The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 28, 2021
Filed:
Jan. 30, 2020
Splunk Inc., San Francisco, CA (US);
Munawar Monzy Merza, Albuquerque, NM (US);
John Coates, Berkeley, CA (US);
James M Hansen, San Ramon, CA (US);
Lucas Murphey, Wadsworth, IL (US);
David Hazekamp, Tinley Park, CA (US);
Michael Kinsley, San Francisco, CA (US);
Alexander Raitz, San Francisco, CA (US);
SPLUNK INC., San Francisco, CA (US);
Abstract
A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.