公开(公告)号：US20210011932A1

公开(公告)日：2021-01-14

申请号：US17038472

申请日：2020-09-30

Applicant: SPLUNK Inc.

Inventor： Vijay Chauhan ,  Banipal Shahbaz ,  David Hazekamp

IPC: G06F16/28 ,  G06F16/22 ,  G06F16/2458

Abstract: In various implementations, a computer-implemented method for remotely managing settings of applications includes receiving a network communication from a managed device, the received network communication including a client-side hash value. The method further includes identifying settings for an application on the managed device in response to the receiving of the network communication, where the identified settings include configuration instructions for the application. Based on a comparison between the received client-side hash value and a server-side hash value that corresponds to the identified settings, at least some of the identified settings are transmitted to the managed device. The transmitting of the at least some of the identified settings can be based on the comparison indicating a mismatch between the received client-side hash value and the server-side hash value. The method may also include completing processing of the received network communication after the transmitting of the at least some of the identified settings.

公开(公告)号：US20180091528A1

公开(公告)日：2018-03-29

申请号：US15276756

申请日：2016-09-26

Applicant: Splunk Inc.

Inventor： Banipal Shahbaz ,  Siri Atma Oaklander De Licori ,  John Robert Coates ,  David Hazekamp ,  Devendra Badhani ,  Luke Murphey ,  Patrick Schulz

IPC: H04L29/06

Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.

公开(公告)号：US11677760B2

公开(公告)日：2023-06-13

申请号：US16944433

申请日：2020-07-31

Applicant: Splunk Inc.

Inventor： Banipal Shahbaz ,  Siri Atma Oaklander De Licori ,  John Robert Coates ,  David Hazekamp ,  Devendra Badhani ,  Luke Murphey ,  Patrick Schulz

IPC: G06F21/55 ,  H04L9/40 ,  G06F21/53 ,  G06F16/248 ,  G06F16/26

CPC classification number: H04L63/1416 ,  G06F21/53 ,  G06F21/554 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/1475 ,  G06F16/248 ,  G06F16/26 ,  G06F2221/2151 ,  H04L2463/121 ,  H04L2463/141

Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.

公开(公告)号：US11288283B2

公开(公告)日：2022-03-29

申请号：US16394733

申请日：2019-04-25

Applicant: SPLUNK INC.

Inventor： Vijay Chauhan ,  Banipal Shahbaz ,  David Hazekamp

IPC: G06F16/26 ,  G06F16/22 ,  G06F16/901

Abstract: A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a portion of the received data and is associated with a timestamp. Based on a calculated number of events generated by the system during one or more defined time periods, the system may calculate various metrics including, but not limited to, a number of events generated during a particular day, a number of events generated per day over a period of time, a maximum number of events generated in a day over a period of time, an average number of events generated per day, etc.

公开(公告)号：US10817544B2

公开(公告)日：2020-10-27

申请号：US14701301

申请日：2015-04-30

Applicant: Splunk Inc.

Inventor： Vijay Chauhan ,  Banipal Shahbaz ,  David Hazekamp

IPC: G06F16/28 ,  G06F16/22 ,  G06F16/2458

Abstract: A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a portion of the received data and is associated with a timestamp. Based on a calculated number of events generated by the system during one or more defined time periods, the system may calculate various metrics including, but not limited to, a number of events generated during a particular day, a number of events generated per day over a period of time, a maximum number of events generated in a day over a period of time, an average number of events generated per day, etc.

公开(公告)号：US20190251095A1

公开(公告)日：2019-08-15

申请号：US16394733

申请日：2019-04-25

Applicant: SPLUNK INC.

Inventor： Vijay Chauhan ,  Banipal Shahbaz ,  David Hazekamp

IPC: G06F16/26 ,  G06F16/22 ,  G06F16/901

CPC classification number: G06F16/26 ,  G06F16/22 ,  G06F16/901 ,  G06Q2220/18

Abstract: A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a portion of the received data and is associated with a timestamp. Based on a calculated number of events generated by the system during one or more defined time periods, the system may calculate various metrics including, but not limited to, a number of events generated during a particular day, a number of events generated per day over a period of time, a maximum number of events generated in a day over a period of time, an average number of events generated per day, etc.

公开(公告)号：US10282455B2

公开(公告)日：2019-05-07

申请号：US14691475

申请日：2015-04-20

Applicant: Splunk Inc.

Inventor： Vijay Chauhan ,  Banipal Shahbaz ,  David Hazekamp

IPC: G06F17/30

Abstract: A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a portion of the received data and is associated with a timestamp. Based on a calculated number of events generated by the system during one or more defined time periods, the system may calculate various metrics including, but not limited to, a number of events generated during a particular day, a number of events generated per day over a period of time, a maximum number of events generated in a day over a period of time, an average number of events generated per day, etc.

公开(公告)号：US12267339B1

公开(公告)日：2025-04-01

申请号：US18309624

申请日：2023-04-28

Applicant: Splunk Inc.

Inventor： Banipal Shahbaz ,  Sri Atma Oaklander de Licori ,  John Robert Coates ,  David Hazekamp ,  Devendra Badhani ,  Luke Murphey ,  Patrick Schulz

IPC: G06F21/55 ,  G06F21/53 ,  H04L9/40 ,  G06F16/248 ,  G06F16/26

Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.

公开(公告)号：US20210021614A1

公开(公告)日：2021-01-21

申请号：US16944433

申请日：2020-07-31

Applicant: Splunk Inc.

Inventor： Banipal Shahbaz ,  Siri Atma Oaklander De Licori ,  John Robert Coates ,  David Hazekamp ,  Devendra Badhani ,  Luke Murphey ,  Patrick Schulz

IPC: H04L29/06 ,  G06F21/53

Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.

公开(公告)号：US10771479B2

公开(公告)日：2020-09-08

申请号：US15276756

申请日：2016-09-26

Applicant: Splunk Inc.

Inventor： Banipal Shahbaz ,  Siri Atma Oaklander De Licori ,  John Robert Coates ,  David Hazekamp ,  Devendra Badhani ,  Luke Murphey ,  Patrick Schulz

IPC: G06F21/62 ,  H04L29/06 ,  G06F21/53

Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.