Patents Assigned to Splunk Inc.
-
Patent number: 11843528Abstract: One or more lower-tier system monitoring components are installed and operated prior to installing a higher-tier system monitoring component. A lower-tier system may be an individual server, network device, or local area network. A higher-tier system may include an enterprise or organization wide network or service that includes at least a part of the lower-tier system. Once the higher-tier system monitoring component is installed, the higher-tier and lower-tier system monitoring components use an interface to operate with one another to form a single larger instance of an organization wide monitoring system. The combination of the higher-tier system monitoring component and the one or more lower-tier system operating components performs monitoring aspects of the overall information technology environment based at least in part on machine data produced and made searchable to provide monitoring results.Type: GrantFiled: October 22, 2021Date of Patent: December 12, 2023Assignee: Splunk Inc.Inventors: Alan Vincent Hardin, Kan Wu, Arun Ramani, Nicholas Matthew Tankersley, Tristan Fletcher, Alok Bhide
-
Patent number: 11838372Abstract: A method of normalizing URLs associated with a real user session comprises extracting uniform resource locators (URLs) from ingested spans where at least a portion of the URLs comprise unique URL strings. The method also comprises decomposing each of the URLs into a sequence of tokens and grouping together subsets of related URLs. Also, the method comprises representing each subset of related URLs with a normalized URL string.Type: GrantFiled: January 6, 2023Date of Patent: December 5, 2023Assignee: SPLUNK Inc.Inventors: Gergely Danyi, Joseph Ari Ross
-
Patent number: 11835989Abstract: Implementations described herein identify and exploit opportunities for offloading search-time and/or index-time operations to programmed offloading hardware accelerators (POHAs). An event-based data intake and query system is implemented in an enterprise core that is in communication with the POHAs over network interfaces. The system receives search requests associated with search-time operations classified into off-loadable operations and non-off-loadable operations. Non-off-loadable operations are distributed to local processing resources, and off-loadable operations are distributed to the POHAs for offloaded processing. The system can post-process both the locally processed and offload-processed results to generate search results responsive to at least some of the received search requests.Type: GrantFiled: April 21, 2022Date of Patent: December 5, 2023Assignee: SPLUNK Inc.Inventors: Warren Shum, Zefu Dai
-
Patent number: 11838351Abstract: A deployment manager executing in a distributed computing environment generates a user behavior analytics (UBA) deployment to process structured event data. The deployment manager configures a streaming cluster to perform streaming processing on real-time data and configures a batch cluster to perform batch processing on aggregated data. A configuration manager executing in the distributed computing environment interoperates with the deployment manager to update the UBA deployment with user-provided code and configurations that define streaming and batch models, among other things. In this manner, the deployment manager provides a scalable UBA deployment that can be customized, via the configuration manager, by a user.Type: GrantFiled: November 21, 2022Date of Patent: December 5, 2023Assignee: SPLUNK INC.Inventors: Marios Iliofotou, Ravi Bulusu, Ashwin Athalye, Sathya Kavacheri, Shekar Kesarimanglam
-
Patent number: 11836526Abstract: A system receives a time series of data values from instrumented software executing on an external system. Each data value corresponds to a metric of the external system. The system stores a level value representing a current estimate of the time series and a trend value representing a trend in the time series. The level and trend values are based on data in a window having a trailing value. In response to receiving a most recent value, the system updates the level value and the trend value to add an influence of the most recent value and remove an influence of the trailing value. The system forecasts based on the updated level and trend values, and in response to determining that the forecast indicates the potential resource shortage event, takes action.Type: GrantFiled: May 18, 2021Date of Patent: December 5, 2023Assignee: Splunk Inc.Inventor: Joseph Ari Ross
-
Patent number: 11838189Abstract: A time series is created that measures a remaining budget amount for a given time period, where the budget amount indicates a maximum number of occurrences of an event allowed for the given time period. More specifically, the given time period is divided into multiple time intervals. For each time interval, a number of occurrences of the event are calculated and detracted from the remaining budget amount to determine a remaining budget amount at the end of the time interval. These time values and associated remaining budget amounts are used to create the time series. This time series may be monitored in real-time, and actions may be taken to avoid future occurrences of the event in response to determining that the remaining budget amount falls below a threshold.Type: GrantFiled: October 28, 2022Date of Patent: December 5, 2023Assignee: SPLUNK Inc.Inventors: Jeremy Hicks, Todd Leonard DeCapua, Adam James Schalock, Neil Douglas Erkkila, Samuel Halpern, Chad Tripod, Joel Schoenberg, David Connett
-
