The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 26, 2023
Filed:
Jul. 20, 2022
Splunk Inc., San Francisco, CA (US);
Sourabh Satish, Fremont, CA (US);
David Wayman, San Francisco, CA (US);
Kavita Varadarajan, Cupertino, CA (US);
Splunk Inc., San Francisco, CA (US);
Abstract
Techniques are described for enabling analysts and other users of an IT operations platform to identify certain data objects managed by the platform (for example, events, files, notes, actions results, etc.) as 'evidence' when such data objects are believed to be of particular significance to an investigation or other matter. For example, an event generated based on data ingested from an anti-virus service and representing a security-related incident might include artifacts indicating an asset identifier, a hash value of a suspected malicious file, a file path on the infected endpoint, and so forth. An analyst can use various interfaces and interface elements of an IT operations platform to indicate which of such events and/or artifacts, if any, represent evidence in the context of the investigation that the analyst is conducting. In response, the IT operations platform can perform various automated actions.