US 11,676,072 B1
Interface for incorporating user feedback into training of clustering model
Ramkumar Chandrasekharan, Saratoga, CA (US); William Deaderick, Austin, TX (US); Lila Fridley, San Francisco, CA (US); Ramprasad Siva Golla, San Jose, CA (US); and Shailendra Suryawanshi, San Ramon, CA (US)
Assigned to SPLUNK INC., San Francisco, CA (US)
Filed by Splunk Inc., San Francisco, CA (US)
Filed on Jan. 29, 2021, as Appl. No. 17/163,212.
Int. Cl. G06F 7/00 (2006.01); G06N 20/00 (2019.01); G06F 3/0482 (2013.01); G06F 3/0486 (2013.01); G06F 16/28 (2019.01)
CPC G06N 20/00 (2019.01) [G06F 3/0482 (2013.01); G06F 3/0486 (2013.01); G06F 16/285 (2019.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
obtaining a set of events, each event representing machine data generated based on operation of a computing system;
clustering the events into episodes using a clustering algorithm applied to content of the events, wherein each episode corresponds to a subset of events clustered together according to similarities between events of the subset;
in response to user input indicating that an event of a first episode, specified by the user input is to be relocated to a second episode specified by the user input, generating, for each respective event of the second episode, a pairwise binary similarity label between the event of the first episode and the respective event of the second episode, wherein the pairwise binary similarity label indicates that the event of the first episode and the respective event of the second episode are to be clustered together;
applying the generated pairwise binary similarity labels to the clustering algorithm to generate a trained clustering model; and
applying the trained clustering model to subsequent events to group the events into episodes.