Patents Assigned to Splunk Inc.
-
Patent number: 12271428Abstract: A system generates a user interface that enables a user to interact with an interactive chart associated with a statement of a data processing package. Via one or more user interactions with the user interface, the system may receive one or more chart parameters for the chart. Using a statement from the data processing package and the one or more chart parameters, the system may generate an additional statement and append the generated statement to the data processing package to form an enriched data processing package. The system may communicate the enriched data processing package to a search service for execution. The system may display the results in the chart.Type: GrantFiled: July 29, 2022Date of Patent: April 8, 2025Assignee: Splunk Inc.Inventors: Christopher Bolognese, Finlay Cannon, Eli Clein, Umesh Dinkar, Thomas Haggie, Barbara Janczer, Elizabeth Li, Clark Eugene Mullen, Viet Quoc Nguyen, Faya Peng, Ioan Popa, Abid Salahi, Keng-Ming Sheu, Tulika Thakur, Justin Lew, Jonathan Ng, Jacob Sebastian Stark
-
Patent number: 12265858Abstract: A method of dynamic cluster manager failover includes routing data traffic associated with managing a plurality of indexers in a cluster to a first cluster manager, wherein the first cluster manager is associated with an active role and is operable to manage the plurality of indexers in the cluster. The method also includes transmitting periodic heartbeat request messages from a second cluster manager of the cluster to the first cluster manager, wherein the second cluster manager is associated with a standby role. Further, the method includes detecting, at the second cluster manager, a loss of heartbeat response messages from the first cluster manager. Also, the method includes receiving information from a set of indexers regarding a status of the first cluster manager and in response to a determination that the status of the first cluster manager is offline, promoting the second cluster manager to switch over to the active role.Type: GrantFiled: May 27, 2022Date of Patent: April 1, 2025Assignee: Splunk Inc.Inventors: Sayantan Bhattacharyya, Wendi Qiu, How Yin Tan, Amritpal Singh Bath
-
Patent number: 12265863Abstract: The operation of an automatic data input and query system is controlled by well-defined control data. The system exposes user interfaces enabling an administrator to interact with control data to modify the ongoing operation of the system. Certain control data determines the collection and treatment of data from various technology sources. A robust control interface is provided enabling the efficient and reliable adding on of new technology data sources. Once established, control data for a new technology data source may be packaged in a form for archiving or distribution. The system may support the export and import of such packages. Such packages may be created independently of the system.Type: GrantFiled: December 29, 2021Date of Patent: April 1, 2025Assignee: Splunk Inc.Inventors: Li Li, Gang Tao, Yongxin Su, Junqing Hao, Ting Wang, John Robert Coates, Elias Haddad, Guodong Wang
-
Patent number: 12265525Abstract: A query coordinator can receive a query and identify a first portion of the query to be processed by a first data processing system and a second portion of the query to be processed by a second data processing system. The query coordinator can obtain a modified query based on identifying the first portion and the second portion of the query. The query coordinator can define a query processing scheme according to the modified query and provide the query processing scheme to the second data processing system. Based on providing the query processing scheme, the query coordinator can obtain an output of the second data processing system. The query coordinator can identify a second query based on the output and provide the second query to a component of the first data processing system.Type: GrantFiled: January 31, 2024Date of Patent: April 1, 2025Assignee: Splunk Inc.Inventors: Brent Davis, David Johns DeWitt, Derek Feriancek, Venkatasubramanian Jayaraman, Vinay Manivel, Christopher Ogle, Balaji Rao
-
Patent number: 12267339Abstract: Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more “modular alerts.” As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.Type: GrantFiled: April 28, 2023Date of Patent: April 1, 2025Assignee: Splunk Inc.Inventors: Banipal Shahbaz, Sri Atma Oaklander de Licori, John Robert Coates, David Hazekamp, Devendra Badhani, Luke Murphey, Patrick Schulz
-
Patent number: 12265540Abstract: Systems and methods are disclosed for generating a distributed execution model with untrusted commands. The system can receive a query, and process the query to identify the untrusted commands. The system can use data associated with the untrusted command to identify one or more files associated with the untrusted command. Based on the files, the system can generate a data structure and include one or more identifiers associated with the data structure in the distributed execution model. The system can distribute the distributed execution model to one or more nodes in a distributed computing environment for execution.Type: GrantFiled: October 5, 2022Date of Patent: April 1, 2025Assignee: Splunk Inc.Inventors: Arindam Bhattacharjee, Sourav Pal, Alexander Douglas James
-
Patent number: 12254019Abstract: Systems and methods are described to determine relationships between one or more components of an isolated execution environment system based on data obtained from a data intake and query system. Based on the determined relationships, an interactive visualization is generated that indicates the hierarchical relationship of the components. In some cases, to illustrate the relationship between components of the isolated execution environment system, the visualization can include one or more display objects displayed in a subordinate or superior relationship to other display objects. In certain cases, based on an interaction with a display object, the system can generate a query and/or display additional information and/or visualizations based on the results of the query.Type: GrantFiled: January 27, 2023Date of Patent: March 18, 2025Assignee: SPLUNK Inc.Inventors: Vladimir A. Shcherbakov, Stewart Smith, Nicholas Matthew Tankersley, Junyu Wang, Peter Wu
