公开(公告)号：US11741160B1

公开(公告)日：2023-08-29

申请号：US17861659

申请日：2022-07-11

Applicant: Splunk Inc.

Inventor： Alok Anant Bhide ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian Reyes

IPC: G06F16/26 ,  G06F16/903 ,  G06Q10/0639 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L41/5009 ,  G06F11/34 ,  G06F11/32 ,  G06Q10/0637 ,  H04L43/55 ,  H04L43/091 ,  H04L67/51 ,  H04L69/329 ,  H04L41/0213 ,  H04L41/50 ,  H04L43/045 ,  G06F3/04842 ,  G06F9/54 ,  H04L67/10 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  H04L41/22 ,  G06F3/0481 ,  G06F3/04847 ,  H04L41/0806 ,  H04L43/04 ,  H04L43/16 ,  G06T11/20

CPC classification number: G06F16/903 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04817 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F11/321 ,  G06F11/34 ,  G06F16/248 ,  G06F16/2455 ,  G06F16/24542 ,  G06F16/252 ,  G06F16/26 ,  G06F16/334 ,  G06F16/9024 ,  G06F16/9038 ,  G06F16/90335 ,  G06F16/951 ,  G06F16/9535 ,  G06Q10/0637 ,  G06Q10/0639 ,  G06Q10/06393 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L43/045 ,  H04L43/091 ,  H04L43/16 ,  H04L43/55 ,  H04L67/10 ,  H04L67/51 ,  H04L69/329 ,  G06T11/206 ,  G06T2200/24

Abstract: An example method of determining a state of a key performance indicator (KPI) comprises: receiving one or more entity definitions, wherein each entity definition associates an entity with machine data pertaining to the entity; receiving a service definition for a service provided by one or more entities, the service definition including a reference to a corresponding entity definition of the entity definitions, wherein the service definition includes a respective reference for each of the one or more entities; receiving definitions of one or more KPIs, each KPI defined by a respective search query that produces a value derived from particular machine data, wherein the particular machine data is identified by the service definition, wherein each value is indicative of performance of the service at a point in time or during a period of time; deriving, by performing on the machine data a search query associated with the KPI, one or more KPI values for the KPI; selecting, among a plurality of states of the KPI, a state satisfying a condition applied to the one or more KPI values; and causing display of a visual indicator of the state of the KPI.

公开(公告)号：US20230102389A1

公开(公告)日：2023-03-30

申请号：US17954320

申请日：2022-09-27

Applicant: Splunk Inc.

Inventor： Anupadmaja Raghavan ,  George Daloukov ,  Alok Anant Bhide ,  Ross Andrew Lazerowitz ,  Tristan Antonio Fletcher ,  Alan Vincent Hardin

IPC: G06Q10/06 ,  G06Q10/00 ,  H04L41/5009 ,  H04L41/5006

Abstract: An automatic service monitor in an information technology environment has its operation controlled by information that, in part, defines entities that perform services and defines key performance indicators (KPIs) that indicate measures of performance of the services. Additional information controls the operation of the service monitor with respect to identifying and adapting for KPIs based on the non-normal data caused by maintenance work or other causes. Such adaptation may include changes in how reported information appears to the user.

公开(公告)号：US10915579B1

公开(公告)日：2021-02-09

申请号：US16403550

申请日：2019-05-05

Applicant: Splunk Inc.

Inventor： Alok Anant Bhide ,  Brian John Bingham ,  Tristan Antonio Fletcher ,  Brian C. Reyes

IPC: A63F13/358 ,  G06F16/903 ,  H04L12/24 ,  G06F16/9535 ,  G06F16/9038 ,  G06F16/901 ,  G06F16/2455 ,  G06F16/951 ,  G06F16/33 ,  G06F16/25 ,  G06F16/248 ,  G06F16/26 ,  G06Q10/06 ,  H04L12/26 ,  G06F11/32 ,  G06F16/2453 ,  G06F9/54 ,  H04L29/08 ,  G06F11/34 ,  G06F3/0484 ,  G06F3/0482 ,  G06F3/0481 ,  G06T11/20

Abstract: One or more processing devices access a service definition for a service provided by one or more entities that each produce machine data or about which machine data is generated. The service definition identifies the entities that provide the service and, for each entity, definitional information includes information for identifying machine data pertaining to that entity. The processing devices access a key performance indicator (KPI) for the service that is defined by a search query that produces a value derived from the machine data pertaining to the entities identified in the service definition. The value indicates how the service is performing at a point in time or during a period of time and indicates a state of the KPI. A graphical interface is displayed and an indication of at least one threshold, which defines an end of a range of values representing a state of the KPI, for the KPI is received.