Patent number: 11836148Abstract: Systems and methods are disclosed for implementing a data stream correlation user interface. The data stream correlation user interface enables users to view information from two sets of records, and identify fields in the two sets of records that can be matched together to “glue” together multiple records. For example, a user may specify that values in an “AcctID” field in one set of records can be matched to values in an “Account_ID” field of a second set of records. Additional identifying fields may be selected, such that multiple values can be chained together. The system can match the records of multiple sets together using designated fields, enabling users to view how many records from one set have a corresponding record in another set.Type: GrantFiled: April 30, 2021Date of Patent: December 5, 2023Assignee: Splunk Inc.Inventors: Paul Boster, Keith Kramer, Cary Noel, Isabelle Park
-
Patent number: 11836869Abstract: Techniques are disclosed for generating a three-dimensional (3D) visualization of data in an extended reality (XR) environment. One embodiment provides a computer-implemented method that includes receiving, via an input device, a repositioning of a first panel displayed within an XR environment and determining that, subsequent to the repositioning, at least one portion of the first panel overlaps with a second panel displayed within the XR environment. The method further includes, subsequent to the determination, generating a first 3D visualization of first data associated with the first panel and second data associated with the second panel. In addition, the method includes causing the first 3D visualization to be displayed within the XR environment.Type: GrantFiled: January 3, 2022Date of Patent: December 5, 2023Assignee: SPLUNK INC.Inventors: Samuel John Angelo Alberico, Jesse Chor, Kelly Kong, Ian Slattery, Glen Wong
-
Patent number: 11836146Abstract: A computer-implemented method of determining indexed fields at query time comprises indexing time-stamped events ingested from a plurality of source types. The time-stamped searchable events compare portions of raw data. The method also comprises generating an index containing each keyword in the time-stamped searchable events and an associated location reference of a respective event in which the keyword appears. Further, the method comprises generating a fields metadata file identifying indexed fields in the time-stamped searchable events for each source type. The fields metadata file comprises reference values for accessing indexed fields associated with each source type from the index. The method also comprises accessing the fields metadata file to identify the indexed fields associated with each source type prior to executing a query.Type: GrantFiled: January 29, 2021Date of Patent: December 5, 2023Assignee: SPLUNK INC.Inventors: Jay A. Pathak, Steve Yu Zhang
-
Patent number: 11836579Abstract: Disclosed is a technique that can be performed by an electronic device. The electronic device can generate time-stamped events, extract training data from the time-stamped events, and send the training data over a network to a remote computer. The electronic device can receive model data generated by the remote computer from the training data by use of a machine learning process, update a local model of the electronic device based on the received model data, and generate an output by processing locally sourced data of the electronic device with the updated local model.Type: GrantFiled: September 17, 2019Date of Patent: December 5, 2023Assignee: SPLUNK INC.Inventors: Pradeep Baliganapalli Nagaraju, Adam Jamison Oliner, Brian Matthew Gilmore, Erick Anthony Dean, Jiahan Wang
-
Patent number: 11829471Abstract: A method is disclosed that includes receiving, at a computing device, an event log including events derived from machine data, and determining a score by comparing an event from the event log with frequent patterns of features. Determining the score includes determining a length of a frequent pattern within the event in the event log and a count of occurrences of the frequent pattern within the events, determining a contribution of the frequent pattern based on the length and the count, determining a penalty for an unmatched feature of the first event based on a cardinality of the events, and averaging the contribution and the penalty to obtain the score. The method further includes issuing an alert identifying the first event as an anomaly using the first score and an anomaly score threshold.Type: GrantFiled: January 18, 2023Date of Patent: November 28, 2023Assignee: Splunk Inc.Inventors: Zhuxuan Jin, George Apostolopoulos
-
Patent number: 11831649Abstract: Embodiments are directed towards a system and method for a cloud-based front end that may abstract and enable access to the underlying cloud-hosted elements and objects that may be part of a multi-tenant application, such as a search application. Search objects may be employed to access indexed objects. An amount of indexed data accessible to a user may be based on an index storage limit selected by the user, such that data that exceeds the index storage limit may continue to be indexed. Also, one or more projects can be elastically scaled for a user to provide resources that may meet the specific needs of each project.Type: GrantFiled: December 5, 2022Date of Patent: November 28, 2023Assignee: SPLUNK INC.Inventors: Robin Kumar Das, Ledio Ago, Declan Gerard Shanaghy, Gaurav Gupta
-
Patent number: 11829378Abstract: A data processing platform generates visualizations for data streams to visually represent a portion of data in the data stream. The platform performs an analysis of a change in values of data contained in the data stream and generates, using a result of the analysis, metadata identifying an insight into the data in the data stream. The insight indicates a characteristic of the change in values. A natural language representation of the insight is generated using the metadata and output for display in association with the visualization.Type: GrantFiled: April 29, 2022Date of Patent: November 28, 2023Assignee: SPLUNK INC.Inventors: Namratha Sreekanta, Nikesh Padakanti, Anudeep Chennupati
-
