The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 11115505 B1

Date of Patent:

Sep. 07, 2021

Filed:

May. 06, 2019

Facilitating custom content extraction rule configuration for remote capture agents

Applicant:

Splunk Inc., San Francisco, CA (US);

Inventors:

Fang I. Hsiao, San Francisco, CA (US);

Clayton S. Ching, San Francisco, CA (US);

Michael R. Dickey, San Francisco, CA (US);

Vladimir A. Shcherbakov, San Francisco, CA (US);

Clint Sharp, San Francisco, CA (US);

Assignee:

Splunk Inc., San Francisco, CA (US);

Attorney:

Nicholson De Vos Webster & Elliott LLP

Primary Examiner:

Ninos Donabed

Int. Cl.

CPC ...

H04L 29/06 (2006.01); H04L 12/26 (2006.01);

U.S. Cl.

CPC ...

H04L 69/22 (2013.01); H04L 43/028 (2013.01); H04L 43/0876 (2013.01);

Abstract

The disclosed embodiments provide a system for extracting custom content from network packets. During operation, the system receives a stream of packets. The system then parses packets in the stream to determine a protocol for each packet. Next, the system applies a custom-content-extraction rule to each packet associated with a target protocol to obtain the extracted content. Then, the system stores the extracted content in events in a data store to facilitate subsequent queries involving the extracted content.

Find Patent Forward Citations