Patent application number | Description | Published |
20140074850 | VISUALIZATION OF DATA FROM CLUSTERS - Embodiments are directed towards the visualization of machine data received from computing clusters. Embodiments may enable improved analysis of computing cluster performance, error detection, troubleshooting, error prediction, or the like. Individual cluster nodes may generate machine data that includes information and data regarding the operation and status of the cluster node. The machine data is received from each cluster node for indexing by one or more indexing applications. The indexed machine data including the complete data set may be stored in one or more index stores. A visualization application enables a user to select one or more analysis lenses that may be used to generate visualizations of the machine data. The visualization application employs the analysis lens to produce visualizations of the computing cluster machine data. | 03-13-2014 |
20140075327 | VISUALIZATION OF DATA FROM CLUSTERS - Embodiments are directed towards the visualization of machine data received from computing clusters. Embodiments may enable improved analysis of computing cluster performance, error detection, troubleshooting, error prediction, or the like. Individual cluster nodes may generate machine data that includes information and data regarding the operation and status of the cluster node. The machine data is received from each cluster node for indexing by one or more indexing applications. The indexed machine data including the complete data set may be stored in one or more index stores. A visualization application enables a user to select one or more analysis lenses that may be used to generate visualizations of the machine data. The visualization application employs the analysis lens to produce visualizations of the computing cluster machine data. | 03-13-2014 |
20150039651 | TEMPLATES FOR DEFINING FIELDS IN MACHINE DATA - A field extraction template simplifies the creation of field extraction rules by providing a user with a set of field names commonly assigned to a certain type of data, as well as guidance on how to extract values for those fields. These field extraction rules, in turn, facilitate access to certain “chunks” of the data, or to information derived from those chunks, through named fields. A field extraction template comprises at least a set of field names and ordering data for the field names. The ordering data indicates index positions that are associated with at least some of the field names. A delimiter is specified for splitting data items into arrays of chunks. The chunk of a data item that belongs to a given field name is the chunk whose position within the item's array of chunks is equivalent to the index position associated with the given field name. | 02-05-2015 |
20150227847 | Predictive Analysis of Event Patterns in Machine Data - Embodiments are directed towards the visualization of machine data received from computing clusters. Embodiments may enable improved analysis of computing cluster performance, error detection, troubleshooting, error prediction, or the like. Individual cluster nodes may generate machine data that includes information and data regarding the operation and status of the cluster node. The machine data is received from each cluster node for indexing by one or more indexing applications. The indexed machine data including the complete data set may be stored in one or more index stores. A visualization application enables a user to select one or more analysis lenses that may be used to generate visualizations of the machine data. The visualization application employs the analysis lens to produce visualizations of the computing cluster machine data. | 08-13-2015 |
Patent application number | Description | Published |
20130326620 | INVESTIGATIVE AND DYNAMIC DETECTION OF POTENTIAL SECURITY-THREAT INDICATORS FROM EVENTS IN BIG DATA - A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats. | 12-05-2013 |
20150035822 | Dockable Billboards For Labeling Objects In A Display Having A Three-Dimensional Perspective Of A Virtual or Real Environment - A system and method that allows a user to view objects in a three-dimensional environment, where one or more of the objects have a data display (e.g., a data billboard, etc.) that shows data about the object. To enhance user experience and to provide relevant contextual data as the user navigates through the three-dimensional environment, the system calculates a location for the user and a location for each object and determines if a relationship between the user frame of reference and each object location satisfies a first criterion. If the first criterion is satisfied, the system is configured to move the data display to the bottom of a viewing area of the three-dimensional environment (e.g. docking the data display to the bottom of the viewing area, etc.). The system may also arrange the data displays in the same order as the objects are perceived by the user in the three-dimensional environment. | 02-05-2015 |
20150035823 | Systems and Methods for Using a Three-Dimensional, First Person Display to Convey Data to a User - Systems and methods according to various embodiments enable a user to view three-dimensional representations of data objects (“nodes”) within a 3D environment from a first person perspective. The system may be configured to allow the user to interact with the nodes by moving a virtual camera through the 3D environment. The nodes may have one or more attributes that may correspond, respectively, to particular static or dynamic values within the data object's data fields. The attributes may include physical aspects of the nodes, such as color, size, or shape. The system may group related data objects within the 3D environment into clusters that are demarked using one or more cluster designators, which may be in the form of a dome or similar feature that encompasses the related data objects. The system may enable multiple users to access the 3D environment simultaneously, or to record their interactions with the 3D environment. | 02-05-2015 |
20160057162 | DETECTION OF POTENTIAL SECURITY THREATS FROM EVENT DATA - A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats. | 02-25-2016 |