公开(公告)号：US11514278B2

公开(公告)日：2022-11-29

申请号：US17029365

申请日：2020-09-23

Applicant: SPLUNK INC.

Inventor： Manish Sainani ,  Sergey Slepian ,  Di Lu ,  Adam Oliner ,  Jacob Leverich ,  Iryna Vogler-Ivashchanka ,  Iman Makaremi

IPC: G06F7/00 ,  G06K9/62 ,  G06N20/00 ,  G06F16/2458 ,  G06N5/02 ,  G06V10/94 ,  G06V40/12 ,  G06F9/455

Abstract: Embodiments of the present invention are directed to facilitating data preprocessing for machine learning. In accordance with aspects of the present disclosure, a training set of data is accessed. A preprocessing query specifying a set of preprocessing parameter values that indicate a manner in which to preprocess the training set of data is received. Based on the preprocessing query, a preprocessing operation is performed to preprocess the training set of data in accordance with the set of preprocessing parameter values to obtain a set of preprocessed data. The set of preprocessed data can be provided for presentation as a preview. Based on an acceptance of the set of preprocessed data, the set of preprocessed data is used to train a machine learning model that can be subsequently used to predict data.

公开(公告)号：US20210149912A1

公开(公告)日：2021-05-20

申请号：US17158880

申请日：2021-01-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US10956834B2

公开(公告)日：2021-03-23

申请号：US16707845

申请日：2019-12-09

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Sergey Slepian ,  Iman Makaremi ,  Adam Jamison Oliner ,  Jacob Leverich ,  Di Lu

IPC: G06N20/00 ,  H04L12/24 ,  G06N5/02

Abstract: Disclosed herein is a computer-implemented tool that facilitates data analysis by use of machine learning (ML) techniques. The tool cooperates with a data intake and query system and provides a graphical user interface (GUI) that enables a user to train and apply a variety of different ML models on user-selected datasets of stored machine data. The tool can provide active guidance to the user, to help the user choose data analysis paths that are likely to produce useful results and to avoid data analysis paths that are less likely to produce useful results.

公开(公告)号：US20180089561A1

公开(公告)日：2018-03-29

申请号：US15420754

申请日：2017-01-31

Applicant: SPLUNK INC.

Inventor： Adam Jamison Oliner ,  Nghi Huu Nguyen ,  Jacob Leverich ,  Zidong Yang

IPC: G06N3/08 ,  G06F17/30

Abstract: Systems and methods include obtaining a set of events, each event in the set of events comprising a time-stamped portion of raw machine data, the raw machine data produced by one or more components within an information technology or security environment and reflects activity within the information technology or security environment. Thereafter, a first neural network is used to automatically identify variable text to extract as a field from the set of events. An indication of the variable text is provided as a field extraction recommendation, for example, to a user device for presentation to a user.

公开(公告)号：US11657065B2

公开(公告)日：2023-05-23

申请号：US17158880

申请日：2021-01-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F16/26

CPC classification number: G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US11632383B2

公开(公告)日：2023-04-18

申请号：US17075928

申请日：2020-10-21

Applicant: SPLUNK INC.

Inventor： Adam Jamison Oliner ,  Jonathan La ,  Colleen Kinross ,  Hongyang Zhang ,  Jacob Leverich ,  Shang Cai ,  Mihai Ganea ,  Alex Cruise ,  Toufic Boubez ,  Manish Sainani

IPC: G06F21/00 ,  H04L9/40 ,  G06N3/08 ,  G06N5/00 ,  G06N3/04

Abstract: In some implementations, sequences of time series values determined from machine data are obtained. Each sequence corresponds to a respective time series. A plurality of predictive models is generated for a first time series from the sequences of time series values. Each predictive model is to generate predicted values associated with the first time series using values of a second time series. For each of the plurality of predictive models, an error is determined between the corresponding predicted values and values associated with the first time series. A predictive model is selected for anomaly detection based on the determined error of the predictive model. Transmission is caused of an indication of an anomaly detected using the selected predictive model.

公开(公告)号：US10685279B2

公开(公告)日：2020-06-16

申请号：US15420754

申请日：2017-01-31

Applicant: SPLUNK INC.

Inventor： Adam Jamison Oliner ,  Nghi Huu Nguyen ,  Jacob Leverich ,  Zidong Yang

IPC: G06F17/00 ,  G06N3/04 ,  G06F16/26 ,  G06F16/25

Abstract: Systems and methods include obtaining a set of events, each event in the set of events comprising a time-stamped portion of raw machine data, the raw machine data produced by one or more components within an information technology or security environment and reflects activity within the information technology or security environment. Thereafter, a first neural network is used to automatically identify variable text to extract as a field from the set of events. An indication of the variable text is provided as a field extraction recommendation, for example, to a user device for presentation to a user.

公开(公告)号：US10572811B2

公开(公告)日：2020-02-25

申请号：US14609135

申请日：2015-01-29

Applicant: SPLUNK INC.

Inventor： Nghi Nguyen ,  Jacob Leverich ,  Adam Oliner

IPC: G06N7/00

Abstract: Methods and systems for determining event probabilities and anomalous events are provided. In one implementation, a method includes: receiving source data, where the source data is configured as a plurality of events with associated timestamps; searching the source data, where the searching provides a search result including N events from the plurality of events, where N is an integer greater than one, where each event of the N events includes a plurality of field values, where at least one event of the N events can include one or more categorical field values and one or more numerical field values; and for an event of the N events, determining a probability of occurrence for each field value of the plurality of field values; and using probabilities determined for the plurality of field values, determining a probability of occurrence for the event.

公开(公告)号：US20180089303A1

公开(公告)日：2018-03-29

申请号：US15276693

申请日：2016-09-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F17/30

CPC classification number: G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US11960575B1

公开(公告)日：2024-04-16

申请号：US17975122

申请日：2022-10-27

Applicant: Splunk Inc.

Inventor： Manish Sainani ,  Sergey Slepian ,  Di Lu ,  Adam Oliner ,  Jacob Leverich ,  Iryna Vogler-Ivashchanka ,  Iman Makaremi

IPC: G06F7/00 ,  G06F16/2458 ,  G06F18/21 ,  G06F18/25 ,  G06F18/40 ,  G06N5/025 ,  G06N20/00 ,  G06V10/94 ,  G06V40/12 ,  G06F9/455

CPC classification number: G06F18/251 ,  G06F16/2465 ,  G06F18/217 ,  G06F18/40 ,  G06N5/025 ,  G06N20/00 ,  G06V10/95 ,  G06V40/1347 ,  G06F9/455 ,  G06F2216/03

Abstract: Embodiments of the present invention are directed to facilitating data preprocessing for machine learning. In accordance with aspects of the present disclosure, a training set of data is accessed. A preprocessing query specifying a set of preprocessing parameter values that indicate a manner in which to preprocess the training set of data is received. Based on the preprocessing query, a preprocessing operation is performed to preprocess the training set of data in accordance with the set of preprocessing parameter values to obtain a set of preprocessed data. The set of preprocessed data can be provided for presentation as a preview. Based on an acceptance of the set of preprocessed data, the set of preprocessed data is used to train a machine learning model that can be subsequently used to predict data.