-
Patent number: 12248804Abstract: A multitenant deployment includes a computing cluster that executes multiple containerized instances of a software application. Each containerized instance is associated with one or more datastores that can be assigned to different tenants. A registry store maintains a mapping between tenants and datastores, thereby allowing a registry manager to properly route tenant requests to the correct datastores. A capacity manager tracks tenant usage of datastores in the registry store and then scales computing resources for each tenant in proportion to usage. The capacity manager also migrates tenant resources in response to catastrophic failures or upgrades. In this fashion, the multitenant deployment can adapt a single-tenant software application for multi-tenancy in a manner that is both transparent and secure for the tenant.Type: GrantFiled: September 26, 2023Date of Patent: March 11, 2025Assignee: SPLUNK Inc.Inventors: Ledio Ago, Ronnie Sun, Mathew Elting
-
Patent number: 12248484Abstract: Systems and methods are described for reducing execution time of a query that references external data systems. The system can determine an external data system is capable of processing one or more map or reduce phases of a map-reduce operation. When it is determined that the external data system can process a map or reduce phase, associated operations may be reassigned from the system to the external data system reducing the processing resources used by the system to response to the query and, in some cases, speeding up performance of the query.Type: GrantFiled: October 18, 2019Date of Patent: March 11, 2025Assignee: Splunk Inc.Inventors: Sourav Pal, Arindam Bhattacharjee, Wayne Patterson
-
Patent number: 12242474Abstract: Systems and methods are described for a query conversion system to convert a first query string from a first version of a query language to a second version of the query language. The query conversion system may be associated with a tokenizer and parser, code converter, compatibility library, and a query formatter. The tokenizer and parser may tokenize and parse a query string to create a first node tree with commands. The code converter may parse the first node tree while using the compatibility library to convert the commands and generate a second node tree. The query formatter may create a second query string executable by the second version of the query language.Type: GrantFiled: January 31, 2023Date of Patent: March 4, 2025Assignee: Splunk Inc.Inventors: Alexander D. James, Ankur Dalsukhbhai Bambharoliya, Venkatasubramanian Jayaraman, Andrew John Peters, Salih Ammar Wajih Zainulabdeen
-
Implementation of a data processing pipeline using assignable resources and pre-configured resources
Patent number: 12242892Abstract: Systems and methods are described for a implementing a streaming data processing system that includes a pool of pre-configured resources and a pool of dedicated resources. The streaming data processing system can implement a processing pipeline using compute resources. The pool of pre-configured resources can support previews of processing pipelines for a plurality of users and the pool of dedicated resources can support full deployments of processing pipelines for a particular user. The streaming data processing system can implement a preview of a processing pipeline using a pre-configured resource of the pool of pre-configured resources. Further, the streaming data processing system can implement the processing pipeline using a dedicated resource of the pool of dedicated resources. The streaming data processing system can provision the dedicated resource and deploy the processing pipeline using the dedicated resource.Type: GrantFiled: July 30, 2021Date of Patent: March 4, 2025Assignee: Splunk Inc.Inventor: Ricky Burnett -
Patent number: 12242495Abstract: A system generates a user interface that enables a user to generate a chart from one or more statements of a data processing package. Via one or more user interactions with the user interface, the system may receive one or more chart parameters for a chart. Using a statement from the data processing package and the one or more chart parameters, the system may generate an additional statement and append the generated statement to the data processing package to form an enriched data processing package. The system may communicate the enriched data processing package to a search service for execution. The system may display the results in an interactive chart.Type: GrantFiled: July 29, 2022Date of Patent: March 4, 2025Assignee: Splunk Inc.Inventors: Christopher Bolognese, Finlay Cannon, Eli Clein, Umesh Dinkar, Thomas Haggie, Barbara Janczer, Elizabeth Li, Clark Eugene Mullen, Viet Quoc Nguyen, Faya Peng, Ioan Popa, Abid Salahi, Keng-Ming Sheu, Tulika Thakur, Justin Lew, Jonathan Ng, Jacob Sebastian Stark
-
Patent number: 12237988Abstract: Provided are systems and methods for determining and displaying service performance information via a graphical user interface. A method can include visually rendering a service-level dashboard reflecting performance of a service and presenting a visual indication of health of each component service and a list of events each corresponding to a change in performance of one of the component services. The method can further include responsive to receiving, via a graphical user interface (GUI), a selection of a component service, visually rendering a system-level dashboard reflecting performance of the selected component-level service, wherein the component service is performed by one or more machines, and wherein the system-level dashboard presents the machines and one or more events each corresponding to a change in performance of one of the machines.Type: GrantFiled: August 2, 2022Date of Patent: February 25, 2025Assignee: Splunk Inc.Inventors: Adrian Hall, Kenneth M. Sternberg, Anupadmaja Raghavan, Brian C. Reyes
-
