公开(公告)号：US20160103878A1

公开(公告)日：2016-04-14

申请号：US14815888

申请日：2015-07-31

Applicant: Splunk, Inc.

Inventor： Brent Boe ,  Brian Bingham ,  John Robert Coates ,  Tristan Antonio Fletcher

IPC: G06F17/30 ,  G06F9/54

CPC classification number: H04L43/16 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F17/30424 ,  G06F17/30463 ,  G06F17/30477 ,  G06F17/30554 ,  G06F17/3056 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30864 ,  G06F17/30867 ,  G06F17/30958 ,  G06F17/30964 ,  G06F17/30979 ,  G06F17/30991 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices create one or more entity definitions that each associate an entity with machine data pertaining to that entity and create a service definition for a service provided by one or more entities. The service definition includes an entity definition for each of the one or more entities. The one or more processing devices create one or more key performance indicators (KPIs). Each KPI is defined by a search query that produces a value derived from the machine data identified in one or more of the entity definitions included in the service definition. Each value is indicative of how the service is performing at a point in time or during a period of time.

Abstract translation: 一个或多个处理设备创建一个或多个实体定义，每个实体定义使实体与与该实体有关的机器数据关联，并为由一个或多个实体提供的服务创建服务定义。 服务定义包括一个或多个实体中的每一个的实体定义。 一个或多个处理设备创建一个或多个关键性能指标（KPI）。 每个KPI由搜索查询定义，该搜索查询产生从在服务定义中包括的一个或多个实体定义中标识的机器数据导出的值。 每个值都表示服务在某个时间点或某段时间内的表现。

公开(公告)号：US09146962B1

公开(公告)日：2015-09-29

申请号：US14611213

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Alok Anant Bhide ,  Sonal Maheshwari

IPC: G06F15/16 ,  G06F17/30 ,  G06F9/54 ,  H04L12/24 ,  G06F12/00

CPC classification number: G06F17/30321 ,  G06F3/0484 ,  G06F9/542 ,  G06F17/30126 ,  G06F17/30353 ,  G06F17/30424 ,  H04L41/0213 ,  H04L41/22 ,  H04L41/5012 ,  H04L41/5032 ,  H04L41/5045

Abstract: A computer system determines if events in a machine data store satisfy event selection criteria, the event selection criteria including a first field-value pair. To determine if one of the events satisfies the event selection criteria, the computer system compares the first field-value pair of the event selection criteria with a second field-value pair from an entity definition associated with the event by using a third field-value pair from data corresponding to the event in the machine data store.

Abstract translation: 计算机系统确定机器数据存储器中的事件是否满足事件选择标准，事件选择标准包括第一字段值对。 为了确定事件中的一个是否满足事件选择标准，计算机系统通过使用第三字段值将事件选择标准的第一字段值对与来自与事件相关联的实体定义的第二字段值对进行比较 从与机器数据存储中的事件相对应的数据对。

公开(公告)号：US10521409B2

公开(公告)日：2019-12-31

申请号：US15663747

申请日：2017-07-29

Applicant: Splunk Inc.

Inventor： Leonid Alekseyev ,  Brent Boe ,  Clint Sharp

IPC: H04L12/24 ,  G06F16/22 ,  G06F9/54 ,  G06F16/16 ,  G06F16/245 ,  G06F16/23 ,  G06F3/0484

Abstract: A computer system exposes an interface for the specification of filter criteria. The filter criteria may identify control information of a service monitoring system (SMS) that defines entities in an IT environment monitored by the SMS. An association of identified entities with a monitored service may be made to direct the ongoing operation of the SMS toward the service.

公开(公告)号：US20180041402A1

公开(公告)日：2018-02-08

申请号：US15693172

申请日：2017-08-31

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Brian Bingham ,  John Robert Coates ,  Tristan Antonio Fletcher

IPC: H04L12/24 ,  G06F3/0481 ,  G06F3/0482 ,  G06F17/30 ,  G06F9/54 ,  G06F3/0484 ,  H04L12/26 ,  G06Q10/06

CPC classification number: G06F16/903 ,  G06F3/0481 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F11/321 ,  G06F11/34 ,  G06F16/24542 ,  G06F16/2455 ,  G06F16/248 ,  G06F16/252 ,  G06F16/26 ,  G06F16/334 ,  G06F16/9024 ,  G06F16/90335 ,  G06F16/9038 ,  G06F16/951 ,  G06F16/9535 ,  G06F17/30424 ,  G06Q10/0637 ,  G06Q10/0639 ,  G06Q10/06393 ,  G06T11/206 ,  G06T2200/24 ,  H04L29/08072 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L41/5035 ,  H04L41/5038 ,  H04L43/04 ,  H04L43/045 ,  H04L43/16 ,  H04L67/10 ,  H04L67/16

