graph of a metric associated with the time-series event data in the event stream. The system then updates the first graph in real-time with the time-series event data from the one or more remote capture agents.

公开(公告)号：US10360196B2

公开(公告)日：2019-07-23

申请号：US14610408

申请日：2015-01-30

Applicant: Splunk Inc.

Inventor： Fang I. Hsiao ,  Clayton S. Ching ,  Michael R. Dickey ,  Vladimir A. Shcherbakov ,  Nishant Teredesai ,  Cary Glen Noel

IPC: G06F16/22 ,  H04L29/06 ,  G06F16/2455

Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system causes for display a graphical user interface (GUI) for configuring the generation of time-series event data from network packets captured by one or more remote capture agents. Next, the system causes for display, in the GUI, a first set of user-interface elements for specifying a grouping of a set of event streams containing the time-series event data by an event stream attribute associated with the event streams. The system then causes for display, in the GUI, a second set of user-interface elements containing event stream information for one or more subsets of the event streams represented by the grouping of the event streams by the event stream attribute.

公开(公告)号：US10152561B2

公开(公告)日：2018-12-11

申请号：US15014017

申请日：2016-02-03

Applicant: Splunk Inc.

Inventor： Hemendra Singh Choudhary ,  Tristan Antonio Fletcher ,  Brian Bingham ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F15/173 ,  G06F17/30 ,  G06Q10/06 ,  H04L12/24 ,  H04L12/26 ,  G06F3/0484 ,  G06F9/54 ,  G06F3/0481 ,  G06F3/0482 ,  H04L29/08 ,  G06T11/20

Abstract: A service monitoring system executing on one or more processors may have operations that are determined by control information. Control over the operation of the service monitoring system can be exerted through the use of a graphical interface. The graphical interface may present the control information of a new or existing correlation search definition for user interaction. The service monitoring system may maintain a data store of key performance indicator (KPI) data, where a KPI value in the data store is produced by a KPI-defining search query that derives the value from machine data associated with one or more entities that perform a monitored service. A correlation search definition of the service monitoring system determines how a search of the KPI data is conducted, how its data is evaluated to determine whether a triggering condition has been met, and, if so, determines what triggered action is to be initiated.