公开(公告)号：US12124441B1

公开(公告)日：2024-10-22

申请号：US18075970

申请日：2022-12-06

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Fang I. Hsiao ,  Arun Ramani

IPC: G06F16/24 ,  G06F3/04847 ,  G06F11/30 ,  G06F16/2452 ,  G06F16/2457 ,  G06Q10/0639 ,  G06Q10/10 ,  G06T11/20

CPC classification number: G06F16/24528 ,  G06F3/04847 ,  G06F11/30 ,  G06F16/24573 ,  G06Q10/06393 ,  G06Q10/10 ,  G06T11/206 ,  G06T2200/24

Abstract: An example method of utilizing shared search queries for defining multiple key performance indicators (KPIs) comprises: receiving input specifying one or more service definitions, each service definition of the one or more service definitions specifying an entity definition for an entity providing a service of one or more services executing in an information technology (IT) environment, wherein the IT environment is monitored by the service monitoring system, wherein the service monitoring system uses first machine data of a first entity specified by a first service definition of the one or more service definitions to monitor a first KPI for a first service of the one or more services, and wherein the service monitoring system uses second machine data of a second entity specified by a second service definition of the one or more service definitions to monitor a second KPI for a second service of the one or more services; determining that the first machine data and the second machine data include common machine data; defining, based on the first machine data and the second machine data including common machine data, a shared base search query for the first KPI and the second KPI; executing the shared based search query to generated shared base search query results for the first KPI and the second KPI; and generating, using results from executing the shared base search query, a first value for the first KPI and a second value for the second KPI.

公开(公告)号：US11768836B2

公开(公告)日：2023-09-26

申请号：US16582205

申请日：2019-09-25

Applicant: Splunk Inc.

Inventor： Arun Ramani ,  Anupadmaja Raghavan ,  Tristan Antonio Fletcher ,  Marc Chene

IPC: G06F15/16 ,  G06F16/2457 ,  G06Q10/00

CPC classification number: G06F16/24573 ,  G06Q10/00

Abstract: A service monitoring system (SMS) produces key performance indicator (KPI) scores that indicate the performance of a service. To produce the KPI scores, the SMS may process the data for a large number of machine entities that perform the service. This data can be processed on a per-entity basis to produce a per-entity KPI score representing the contribution of a particular machine to the overall KPI. The per-entity KPI scores can be transformed to statistical representations which can be visualized as a distribution stream graph. The visualization may be presented with interactive aspects. Automatic entity definitions may also be generated based on content derived from the processed data.

公开(公告)号：US11093518B1

公开(公告)日：2021-08-17

申请号：US16049628

申请日：2018-07-30

Applicant: Splunk Inc.

Inventor： Ai-chi Lu ,  Arun Ramani ,  Nicholas Matthew Tankersley

IPC: G06F7/00 ,  G06F16/00 ,  G06F16/248 ,  G06F3/0484 ,  G06F16/9535

Abstract: Data intake and query system (DIQS) instances supporting applications including lower-tier, focused, work group oriented applications, are tailored to display the metrics for the needs of the user. An interface caused by operation of an entity monitoring system (EMS) operating in conjunction with the lower-tier DIQS displays the monitored entities as individual representations. The user selects a metric and a metric threshold. The EMS causes a display of an interface having a representation for each monitored entity. Each representation includes a metric value and indicates an entity status based on the metric value and the threshold. The user can dynamically change the threshold on the interface for easy visualization of aggregation of monitored entities to determine the performance of the infrastructure. The interface also provides the user with the ability to select an entity and click through to the entity analysis workspace for more detailed information.

公开(公告)号：US11755559B1

公开(公告)日：2023-09-12

申请号：US17549802

申请日：2021-12-13

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Mingrui Wei ,  Arun Ramani

IPC: G06F16/00 ,  G06F16/23 ,  G06F16/28 ,  G06F16/2457 ,  G06F11/30 ,  G06F11/34

CPC classification number: G06F16/2358 ,  G06F16/2365 ,  G06F16/24573 ,  G06F16/288 ,  G06F11/3006 ,  G06F11/3409

Abstract: Automated discovery of relationships between entities within an IT environment. A technique is performed by a relationship module that performs a discovery search for entity relationships to produce a set of relationship search results. The relationship module then generates a set of relationship definitions from the set of relationship search results which are stored to a relationship collection in a data store. A technique for automatically updating entity and relationship definitions and removing outdated entity and relationship definitions stored to a data store. An update module automatically updates entity and relationship definitions at predetermined time intervals. The update history in each definition is also modified to reflect the update process. A retire module automatically removes outdated definitions using the update history in each definition.

公开(公告)号：US20230161760A1

公开(公告)日：2023-05-25

申请号：US18153299

申请日：2023-01-11

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Andrew Peters ,  Arun Ramani

IPC: G06F16/242 ,  G06F16/9035 ,  G06F16/2458 ,  G06F16/28 ,  G06F16/25

CPC classification number: G06F16/2423 ,  G06F16/9035 ,  G06F16/2465 ,  G06F16/244 ,  G06F16/287 ,  G06F16/258

Abstract: Systems and methods are disclosed for flexibly applying a query term to heterogeneous data. A query system can receive a query that includes a data-determinant query term. As the system executes the query it can generate interim search results. As the system query processes the interim search results based on the query, it can apply the data-determinant query term to records of the interims search results based on the structure of the records.

