公开(公告)号：US20230237094A1

公开(公告)日：2023-07-27

申请号：US18190519

申请日：2023-03-27

Applicant: Splunk Inc.

Inventor： Ram Sriharsha ,  Kristal Lyn Curtis ,  Iryna Vogler-Ivashchanka ,  Clark Eugene Mullen

IPC: G06F16/901 ,  G06F16/2458 ,  G06F16/28 ,  G06F16/23 ,  G06N20/20 ,  G06F9/38 ,  G06F9/54 ,  G06F16/2455 ,  G06F16/14 ,  G06F16/22 ,  G06F16/2453 ,  G06N20/00 ,  G06F16/16 ,  G06F17/16 ,  G06F17/18 ,  G06F16/242 ,  G06F18/214 ,  G06F18/21

CPC classification number: G06F16/901 ,  G06F9/544 ,  G06F9/3885 ,  G06F16/23 ,  G06F16/144 ,  G06F16/156 ,  G06F16/168 ,  G06F16/242 ,  G06F16/285 ,  G06F16/2246 ,  G06F16/2379 ,  G06F16/2465 ,  G06F16/24534 ,  G06F16/24568 ,  G06F17/16 ,  G06F17/18 ,  G06F18/2148 ,  G06F18/2185 ,  G06N20/00 ,  G06N20/20 ,  G06F16/22 ,  G06F16/2264 ,  G06F16/2282

Abstract: Systems and methods are described for processing ingested data in an asynchronous manner as the data is being ingested to detect potential anomalies. For example, one or more streaming data processors can convert data as the data is ingested into a comparable data structure, determine whether the comparable data structure should be assigned to an existing data pattern or a new data pattern, and optionally update a characteristic of the data pattern to which the comparable data structure is assigned. The streaming data processor(s) can perform these operations automatically in real-time or in periodic batches. Once one or more comparable data structures have been assigned to one or more data patterns, the streaming data processor(s) can analyze the comparable data structures assigned to a particular data pattern to determine whether any of the comparable data structures appear to be anomalous.

公开(公告)号：US12164565B2

公开(公告)日：2024-12-10

申请号：US18190519

申请日：2023-03-27

Applicant: Splunk Inc.

Inventor： Ram Sriharsha ,  Kristal Lyn Curtis ,  Iryna Vogler-Ivashchanka ,  Clark Eugene Mullen

IPC: G06F16/23 ,  G06F9/38 ,  G06F9/54 ,  G06F16/14 ,  G06F16/16 ,  G06F16/22 ,  G06F16/242 ,  G06F16/2453 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/28 ,  G06F16/901 ,  G06F17/16 ,  G06F17/18 ,  G06F18/21 ,  G06F18/214 ,  G06N20/00 ,  G06N20/20

Abstract: Systems and methods are described for processing ingested data in an asynchronous manner as the data is being ingested to detect potential anomalies. For example, one or more streaming data processors can convert data as the data is ingested into a comparable data structure, determine whether the comparable data structure should be assigned to an existing data pattern or a new data pattern, and optionally update a characteristic of the data pattern to which the comparable data structure is assigned. The streaming data processor(s) can perform these operations automatically in real-time or in periodic batches. Once one or more comparable data structures have been assigned to one or more data patterns, the streaming data processor(s) can analyze the comparable data structures assigned to a particular data pattern to determine whether any of the comparable data structures appear to be anomalous.

公开(公告)号：US20210117416A1

公开(公告)日：2021-04-22

申请号：US16779479

申请日：2020-01-31

Applicant: Splunk Inc.

