公开(公告)号：US10726030B2

公开(公告)日：2020-07-28

申请号：US14815954

申请日：2015-07-31

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Jacob Barton Leverich ,  Jeffrey Thomas Lloyd ,  Adam Jamison Oliner ,  Marc Vincent Robichaud ,  Jesse Miller

IPC: G06F16/248 ,  G06F11/30 ,  G06F11/34 ,  G06F16/242 ,  G06F16/245

Abstract: A facility for defining an event subtype using examples is described. The facility displays events identified among machine-generated data. The facility receives user input selecting a first subset of the events as examples of an event subtype. In response to receiving the user input, the facility displays a second subset of the events predicted to belong to the event subtype on the basis of the examples of the event subtype.

公开(公告)号：US10599308B2

公开(公告)日：2020-03-24

申请号：US16169815

申请日：2018-10-24

Applicant: SPLUNK INC.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F3/0484 ,  G06F3/0482 ,  G06F16/22 ,  G06F16/242 ,  G06F16/248 ,  G06F16/25 ,  G06F16/951 ,  G06F16/2455 ,  G06F17/24 ,  G06K9/20 ,  G06F9/451

Abstract: In embodiments of statistics time chart interface cell mode drill down, a first interface displays in a table format that includes columns each having a column heading comprising a different value, each different value associated with a particular event field, and includes one or more rows, each row having a time increment and aggregated metrics that each represent a number of events having a field-value pair that matches the different value represented in one of the columns and within the time increment over which the aggregated metric is calculated. A cell can be emphasized that includes one of the aggregated metrics in a row that includes the respective time increment, and in response, a menu displays options to transition to a second interface.

公开(公告)号：US20190250799A1

公开(公告)日：2019-08-15

申请号：US16397393

申请日：2019-04-29

Applicant: SPLUNK INC.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F3/0484 ,  G06F16/242 ,  G06F3/0482 ,  G06F16/2455 ,  G06F16/951 ,  G06F16/25 ,  G06F16/248 ,  G06F16/22 ,  G06K9/20 ,  G06F17/24

CPC classification number: G06F3/04842 ,  G06F3/0482 ,  G06F3/04847 ,  G06F9/451 ,  G06F16/221 ,  G06F16/242 ,  G06F16/2425 ,  G06F16/2455 ,  G06F16/248 ,  G06F16/252 ,  G06F16/951 ,  G06F17/246 ,  G06K9/2054

Abstract: In embodiments of field value search drill down, a search system exposes a search interface that displays one or more events returned as a search result set. A field-value pair can be emphasized in the field-value pairs of an event displayed in the search interface, and a menu is displayed with search options that are selectable to operate on the emphasized field-value pair of the event. The menu includes the search options to add search criteria of the emphasized field-value pair to a search command in a search bar of the search interface, exclude the search criteria of the emphasized field-value pair from a search, or create a new data search based on the emphasized field-value pair. A selection of one of the search options in the menu can be received, and the search command in the search bar is updated based on the search option that is selected.

公开(公告)号：US10372722B2

公开(公告)日：2019-08-06

申请号：US15885491

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： Divanny I. Lamas ,  Marc Vincent Robichaud ,  Carl Sterling Yestrau

IPC: G06F16/25 ,  G06F3/0484 ,  G06F3/0482 ,  G06F16/26 ,  G06F16/23 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/9038 ,  G06F3/0481

Abstract: An event limited field picker for a search user interface is described. In one or more implementations, a service may operate to collect and store data as events each of which includes a portion of the data correlated with a point in time. Clients may use a search user interface perform searches by input of search criteria. Responsive to receiving search criteria, the service may operate to apply a late binding schema to extract events that match the search criteria and provide search results for display via the search user interface. The search user interface exposes an event limited field picker operable to make selections of fields with respect to individual events in a view of the search results. In response to receiving an indication of a fields selected via the picker, visibility of selected fields may be updated to control which field and values are included in different views.

公开(公告)号：US10169405B2

公开(公告)日：2019-01-01

申请号：US15421415

申请日：2017-01-31

Applicant: Splunk Inc.

Inventor： Alice Emily Neels ,  Archana Sulochana Ganapathi ,  Marc Vincent Robichaud ,  Stephen Phillip Sorkin ,  Steve Yu Zhang

IPC: G06F17/30 ,  G06F17/24 ,  G06F3/0482

Abstract: Embodiments include generating data models that may give semantic meaning for unstructured or structured data that may include data generated and/or received by search engines, including a time series engine. A method includes generating a data model for data stored in a repository. Generating the data model includes generating an initial query string, executing the initial query string on the data, generating an initial result set based on the initial query string being executed on the data, determining one or more candidate fields from one or results of the initial result set, generating a candidate data model based on the one or more candidate fields, iteratively modifying the candidate data model until the candidate data model models the data, and using the candidate data model as the data model.

