公开(公告)号：US20170286525A1

公开(公告)日：2017-10-05

申请号：US15143563

申请日：2016-04-30

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06F17/30 ,  G06F3/0484

CPC classification number: G06F16/287 ,  G06F16/2477

Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. Certain control data may relate to data schemas and direct operations performed by the system to extract fields from machine data. Automatic methods may determine proper field extraction control information by analyzing a sample of data from a source, breaking the sample data into event segments, classifying the segments into groups based on a measure of similarity, determining an operable extraction rule for each group, and storing the resulting extraction model. Data patterns known by the system can be leveraged to perform the event breaking and field identification for the classifying. Embodiments may provide a user interface to view, interact with, and approve the computer-generated extraction model.

公开(公告)号：US11216491B2

公开(公告)日：2022-01-04

申请号：US15143563

申请日：2016-04-30

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06N20/00 ,  G06F16/28 ,  G06F16/2458

Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. Certain control data may relate to data schemas and direct operations performed by the system to extract fields from machine data. Automatic methods may determine proper field extraction control information by analyzing a sample of data from a source, breaking the sample data into event segments, classifying the segments into groups based on a measure of similarity, determining an operable extraction rule for each group, and storing the resulting extraction model. Data patterns known by the system can be leveraged to perform the event breaking and field identification for the classifying. Embodiments may provide a user interface to view, interact with, and approve the computer-generated extraction model.

公开(公告)号：US20220121410A1

公开(公告)日：2022-04-21

申请号：US17565181

申请日：2021-12-29

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06F3/14 ,  G06Q10/06 ,  G06N5/02 ,  G06F17/40 ,  G06F9/54

Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. The system exposes user interfaces enabling an administrator to interact with control data to modify the ongoing operation of the system. Certain control data determines the collection and treatment of data from various technology sources. A robust control interface is provided enabling the efficient and reliable adding on of new technology data sources. Once established, control data for a new technology data source may be packaged in a form for archiving or distribution. The system may support the export and import of such packages. Such packages may be created independently of the system.

公开(公告)号：US10567557B2

公开(公告)日：2020-02-18

申请号：US14889764

申请日：2014-10-31

Applicant: Splunk Inc.

Inventor： Lai Qiang Ding ,  Ziliang Chen ,  Junqing Hao ,  Ting Wang

IPC: H04L12/26 ,  H04L29/08 ,  H04L29/06

Abstract: The disclosed embodiments provide a system that processes data received from a remote system. During operation, the system sends, from a computer system to a remote system, a request for a local time at the remote system and records a time of transmission of the request. Next, the system obtains, from the remote system, a response to the request, wherein the response includes the local time of the remote system. The system then computes a difference between the time of transmission and the local time of the remote system to determine a time offset that accounts for a time difference between the computer system and the remote system. Finally, the system uses the time offset to standardize timestamps in time-series data received from the remote system, wherein standardizing the timestamps associated with the time-series data comprises adjusting the timestamps to conform to a time standard.

公开(公告)号：US20220083572A1

公开(公告)日：2022-03-17

申请号：US17539143

申请日：2021-11-30

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06F16/28 ,  G06F16/2458 ,  G06N20/00

Abstract: Determining a set of extraction rules include clustering event segments into at least a first group of event segments, and determining, using first field data in the first group of event segments, a first set of extraction rules for extracting the first field data from each event segment of the first group of event segments. A determination is made that the first set of extraction rules fails to successfully extract all of the first field data. Responsive to the determination, the event segments are re-clustered into at least a second group of event segments and a third group of event segments until a successful set of extraction rules are identified. The successful set of extraction rules are stored in computer memory.

公开(公告)号：US11249710B2

公开(公告)日：2022-02-15

申请号：US15088106

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06Q10/06 ,  G06N5/02 ,  G06F17/40 ,  G06F3/14

Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. The system exposes user interfaces enabling an administrator to interact with control data to modify the ongoing operation of the system. Certain control data determines the collection and treatment of data from various technology sources. A robust control interface is provided enabling the efficient and reliable adding on of new technology data sources. Once established, control data for a new technology data source may be packaged in a form for archiving or distribution. The system may support the export and import of such packages. Such packages may be created independently of the system.

公开(公告)号：US20170286455A1

公开(公告)日：2017-10-05

申请号：US15143562

申请日：2016-04-30

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06F17/30

CPC classification number: G06F16/212 ,  G06F16/24575

Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. Technology Add-On (TA) control data extends the operations of the system to gather and process machine data from additional sources. A user interface is exposed enabling a user who may be agnostic of requirements imposed by the system for TA content and format, to build a proper TA for controlling the system.

公开(公告)号：US10678805B2

公开(公告)日：2020-06-09

申请号：US15966279

申请日：2018-04-30

Applicant: Splunk Inc.

Inventor： Ken Chen ,  Gang Tao ,  Lai Qiang Ding ,  Junqing Hao ,  Ting Wang ,  Elias Haddad ,  Dritan Bitincka

IPC: G06F15/173 ,  G06F16/248 ,  H04L12/26

Abstract: Techniques and mechanisms are disclosed that enable a data collection system to adaptively control collection of data from one or more external data sources. At a high level, adaptively controlling collection of data from external data sources may include collecting performance information related to one or more data collection nodes and, in response to analyzing the collected performance information, adapting rates at which the data collection nodes send data collection requests to external data sources. Data collection performance information generally may include, but is not limited to, network traffic data, error messages generated by external data sources and/or data collection nodes, computing device performance information, and any other types of information related to a data collection node's ability to collect data from external data sources.

公开(公告)号：US10007710B2

公开(公告)日：2018-06-26

申请号：US15011525

申请日：2016-01-30

Applicant: Splunk Inc.

Inventor： Ken Chen ,  Gang Tao ,  Lai Qiang Ding ,  Junqing Hao ,  Ting Wang ,  Elias Haddad ,  Dritan Bitincka

IPC: G06F15/173 ,  G06F17/30 ,  H04L12/26

CPC classification number: G06F16/248 ,  H04L43/024 ,  H04L43/0817

Abstract: Techniques and mechanisms are disclosed that enable a data collection system to adaptively control collection of data from one or more external data sources. At a high level, adaptively controlling collection of data from external data sources may include collecting performance information related to one or more data collection nodes and, in response to analyzing the collected performance information, adapting rates at which the data collection nodes send data collection requests to external data sources. Data collection performance information generally may include, but is not limited to, network traffic data, error messages generated by external data sources and/or data collection nodes, computing device performance information, and any other types of information related to a data collection node's ability to collect data from external data sources.

公开(公告)号：US20170286038A1

公开(公告)日：2017-10-05

申请号：US15088106

申请日：2016-03-31

Applicant: Splunk Inc.

Inventor： Li Li ,  Gang Tao ,  Yongxin Su ,  Junqing Hao ,  Ting Wang ,  John Robert Coates ,  Elias Haddad ,  Guodong Wang

IPC: G06F3/14 ,  G06T11/00 ,  G06F17/27 ,  G06F3/0482 ,  G06F3/0484 ,  G06F17/30 ,  G06F17/24

CPC classification number: G06F3/14 ,  G06Q10/063 ,  G09G2358/00 ,  G09G2370/02 ,  G09G2370/10

Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. The system exposes user interfaces enabling an administrator to interact with control data to modify the ongoing operation of the system. Certain control data determines the collection and treatment of data from various technology sources. A robust control interface is provided enabling the efficient and reliable adding on of new technology data sources. Once established, control data for a new technology data source may be packaged in a form for archiving or distribution. The system may support the export and import of such packages. Such packages may be created independently of the system.