公开(公告)号：US12182174B1

公开(公告)日：2024-12-31

申请号：US18147639

申请日：2022-12-28

Applicant: SPLUNK Inc.

Inventor： Francis Beckert ,  Kristal Curtis ,  Om Rajyaguru ,  Abraham Starosta ,  Poonam Yadav

IPC: G06F16/24 ,  G06F16/248 ,  G06F16/28 ,  G06F16/957

Abstract: A search assistant engine is described that integrates with a data intake and query system and provides an intuitive user interface to assist a user in searching and evaluating indexed event data. Additionally, the search assistant engine provides logic to intelligently provide data to the user through the user interface such as determining fields of events likely to be of interest based on determining a mutual information score for each field and determining groups of related fields based on determining a mutual information score for each field grouping. Some implementations utilize machine learning techniques in certain analyses such as when clustering events and determining an event templates for each cluster. Additionally, the search assistant engine may import terms or characters from user interaction into predetermined search query templates to generate tailored search query for the user.

公开(公告)号：US20250028618A1

公开(公告)日：2025-01-23

申请号：US18222870

申请日：2023-07-17

Applicant: Splunk Inc.

Inventor： Houwu Bai ,  Kristal Curtis ,  William Deaderick ,  Tanner Gilligan ,  Poonam Yadav ,  Om Rajyaguru

IPC: G06F11/34 ,  G06F11/30 ,  G06F16/23 ,  G06F16/2458

Abstract: Computerized methodologies are disclosed that are directed to detecting anomalies within a time-series data set. A first aspect of the anomaly detection process includes analyzing the regularity of the data points of the time-series data set and determining whether a data aggregation process is to be performed based on the regularity of the data points, which results in a time-series data set having data points occurring at regular intervals. A seasonality pattern may be determined for the time-series data set, where a silhouette score is computed to measure the quality of the fit of the seasonality pattern to the time-series data. The silhouette score may be compared to a threshold and based on the comparison, the seasonality pattern or a set of heuristics may be utilized in an anomaly detection process. When the seasonality pattern is utilized, the seasonality pattern may be utilized to generate thresholds indicating anomalous behavior.

公开(公告)号：US12111874B1

公开(公告)日：2024-10-08

申请号：US18147641

申请日：2022-12-28

Applicant: SPLUNK Inc.

Inventor： Francis Beckert ,  Kristal Curtis ,  Om Rajyaguru ,  Abraham Starosta ,  Poonam Yadav

IPC: G06F16/9535 ,  G06F16/2457 ,  G06F16/248

CPC classification number: G06F16/9535 ,  G06F16/24578 ,  G06F16/248

Abstract: Implementations of this disclosure provide a search assistant engine that integrates with a data intake and query system and provides an intuitive user interface to assist a user in searching and evaluating indexed event data. Additionally, the search assistant engine provides logic to intelligently provide data to the user through the user interface such as determining fields of events likely to be of interest based on determining a mutual information score for each field and determining groups of related fields based on determining a mutual information score for each field grouping. Some implementations utilize machine learning techniques in certain analyses such as when clustering events and determining an event templates for each cluster. Additionally, the search assistant engine may import terms or characters from user interaction into predetermined search query templates to generate tailored search query for the user.

公开(公告)号：US20250028737A1

公开(公告)日：2025-01-23

申请号：US18222863

申请日：2023-07-17

Applicant: Splunk Inc.

Inventor： Houwu Bai ,  Kristal Curtis ,  William Deaderick ,  Tanner Gilligan ,  Poonam Yadav ,  Om Rajyaguru

IPC: G06F16/28 ,  G06F16/2458

Abstract: Computerized methodologies are disclosed that are directed to detecting anomalies within a time-series data set. An aspect of the anomaly detection process includes determining one or more seasonality patterns that correspond to a specific time-series data set by evaluating a set of candidate seasonality patterns (e.g., hourly, daily, weekly, day-start off-sets, etc.). The evaluation of a candidate seasonality pattern may include dividing the time-series data set into a collection of subsequences based on the particular candidate seasonality pattern. Further, the collection of subsequences may be divided into clusters and a silhouette score may be computed to measure the clustering quality of the candidate seasonality pattern. In some instances, the candidate seasonality pattern having the highest silhouette score is selected and utilized in anomaly detection process. In other instances, a plurality of seasonality patterns may be combined forming a time policy, where the time policy is utilized in anomaly detection process.

公开(公告)号：US20250021767A1

公开(公告)日：2025-01-16

申请号：US18228654

申请日：2023-07-31

Applicant: Splunk Inc.

Inventor： Vedant Dharnidharka ,  Robert Riachi ,  Abraham Starosta ,  Alexander Sasha Stojanovic ,  Julien Didier Jean Veron Vialard ,  Rong Tan Wang ,  Poonam Yadav ,  Om Rajyaguru

IPC: G06F40/40 ,  G06F16/9032 ,  G06F40/211 ,  G06F40/30

Abstract: Implementations of this disclosure provide a machine learning model training system that receives user input being a natural language description of a search query, and packages and transmits the natural language description as a prompt to a plurality of large learning models (LLMs). The model training system also receives response from the plurality of LLMs being translations of the natural language descriptions to an executable search query and displays the translations to a user via a graphical user interface. The model training system receives user feedback via the graphical user interface that corresponds to indications as to whether each translation is correct, syntactically and/or semantically, and, in some examples, an indication of which response was preferred. The model training system also generates training data from the user input, translations generated by the plurality of LLMs, and user feedback, and subsequently, initiates training of a LLM using the training data.