Systems and interactive user interfaces for dynamic retrieval, analysis, and triage of data items
First Claim
1. A computer system configured generate an interactive graphical user interface for accessing, enriching, and analyzing a plurality of raw data items, the computer system comprising:
- one or more computer readable storage devices configured to store;
a plurality of computer executable instructions; and
a plurality of raw data items, wherein a raw data item is associated with one or more attributes, wherein the one or more attributes comprise at least one time-based attribute; and
one or more hardware computer processors in communication with the one or more computer readable storage devices and configured to execute the plurality of computer executable instructions in order to cause the computer system to;
identify a data item lead from the plurality of raw data items;
receive one or more search parameters based at least in part upon an attribute associated with the data item lead;
query the plurality of raw data items based at least in part upon the received search parameters to receive a first group of raw data items; and
generate an interactive graphical user interface to display the first group of raw data items, wherein the interactive graphical user interface comprises;
a plurality of tabs that are each associated with respective subsets of the first group of raw data items, wherein one of the plurality of tabs comprises a currently displayed tab;
a table that includes, in a tabular format, at least a portion of the first group of raw data items associated with the currently displayed tab;
a histogram of at least a portion of the first group of raw data items, wherein raw data items included in the histogram are grouped based at least in part upon shared attribute values of the raw data items, and wherein the raw data items included in the histogram are associated with the currently displayed tab; and
a timeline of at least a portion the first group of raw data items, wherein raw data items included in the timeline are grouped based at least in part upon a time-based attribute of the raw data items, and wherein the raw data items included in the timeline are associated with at least two of the plurality of tabs;
receive, via the interactive graphical user interface, a user selection of at least one shared attribute value associated with the histogram or at least one time-based attribute value associated with the timeline, wherein the user selection indicates a selection of one or more graphical elements representing one or more raw data items displayed in the histogram or timeline; and
in response to the receiving the user selection, update the table, histogram, and timeline such that the table, histogram, and timeline include only raw data items of the first group of raw data items corresponding with the selected at least one shared attribute value or the selected at least one time-based attribute value.
8 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present disclosure relate to a data analysis system that may receive data comprising a plurality of raw data items from one or more data sources, such as a monitoring agent located in a monitored network. The received data may be scored using one or more scoring rules and/or algorithms, with raw data items satisfying a score threshold designated as “data item leads.” Raw data items associated with a data item lead may be searched and displayed to the user via an interactive user interface. The data analysis system may be used to execute searches and additional enrichments against the received raw data items. The data analysis system may group received raw data items based upon shared attribute values. The data analysis system may be used to categorize received data and construct timelines, histograms, and/or other visualizations based upon the various attributes of the raw data items.
938 Citations
20 Claims
-
1. A computer system configured generate an interactive graphical user interface for accessing, enriching, and analyzing a plurality of raw data items, the computer system comprising:
-
one or more computer readable storage devices configured to store; a plurality of computer executable instructions; and a plurality of raw data items, wherein a raw data item is associated with one or more attributes, wherein the one or more attributes comprise at least one time-based attribute; and one or more hardware computer processors in communication with the one or more computer readable storage devices and configured to execute the plurality of computer executable instructions in order to cause the computer system to; identify a data item lead from the plurality of raw data items; receive one or more search parameters based at least in part upon an attribute associated with the data item lead; query the plurality of raw data items based at least in part upon the received search parameters to receive a first group of raw data items; and generate an interactive graphical user interface to display the first group of raw data items, wherein the interactive graphical user interface comprises; a plurality of tabs that are each associated with respective subsets of the first group of raw data items, wherein one of the plurality of tabs comprises a currently displayed tab; a table that includes, in a tabular format, at least a portion of the first group of raw data items associated with the currently displayed tab; a histogram of at least a portion of the first group of raw data items, wherein raw data items included in the histogram are grouped based at least in part upon shared attribute values of the raw data items, and wherein the raw data items included in the histogram are associated with the currently displayed tab; and a timeline of at least a portion the first group of raw data items, wherein raw data items included in the timeline are grouped based at least in part upon a time-based attribute of the raw data items, and