公开(公告)号：US20190324946A1

公开(公告)日：2019-10-24

申请号：US16460395

申请日：2019-07-02

Applicant: SPLUNK INC.

Inventor： Brian Bingham ,  Tristan Fletcher ,  Alok Anant Bhide

IPC: G06F16/14 ,  G06F16/21 ,  G06F16/13 ,  G06F16/26 ,  G06F16/33 ,  G06F3/0488 ,  G06F11/32 ,  G06F9/455

Abstract: The disclosed system and method acquire and store performance measurements relating to performance of a component in an information technology (IT) environment and log data produced by the IT environment, in association with corresponding time stamps. The disclosed system and method correlate at least one of the performance measurements with at least one of the portions of log data.

公开(公告)号：US10346357B2

公开(公告)日：2019-07-09

申请号：US15421398

申请日：2017-01-31

Applicant: Splunk Inc.

Inventor： Brian Bingham ,  Tristan Fletcher ,  Alok Anant Bhide

IPC: G06F7/00 ,  G06F16/14 ,  G06F3/0488 ,  G06F16/13 ,  G06F16/33 ,  G06F16/21 ,  G06F9/455 ,  G06F11/32 ,  G06F16/26 ,  G06F11/34

Abstract: The disclosed system and method acquire and store performance measurements relating to performance of a component in an information technology (IT) environment and log data produced by the IT environment, in association with corresponding time stamps. The disclosed system and method correlate at least one of the performance measurements with at least one of the portions of log data.

公开(公告)号：US09491059B2

公开(公告)日：2016-11-08

申请号：US14800675

申请日：2015-07-15

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide ,  Clint Sharp

IPC: G06F15/16 ,  H04L12/24 ,  H04L29/08 ,  G06F3/0482 ,  G06F3/0484 ,  H04L12/26 ,  G06Q10/06

CPC classification number: H04L41/5032 ,  G06F3/0482 ,  G06F3/04842 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/12 ,  H04L41/22 ,  H04L41/5006 ,  H04L41/5009 ,  H04L43/04 ,  H04L43/045 ,  H04L43/16 ,  H04L67/16 ,  H04L67/2809

Abstract: Techniques are disclosed for providing a topology navigator that may enable a user to view performance information for multiple IT services associated with a user's IT environment. The topology navigator may include multiple display components for displaying information about the services. A first display component may display multiple services as a graph of interdependent service nodes and a second display component may display information about one or more of the service nodes. The topology navigator may enable a user to visually inspect the aggregate KPI (e.g., health score) of multiple services to identify dependent services that are of interest (e.g., low performance) and navigate through the services to identify dependent services that may adversely affect a service of interest to the user. In one example, the second display component may display key performance indicators (KPIs) associated with the dependent service and the user may select one or more of the KPIs to add them to another display component for further analysis.

Abstract translation: 公开了用于提供拓扑导航器的技术，其可以使得用户能够查看与用户的IT环境相关联的多个IT服务的性能信息。 拓扑导航器可以包括用于显示关于服务的信息的多个显示组件。 第一显示组件可以将多个服务显示为相互依赖的服务节点的图，并且第二显示组件可以显示关于一个或多个服务节点的信息。 拓扑导航器可以使用户能够目视地检查多个服务的聚合KPI（例如，健康评分）以识别感兴趣的依赖服务（例如，低性能），并且浏览服务以识别可能不利地影响 用户感兴趣的服务。 在一个示例中，第二显示组件可以显示与依赖服务相关联的关键性能指标（KPI），并且用户可以选择一个或多个KPI以将它们添加到另一显示组件以进一步分析。

公开(公告)号：US20160292611A1

公开(公告)日：2016-10-06

申请号：US15088093

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Brent Stephen Boe ,  Rochit Gupta ,  Rehan Mulla ,  Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06Q10/06 ,  H04L12/24

CPC classification number: G06Q10/06393 ,  H04L41/5009

Abstract: An automatic service monitor in an information technology environment has its operation controlled by information that, in part, define entities that perform services and define key performance indicators (KPIs) that indicate measures of performance of the services. KPIs are defined in terms of search queries applied against machine data by or about the entities that perform the services. The search query aspects of multiple KPI definitions may be tied to a shared base search. Implementation of the shared base search may permit improved performance of the service monitor and may permit a reduction in administrative burden.

