公开(公告)号：US20180007180A1

公开(公告)日：2018-01-04

申请号：US15703209

申请日：2017-09-13

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Christopher Madden Pride

IPC: H04L29/08

CPC classification number: H04L69/329 ,  H04L67/02 ,  H04L67/2804 ,  H04L67/2819 ,  H04L69/326

Abstract: Systems and methods for priority-based processing of messages received from multiple servers. An example method comprises: receiving a plurality of network packets from one or more servers; processing the plurality of network packets to produce a first message associated with a first timestamp and a second message associated with a second timestamp; writing the first message to a first message queue of a plurality of message queues; writing the second message to a second message queue of the plurality of message queues; and retrieving, from the plurality of message queues, the first message and the second message in an order of their respective associated timestamps.

公开(公告)号：US20240386053A1

公开(公告)日：2024-11-21

申请号：US18661319

申请日：2024-05-10

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis ,  Ashish Mathew ,  Christopher Madden Pride ,  Bharath Kishore Reddy Aleti ,  Sourav Pal ,  Arindam Bhattacharjee ,  James Monschke ,  Sai Krishna Sajja ,  Igor Stojanovski ,  Tameem Anwar ,  Paul J. Lucas ,  Eric Woo ,  Steve Wong

IPC: G06F16/901 ,  G06F3/06 ,  G06F16/23 ,  G06F16/27 ,  G06F16/903

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives raw machine data at an indexing system, and stores at least a portion of the raw machine data in buckets using containerized indexing nodes instantiated in a containerized environment. The data intake and query system stores the buckets in a shared storage system.

公开(公告)号：US12118009B2

公开(公告)日：2024-10-15

申请号：US16657916

申请日：2019-10-18

Applicant: Splunk Inc.

Inventor： Arindam Bhattacharjee ,  Sourav Pal ,  Timothy Tully

IPC: G06F16/2458 ,  G06F16/2452

CPC classification number: G06F16/2471 ,  G06F16/24526

Abstract: Systems and methods are described for distributed processing a query in a first query language utilizing a query execution engine intended for single-device execution. While distributed processing provides numerous benefits over single-device processing, distributed query execution engines can be significantly more difficult to develop that single-device engines. Embodiments of this disclosure enable the use of a single-device engine to support distributed processing, by dividing a query into multiple stages, each of which can be executed by multiple, concurrent executions of a single-device engine. Between stages, data can be shuffled between executions of the engine, such that individual executions of the engine are provided with a complete set of records needed to implement an individual stage. Because single-device engines can be significantly less difficult to develop, use of the techniques described herein can enable a distributed system to rapidly support multiple query languages.

公开(公告)号：US20240086471A1

公开(公告)日：2024-03-14

申请号：US18470251

申请日：2023-09-19

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Christopher Pride ,  Arindam Bhattacharjee ,  Xiaowei Wang ,  James Alasdair Robert Hodge ,  Mustafa Ahamed

IPC: G06F16/951 ,  G06F16/21 ,  G06F16/2455 ,  G06F16/2458 ,  G06F16/248 ,  G06F16/25 ,  G06F16/27 ,  G06F16/901 ,  G06F16/903 ,  G06F16/9038 ,  G06F16/904

CPC classification number: G06F16/951 ,  G06F16/211 ,  G06F16/212 ,  G06F16/2455 ,  G06F16/2471 ,  G06F16/248 ,  G06F16/252 ,  G06F16/258 ,  G06F16/27 ,  G06F16/9024 ,  G06F16/90335 ,  G06F16/9038 ,  G06F16/904

Abstract: Disclosed is a data fabric service system that can be implemented in a distributed computer network, such as a data intake and query system. The data index and query system can receive a search query and define a search scheme for applying the search query on distributed data storage systems including internal data storage and external data storage. The data index and query system may provide a portion of the search scheme to a search service of the data fabric service system, which can cause worker nodes of the data fabric service system to perform various functions—including applying the search query to the external data storage based on the portion of the search scheme in order to obtain search results.

公开(公告)号：US11874691B1

公开(公告)日：2024-01-16

申请号：US16000664

申请日：2018-06-05

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis ,  Ashish Mathew ,  Christopher Pride ,  Bharath Kishore Reddy Aleti ,  Sourav Pal ,  Arindam Bhattacharjee ,  James Monschke

IPC: G06F16/2453 ,  G06F16/22

CPC classification number: G06F16/24542 ,  G06F16/2272

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives a query identifying a set of data to be processed and a manner of processing the set of data. The data intake and query system identifies buckets that are to be searched and search nodes to execute the query. The data intake and query system maps the identified buckets to the search nodes and executes the query using the identified bucket and search nodes.

