公开(公告)号：US10853399B2

公开(公告)日：2020-12-01

申请号：US15479804

申请日：2017-04-05

Applicant: Splunk Inc.

Inventor： Jesse Miller ,  Jason Szeto ,  Jose Solis ,  Jindrich Dinga ,  David Marquardt

IPC: G06F16/34 ,  G06T11/20 ,  G06F16/335 ,  G06F16/35

Abstract: Systems and methods are disclosed involving user interface (UI) search tools for locating data, including tools for summarizing indexed raw machine data that organize and present results to enable expansion and exploration of initial summarizations. The initial summarizations may be explored and refined to help users determine how to identify and best focus a search on data subsets of greater interest.

公开(公告)号：US20200150621A1

公开(公告)日：2020-05-14

申请号：US16743549

申请日：2020-01-15

Applicant: Splunk Inc.

Inventor： Erick Anthony Dean ,  Jindrich Dinga ,  Marvin Herville Green

IPC: G05B19/4063 ,  G06F16/901 ,  G06F16/26 ,  G06F16/9535

Abstract: An asset monitoring and reporting system (AMRS) implements an interface to establish an asset hierarchy to be monitored and reported against. The interface employs a search query of extant asset data from which definitional aspects of the asset hierarchy can be identified, and therefrom the interface automatically determines control information reflective of the asset hierarchy to direct the ongoing operation of the AMRS. The interface further allows for configuration of a metric definition for a metric of an asset node of the asset hierarchy, the metric representing a point in time or a period of time and derived from a metric-time search of machine data produced by or about the asset node and receives an identification of a metric determination specification for the metric definition, the metric determination specification comprising at least identification of a metric component and identification of a calculation operation to apply to the metric component.

公开(公告)号：US12298734B1

公开(公告)日：2025-05-13

申请号：US18206286

申请日：2023-06-06

Applicant: Splunk Inc.

Inventor： Erick Anthony Dean ,  Jindrich Dinga ,  Marvin Herville Green

IPC: G05B19/4063 ,  G06F16/26 ,  G06F16/901 ,  G06F16/9535

Abstract: A method of monitoring hierarchical asset groups includes the operations of: receiving a plurality of asset group configuration parameters comprising one or more association specifications, each association specification defining an association between an asset and a corresponding asset group of a plurality of asset groups of an asset hierarchy; receiving definitions of one or more asset group metrics, wherein each asset group metric of the one or more asset group metrics is derived from a search of machine data associated with a corresponding asset group; associating, with each asset group of the plurality of asset groups, a corresponding asset group metric of the one or more asset group metrics; generating one or more alert definitions associated with an asset group of the plurality of asset groups; monitoring, using the one or more asset group metrics, the asset hierarchy; and generating an alert based on the one or more alert definitions.

公开(公告)号：US11604789B1

公开(公告)日：2023-03-14

申请号：US17444161

申请日：2021-07-30

Applicant: Splunk Inc.

Inventor： Finlay Cannon ,  Jindrich Dinga ,  Thomas Haggie ,  Clark E. Mullen ,  Jonathan Ng ,  Andrew John Peters ,  Bardhi Shtylla ,  Ioan Popa ,  Barbara Janczer ,  Jacob Sebastian Stark

IPC: G06F16/242 ,  G06F16/248 ,  G06F40/30

Abstract: A system is described that receives a query model of a query that includes one or more query commands. The query model includes a command model that corresponds to at least query command of the one or more query commands. The system uses the command model to generate an interactive action model summary and causes a user interface to display the query and the interactive action model summary in a query actions panel. A modification to the query in the user interface causes an update to the query actions panel and a modification to the action model summary causes an update to the at least one query command of the query.

公开(公告)号：US11494380B2

公开(公告)日：2022-11-08

申请号：US16657899

申请日：2019-10-18

Applicant: Splunk Inc.

