公开(公告)号：US12086045B1

公开(公告)日：2024-09-10

申请号：US17589833

申请日：2022-01-31

Applicant: Splunk, Inc.

Inventor： William Deaderick ,  William Stanton ,  Thomas Camp Vieth

IPC: G06F11/00 ,  G06F11/30 ,  G06F16/242 ,  G06F16/2458 ,  G06F18/21

CPC classification number: G06F11/3075 ,  G06F16/244 ,  G06F16/2477 ,  G06F18/2178

Abstract: A computerized method is disclosed for grouping alerts through machine learning. The method including receiving an alert to be assigned to any of a plurality of existing issues or to a newly created issue, wherein an issue is a grouping of alerts, determining a temporal distance between the alert and each of the existing issues, determining either of (i) a numerical distance between the alert and each of the existing issues for a particular numerical field, or (ii) a categorical distance between the alert and each of the existing issues for a particular categorical field, determining an overall distance between the alert and each of the existing issues, and assigning the alert to either (i) an existing issue having a shortest overall distance to the alert that satisfies one or more time constraints, or (ii) the newly created issue.

公开(公告)号：US12079304B1

公开(公告)日：2024-09-03

申请号：US17246228

申请日：2021-04-30

Applicant: SPLUNK INC.

Inventor： Abhinav Mishra ,  Ram Sriharsha ,  Sichen Zhong

IPC: G06F18/10 ,  G06F18/214 ,  G06Q10/04

CPC classification number: G06F18/10 ,  G06F18/214 ,  G06Q10/04

Abstract: Embodiments of the present disclosure are directed to facilitating performing online data forecasting. In operation, data decomposition of an incoming data point is performed to determine a trend component associated with the incoming data point. Such a trend component, and previous trend components, can be used to determine a trend component expected for a data point subsequent to the incoming data point. A seasonality component expected for the data point subsequent to the incoming data point can be identified, for example, based on a seasonality component associated with a previous corresponding data point. Thereafter, the expected trend and seasonality components can be used to predict the data point subsequent to the incoming data point. Such a data prediction can be performed in an online processing manner such that a subsequent data point is not used to decompose the incoming data point or forecast the data point.

公开(公告)号：US12072859B1

公开(公告)日：2024-08-27

申请号：US18050016

申请日：2022-10-26

Applicant: Splunk Inc.

Inventor： Ryan O'Connor

IPC: G06F3/04847 ,  G06F16/22 ,  G06F16/2458

CPC classification number: G06F16/22 ,  G06F3/04847 ,  G06F16/2474

Abstract: A computer system displays a graphical user interface (GUI) that includes data visualizations corresponding to data having timestamps within a time interval. A first type of input signal is mapped to a second type of input signal. The first type of input signal is associated with an input device communicatively coupled to the computer system. The second type of input signal is configured to operate a graphical user control of the GUI. Before mapping, the first type of input signal is configured to perform a function that is different from operation of the graphical user control. After receiving an input signal of the first type, an input signal of the second type is applied to the graphical user control based on the mapping. The time interval is adjusted, and the data visualizations are updated automatically to correspond to updated data having timestamps within the adjusted time interval.

公开(公告)号：US12067007B1

公开(公告)日：2024-08-20

申请号：US17874024

申请日：2022-07-26

Applicant: SPLUNK Inc.

Inventor： Jesse Brandau Miller ,  Marc V. Robichaud ,  Cory Eugene Burke

IPC: G06F7/00 ,  G06F16/242 ,  G06F16/2455 ,  G06F16/248

CPC classification number: G06F16/2425 ,  G06F16/2428 ,  G06F16/2455 ,  G06F16/248

Abstract: A method includes causing display to a user of at least one event of a first result set from a first pipelined search on events at an event source. Each event comprises a time stamp and a portion of machine data. A selection of a command is received from the user. The selection is to extend the first pipelined search with the selected command in a second pipelined search. The system selects between the first result set and the event source for execution of the second pipelined search based on an analysis of the selected command and at least one command of the first pipelined search. Based on the selecting being of the first result set, display to the user is caused of at least one event of a second result set from the execution of the second pipelined search on the first result set.

公开(公告)号：US20240273003A1

公开(公告)日：2024-08-15

申请号：US18605682

申请日：2024-03-14

Applicant: Splunk Inc.

Inventor： Ioannis Vlachogiannis ,  Vasileios Karampinas

IPC: G06F11/34 ,  G06F8/77 ,  G06F9/54 ,  G06F11/07 ,  G06F11/30

CPC classification number: G06F11/3495 ,  G06F9/542 ,  G06F11/0709 ,  G06F11/0715 ,  G06F11/0742 ,  G06F11/0775 ,  G06F11/3003 ,  G06F11/3013 ,  G06F11/302 ,  G06F11/3082 ,  G06F11/34 ,  G06F11/3409 ,  G06F11/3466 ,  G06F8/77 ,  G06F11/3093 ,  G06F11/3476 ,  G06F2201/86 ,  G06F2201/865 ,  G06F2201/88

Abstract: A quality score for a computer application release is determined using a first number of unique users who have launched the computer application release on user devices and a second number of unique users who have encountered at least once an abnormal termination with the computer application release on user devices. Additionally or optionally, an application quality score can be computed for a computer application based on quality scores of computer application releases that represent different versions of the computer application. Additionally or optionally, a weighted application quality score can be computed for a computer application by further taking into consideration the average application quality score and popularity of a plurality of computer applications.

公开(公告)号：US12061691B2

公开(公告)日：2024-08-13

申请号：US17515328

申请日：2021-10-29

Applicant: Splunk Inc.