wherein the raw data items included in the timeline are associated with at least two of the plurality of tabs; receive, via the interactive graphical user interface, a user selection of at least one shared attribute value associated with the histogram or at least one time-based attribute value associated with the timeline, wherein the user selection indicates a selection of one or more graphical elements representing one or more raw data items displayed in the histogram or timeline; and in response to the receiving the user selection, update the table, histogram, and timeline such that the table, histogram, and timeline include only raw data items of the first group of raw data items corresponding with the selected at least one shared attribute value or the selected at least one time-based attribute value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer-implemented method of generating an interactive graphical user interface for accessing, enriching, and analyzing a plurality of raw data items, the computer-implemented method comprising:
by one or more hardware computer processors configured to execute computer executable instructions; identifying a data item lead from a plurality of raw data items, wherein a raw data item is associated with one or more attributes, wherein the one or more attributes comprise at least one time-based attribute; receiving one or more search parameters based at least in part upon an attribute associated with the data item lead; querying the plurality of raw data items based at least in part upon the received search parameters to receive a first group of raw data items; and generating an interactive graphical user interface to display the first group of raw data items, wherein the interactive graphical user interface comprises; a plurality of tabs that are each associated with respective subsets of the first group of raw data items, wherein one of the plurality of tabs comprises a currently displayed tab; a table that includes, in a tabular format, at least a portion of the first group of raw data items associated with the currently displayed tab; a histogram of at least a portion of the first group of raw data items, wherein raw data items included in the histogram are grouped based at least in part upon shared attribute values of the raw data items, and wherein the raw data items included in the histogram are associated with the currently displayed tab; and a timeline of at least a portion the first group of raw data items, wherein raw data items included in the timeline are grouped based at least in part upon a time-based attribute of the raw data items, and wherein the raw data items included in the timeline are associated with at least two of the plurality of tabs; receiving, via the interactive graphical user interface, a user selection of at least one shared attribute value associated with the histogram or at least one time-based attribute value associated with the timeline, wherein the user selection indicates a selection of one or more graphical elements representing one or more raw data items displayed in the histogram or timeline; and in response to the receiving the user selection, updating the table, histogram, and timeline such that the table, histogram, and timeline include only raw data items of the first group of raw data items corresponding with the selected at least one shared attribute value or the selected at least one time-based attribute value. - View Dependent Claims (17, 18)
-
19. A non-transitory computer-readable storage medium including computer executable instructions that, when executed by a processor, cause the processor to:
-
identify a data item lead from a plurality of raw data items, wherein a raw data item is associated with one or more attributes, wherein the one or more attributes comprise at least one time-based attribute; receive one or more search parameters based at least in part upon an attribute associated with the data item lead; query the plurality of raw data items based at least in part upon the received search parameters to receive a first group of raw data items; and generate an interactive graphical user interface to display the first group of raw data items, wherein the interactive graphical user interface comprises; a plurality of tabs that are each associated with respective subsets of the first group of raw data items, wherein one of the plurality of tabs comprises a currently displayed tab; a table that includes, in a tabular format, at least a portion of the first group of raw data items associated with the currently displayed tab; a histogram of at least a portion of the first group of raw data items, wherein raw data items included in the histogram are grouped based at least in part upon shared attribute values of the raw data items, and wherein the raw data items included in the histogram are associated with the currently displayed tab; and a timeline of at least a portion the first group of raw data items, wherein raw data items included in the timeline are grouped based at least in part upon a time-based attribute of the raw data items, and wherein the raw data items included in the timeline are associated with at least two of the plurality of tabs; receive, via the interactive graphical user interface, a user selection of at least one shared attribute value associated with the histogram or at least one time-based attribute value associated with the timeline, wherein the user selection indicates a selection of one or more graphical elements representing one or more raw data items displayed in the histogram or timeline; and in response to the receiving the user selection, update the table, histogram, and timeline such that the table, histogram, and timeline include only raw data items of the first group of raw data items corresponding with the selected at least one shared attribute value or the selected at least one time-based attribute value. - View Dependent Claims (20)
-
Specification