公开(公告)号：US11042539B2

公开(公告)日：2021-06-22

申请号：US16256775

申请日：2019-01-24

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller

IPC: G06F17/00 ,  G06F16/242 ,  G06F16/9535 ,  G06F16/25

Abstract: In embodiments, method and systems are provided for facilitating identification of field values based on delimiters. In some implementations, a user selection of a delimiter type to use for identifying values within fields is received. The values within fields are generally separated from one another by delimiters. A first set of one or more values from a plurality of events based on the selected delimiter is identified. Further, a second set of one or more values from the plurality of events is identified based on the selected delimiter. The identified first set of one or more values to a first field and the second set of one or more values to a second field. Additional embodiments are described and/or claimed.

公开(公告)号：US10235409B2

公开(公告)日：2019-03-19

申请号：US15009675

申请日：2016-01-28

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller

IPC: G06F17/30

Abstract: In embodiments, method and systems are provided for facilitating identification of field values based on delimiters. In some implementations, a user selection of a delimiter type to use for identifying values within fields is received. The values within fields are generally separated from one another by delimiters. A first set of one or more values from a plurality of events based on the selected delimiter is identified. Further, a second set of one or more values from the plurality of events is identified based on the selected delimiter. The identified first set of one or more values to a first field and the second set of one or more values to a second field. Additional embodiments are described and/or claimed.

公开(公告)号：US11657065B2

公开(公告)日：2023-05-23

申请号：US17158880

申请日：2021-01-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F16/26

CPC classification number: G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US10558651B2

公开(公告)日：2020-02-11

申请号：US15221392

申请日：2016-07-27

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Marc V. Robichaud ,  Cory Eugene Burke

IPC: G06F7/00 ,  G06F17/30 ,  G06F16/242 ,  G06F16/248 ,  G06F16/2455

Abstract: A method includes causing display to a user of at least one event of a first result set from a first pipelined search on events at an event source. Each event comprises a time stamp and a portion of machine data. A selection of a command is received from the user. The selection is to extend the first pipelined search with the selected command in a second pipelined search. The system selects between the first result set and the event source for execution of the second pipelined search based on an analysis of the selected command and at least one command of the first pipelined search. Based on the selecting being of the first result set, display to the user is caused of at least one event of a second result set from the execution of the second pipelined search on the first result set.

公开(公告)号：US20190155807A1

公开(公告)日：2019-05-23

申请号：US16256775

申请日：2019-01-24

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller

IPC: G06F16/242 ,  G06F16/25 ,  G06F16/9535

Abstract: In embodiments, method and systems are provided for facilitating identification of field values based on delimiters. In some implementations, a user selection of a delimiter type to use for identifying values within fields is received. The values within fields are generally separated from one another by delimiters. A first set of one or more values from a plurality of events based on the selected delimiter is identified. Further, a second set of one or more values from the plurality of events is identified based on the selected delimiter. The identified first set of one or more values to a first field and the second set of one or more values to a second field. Additional embodiments are described and/or claimed.

公开(公告)号：US20180089303A1

公开(公告)日：2018-03-29

申请号：US15276693

申请日：2016-09-26

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Katherine Kyle Feeney ,  Yuan Xie ,  Steve Zhang ,  Adam Jamison Oliner ,  Jindrich Dinga ,  Jacob Leverich

IPC: G06F17/30

CPC classification number: G06F16/26

Abstract: Systems and methods include causing presentation of a first cluster in association with an event of the first cluster, the first cluster from a first set of clusters of events. Each event includes a time stamp and event data. Based on the presentation of the first cluster, an extraction rule corresponding to the event of the first cluster is received from a user. Similarities in the event data between the events are determined based on the received extraction rule. The events are grouped into a second set of clusters based on the determined similarities. Presentation is caused of a second cluster in association with an event of the second cluster, where the second cluster is from the second set of clusters.

公开(公告)号：US20180032570A1

公开(公告)日：2018-02-01

申请号：US15221392

申请日：2016-07-27

Applicant: SPLUNK INC.

Inventor： Jesse Brandau Miller ,  Marc V. Robichaud ,  Cory Eugene Burke

IPC: G06F17/30

CPC classification number: G06F16/2425 ,  G06F16/2428 ,  G06F16/2455 ,  G06F16/248

Abstract: A method includes causing display to a user of at least one event of a first result set from a first pipelined search on events at an event source. Each event comprises a time stamp and a portion of machine data. A selection of a command is received from the user. The selection is to extend the first pipelined search with the selected command in a second pipelined search. The system selects between the first result set and the event source for execution of the second pipelined search based on an analysis of the selected command and at least one command of the first pipelined search. Based on the selecting being of the first result set, display to the user is caused of at least one event of a second result set from the execution of the second pipelined search on the first result set.

公开(公告)号：US20170124220A1

公开(公告)日：2017-05-04

申请号：US14929150

申请日：2015-10-30

Applicant: SPLUNK INC.

Inventor： Brian Krueger ,  Katherine Kyle Feeney ,  Andrew E. Robbins ,  Jesse Brandau Miller ,  Elizabeth Dystra-Erickson ,  Jeffrey Thomas Lloyd ,  Cory Eugene Burke ,  Marc V. Robichaud

IPC: G06F17/30

CPC classification number: G06F16/2425

Abstract: In various embodiments, methods and systems for presenting a search interface with search query history based functionality is provided. A search query history store comprising search queries is accessed. The search query history store includes search queries executed in a search computing system. A search query comprises one or more commands. A plurality of search queries retrieved from the search query history store is displayed on the search interface using a placement style. A placement style, such as an indent style, provides a structure for separating and arranging commands of a plurality of search queries displayed. The search interface further provides for receiving a selection of at least a portion of a search query from the plurality of search queries to initiate actions or execute actions based on the selection. The search interface includes a search input interface, such as a search bar, where the selection of the portion of the search query is displayed based on a selected action.