Abstract translation: 信息技术环境中的自动服务监视器的操作受到信息的控制，该信息部分地定义了执行服务的实体，并且定义了指示服务性能测量的关键性能指标（KPI）。 KPI根据执行服务的实体的机器数据应用的搜索查询进行定义。 多个KPI定义的搜索查询方面可能与共享基础搜索相关联。 执行共享基础搜索可以允许改进服务监视器的性能，并且可以允许减少管理负担。

公开(公告)号：US20160104091A1

公开(公告)日：2016-04-14

申请号：US14700108

申请日：2015-04-29

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06Q10/06

CPC classification number: G06Q10/06393 ,  G06F3/04847 ,  H04L41/0681 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5045 ,  H04L41/5054 ,  H04L43/04

Abstract: A system, method, and graphical user interface (GUI) are disclosed for defining and applying time varying static thresholds. Time varying static thresholds may enable a user (e.g., IT manager) to define multiple sets of key performance indicator (KPI) thresholds that vary over time, for example, one set may apply during week-days and another set may apply on weekends. This may enable a user to have thresholds that take into account cyclical patterns of behavior (e.g., repeat every week). The KPI thresholds may be based on any unit of time, such as an hour of the day, days of the week, a month of the year (such as a holiday season). Each set may include KPI thresholds that specify values that when exceeded may initiate an alert or some other action.

Abstract translation: 公开了一种用于定义和应用时变静态阈值的系统，方法和图形用户界面（GUI）。 时变静态阈值可以使得用户（例如，IT管理者）可以定义随时间变化的多组关键性能指标（KPI）阈值，例如，一组可以在周日期间应用，另一组可能在周末应用。 这可以使得用户具有考虑周期性行为模式（例如每周重复）的阈值。 KPI阈值可以基于任何时间单位，例如一天中的一小时，一周中的几天，一年中的一个月（如假日季节）。 每个集合可以包括KPI阈值，其指定超出时可以发起警报或其他动作的值。

公开(公告)号：US20160104076A1

公开(公告)日：2016-04-14

申请号：US14859236

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Sonal Maheshwari ,  Manish Sainani ,  Leonid Alekseyev ,  Alan Hardin ,  Jacob Barton Leverich ,  Adam Jamison Oliner ,  Brian Reyes ,  Alok Anant Bhide

IPC: G06N99/00

CPC classification number: G06N99/005

Abstract: Techniques are disclosed for providing adaptive thresholding technology for Key Performance Indicators (KPIs). Adaptive thresholding technology may automatically assign new values or adjust existing values for one or more thresholds of one or more time policies. Assigning threshold values using adaptive thresholding may involve identifying training data (e.g., historical data, simulated data, or example data) for the time frames and analyzing the training data to identify variations within the data (e.g., patterns, distributions, trends). A threshold value may be determined based on the variations and may be assigned to one or more of the thresholds without additional user intervention.

Abstract translation: 公开了用于为关键性能指标（KPI）提供自适应阈值技术的技术。 自适应阈值技术可以自动分配新值或调整一个或多个时间策略的一个或多个阈值的现有值。 使用自适应阈值分配阈值可以涉及识别用于时间帧的训练数据（例如，历史数据，模拟数据或示例数据），并且分析训练数据以识别数据内的变化（例如，模式，分布，趋势）。 可以基于变化来确定阈值，并且可以将阈值分配给一个或多个阈值，而无需额外的用户干预。

公开(公告)号：US20160103887A1

公开(公告)日：2016-04-14

申请号：US14700110

申请日：2015-04-29

Applicant: Splunk Inc.

Inventor： Tristan Antonio Fletcher ,  Alok Anant Bhide

IPC: G06F17/30

CPC classification number: G06F17/30675 ,  G06F3/0482 ,  G06F3/04842 ,  G06F17/30964 ,  G06Q10/06393 ,  H04L29/08072 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L63/145

Abstract: A system, method and graphical user interface (GUI) for creating a new correlation search based on a set of displayed graph lanes. The graph lanes may provide graphical visualizations of key performance indicators (KPIs) associated with one or more services and may assist a user in identifying a situation (e.g., problem or a pattern of interest) in the performance of the services. A user may adjust (e.g., add graph lanes, zooming-in) the graph lanes in order to display the situation, at which point the user may submit a request to create a new correlation search to detect if the situation reoccurs. The system may generate the new correlation search by iterating through the set of graph lanes and analyzing the fluctuations of each KPI to determine triggering criteria. The system may then run the correlation search and generate a notable event or alarm when the situation reoccurs.

Abstract translation: 一种用于基于一组显示的图形通道创建新的相关搜索的系统，方法和图形用户界面（GUI）。 图形通道可以提供与一个或多个服务相关联的关键性能指标（KPI）的图形可视化，并且可以帮助用户识别服务执行中的情况（例如，问题或感兴趣的模式）。 用户可以调整（例如，添加图形通道，放大）图形通道以便显示情况，在该点，用户可以提交创建新的相关搜索的请求以检测情况是否再次出现。 系统可以通过迭代图形通道并分析每个KPI的波动来确定触发标准来生成新的相关搜索。 然后，系统可以运行相关搜索，并在情况复现时产生显着的事件或警报。