Inventor： Ram Sriharsha ,  Kristal Lyn Curtis ,  Iryna Vogler-Ivashchanka ,  Clark Eugene Mullen

IPC: G06F16/2458 ,  G06F16/23 ,  G06F16/28

Abstract: Systems and methods are described for processing ingested data in an asynchronous manner as the data is being ingested to detect potential anomalies. For example, one or more streaming data processors can convert data as the data is ingested into a comparable data structure, determine whether the comparable data structure should be assigned to an existing data pattern or a new data pattern, and optionally update a characteristic of the data pattern to which the comparable data structure is assigned. The streaming data processor(s) can perform these operations automatically in real-time or in periodic batches. Once one or more comparable data structures have been assigned to one or more data patterns, the streaming data processor(s) can analyze the comparable data structures assigned to a particular data pattern to determine whether any of the comparable data structures appear to be anomalous.

公开(公告)号：US11615101B2

公开(公告)日：2023-03-28

申请号：US16779479

申请日：2020-01-31

Applicant: Splunk Inc.

Inventor： Ram Sriharsha ,  Kristal Lyn Curtis ,  Iryna Vogler-Ivashchanka ,  Clark Eugene Mullen

IPC: G06F16/2458 ,  G06F16/28 ,  G06F16/23 ,  G06N20/20 ,  G06F9/38 ,  G06F9/54 ,  G06K9/62 ,  G06F16/2455 ,  G06F16/14 ,  G06F16/22 ,  G06F16/2453 ,  G06N20/00 ,  G06F16/16 ,  G06F17/16 ,  G06F17/18 ,  G06F16/242

Abstract: Systems and methods are described for processing ingested data in an asynchronous manner as the data is being ingested to detect potential anomalies. For example, one or more streaming data processors can convert data as the data is ingested into a comparable data structure, determine whether the comparable data structure should be assigned to an existing data pattern or a new data pattern, and optionally update a characteristic of the data pattern to which the comparable data structure is assigned. The streaming data processor(s) can perform these operations automatically in real-time or in periodic batches. Once one or more comparable data structures have been assigned to one or more data patterns, the streaming data processor(s) can analyze the comparable data structures assigned to a particular data pattern to determine whether any of the comparable data structures appear to be anomalous.

公开(公告)号：US10949420B2

公开(公告)日：2021-03-16

申请号：US16050487

申请日：2018-07-31

Applicant: SPLUNK INC.

Inventor： Kristal Lyn Curtis ,  Archana Sulochana Ganapathi ,  Adam Oliner ,  Steve Yu Zhang

IPC: G06F16/24 ,  G06F16/242 ,  G06F16/25 ,  G06F16/31 ,  G06F16/907

Abstract: Embodiments of the present invention are directed to identifying related data, in particular, data associated with different source types. In embodiments, a first source type related to a second source type associated with a search query is identified. Field set pairs are identified from a first data set associated with the first source type and a second data set associated with the second source type. Each field set pair can include one field set associated with the first source type and another field set associated with the second source type. For each field set pair, an extent of similarity is determined between the corresponding field sets. Based on the extent of similarities between the corresponding field sets, at least one pair of related field sets is identified. An indication of the at least one pair of related field sets is provided, for example, for presentation to a user.

公开(公告)号：US20200042651A1

公开(公告)日：2020-02-06

申请号：US16050616

申请日：2018-07-31

Applicant: SPLUNK INC.

Inventor： Kristal Lyn Curtis ,  Archana Sulochana Ganapathi ,  Adam Oliner ,  Steve Yu Zhang

IPC: G06F17/30 ,  G06N5/02 ,  G06F3/0482

Abstract: Embodiments of the present invention are directed to identifying and providing related data field sets. In one embodiment, a first portion of a graphical user interface (GUI) configured to receive a search query is displayed. The GUI enables user interaction to specify a source type in association with the search query. In accordance with a first source type specified in the search query, a first field set associated with the first source type is identified as related to a second field set associated with a second source type. A second portion of the GUI is displayed that includes a relationship indication that indicates the first field set associated with the first source type is related to the second field set associated with a second source type. Further, a third portion of the GUI is displayed that includes an explanation or recommendation associated with the relationship indication.

