公开(公告)号：US10956362B1

公开(公告)日：2021-03-23

申请号：US16177358

申请日：2018-10-31

Applicant: SPLUNK INC.

Inventor： Clint Sharp ,  Petter Eriksson ,  Ledion Bitincka ,  Jason Szeto ,  Elizabeth Lin ,  Nima Haddadkaveh

IPC: G06F16/00 ,  G06F16/11 ,  G06F16/22

Abstract: Raw data in distributed servers is divided into groups of data called buckets containing raw data that have timestamps that fall within a specific time range. When a bucket becomes inactive a server can archive the bucket to an external storage system. The external storage system containing archived data may be specified in a search query. Archived data from the external storage system is obtained, processed, and a search performed on the processed archived data using the search query.

公开(公告)号：US10152480B2

公开(公告)日：2018-12-11

申请号：US14611225

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Clint Sharp ,  Petter Eriksson ,  Ledion Bitincka ,  Jason Szeto ,  Elizabeth Lin ,  Nima Haddadkaveh

IPC: G06F17/30

Abstract: Raw data in distributed servers is divided into groups of data called buckets containing raw data that have timestamps that fall within a specific time range. When a bucket becomes inactive a server can archive the bucket to an external storage system. The external storage system containing archived data may be specified in a search query. Archived data from the external storage system is obtained, processed, and a search performed on the processed archived data using the search query.

公开(公告)号：US20180293327A1

公开(公告)日：2018-10-11

申请号：US15479823

申请日：2017-04-05

Applicant: Splunk Inc.

Inventor： Jesse Miller ,  Jason Szeto ,  Jose Solis ,  Jindrich Dinga ,  David Marquardt

IPC: G06F17/30

Abstract: Systems and methods are disclosed for locating data and categorizing a set of data using inverted indexes. The inverted indexes include token entries and field-value pair entries, as well as event references that correspond to events that include raw machine data. Using filter criteria, the inverted indexes are identified. In turn, the inverted indexes are used to identify a set of events that satisfy the filter criteria. The identified set of events are categorized based on categorization criteria and provided for display to a user.

公开(公告)号：US20170270132A1

公开(公告)日：2017-09-21

申请号：US14611227

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Clint Sharp ,  Jesse Miller ,  Jason Szeto ,  Nima Haddadkaveh

IPC: G06F17/30

CPC classification number: G06F16/134 ,  G06F16/148 ,  G06F16/168 ,  G06F16/182

Abstract: A search support system allows a customer to browse data contained in files stored on an external storage system. The search support system allows a customer to specify data processing tasks to be performed on raw data retrieved from a file stored on the external storage system. The customer specifies each data processing task and the search support system performs each task as it is selected by the customer on raw data retrieved from the file. The search support system concurrently displays the results of each data processing task in real time in a graphical user interface. The search support system saves the customer's settings as a late binding schema that can be applied to raw data retrieved from the external storage system in order to parse the raw data and to create, index, and search timestamped events derived from the raw data.

公开(公告)号：US20160224570A1

公开(公告)日：2016-08-04

申请号：US14611225

申请日：2015-01-31

Applicant: Splunk Inc.

Inventor： Clint Sharp ,  Petter Eriksson ,  Ledion Bitincka ,  Jason Szeto ,  Elizabeth Lin ,  Nima Haddadkaveh

IPC: G06F17/30

CPC classification number: G06F17/30073 ,  G06F17/30336 ,  G06F17/30427

Abstract: Raw data in distributed servers is divided into groups of data called buckets containing raw data that have timestamps that fall within a specific time range. When a bucket becomes inactive a server can archive the bucket to an external storage system. The external storage system containing archived data may be specified in a search query. Archived data from the external storage system is obtained, processed, and a search performed on the processed archived data using the search query.

Abstract translation: 分布式服务器中的原始数据被划分为称为存储桶的数据组，其中包含具有落在特定时间范围内的时间戳的原始数据。 当桶变为不活动时，服务器可以将存储桶存储到外部存储系统。 可以在搜索查询中指定包含归档数据的外部存储系统。 获取，处理来自外部存储系统的存档数据，并使用搜索查询对已处理归档数据执行搜索。