Inventor： James Apger ,  Allison Lindsey Drake ,  James Irwin Ebeling ,  Orville Esoy ,  Bhooshan Kulkarni ,  Marquis L. Montgomery ,  Daniel Trenkner

IPC: G06F21/55 ,  G06F3/0482 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F3/0482 ,  G06F21/577 ,  G06F2221/2101

Abstract: A graphical user interface (GUI) for presentation of network security risk and threat information is disclosed. A listing is generated of incidents identified by use of event data obtained from a networked computing environment. A particular incident is determined to be associated with a risk object, wherein a risk object is a component of the networked computing environment. The listing is populated with a name associated with the risk object. Risk events associated with the incident are determined, wherein each risk event contributes to a risk score for the incident. The risk score indicates a potential security issue associated with the risk object. The listing is populated with the risk score and a summary of the events. An action is associated with the listing, for triggering display of additional information associated with the risk object. The listing can be displayed in a first display screen of the GUI.

公开(公告)号：US12061533B1

公开(公告)日：2024-08-13

申请号：US17877725

申请日：2022-07-29

Applicant: Splunk Inc.

Inventor： Amritpal Singh Bath ,  Samat Jain ,  Felix Jiang ,  Shanmugam Kailasam ,  Jibang Liu ,  Isabelle Park ,  Vishal Patel ,  Divya Vijayan ,  Jiahan Wang ,  Tingjin Xu

IPC: G06F11/34 ,  G06F3/06

CPC classification number: G06F11/3476 ,  G06F3/0619 ,  G06F2201/81

Abstract: Ingest health monitoring includes receiving an event stream of events in a data intake and query system to store on at least one storage system and obtaining an event from the event stream. Ingest health monitoring further includes transmitting the event to a selected ingest module queue for the event, updating an output rate indicator counter for the selected ingest module queue when failure to store the event in the ingest module queue occurs, obtaining the event from the selected ingest module queue, processing the event to generate a file for the event, and transmitting the file to the at least one storage system. Ingest health monitoring further includes updating the write failure indicator counter for a storage system of the at least one storage system when failure to transmit to the storage system occurs and updating the user interface based on the output rate indicator counter and the write failure indicator counter.

公开(公告)号：US20240256545A1

公开(公告)日：2024-08-01

申请号：US18309596

申请日：2023-04-28

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Vinayak Bhakta ,  Ganesh Jothikumar ,  Bei Li ,  Jengie Shau

IPC: G06F16/2453 ,  G06F16/22 ,  G06F16/23 ,  G06F16/242

CPC classification number: G06F16/24549 ,  G06F16/2228 ,  G06F16/2358 ,  G06F16/2433 ,  G06F16/24542

Abstract: Systems and methods are disclosed for receiving, at query coordinator, a search query. The query coordinator parses the search query and generates tasks for different runtime systems. The query coordinator configures an interface enabling inter system communication between the runtime systems. The generated tasks are distributed to the runtime systems and partial results of a runtime system are communicated to the interface. The query coordinator retrieves the partial results from the interface, finalizes the partial results, and sends finalized results them to the requestor of the search query.

公开(公告)号：US12050597B2

公开(公告)日：2024-07-30

申请号：US18078876

申请日：2022-12-09

Applicant: Splunk Inc.

Inventor： Amin Moshgabadi ,  Baibhav Gautam ,  Hema Krishnamurthy Mohan ,  Joshua Vertes

IPC: G06F16/00 ,  A61K39/245 ,  C12N7/00 ,  C12N9/10 ,  C12N9/12 ,  C12N9/16 ,  G06F3/0482 ,  G06F16/242 ,  G06F16/245 ,  G06F16/25 ,  A61K39/00

CPC classification number: G06F16/2428 ,  A61K39/245 ,  C12N7/00 ,  C12N9/1007 ,  C12N9/1241 ,  C12N9/16 ,  C12Y201/01056 ,  C12Y207/0705 ,  C12Y301/03033 ,  G06F3/0482 ,  G06F16/245 ,  G06F16/252 ,  A61K2039/53 ,  C07K2319/21 ,  C12N2710/16134

Abstract: An improved data intake and query system that can perform and display ingest-time and search-time field extraction, redaction, copy, and/or categorization is described herein. As described herein, ingest-time field extraction, redaction, copy, and/or categorization may refer to field or field value extraction, redaction, copy, and/or categorization that is performed by a log observer system of the data intake and query system on raw machine data as the raw machine data is ingested or received from a publisher. As described herein, search-time field extraction, redaction, copy, and/or categorization may refer to field or field value extraction, redaction, copy, and/or categorization that is performed by the log observer system and/or other components of the improved data intake and query system on historical raw machine data that has already been ingested and indexed by the improved data intake and query system.

公开(公告)号：US12050507B1

公开(公告)日：2024-07-30

申请号：US17582995

申请日：2022-01-24

Applicant: Splunk, Inc.

Inventor： Abraham Starosta ,  Francis Beckert ,  Chandrima Sarkar

IPC: G06F11/07 ,  G06F16/2455 ,  G06F16/2458

CPC classification number: G06F11/0781 ,  G06F16/24561 ,  G06F16/2471

Abstract: A computerized method is disclosed for automated handling of data ingestion anomalies. The method features training a data model based on a first volume of data associated with a first time period. Thereafter, using the data model, a predictive analysis is conducted on a second volume of data associated with a second time period subsequent to the first time period to produce a predicted data ingestion volume. After, a correlative analysis between the predicted data ingestion volume and an actual data ingestion volume during the second time period is conducted to produce a prediction error. A notification is generated based on the prediction error.