Patent number: 11829381Abstract: A data intake and query system processes and stores events, which are associated with token identifiers for tokens corresponding to data sources for the messages that the events are generated from. Thus, the data intake and query system can receive a request to provide analyses and visualizations regarding stored events associated with a particular component associated with a plurality of events, such as a data source for the messages from which the plurality of events are generated from. These requests and the resulting visualizations can be customized based on selected tokens and selected components.Type: GrantFiled: July 8, 2022Date of Patent: November 28, 2023Assignee: Splunk Inc.Inventors: Glenn Block, Patrick Ogdin
-
Patent number: 11831523Abstract: A system and computer-implemented is provided for displaying a configurable metric relating to an environment in a graphical display along with a value of the metric calculated over a configurable time period. The metric is used to identify events of interest in the environment based on processing real time machine data from one or more sources. The configurable metric is selected and a corresponding value is calculated based on the events of interest over the configurable time period. The value of the metric may be continuously updated in real time based on receiving additional real-time machine data and displayed in a graphical interface as time progresses. Statistical trends in the value of the metric may also be determined over the configurable time period and displayed in the graphical interface as well as an indication if the value of the metric exceeds a configurable threshold value.Type: GrantFiled: January 13, 2020Date of Patent: November 28, 2023Assignee: SPLUNK INC.Inventors: John Coates, Lucas Murphey, James Hansen, David Hazekamp
-
Patent number: 11829330Abstract: Systems and methods are disclosed for processing data associated with isolated execution environments. A chunk of data associated with an isolated execution environment can include log data and non-log data. At least a portion of the log data can include log data generated by the isolated execution environment. The system can parse the chunk of data to identify the log data and the non-log data and extract at least a portion of the log data from the chunk of data. The extracted data can be further processed to generate one or more events.Type: GrantFiled: December 29, 2021Date of Patent: November 28, 2023Assignee: Splunk Inc.Inventors: Zhimin Liang, Matthew Modestino, David Christopher Baldwin, Marc Andre Chéné, Blaine Wastell
-
Patent number: 11829415Abstract: Systems and methods are described for improving data availability and/or resiliency of indexers of a data intake and query system. Due to a lag between the time at which data is received and the time at which the data is available for searching, the data intake and query system may receive a query indicating that received (but unavailable for search) data is to be included as part of the query. A cluster master can dynamically track what data is available for searching by different indexers and map the data to filter criteria using a bucket map identifier. When a search head receives a query, it can request a bucket map identifier from the cluster master and send the bucket map identifier to the indexers that will be executing the query. The indexers can use the bucket map identifier to request the individual buckets that they are assigned to search.Type: GrantFiled: January 31, 2020Date of Patent: November 28, 2023Assignee: Splunk Inc.Inventors: Alexandros Batsakis, Mehul Goyal, Ashish Mathew, Douglas Rapp, Igor Stojanovski, Eric Woo
-
Patent number: 11829746Abstract: Systems and methods are disclosed for providing a multi-component application, including a first and second component. Functionality of the application may be easily and rapidly modified by modification to the first component, without requiring modification to the second component. The first component may be implemented locally at a client device, while the second component is implemented remotely. While modification of the second component may require privileges of a remote location, a user of a client device may modify the first component while maintaining interoperability and compatibility with the second component, thereby enabling the end user to modify functionality of the multi-component application. In some instances, different versions of a first component are provided, and an end user of a client device is enabled to specify which version of the first component should be used.Type: GrantFiled: January 31, 2022Date of Patent: November 28, 2023Assignee: Splunk Inc.Inventors: Akash Dwivedi, Simon Foster Fishel, Isabelle Park, Vivian Shen, Eric Tschetter, Joshua Walters
-
Patent number: 11831521Abstract: An example method of entity lifecycle management in a service monitoring system includes: receiving, by a software application of a service monitoring system, a policy definition specifying an entity lifecycle management policy, wherein the entity lifecycle management policy defines management rules for a plurality of entities in the network environment, wherein each entity of the plurality of entities is represented by one of: a device, an application, a service, or a user account; identifying, by applying the entity lifecycle management policy to a plurality of active entities, one or more candidate entities for retirement; retiring at least a subset of the one or more candidate entities; and excluding the retired entities from the plurality of active entities, thus preventing the retired entities from interacting with other components of the service monitoring system.Type: GrantFiled: January 28, 2022Date of Patent: November 28, 2023Assignee: Splunk Inc.Inventors: Jeetendra Shashikant Dhake, Ankur Ashok Kath, Ayyappa Muthusami, Jeffrey Wen-Young Shih, Ian Edward Torbett
-
Patent number: D1006042Type: GrantFiled: September 1, 2022Date of Patent: November 28, 2023Assignee: SPLUNK Inc.Inventor: Uladzimir Bahatyrevich
