公开(公告)号：US20230244673A1

公开(公告)日：2023-08-03

申请号：US18192136

申请日：2023-03-29

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Joseph Gabriel Echeverria ,  Eric Sammer

IPC: G06F16/2455 ,  G06F16/2453 ,  G06F16/901 ,  G06F16/903

CPC classification number: G06F16/24568 ,  G06F16/24542 ,  G06F16/901 ,  G06F16/90335

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive disparate data and ingest certain of the data as entries of a data store that is searchable for DIQS query processing. The DIQS may receive queries to process against the received and ingested data via an exposed network interface. In one example embodiment, the DIQS receives a query identifying data to be processed, dynamically generates a query processing scheme based on the state of the data to be processed, such as streaming or at rest, and dynamically communicates the query processing scheme to a query executor based on the state of the data to be processed.

公开(公告)号：US11106681B2

公开(公告)日：2021-08-31

申请号：US16175636

申请日：2018-10-30

Applicant: Splunk, Inc.

Inventor： Adam Oliner ,  Eric Sammer ,  Kristal Curtis ,  Nghi Nguyen

IPC: G06F17/00 ,  G06F16/2455 ,  G06F40/205 ,  G06F16/248 ,  G06N5/04

Abstract: Messages of a first data stream may be accessed from an ingestion buffer in communication with a streaming data processor to receive data from the first data stream. At the streaming data processor and using an inference model, a sourcetype associated with one or more messages from the first data stream may be determined. The one or more messages may include a portion of machine data. Using the streaming data processor, a second data stream may be generated from the first data stream. The second data stream may include a subset of messages from the first data stream. A message of the subset of messages may be included in the second data stream based on a condition associated with the sourcetype for the message. At least one processing operation may be performed on at least one of the subset of messages from the second data stream.

公开(公告)号：US10997180B2

公开(公告)日：2021-05-04

申请号：US15885645

申请日：2018-01-31

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Joseph Gabriel Echeverria ,  Eric Sammer

IPC: G06F16/2455 ,  G06F16/2453 ,  G06F16/901 ,  G06F16/903

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive disparate data and ingest certain of the data as entries of a data store that is searchable for DIQS query processing. The DIQS may receive queries to process against the received and ingested data via an exposed network interface. In one example embodiment, the DIQS receives a query identifying data to be processed, dynamically generates a query processing scheme based on the state of the data to be processed, such as streaming or at rest, and dynamically communicates the query processing scheme to a query executor based on the state of the data to be processed.

公开(公告)号：US10775976B1

公开(公告)日：2020-09-15

申请号：US16148703

申请日：2018-10-01

Applicant: Splunk Inc.

Inventor： Bashar Abdul-Jawad ,  Matthew Dailey ,  Joseph Gabriel Echeverria ,  Arthur Foelsche ,  Eric Sammer ,  Sarah Stanger

IPC: G06F3/00 ,  G06F3/0484 ,  G06F3/0482 ,  G06F16/9535 ,  G06F9/54

Abstract: Systems and methods are described for graphical user interfaces that enable users to graphically design nodes and interconnections of pipelines for preprocessing data later ingested into an indexing system. The preprocessing can include receiving messages published to a first publish-subscribe messaging system, the messages containing raw machine data generated by one or more components in an information technology environment, performing one or more processing operations on at least some of the messages to generate preprocessed messages, republishing the preprocessed messages to a second publish-subscribe messaging system, and providing to the indexing system, a subset of the messages from the second publish-subscribe messaging system. Nodes in the pipeline can specify the preprocessing operations, and interconnections in the pipeline can represent data flow through the nodes of the pipeline.

公开(公告)号：US11645286B2

公开(公告)日：2023-05-09

申请号：US17236925

申请日：2021-04-21

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Joseph Gabriel Echeverria ,  Eric Sammer

IPC: G06F16/2455 ,  G06F16/2453 ,  G06F16/901 ,  G06F16/903

CPC classification number: G06F16/24568 ,  G06F16/24542 ,  G06F16/901 ,  G06F16/90335

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive disparate data and ingest certain of the data as entries of a data store that is searchable for DIQS query processing. The DIQS may receive queries to process against the received and ingested data via an exposed network interface. In one example embodiment, the DIQS receives a query identifying data to be processed, dynamically generates a query processing scheme based on the state of the data to be processed, such as streaming or at rest, and dynamically communicates the query processing scheme to a query executor based on the state of the data to be processed.

公开(公告)号：US11615084B1

公开(公告)日：2023-03-28

申请号：US17175518

申请日：2021-02-12

Applicant: Splunk Inc.