公开(公告)号：US10139997B2

公开(公告)日：2018-11-27

申请号：US14526478

申请日：2014-10-28

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F3/0482 ,  G06F3/0484 ,  G06F9/451 ,  G06F17/30 ,  G06F17/24 ,  G06K9/20

Abstract: In embodiments of statistics time chart interface cell mode drill down, a first interface displays in a table format that includes columns each having a column heading comprising a different value, each different value associated with a particular event field, and includes one or more rows, each row having a time increment and aggregated metrics that each represent a number of events having a field-value pair that matches the different value represented in one of the columns and within the time increment over which the aggregated metric is calculated. A cell can be emphasized that includes one of the aggregated metrics in a row that includes the respective time increment, and in response, a menu displays options to transition to a second interface.

公开(公告)号：US10013454B2

公开(公告)日：2018-07-03

申请号：US14611026

申请日：2015-01-30

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud ,  Cory Eugene Burke ,  Jeffrey Thomas Lloyd

IPC: G06F17/30 ,  G06F3/0482 ,  G06F3/0484

CPC classification number: G06F16/2428 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847

Abstract: A search interface is displayed in a table format that includes one or more columns, each column including data items of an event attribute, the data items being of a set of events, and a plurality of rows forming cells with the one or more columns, each cell displaying a textual representation of at least one of the data items of the event attribute of a corresponding column. Based on a user selecting a portion of the textual representation in a corresponding cell, a list of options is displayed that corresponds to the selected portion of the textual representation. Furthermore, one or more commands are added to a search query that corresponds to the set of events, the one or more commands being based on at least an option that is selected from the list of options and the selected portion of the textual representation in the corresponding cell.

公开(公告)号：US20180157704A1

公开(公告)日：2018-06-07

申请号：US15885546

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： Marc Vincent Robichaud

IPC: G06F17/30

CPC classification number: G06F16/24532 ,  G06F16/242

Abstract: A dependency is created between a first search query and a second search query. The first search query defines a first data processing pipeline and the second search query defines a second data processing pipeline that extends the first data processing pipeline. A modification is detected to the first data processing pipeline defined by the first search query. Based on the modification to the first data processing pipeline being detected, the dependency is enforced such that the second data processing pipeline is modified to extend the modified first data processing pipeline. The modification to the first data processing pipeline can include a first set of pipelined commands corresponding to the first search query being modified, and the dependency can be enforced by causing a second set of pipelined commands corresponding to the second search query to be modified to include the modified first set of pipelined commands.

公开(公告)号：US09922084B2

公开(公告)日：2018-03-20

申请号：US14610710

申请日：2015-01-30

Applicant: SPLUNK, INC.

Inventor： Marc Vincent Robichaud

IPC: G06F17/30

CPC classification number: G06F17/30448 ,  G06F17/30064 ,  G06F17/30377 ,  G06F17/30551 ,  G06F17/30616 ,  G06F17/30625 ,  G06F17/30696 ,  G06F17/3087

Abstract: A request is received to display at least a portion of a first events set and at least a portion of a second events set in an interleaved and visually distinct display format, where, in the interleaved and visually distinct display format, the at least a portion of the first events set is displayed in a visually distinct manner from the at least a portion of the second events set, and data from the at least a portion of the first events set is interleaved with data from the at least a portion of the second events set. In response to receiving the request, display is caused, on a user interface, of the at least a portion of the first events set and the at least a portion of the second events set in the interleaved and visually distinct display format.

公开(公告)号：US09921730B2

公开(公告)日：2018-03-20

申请号：US14526454

申请日：2014-10-28

Applicant: Splunk Inc.

Inventor： Cory Eugene Burke ,  Katherine Kyle Feeney ,  Divanny I. Lamas ,  Marc Vincent Robichaud ,  Matthew G. Ness ,  Clara E. Lee

IPC: G06F17/30 ,  G06F3/0484 ,  G06F3/0482 ,  G06F17/24 ,  G06K9/20

CPC classification number: G06F3/04842 ,  G06F3/0482 ,  G06F3/04847 ,  G06F9/451 ,  G06F17/246 ,  G06F17/30315 ,  G06F17/30389 ,  G06F17/30395 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30864 ,  G06K9/2054

Abstract: In embodiments of statistics time chart interface row mode drill down, a first interface is displayed in a table format that includes columns each having a column heading comprising a different value, each different value associated with a particular event field, and includes rows each with a time increment and one or more aggregated metrics, each aggregated metric representing a number of events having a field-value pair that matches the different value represented in one of the columns and within the time increment over which the aggregated metric is calculated. A row that includes the time increment and the aggregated metrics can be emphasized in the first interface, and in response, a menu is displayed with selectable options to transition to a second interface based on a selected one of the options.