Inventor： Balaji Rao ,  Jindrich Dinga ,  Kieran Cairney ,  Manuel Martinez ,  Nitilaksha Halakatti ,  Ningxuan He ,  Arindam Bhattacharjee ,  Sourav Pal ,  Alexandros Batsakis

IPC: G06F15/16 ,  G06F16/2453 ,  G06F16/2458 ,  H04L9/08 ,  H04L41/0806 ,  H04L67/10 ,  H04L67/52 ,  G06F8/61

Abstract: Systems and methods are described for establishing and managing components of a distributed computing framework implemented in a data intake and query system. The distributed computing framework may include a master and a plurality of worker nodes. The master may selectively operate on a search head captain that is chosen from the search heads of the data intake and query system. The search head captain may distribute configuration information for the master and the distributed computing framework to the other search heads, which in turn, may distribute that configuration information to indexers of the data intake and query system. Worker nodes may be selectively activated for operation on the indexers based on the configuration information, and the worker nodes may additionally use the configuration information to contact the master and join the distributed computing framework. This approach may provide numerous benefits, including improved security, flexibility in the selection of worker nodes, and redundancy for failures of physical components of the data intake and query system.

公开(公告)号：US11210278B1

公开(公告)日：2021-12-28

申请号：US16147430

申请日：2018-09-28

Applicant: Splunk Inc.

Inventor： Erick Anthony Dean ,  Jindrich Dinga ,  Marvin Herville Green

IPC: G06F16/22 ,  G06F16/248 ,  G06F16/24 ,  G06F16/2458 ,  G06F16/2453 ,  G06F3/0484 ,  G06F16/28

Abstract: An asset monitoring and reporting system (AMRS) implements an interface to establish an asset hierarchy to be monitored and reported against. The interface employs a search query of extant asset data from which definitional aspects of the asset hierarchy can be identified, and therefrom the interface automatically determines control information reflective of the asset hierarchy to direct the ongoing operation of the AMRS. The interface further receives an identification of one or more asset nodes of an asset hierarchy for inclusion in an asset group, receives an identification of a group metric definition of a group metric of the asset group, and reflects in computer storage an asset group definition comprising an association of each of the one or more asset nodes and an association of the group metric definition.

公开(公告)号：US10909140B2

公开(公告)日：2021-02-02

申请号：US15276693

申请日：2016-09-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F16/00 ,  G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US10564622B1

公开(公告)日：2020-02-18

申请号：US16147439

申请日：2018-09-28

Applicant: Splunk Inc.

Inventor： Erick Anthony Dean ,  Jindrich Dinga ,  Marvin Herville Green

IPC: G05B19/4063 ,  G06F16/26 ,  G06F16/901 ,  G06F16/9535

Abstract: An asset monitoring and reporting system (AMRS) implements an interface to establish an asset hierarchy to be monitored and reported against. The interface employs a search query of extant asset data from which definitional aspects of the asset hierarchy can be identified, and therefrom the interface automatically determines control information reflective of the asset hierarchy to direct the ongoing operation of the AMRS. The interface further allows for configuration of a metric definition for a metric of an asset node of the asset hierarchy, the metric representing a point in time or a period of time and derived from a metric-time search of machine data produced by or about the asset node and receives an identification of a metric determination specification for the metric definition, the metric determination specification comprising at least identification of a metric component and identification of a calculation operation to apply to the metric component.

公开(公告)号：US12182110B1

公开(公告)日：2024-12-31

申请号：US18161792

申请日：2023-01-30

Applicant: Splunk Inc.

Inventor： Finlay Cannon ,  Jindrich Dinga ,  Thomas Haggie ,  Clark E. Mullen ,  Jonathan Ng ,  Andrew John Peters ,  Bardhi Shtylla ,  Ioan Popa ,  Barbara Janczer ,  Jacob Sebastian Stark

IPC: G06F16/242 ,  G06F16/248 ,  G06F40/30

Abstract: A system is described that receives a query model of a query that includes one or more query commands. The query model includes a command model that corresponds to at least query command of the one or more query commands. The system uses the command model to generate an interactive action model summary and causes a user interface to display the query and the interactive action model summary in a query actions panel. A modification to the query in the user interface causes an update to the query actions panel and a modification to the action model summary causes an update to the at least one query command of the query.

公开(公告)号：US20240419712A1

公开(公告)日：2024-12-19

申请号：US18419179

申请日：2024-01-22

Applicant: Splunk Inc.

Inventor： Jesse Miller ,  Jason Szeto ,  Jose Solis ,  Jindrich Dinga ,  David Marquardt

IPC: G06F16/34 ,  G06F16/335 ,  G06F16/35 ,  G06T11/20

Abstract: Systems and methods are disclosed involving user interface (UI) search tools for locating data, including tools for summarizing indexed raw machine data that organize and present results to enable expansion and exploration of initial summarizations. The initial summarizations may be explored and refined to help users determine how to identify and best focus a search on data subsets of greater interest.