Patent number: 12222840Abstract: A method of generating metrics data associated with a microservices-based application comprises ingesting a plurality of spans and mapping an ingested span of the plurality of spans to a span identity, wherein the span identity comprises a tuple of information identifying a type of span associated with the span identity, wherein the tuple of information comprises user-configured dimensions. The method further comprises grouping the ingested span by the span identity, wherein the ingested span is grouped with other spans from the plurality of spans comprising a same span identity. The method also comprises computing metrics associated with the span identity and using the metrics to generate a stream of metric data associated with the span identity.Type: GrantFiled: October 26, 2022Date of Patent: February 11, 2025Assignee: SPLUNK Inc.Inventors: Steven Karis, Maxime Petazzoni, Matthew William Pound, Joseph Ari Ross, Charles Smith, Scott Stewart
-
Patent number: 12224919Abstract: Techniques are described for enabling a cloud-based IT and security operations application to execute playbooks containing custom code in a manner that mitigates types of risk related to the misuse of cloud-based resources and security of user data. Users use a client application to create and modify playbooks and, upon receiving input to save a playbook, the client application determines whether the playbook includes custom code. If the client application determines that the playbook includes custom code, the client application establishes a connection with a proxy application (also referred to as an “automation broker”) running in the user's own on-premises network and sends a representation of the playbook to the proxy application. The client application further sends to the IT and security operations application an identifier of the playbook and an indication that the playbook (or the custom code portions of the playbook) is stored within the user's on-premises network.Type: GrantFiled: April 9, 2024Date of Patent: February 11, 2025Assignee: SPLUNK Inc.Inventors: Chakravarthy Sridhar, Minjie Qiu, Atif Mahadik
-
Patent number: 12216527Abstract: A computerized method is disclosed for automated handling of data ingestion anomalies. The method features operations of detecting a data ingestion anomaly and determining a cause for the data ingestion anomaly. The causal determination may be conducted by at least (i) determining features of an anomalous data ingestion volume, (ii) training a second data model, after a first data model being used to detect the data ingestion anomaly, with data sets consistent with the determined features, (iii) applying the second data model to predict whether a data ingestion sub-volume is anomalous, (iv) obtaining system state information during ingestion of the anomalous data ingestion sub-volume, and (v) determining the cause of the anomalous data ingestion volume based on the system state information.Type: GrantFiled: January 24, 2022Date of Patent: February 4, 2025Assignee: Splunk Inc.Inventors: Abraham Starosta, Francis Beckert, Chandrima Sarkar
-
Patent number: 12217075Abstract: Techniques promote monitoring of hypervisor systems by presenting dynamic representations of hypervisor architectures that include performance indicators. A reviewer can interact with the representation to progressively view select lower-level performance indicators. Higher level performance indicators can be determined based on lower level state assessments. A reviewer can also view historical performance metrics and indicators, which can aid in understanding which configuration changes or system usages may have led to sub-optimal performance.Type: GrantFiled: April 26, 2021Date of Patent: February 4, 2025Assignee: Splunk Inc.Inventors: Brian Bingham, Tristan Fletcher
-
Patent number: 12212475Abstract: The disclosed embodiments provide a method and system for processing network data. During operation, the system obtains, at a remote capture agent, configuration information for the remote capture agent from a configuration server over a network. Next, the system uses the configuration information to configure the generation of event data from network data obtained from network packets at the remote capture agent. The system then uses the configuration information to configure transformation of the event data or the network data into transformed event data at the remote capture agent.Type: GrantFiled: November 16, 2023Date of Patent: January 28, 2025Assignee: Splunk Inc.Inventor: Michael Dickey
-
Patent number: 12204437Abstract: Techniques, which may be embodied herein as systems, computing devices, methods, algorithms, software, code, computer readable media, or the like, are described herein for comparing a set of metrics generated during a simulated user interaction with a website to metrics generated by observing real user interactions with the website. Simulated user interactions with a website can be used to diagnose a website's performance issues, but it can be difficult to determine whether the simulated interactions reflect the experience of real users. In addition, the simulated user interactions can be challenging to contextualize because the number of observed real user interactions may significantly outnumber the simulated interactions. A graphical user interface can help with the interpretation of these website interactions by using the real user interactions to properly contextualize the simulated results.Type: GrantFiled: January 31, 2023Date of Patent: January 21, 2025Assignee: SPLUNK Inc.Inventors: Aditya Bhandari, Khawar Deen, William Matthew Hoffman, Nicholas Owen Pierson, Seerut Sidhu, Harnit Singh
-
Patent number: 12204531Abstract: The disclosed embodiments provide a method and system for processing network data. During operation, the system obtains one or more event streams from one or more remote capture agents over one or more networks, wherein the one or more event streams include event data generated from network packets captured by the one or more remote capture agents. Next, the system applies one or more transformations to the one or more event streams to obtain transformed event data from the event data. The system then enables querying of the transformed event data.Type: GrantFiled: March 23, 2022Date of Patent: January 21, 2025Assignee: Splunk Inc.Inventor: Michael Dickey