公开(公告)号：US11860874B2

公开(公告)日：2024-01-02

申请号：US18051470

申请日：2022-10-31

Applicant: Splunk Inc.

Inventor： Arindam Bhattacharjee ,  Sourav Pal ,  Christopher Pride

IPC: G06F16/00 ,  G06F16/2455 ,  G06F11/30 ,  G06F7/53 ,  G06F16/27 ,  G06F11/34

CPC classification number: G06F16/24554 ,  G06F7/5324 ,  G06F11/3006 ,  G06F11/3086 ,  G06F11/3433 ,  G06F16/278 ,  G06F2201/835 ,  G06F2201/86

Abstract: Systems and methods are disclosed for processing and executing queries against one or more dataset. As part of processing the query, the system determines whether the query is susceptible to a significantly imbalanced partition. In the event, the query is susceptible to an imbalanced partition, the system monitors the query and determines whether to perform a multi-partitioning determination to avoid a significantly imbalanced partition.

公开(公告)号：US20230315785A1

公开(公告)日：2023-10-05

申请号：US18328607

申请日：2023-06-02

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis ,  Sourav Pal ,  Sai Krishna Sajja ,  Igor Stojanovski ,  Tameem Anwar ,  Paul J. Lucas ,  Eric Woo ,  Steve Wong

IPC: G06F16/901 ,  G06F3/06 ,  G06F16/23 ,  G06F16/27 ,  G06F16/903

CPC classification number: G06F16/901 ,  G06F3/0604 ,  G06F3/0644 ,  G06F3/065 ,  G06F3/0652 ,  G06F3/0656 ,  G06F3/067 ,  G06F3/0653 ,  G06F16/23 ,  G06F16/27 ,  G06F16/903

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives raw machine data at an indexing system, and stores at least a portion of the raw machine data in buckets using containerized indexing nodes instantiated in a containerized environment. The data intake and query system stores the buckets in a shared storage system.

公开(公告)号：US11625404B2

公开(公告)日：2023-04-11

申请号：US16687158

申请日：2019-11-18

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Ashish Mathew ,  Xiaowei Wang ,  Christopher Pride

IPC: G06F16/2455 ,  G06F16/248 ,  G06F16/951

Abstract: The disclosed embodiments include a method performed by a data intake and query system. The method includes receiving a search query by a search head, defining a search process for applying the search query to indexers, delegating a first portion of the search process to indexers and a second portion of the search process to intermediary node(s) communicatively coupled to the search head and the indexers. The first portion can define a search scope for obtaining partial search results of the indexers and the second portion can define operations for combining the partial search results by the intermediary node(s) to produce a combination of the partial search results. The search head then receives the combination of the partial search results, and outputs final search results for the search query, where the final search results are based on the combination of the partial search results.

公开(公告)号：US11620336B1

公开(公告)日：2023-04-04

申请号：US15967582

申请日：2018-04-30

Applicant: Splunk Inc.

Inventor： Alexandros Batsakis ,  Sourav Pal ,  Sai Krishna Sajja ,  Igor Stojanovski ,  Ledion Bitincka ,  John Nguyen

IPC: G06F16/901 ,  G06F3/06 ,  G06F16/27 ,  G06F16/903

Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. The data intake and query system receives raw machine data at an indexing system, and stores at least a portion of the raw machine data in buckets. Based on a determination that the size of multiple buckets satisfies a threshold size, the data intake and query system converts the buckets to non-editable buckets and stores the data in a remote shared storage system.

公开(公告)号：US11615104B2

公开(公告)日：2023-03-28

申请号：US16051215

申请日：2018-07-31

Applicant: Splunk Inc.

Inventor： Sourav Pal ,  Arindam Bhattacharjee

IPC: G06F16/00 ,  G06F16/2458 ,  G06F16/27 ,  G06F16/21 ,  G06F16/951 ,  G06F40/205

Abstract: Systems and methods are disclosed for executing a query that includes an indication to process data managed by an external data system. The system identifies the external data system that manages the data to be processed and generates a subquery for the external data system. The system determines a data ingest estimate and uses the data ingest estimate to generate instructions for one or more worker nodes to receive and process results of the subquery from the external data system.