公开(公告)号：US11841853B2

公开(公告)日：2023-12-12

申请号：US17201338

申请日：2021-03-15

Applicant: SPLUNK Inc.

Inventor： Kristal Lyn Curtis ,  Archana Sulochana Ganapathi ,  Adam Oliner ,  Steve Yu Zhang

IPC: G06F16/24 ,  G06F16/242 ,  G06F16/25 ,  G06F16/31 ,  G06F16/907

CPC classification number: G06F16/2443 ,  G06F16/25 ,  G06F16/313 ,  G06F16/907

Abstract: Embodiments of the present invention are directed to identifying related data, in particular, data associated with different source types. In embodiments, a first source type related to a second source type associated with a search query is identified. Field set pairs are identified from a first data set associated with the first source type and a second data set associated with the second source type. Each field set pair can include one field set associated with the first source type and another field set associated with the second source type. For each field set pair, an extent of similarity is determined between the corresponding field sets. Based on the extent of similarities between the corresponding field sets, at least one pair of related field sets is identified. An indication of the at least one pair of related field sets is provided, for example, for presentation to a user.

公开(公告)号：US11100172B2

公开(公告)日：2021-08-24

申请号：US16050616

申请日：2018-07-31

Applicant: SPLUNK INC.

Inventor： Kristal Lyn Curtis ,  Archana Sulochana Ganapathi ,  Adam Oliner ,  Steve Yu Zhang

IPC: G06F16/00 ,  G06F16/903 ,  G06F3/0482 ,  G06N5/02 ,  G06F16/907

Abstract: Embodiments of the present invention are directed to identifying and providing related data field sets. In one embodiment, a first portion of a graphical user interface (GUI) configured to receive a search query is displayed. The GUI enables user interaction to specify a source type in association with the search query. In accordance with a first source type specified in the search query, a first field set associated with the first source type is identified as related to a second field set associated with a second source type. A second portion of the GUI is displayed that includes a relationship indication that indicates the first field set associated with the first source type is related to the second field set associated with a second source type. Further, a third portion of the GUI is displayed that includes an explanation or recommendation associated with the relationship indication.

公开(公告)号：US20210200755A1

公开(公告)日：2021-07-01

申请号：US17201338

申请日：2021-03-15

Applicant: SPLUNK Inc.

Inventor： Kristal Lyn Curtis ,  Archana Sulochana Ganapathi ,  Adam Oliner ,  Steve Yu Zhang

IPC: G06F16/242 ,  G06F16/25 ,  G06F16/31 ,  G06F16/907

Abstract: Embodiments of the present invention are directed to identifying related data, in particular, data associated with different source types. In embodiments, a first source type related to a second source type associated with a search query is identified. Field set pairs are identified from a first data set associated with the first source type and a second data set associated with the second source type. Each field set pair can include one field set associated with the first source type and another field set associated with the second source type. For each field set pair, an extent of similarity is determined between the corresponding field sets. Based on the extent of similarities between the corresponding field sets, at least one pair of related field sets is identified. An indication of the at least one pair of related field sets is provided, for example, for presentation to a user.

公开(公告)号：US20200042626A1

公开(公告)日：2020-02-06

申请号：US16050487

申请日：2018-07-31

Applicant: SPLUNK INC.

Inventor： Kristal Lyn Curtis ,  Archana Sulochana Ganapathi ,  Adam Oliner ,  Steve Yu Zhang

IPC: G06F17/30

Abstract: Embodiments of the present invention are directed to identifying related data, in particular, data associated with different source types. In embodiments, a first source type related to a second source type associated with a search query is identified. Field set pairs are identified from a first data set associated with the first source type and a second data set associated with the second source type. Each field set pair can include one field set associated with the first source type and another field set associated with the second source type. For each field set pair, an extent of similarity is determined between the corresponding field sets. Based on the extent of similarities between the corresponding field sets, at least one pair of related field sets is identified. An indication of the at least one pair of related field sets is provided, for example, for presentation to a user.