| 发明名称 |
DEFINING A NEW SEARCH BASED ON DISPLAYED GRAPH LANES |
| 摘要 |
A system, method and graphical user interface (GUI) for creating a new correlation search based on a set of displayed graph lanes. The graph lanes may provide graphical visualizations of key performance indicators (KPIs) associated with one or more services and may assist a user in identifying a situation (e.g., problem or a pattern of interest) in the performance of the services. A user may adjust (e.g., add graph lanes, zooming-in) the graph lanes in order to display the situation, at which point the user may submit a request to create a new correlation search to detect if the situation reoccurs. The system may generate the new correlation search by iterating through the set of graph lanes and analyzing the fluctuations of each KPI to determine triggering criteria. The system may then run the correlation search and generate a notable event or alarm when the situation reoccurs. |
| 申请公布号 |
US2016103887(A1) |
申请公布日期 |
2016.04.14 |
| 申请号 |
US201514700110 |
申请日期 |
2015.04.29 |
| 申请人 |
Splunk Inc. |
发明人 |
Fletcher Tristan Antonio;Bhide Alok Anant |
| 分类号 |
G06F17/30 |
主分类号 |
G06F17/30 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method comprising:
causing display of a set of graph lanes corresponding to a plurality of key performance indicators (KPIs) that each indicate how a service is performing during a first period of time, wherein the set of graph lanes illustrate multiple KPI values of the plurality of KPIs during the first period of time; receiving a user request to create a definition of a correlation search based on the set of graph lanes, the correlation search to trigger an action when the plurality of KPIs are within a user-defined range of KPI values illustrated by the graph lanes during a second period of time; and in response to the user request, creating the definition of the correlation search, wherein the creating of the definition of the correlation search comprises: for multiple graph lanes within the set, determining a KPI criterion for a corresponding KPI based on fluctuations in the KPI during the first period of time; generating an aggregate triggering condition using KPI criteria determined for the plurality of KPIs; and adding the aggregate triggering condition to the definition of the correlation search, the definition of the correlation search further comprising data identifying the plurality of KPIs and the action to be triggered when each of the plurality of KPIs satisfies a respective KPI criterion from the aggregate triggering condition during the second period of time; wherein the method is performed by one or more processing devices. |
| 地址 |
San Francisco CA US |
