Patents Assigned to Splunk Inc.
  • Patent number: 10693742
    Abstract: The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system obtains a set of event streams from one or more remote capture agents over one or more networks, wherein the set of event streams comprises time-series event data generated from network packets captured by the one or more remote capture agents. Next, the system causes for display, within a graphical user interface (GUI), a first set of user interface elements, wherein the first set of user interface elements includes event stream information for an event stream in the set of event streams and a first graph of a metric associated with the time-series event data in the event stream. The system then updates the first graph in real-time with the time-series event data from the one or more remote capture agents.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: June 23, 2020
    Assignee: Splunk Inc.
    Inventors: Fang I. Hsiao, Clayton S. Ching, Michael R. Dickey, Vladimir A. Shcherbakov, Cary Glen Noel
  • Patent number: 10693898
    Abstract: A network connection between a server group of a data intake and query system and each of one or more source network nodes is established. The server group includes an indexer server and a model management server. Source data at the server group is received from at least one of the one or more source network nodes. A model management server detects data constraints for a security model. The data constraints include a data element used by the security model and an availability requirement set. Using the timestamped entries, the data constraints are validated to obtain a validation result. The model management server determines a data availability assessment of the security model based on the validation result. The data availability assessment of the security model is stored in computer storage.
    Type: Grant
    Filed: January 31, 2018
    Date of Patent: June 23, 2020
    Assignee: Splunk Inc.
    Inventors: Marios Iliofotou, Bo Lei, Essam Zaky, Karthik Kannan, George Apostolopoulos, Jeswanth Manikonda, Sitaram Venkatraman
  • Patent number: 10693758
    Abstract: Information technology environment monitoring systems, for example, perform analytics over machine data received from networked entities. Outputs of such a system may be useful to help a user identify a problem and resolve an incident. Inventive aspects enable user interactions to trigger automatic connection with network servers to establish communication channels for conveying analytics and other information related to the problem between and among network nodes participating in the resolution of the problem or incident.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: June 23, 2020
    Assignee: SPLUNK INC.
    Inventors: Asmita Puri, Alan Hardin, Kan Wu, Fang I Hsiao
  • Patent number: 10693900
    Abstract: Techniques are described for analyzing data regarding activity in an IT environment to determine information regarding the entities associated with the activity and using the information to detect anomalous activity that may be indicative of malicious activity. In an embodiment, a plurality of events reflecting activity by a plurality of entities in an IT environment are processed to resolve the identities of the entities, discover how the entities fit within a topology of the IT environment, and determine what the entities are. This information is then used to generate an entity relationship graph that includes nodes representing the entities in the IT environment and edges connecting the nodes representing interaction relationships between the entities. In some embodiments, baselines are established by monitoring the activity between entities. This baseline information can be represented in the entity relationship graph in the form of directionality applied to the edges.
    Type: Grant
    Filed: January 17, 2019
    Date of Patent: June 23, 2020
    Assignee: SPLUNK INC.
    Inventors: Joseph Auguste Zadeh, Rodolfo Soto, George Apostolopoulos, John Clifton Pierce
  • Patent number: 10688394
    Abstract: A system, a method and instructions embodied on a non-transitory computer-readable storage medium that solve a 3D point-in-polygon (PIP) problem is presented. This system projects polygons that comprise a set of polyhedra onto projected polygons in a reference plane. Next, the system projects a data point onto the reference plane, and performs a 2D PIP operation in the reference plane to determine which projected polygons the projected data point falls into. For each projected polygon the projected data point falls into, the system performs a 3D crossing number operation by counting intersections between a ray projected from the corresponding data point in a direction orthogonal to the reference plane and polyhedral faces corresponding to projected polygons, to identify polyhedra the data point falls into. The system then generates a visual representation of the set of polyhedra, wherein each polyhedron is affected by data points that fall into it.
    Type: Grant
    Filed: January 30, 2019
    Date of Patent: June 23, 2020
    Assignee: SPLUNK Inc.
    Inventor: Geoffrey R. Hendrey
  • Patent number: 10691523
    Abstract: Embodiments are directed towards the visualization of machine data received from computing clusters. Embodiments may enable improved analysis of computing cluster performance, error detection, troubleshooting, error prediction, or the like. Individual cluster nodes may generate machine data that includes information and data regarding the operation and status of the cluster node. The machine data is received from each cluster node for indexing by one or more indexing applications. The indexed machine data including the complete data set may be stored in one or more index stores. A visualization application enables a user to select one or more analysis lenses that may be used to generate visualizations of the machine data. The visualization application employs the analysis lens to produce visualizations of the computing cluster machine data.
    Type: Grant
    Filed: July 31, 2016
    Date of Patent: June 23, 2020
    Assignee: Splunk Inc.
