&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
			function printpage()
			{
			window.print()
			}
			</script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11818018.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,818,018 B1</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Configuring event streams based on identified security risks</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Fang I. Hsiao,  Berkeley, CA (US);  Clayton S. Ching,  Sunnyvale, CA (US);  Michael R. Dickey,  Palo Alto, CA (US);  Vladimir A. Shcherbakov,  Pleasanton, CA (US);  Nishant Teredesai,  Mountain View, CA (US); and  Cary Glen Noel,  Pleasant Hill, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Splunk Inc.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Splunk Inc.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Jul.  27, 2022, as Appl. No. 17/875,170.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/875,170 is a continuation of application No. 16/670,816, filed on Oct.  31, 2019, granted, now 11,451,453.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/670,816 is a continuation of application No. 14/610,457, filed on Jan.  30, 2015, granted, now 10,523,521, issued on Dec.  31, 2019.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 14/610,457 is a continuation in part of application No. 14/528,898, filed on Oct.  30, 2014, granted, now 9,838,512, issued on Nov.  13, 2018.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 14/528,898 is a continuation in part of application No. 14/253,713, filed on Apr.  15, 2014, granted, now 10,127,273, issued on Dec.  5, 2017.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 41/22</b></i> (2022.01); <i><b>H04L 43/022</b></i> (2022.01); <i><b>H04L 43/045</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 41/22</b></i> (2013.01)&#xa0;[<i><b>H04L 43/022</b></i> (2013.01); <i>H04L 43/045</i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11818018-20231114-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A computer-implemented method comprising:<div class="claim_text">causing display of an interface including an indication of a potential security risk affecting one or more computing resources of a computing environment, wherein the potential security risk is identified based on event data received from a remote capture agent in the computing environment;</div>
                <div class="claim_text">receiving input selecting the potential security risk and requesting generation of additional event data related to the potential security risk, wherein receiving the input causes a configuration server to:<div class="claim_text">generate configuration information to be used by the remote capture agent in the computing environment to generate the additional event data, wherein the additional event data is generated based on network data monitored by the remote capture agent; and</div>
                  <div class="claim_text">send the configuration information to the remote capture agent, wherein the remote capture agent uses the configuration information to generate the additional event data and to send the additional event data to another component for subsequent processing.</div>
                </div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>