Abstract: One or more processing devices create one or more entity definitions that each associate an entity with machine data pertaining to that entity and create a service definition for a service provided by one or more entities. The service definition includes an entity definition for each of the one or more entities. The one or more processing devices create one or more key performance indicators (KPIs). Each KPI is defined by a search query that produces a value derived from the machine data identified in one or more of the entity definitions included in the service definition. Each value is indicative of how the service is performing at a point in time or during a period of time.

公开(公告)号：US20170322985A1

公开(公告)日：2017-11-09

申请号：US15662206

申请日：2017-07-27

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Alan Hardin ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F17/30 ,  H04L12/26 ,  H04L12/24

CPC classification number: G06F16/248 ,  G06F16/242 ,  G06F16/9535 ,  H04L41/0213 ,  H04L41/0813 ,  H04L41/22 ,  H04L41/5032 ,  H04L43/045 ,  H04L43/16

Abstract: A processing device performs a search query to produce a search result set having entries having data items. A table, having rows and columns, is displayed in a user interface. Each data item of a particular entry appears in a respective column of the same row of the table. Each column may correspond to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each data item of the particular entry an element value of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared.

公开(公告)号：US09838280B2

公开(公告)日：2017-12-05

申请号：US14815942

申请日：2015-07-31

Applicant: Splunk, Inc.

Inventor： Brent Boe ,  Alan Hardin ,  Brian C. Reyes ,  Fang I. Hsiao

IPC: G06F15/16 ,  H04L12/26 ,  G06F17/30 ,  H04L29/08 ,  H04L29/06 ,  G06F12/00 ,  H04L12/24

CPC classification number: H04L43/045 ,  G06F17/30315 ,  G06F17/30339 ,  G06F17/30386 ,  G06F17/30604 ,  H04L29/08072 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5045 ,  H04L41/5083 ,  H04L43/08 ,  H04L43/0817 ,  H04L63/0227

Abstract: Processing devices receive a file having entries having data items separated by delimiters. Each data item has an ordinal position. The processing device(s) cause display of a table, having rows and columns, in a graphical user interface. Each data items of a particular entry appears in a respective column of the same row. Each column corresponds to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each of the data items of the particular entry a value of an element of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared.

公开(公告)号：US09753961B2

公开(公告)日：2017-09-05

申请号：US14866970

申请日：2015-09-27

Applicant: Splunk, Inc.

Inventor： Brent Boe ,  Alok Anant Bhide ,  Sonal Maheshwari

IPC: G06F15/173 ,  G06F17/30 ,  G06F9/54 ,  H04L12/24 ,  G06F3/0484 ,  G06F12/00

CPC classification number: G06F17/30321 ,  G06F3/0484 ,  G06F9/542 ,  G06F17/30126 ,  G06F17/30353 ,  G06F17/30424 ,  H04L41/0213 ,  H04L41/22 ,  H04L41/5012 ,  H04L41/5032 ,  H04L41/5045

Abstract: A computer system determines if events in a machine data store satisfy event selection criteria. The events may pertain to a service entity represented by a stored entity definition. The entity definition may include information to identify the events from the machine data. Other informational fields in the entity definition may be effectively attributed to the identified events and take part in satisfying the event selection criteria.

公开(公告)号：US20160103862A1

公开(公告)日：2016-04-14

申请号：US14866970

申请日：2015-09-27

Applicant: Splunk, Inc.

Inventor： Brent Boe ,  Alok Anant Bhide ,  Sonal Maheshwari

IPC: G06F17/30 ,  G06F3/0484

CPC classification number: G06F17/30321 ,  G06F3/0484 ,  G06F9/542 ,  G06F17/30126 ,  G06F17/30353 ,  G06F17/30424 ,  H04L41/0213 ,  H04L41/22 ,  H04L41/5012 ,  H04L41/5032 ,  H04L41/5045

Abstract: A computer system determines if events in a machine data store satisfy event selection criteria. The events may pertain to a service entity represented by a stored entity definition. The entity definition may include information to identify the events from the machine data. Other informational fields in the entity definition may be effectively attributed to the identified events and take part in satisfying the event selection criteria.