    Inventors: Cary Glen Noel, Kirubakaran Pakkirisamy, Alex Raitz, Pierre Tsai
  • Patent number: 10692299
    Abstract: A mobile device is fitted with a camera and an extended reality (XR) software application program executing on a processor within an XR system. Via the XR software application program, various techniques are performed for manipulating virtual objects in an XR environment. In a first technique, the XR software application program facilitates the movement of a virtual object from a first location to a second location. In a second technique, the XR software application program facilitates the rotation of a virtual object. In a third technique, the XR software application program facilitates the scaling of a virtual object along one or more axes.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: June 23, 2020
    Assignee: SPLUNK INC.
    Inventors: Devin Bhushan, Jesse Chor, Glen Wong
  • Patent number: 10693743
    Abstract: Techniques and mechanisms are disclosed that enable collection of various types of data from cloud computing services and the generation of various dashboards and visualizations to view information about collections of cloud computing resources. A user can configure collection of data from one or more cloud computing services and view visualizations using an application platform referred to herein as a cloud computing management application. A cloud computing management application further may be configured to generate and cause display of interactive topology map representations of cloud computing resources based on the collected data, where an interactive topology map enables users to view an intuitive visualization of a collection of computing resources, efficiently cause performance of actions with respect to various resources displayed in the topology map, and analyze the collection of resources in ways that are not possible using conventional cloud computing service management consoles.
    Type: Grant
    Filed: September 21, 2015
    Date of Patent: June 23, 2020
    Assignee: Splunk Inc.
    Inventors: Qianjie Zhong, Geng Qin, Ting Wang, Min Zhang, Micah Delfino, Jef Bekes, D. Randall Young, Cary Noel, Feng Shao, Dritan Bitincka
  • Patent number: 10685001
    Abstract: Embodiments are directed are towards the transparent summarization of events. Queries directed towards summarizing and reporting on event records may be received at a search head. Search heads may be associated with one more indexers containing event records. The search head may forward the query to the indexers the can resolve the query for concurrent execution. If a query is a collection query, indexers may generate summarization information based on event records located on the indexers. Event record fields included in the summarization information may be determined based on terms included in the collection query. If a query is a stats query, each indexer may generate a partial result set from previously generated summarization information, returning the partial result sets to the search head. Collection queries may be saved and scheduled to run and periodically update the summarization information.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: June 16, 2020
    Assignee: Splunk Inc.
    Inventors: David Ryan Marquardt, Stephen Phillip Sorkin, Steve Yu Zhang
  • Patent number: 10684934
    Abstract: A quality score for a computer application release is determined using a first number of unique users who have launched the computer application release on user devices and a second number of unique users who have encountered at least once an abnormal termination with the computer application release on user devices. Additionally or optionally, an application quality score can be computed for a computer application based on quality scores of computer application releases that represent different versions of the computer application. Additionally or optionally, a weighted application quality score can be computed for a computer application by further taking into consideration the average application quality score and popularity of a plurality of computer applications.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: June 16, 2020
    Assignee: Splunk Inc.
    Inventors: Ioannis Vlachogiannis, Vasileios Karampinas
  • Patent number: 10685279
    Abstract: Systems and methods include obtaining a set of events, each event in the set of events comprising a time-stamped portion of raw machine data, the raw machine data produced by one or more components within an information technology or security environment and reflects activity within the information technology or security environment. Thereafter, a first neural network is used to automatically identify variable text to extract as a field from the set of events. An indication of the variable text is provided as a field extraction recommendation, for example, to a user device for presentation to a user.
    Type: Grant
    Filed: January 31, 2017
    Date of Patent: June 16, 2020
    Assignee: SPLUNK Inc.
    Inventors: Adam Jamison Oliner, Nghi Huu Nguyen, Jacob Leverich, Zidong Yang
  • Patent number: 10678767
    Abstract: Methods and apparatus consistent with the invention provide the ability to search and present time series data based on searches. Time series data are sequences of time stamped records occurring in one or more usually continuous streams, representing some type of activity. In one embodiment, time series data is organized into discrete events with normalized time stamps and the events are indexed by time and keyword. A search is received and relevant event information is retrieved based in whole or in part on the time indexing mechanism, keyword indexing mechanism, or statistical indices calculated at the time of the search.
    Type: Grant
    Filed: August 1, 2015
    Date of Patent: June 9, 2020
    Assignee: Splunk Inc.
    Inventors: Michael Joseph Baum, Erik M. Swan, R. David Carasso, Robin Kumar Das, Rory Greene, Bradley Hall, Nicholas Christian Mealy, Brian Philip Murphy, Stephen Phillip Sorkin, Andre David Stechert
  • Patent number: 10678805
    Abstract: Techniques and mechanisms are disclosed that enable a data collection system to adaptively control collection of data from one or more external data sources. At a high level, adaptively controlling collection of data from external data sources may include collecting performance information related to one or more data collection nodes and, in response to analyzing the collected performance information, adapting rates at which the data collection nodes send data collection requests to external data sources. Data collection performance information generally may include, but is not limited to, network traffic data, error messages generated by external data sources and/or data collection nodes, computing device performance information, and any other types of information related to a data collection node's ability to collect data from external data sources.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: June 9, 2020
    Assignee: Splunk Inc.