公开(公告)号：US11657057B2

公开(公告)日：2023-05-23

申请号：US17586590

申请日：2022-01-27

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Scott Calvert ,  Manu Jose ,  Andrew Peters ,  Christopher Madden Pride ,  Arun Ramani

IPC: G06F16/00 ,  G06F16/2457 ,  G06F16/907 ,  G06F16/2455 ,  G06F40/30

CPC classification number: G06F16/24573 ,  G06F16/2455 ,  G06F16/907 ,  G06F40/30

Abstract: Systems and methods are disclosed for annotating a metadata catalog in a data intake and query system based on a query received by the data intake and query system. The metadata catalog can store information about datasets associated with the data intake and query system, including dataset configuration records of the datasets, which can be used to process queries for execution by the data intake and query system. The data intake and query system can receive a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system can parse the query to identify datasets and/or data fields associated with the query. Based on the identified datasets and/or fields, the data intake and query system can generate one or more annotations, and use the annotations to update the metadata catalog.

公开(公告)号：US11157498B1

公开(公告)日：2021-10-26

申请号：US16147344

申请日：2018-09-28

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Manu Jose ,  Sourav Pal ,  Christopher Madden Pride ,  Nicholas Robert Romito ,  Igor Braylovskiy ,  Arun Ramani ,  Ankit Jain

IPC: G06F17/00 ,  G06F16/2453 ,  G06F16/242 ,  G06F16/9535 ,  G06F40/205 ,  G06F9/54

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives a first query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system parses the first query and uses a dataset association records of a metadata catalog to dynamically identify one or more datasets associated with the query and generate a second query. The data intake and query system executes the second query.

公开(公告)号：US20160103883A1

公开(公告)日：2016-04-14

申请号：US14859243

申请日：2015-09-18

Applicant: Splunk Inc.

Inventor： Arun Ramani ,  Anupadmaja Raghavan ,  Tristan Antonio Fletcher ,  Marc Chene

IPC: G06F17/30

Abstract: Methods are disclosed to take advantage of the early collection of machine data from a new or changed entity in a computing environment in order to update the definitional information about entities used by a service monitoring system. In some embodiments, the process undertaken to recognize new or changed entities in an IT environment from collected machine data may be informed by the expertise of a particular subject matter area by installing that intelligence in a codified form packaged as a domain add-on to the service monitoring system.

Abstract translation: 公开了利用在计算环境中从新的或改变的实体早期收集机器数据的方法，以便更新关于由服务监视系统使用的实体的定义信息。 在一些实施例中，从收集的机器数据识别IT环境中的新的或改变的实体的过程可以由特定主题区域的专业知识通过将该智能安装在作为域附加的 服务监控系统。

公开(公告)号：US11669551B2

公开(公告)日：2023-06-06

申请号：US17072833

申请日：2020-10-16

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Shyam Mundhra ,  Manikandan Vellore Muneeswaran ,  Arun Ramani ,  Thor Taylor ,  Steve Zhang

IPC: G06F16/28 ,  G06F16/2455 ,  G06F16/2453 ,  G06F9/30

CPC classification number: G06F16/287 ,  G06F9/30079 ,  G06F16/24534 ,  G06F16/24564 ,  G06F16/24568

Abstract: Systems and methods for rule-based data stream processing by data collection, indexing, and visualization systems. An example method includes: receiving, by the computer system, an input data stream comprising raw machine data; processing the raw machine data by a data processing pipeline that produces transformed machine data, wherein the data processing pipeline comprises an ordered plurality of pipeline stages, wherein a pipeline stage of the ordered plurality of pipeline stages applies a rule of a set of rules to an input of the pipeline stage, wherein the rule specifies an action to be performed on the input of the pipeline stage responsive to evaluating a conditional expression applied to the input of the pipeline stage, wherein the action generates an output of the pipeline stage, and wherein the rule is selected based on a source type associated with the input data stream; and supplying the transformed machine data to a data collection, indexing, and visualization system.

公开(公告)号：US11526511B1

公开(公告)日：2022-12-13

申请号：US17473435

申请日：2021-09-13

Applicant: SPLUNK INC.

Inventor： Nicholas Matthew Tankersley ,  Fang I. Hsiao ,  Arun Ramani

IPC: G06F16/64 ,  G06F16/2452 ,  G06F3/04847 ,  G06T11/20 ,  G06F16/2457 ,  G06F11/30 ,  G06Q10/06 ,  G06Q10/10

Abstract: An example method of implementing a monitoring interface for an information technology environment comprises: identifying machine data reflecting activity in the information technology environment comprising a plurality of entities providing a service; executing a search query to derive, from the machine data, a value of a key performance indicator (KPI) reflecting performance of the service; and causing display of a monitoring interface including: an identifier of the service, a color coded indication of a state of the KPI, and a visual representation of time series data associated with the service.