Abstract translation: 计算机系统确定机器数据存储器中的事件是否满足事件选择标准。 事件可能涉及由存储的实体定义表示的服务实体。 实体定义可以包括用于从机器数据识别事件的信息。 实体定义中的其他信息字段可以有效地归因于所识别的事件并且参与满足事件选择标准。

公开(公告)号：US09146954B1

公开(公告)日：2015-09-29

申请号：US14611195

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Alan Hardin ,  Fang I. Hsiao ,  Brian C. Reyes

IPC: G06F15/16 ,  G06F17/30 ,  G06F12/00

CPC classification number: G06F17/30554 ,  G06F17/30389 ,  G06F17/30867 ,  H04L41/0213 ,  H04L41/0813 ,  H04L41/22 ,  H04L41/5032 ,  H04L43/045 ,  H04L43/16

Abstract: A processing device performs a search query to produce a search result set having entries having data items. Each data item has an ordinal position. A table, having rows and columns, is displayed in a graphical user interface. Each data item of a particular entry appears in a respective column of the same row of the table. Each column corresponds to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each data item of the particular entry an element value of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared.

Abstract translation: 处理装置执行搜索查询以产生具有具有数据项的条目的搜索结果集。 每个数据项都有一个序数位置。 具有行和列的表格显示在图形用户界面中。 特定条目的每个数据项出现在表的同一行的相应列中。 每列对应于其相应数据项的序数位置。 接收到用户输入，为每个相应列指定相应列所属的字段名称和实体定义组件类型，并且为特定条目的每个数据项存储实体定义的元素值。 元素具有为数据项出现的相应列指定的元素名称，并且与具有指定数据项出现的相应列的类型的实体定义组件相关联。

公开(公告)号：US11868404B1

公开(公告)日：2024-01-09

申请号：US17121692

申请日：2020-12-14

Applicant: Splunk Inc.

Inventor： Brent Boe ,  Brian Bingham ,  John Robert Coates ,  Tristan Antonio Fletcher

IPC: G06F15/173 ,  G06F16/903 ,  G06Q10/0639 ,  G06F16/26 ,  G06F16/248 ,  G06F16/25 ,  G06F16/33 ,  G06F16/951 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/2453 ,  H04L41/5009 ,  G06F11/34 ,  G06F11/32 ,  G06Q10/0637 ,  H04L41/0213 ,  H04L41/50 ,  H04L43/045 ,  G06F3/04842 ,  G06F9/54 ,  H04L67/10 ,  G06F3/04817 ,  G06F3/0482 ,  G06F3/0484 ,  H04L41/22 ,  G06F3/0481 ,  G06F3/04847 ,  H04L41/0806 ,  H04L43/04 ,  H04L43/16 ,  H04L43/55 ,  H04L43/091 ,  H04L67/51 ,  H04L69/329 ,  G06T11/20

CPC classification number: G06F16/903 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/0484 ,  G06F3/04817 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/542 ,  G06F11/321 ,  G06F11/34 ,  G06F16/248 ,  G06F16/2455 ,  G06F16/24542 ,  G06F16/252 ,  G06F16/26 ,  G06F16/334 ,  G06F16/9024 ,  G06F16/9038 ,  G06F16/90335 ,  G06F16/951 ,  G06F16/9535 ,  G06Q10/0637 ,  G06Q10/0639 ,  G06Q10/06393 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/22 ,  H04L41/5009 ,  H04L41/5032 ,  H04L43/04 ,  H04L43/045 ,  H04L43/091 ,  H04L43/16 ,  H04L43/55 ,  H04L67/10 ,  H04L67/51 ,  H04L69/329 ,  G06T11/206 ,  G06T2200/24

Abstract: One or more processing devices cause display of a user interface that identifies a service definition representing a service, receive input identifying an entity, where the service is performed at least in part by the entity, and store the service definition representing the service in association with an entity definition representing the entity. The entity definition comprises information identifying data pertaining to the entity in a datastore of machine data that reflects activity in an information technology environment produced by a plurality of components of the information technology environment. The one or more processing devices receive input pertaining to a search definition representing a search producing a measure of the service, and store the search definition representing the search, where the search produces the measure of the service using at least a portion of the data pertaining to the entity.