    Inventors: Ken Chen, Gang Tao, Lai Qiang Ding, Junqing Hao, Ting Wang, Elias Haddad, Dritan Bitincka
  • Patent number: 10678696
    Abstract: Embodiments are disclosed for a prefetching method that may include copying, in response to a search query, a first bucket from a remote storage to a cache. The first bucket may include first data associated with the search query. The method may further include identifying a first file type associated with a first file in the first bucket. The first file may be associated with a usage status. The method may further include accessing, based on the search query, a second bucket from the remote storage. The second bucket may include second data associated with the search query. The method may further include identifying a second file in the second bucket having the first file type, and copying, in response to the usage status indicating that the first file was used in processing the search query, the second file from the remote storage to the cache.
    Type: Grant
    Filed: July 30, 2018
    Date of Patent: June 9, 2020
    Assignee: Splunk, Inc.
    Inventors: Ledion Bitincka, Alexandros Batsakis, Paul J. Lucas, Nicholas Robert Romito
  • Patent number: 10678803
    Abstract: Embodiments of the present disclosure provide a method for performing search queries in a manner that avoids overloading an indexer cluster or indexers with an unwanted or unauthorized high levels of concurrent searches. The method comprises transmitting a slot request from a search head to a cluster master in response to a query, wherein the cluster master is communicatively coupled with an indexer cluster comprising a plurality of indexers. The method further comprises receiving addresses of active indexers in the indexer cluster and a response to the slot request from the cluster master. Responsive to a grant of a slot by the cluster master, the method comprises using the addresses to transmit the query to the active indexers and receiving results of the query from the active indexers. Subsequently, the method comprises releasing the slot to the cluster master.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: June 9, 2020
    Assignee: SPLUNK INC.
    Inventor: Ashish Mathew
  • Patent number: 10678804
    Abstract: Systems and methods are disclosed for cross-system journey modeling based on relation of machine data. An example method includes obtaining information describing a user journey that includes multiple steps, each step corresponding to a query to be applied to one or more field-searchable data stores storing events, each event including a portion of machine data that reflects activity in an information technology environment and that is produced by a component of that information technology environment, and each event being associated with a timestamp extracted from the portion of machine data of that event. Events returned as a result of the query of each step are related. The results of the relating are displayed.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: June 9, 2020
    Assignee: Splunk Inc.
    Inventors: Joerg Beringer, Isabelle Park
  • Patent number: 10679142
    Abstract: Disclosed is a guidance technique that can be applied to guide search and analysis of stored data by a user. The technique can include inputting from a user a portion of a search query expressed in a pipelined search language, at a system for indexing and searching machine data. The system generates and outputs search guidance for the user as the user builds the search query, by applying the portion of the query to an operation flow model, where the operation flow model represents a plurality of searches performable by the system. The operation flow model has been generated based on multi-user historical search data and includes a plurality of states, each representing a different group of related commands of the pipelined search language.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: June 9, 2020
    Assignee: SPLUNK INC.
    Inventor: Archana Sulochana Ganapathi
  • Patent number: 10680914
    Abstract: One or more processing devices derive values indicative of various aspects or characteristics of how a particular service in an information technology (IT) environment is existing or performing at a point in time or for a period of time. The values are derived by a search query over machine data associated with the one or more entities that provide the service. The one or more processing devices determine a value for an aggregate key performance indicator (KPI) for the service to indicate or characterize the service overall from values for each of the various aspects.
    Type: Grant
    Filed: May 5, 2019
    Date of Patent: June 9, 2020
    Assignee: Splunk Inc.
    Inventors: Brian John Bingham, Hemendra Singh Choudhary, Tristan Antonio Fletcher
  • Patent number: 10673880
    Abstract: Techniques are described for processing anomalies detected using user-specified rules with anomalies detected using machine-learning based behavioral analysis models to identify threat indicators and security threats to a computer network. In an embodiment, anomalies are detected based on processing event data at a network security system that used rules-based anomaly detection. These rules-based detected anomalies are acquired by a network security system that uses machine-learning based anomaly detection. The rules-based detected anomalies are processed along with machine learning detected anomalies to detect threat indicators or security threats to the computer network. The threat indicators and security threats are output as alerts to the network security system that used rules-based anomaly detection.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: June 2, 2020
    Assignee: SPLUNK INC.
    Inventors: Robert Winslow Pratt, Ravi Prasad Bulusu
  • Patent number: 10671262
    Abstract: Provided are systems and methods for determining and displaying automatically binned information via a graphical user interface. A graphical user interface (GUI) may include a first graphical element representing a first metric value for a first time window and a second graphical element representing a second metric value for a second time window. An indication of a selection of the first time window may be received via the GUI. An updated GUI comprising a third graphical element representing a third metric value for the third time window and a fourth graphical element representing the fourth metric value for the fourth time window may be displayed, wherein the third time window and the fourth time window may be sub-ranges of the first time window.
    Type: Grant
    Filed: February 1, 2018
    Date of Patent: June 2, 2020
    Assignee: SPLUNK INC.
    Inventors: Nicholas Filippi, Siegfried Puchbauer-Schnabel, Cary Noel