-
公开(公告)号:US11494381B1
公开(公告)日:2022-11-08
申请号:US17163308
申请日:2021-01-29
Applicant: Splunk Inc.
Inventor: Kyle Champlin , Cory Chen , Patrick Schulz , Jason Szeto
IPC: G06F16/2455 , G06F3/14 , G06F16/248
Abstract: A software module ingests data into a data intake and query system. At least a portion of the data is cloud data. The software module includes an event type definition that specifies a type of data to be ingested by the software module, a first tag that associates ingested data of the event type with a data model, and a second tag that designates ingested data of the event type as cloud data. The ingested data is stored in a data repository, and subsequently a search query that includes the first tag and the second tag is executed against the data repository, to identify ingested cloud data that satisfies the search query and a first search constraint specified in the data model. A display device is caused to display a visualization based on the identified ingested cloud data that satisfies the search query.
-
公开(公告)号:US10771486B2
公开(公告)日:2020-09-08
申请号:US15715015
申请日:2017-09-25
Applicant: Splunk Inc.
Inventor: Lucas Murphey , Francis Gerard , Richard Barger , Bhavin Patel , Patrick Schulz , Chinmay Kulkarni
IPC: G06F21/00 , G06F21/50 , G06F21/55 , H04L29/06 , G06F16/951 , G06F9/448 , G06F3/0482 , G06T11/20
Abstract: Techniques and mechanisms are disclosed for a data intake and query system to generate “meta-notable” events by applying a meta-notable event rule to a collection of notable event data. A meta-notable event rule specifies one or more patterns of notable event instances defined by a set of notable event states and a set of transition rules (also referred to as association rules) indicating conditions for transitioning from one notable event state to another. The set of notable event states includes at least one start state and at least one end state. A meta-notable event is generated when a set of analyzed notable events satisfies a set of transition rules linking a start state to an end state (including transitions through any intermediary states between the start state and the end state).
-
公开(公告)号:US20180091528A1
公开(公告)日:2018-03-29
申请号:US15276756
申请日:2016-09-26
Applicant: Splunk Inc.
Inventor: Banipal Shahbaz , Siri Atma Oaklander De Licori , John Robert Coates , David Hazekamp , Devendra Badhani , Luke Murphey , Patrick Schulz
IPC: H04L29/06
Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.
-
公开(公告)号:US12197442B1
公开(公告)日:2025-01-14
申请号:US17937902
申请日:2022-10-04
Applicant: Splunk Inc.
Inventor: Kyle Champlin , Cory Chen , Patrick Schulz , Jason Szeto
IPC: G06F16/24 , G06F3/14 , G06F16/2455 , G06F16/248
Abstract: A software module ingests data into a data intake and query system. At least a portion of the data is cloud data. The software module includes an event type definition that specifies a type of data to be ingested by the software module, a first tag that associates ingested data of the event type with a data model, and a second tag that designates ingested data of the event type as cloud data. The ingested data is stored in a data repository, and subsequently a search query that includes the first tag and the second tag is executed against the data repository, to identify ingested cloud data that satisfies the search query and a first search constraint specified in the data model. A display device is caused to display a visualization based on the identified ingested cloud data that satisfies the search query.
-
公开(公告)号:US11736502B2
公开(公告)日:2023-08-22
申请号:US16944460
申请日:2020-07-31
Applicant: Splunk Inc.
Inventor: Lucas Murphey , Francis Gerard , Richard Barger , Bhavin Patel , Patrick Schulz , Chinmay Kulkarni
IPC: G06F16/951 , G06F9/448 , H04L9/40 , G06F3/0482 , G06T11/20
CPC classification number: H04L63/1425 , G06F9/4498 , G06F16/951 , H04L63/145 , H04L63/1416 , G06F3/0482 , G06T11/206 , G06T2200/24
Abstract: Techniques and mechanisms are disclosed for a data intake and query system to generate “meta-notable” events by applying a meta-notable event rule to a collection of notable event data. A meta-notable event rule specifies one or more patterns of notable event instances defined by a set of notable event states and a set of transition rules (also referred to as association rules) indicating conditions for transitioning from one notable event state to another. The set of notable event states includes at least one start state and at least one end state. A meta-notable event is generated when a set of analyzed notable events satisfies a set of transition rules linking a start state to an end state (including transitions through any intermediary states between the start state and the end state).
-
Patent Agency Ranking
公开(公告)号:US11677760B2
公开(公告)日:2023-06-13
申请号:US16944433
申请日:2020-07-31
Applicant: Splunk Inc.
Inventor: Banipal Shahbaz , Siri Atma Oaklander De Licori , John Robert Coates , David Hazekamp , Devendra Badhani , Luke Murphey , Patrick Schulz
IPC: G06F21/55 , H04L9/40 , G06F21/53 , G06F16/248 , G06F16/26
CPC classification number: H04L63/1416 , G06F21/53 , G06F21/554 , H04L63/145 , H04L63/1458 , H04L63/1475 , G06F16/248 , G06F16/26 , G06F2221/2151 , H04L2463/121 , H04L2463/141
Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.
-
公开(公告)号:US12267339B1
公开(公告)日:2025-04-01
申请号:US18309624
申请日:2023-04-28
Applicant: Splunk Inc.
Inventor: Banipal Shahbaz , Sri Atma Oaklander de Licori , John Robert Coates , David Hazekamp , Devendra Badhani , Luke Murphey , Patrick Schulz
IPC: G06F21/55 , G06F21/53 , H04L9/40 , G06F16/248 , G06F16/26
Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.
-
公开(公告)号:US20210058418A1
公开(公告)日:2021-02-25
申请号:US16944460
申请日:2020-07-31
Applicant: Splunk Inc.
Inventor: Lucas Murphey , Francis Gerard , Richard Barger , Bhavin Patel , Patrick Schulz , Chinmay Kulkarni
IPC: H04L29/06 , G06F16/951 , G06F9/448
Abstract: Techniques and mechanisms are disclosed for a data intake and query system to generate “meta-notable” events by applying a meta-notable event rule to a collection of notable event data. A meta-notable event rule specifies one or more patterns of notable event instances defined by a set of notable event states and a set of transition rules (also referred to as association rules) indicating conditions for transitioning from one notable event state to another. The set of notable event states includes at least one start state and at least one end state. A meta-notable event is generated when a set of analyzed notable events satisfies a set of transition rules linking a start state to an end state (including transitions through any intermediary states between the start state and the end state).
-
公开(公告)号:US20210021614A1
公开(公告)日:2021-01-21
申请号:US16944433
申请日:2020-07-31
Applicant: Splunk Inc.
Inventor: Banipal Shahbaz , Siri Atma Oaklander De Licori , John Robert Coates , David Hazekamp , Devendra Badhani , Luke Murphey , Patrick Schulz
Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.
-
公开(公告)号:US10771479B2
公开(公告)日:2020-09-08
申请号:US15276756
申请日:2016-09-26
Applicant: Splunk Inc.
Inventor: Banipal Shahbaz , Siri Atma Oaklander De Licori , John Robert Coates , David Hazekamp , Devendra Badhani , Luke Murphey , Patrick Schulz
Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.
-
-
-
-
-
-
-
-
-
Search Results
11
records
(took 0.014 seconds)