Inventor： Joseph Gabriel Echeverria ,  Arthur Foelsche ,  Eric Sammer ,  Sarah Stanger

IPC: G06F17/30 ,  G06F16/2453 ,  G06F16/14 ,  G05B13/00 ,  G06N5/00 ,  G06N3/00 ,  G06F16/24 ,  G06F16/2455 ,  G06F16/248 ,  G06F16/25 ,  G06F16/178

Abstract: Systems and methods are described for unified processing of indexed and streaming data. A system enables users to query indexed data or specify processing pipelines to be applied to streaming data. In some instances, a user may specify a query intended to be run against indexed data, but may specify criteria that includes not-yet-indexed data (e.g., a future time frame). The system may convert the query into a data processing pipeline applied to not-yet-indexed data, thus increasing the efficiency of the system. Similarly, in some instances, a user may specify a data processing pipeline to be applied to a data stream, but specify criteria including data items outside the data stream. For example, a user may wish to apply the pipeline retroactively, to data items that have already exited the data stream. The system can convert the pipeline into a query against indexed data to satisfy the users processing requirements.

公开(公告)号：US11294941B1

公开(公告)日：2022-04-05

申请号：US16000688

申请日：2018-06-05

Applicant: Splunk Inc.

Inventor： Eric Sammer ,  Sourav Pal ,  Joseph Gabriel Echeverria

IPC: G06F16/00 ,  G06F16/31 ,  G06F16/38 ,  G06F16/951 ,  G06F16/33

Abstract: Systems and methods are described for preprocessing data later ingested into an indexing system. The preprocessing can include receiving messages published to a first publish-subscribe messaging system, the messages containing raw machine data generated by one or more components in an information technology environment, performing one or more processing operations on at least some of the messages to generate preprocessed messages, republishing the preprocessed messages to a second publish-subscribe messaging system, and providing to the indexing system, a subset of the messages from the second publish-subscribe messaging system.

公开(公告)号：US20220004557A1

公开(公告)日：2022-01-06

申请号：US17236925

申请日：2021-04-21

Applicant: Splunk Inc.

Inventor： Alexander Douglas James ,  Joseph Gabriel Echeverria ,  Eric Sammer

IPC: G06F16/2455 ,  G06F16/2453 ,  G06F16/901 ,  G06F16/903

Abstract: Operational machine components of an information technology (IT) or other microprocessor- or microcontroller-permeated environment generate disparate forms of machine data. Network connections are established between these components and processors of data intake and query system (DIQS). The DIQS conducts network transactions on a periodic and/or continuous basis with the machine components to receive disparate data and ingest certain of the data as entries of a data store that is searchable for DIQS query processing. The DIQS may receive queries to process against the received and ingested data via an exposed network interface. In one example embodiment, the DIQS receives a query identifying data to be processed, dynamically generates a query processing scheme based on the state of the data to be processed, such as streaming or at rest, and dynamically communicates the query processing scheme to a query executor based on the state of the data to be processed.

公开(公告)号：US11113353B1

公开(公告)日：2021-09-07

申请号：US16945423

申请日：2020-07-31

Applicant: Splunk Inc.

Inventor： Joseph Gabriel Echeverria ,  Arthur Foelsche ,  Eric Sammer ,  Sarah Stanger

IPC: G06F9/54 ,  G06F16/9535 ,  G06F21/62 ,  H04L29/08 ,  G06F9/451

Abstract: Systems and methods are described for graphical user interfaces that enable users to graphically design nodes and interconnections of pipelines for preprocessing data later ingested into an indexing system. The preprocessing can include receiving messages published to a first publish-sub scribe messaging system, the messages containing raw machine data generated by one or more components in an information technology environment, performing one or more processing operations on at least some of the messages to generate preprocessed messages, republishing the preprocessed messages to a second publish-subscribe messaging system, and providing to the indexing system, a subset of the messages from the second publish-subscribe messaging system. Nodes in the pipeline can specify the preprocessing operations, and interconnections in the pipeline can represent data flow through the nodes of the pipeline.

公开(公告)号：US10761813B1

公开(公告)日：2020-09-01

申请号：US16148736

申请日：2018-10-01

Applicant: Splunk Inc.

Inventor： Joseph Gabriel Echeverria ,  Arthur Foelsche ,  Eric Sammer ,  Sarah Stanger

IPC: G06F9/44 ,  G06F8/34 ,  G06F8/35 ,  G06N5/04 ,  G06N20/00 ,  G06F16/951

Abstract: Systems and methods are described for graphical user interfaces that enable users to graphically design nodes and interconnections of pipelines for preprocessing data later ingested into an indexing system. The preprocessing can include receiving messages published to a first publish-subscribe messaging system, the messages containing raw machine data generated by one or more components in an information technology environment, performing one or more processing operations on at least some of the messages to generate preprocessed messages, republishing the preprocessed messages to a second publish-subscribe messaging system, and providing to the indexing system, a subset of the messages from the second publish-subscribe messaging system. Nodes in the pipeline can specify the preprocessing operations, and interconnections in the pipeline can represent data flow through the nodes of the pipeline.