公开(公告)号：US08589432B2

公开(公告)日：2013-11-19

申请号：US13660707

申请日：2012-10-25

Applicant: Splunk Inc.

Inventor： Steve Yu Zhang ,  Stephen Phillip Sorkin ,  Vishal Patel

IPC: G06F17/30

CPC classification number: G06F17/30516

Abstract: A system arranged to search machine data to generate reports in real time. A search query is provided that includes a plurality of search commands. The search query is parsed to form a main search query and a remote search query. Machine data is collected from remote data sources and evaluated against one of the main and remote search queries to generate a set of search results. The main search query is then evaluated against at least a partial set of the search result to generate at least one report regarding the collected machine data. Initially a search window is pre-populated with historical machine data related to the search query. Over time the historical machine data is replaced with the collected machine data.

公开(公告)号：US20130046783A1

公开(公告)日：2013-02-21

申请号：US13660707

申请日：2012-10-25

Applicant: SPLUNK INC.

Inventor： Steve Yu Zhang ,  Stephen Phillip Sorkin ,  Vishal Patel

IPC: G06F17/30

CPC classification number: G06F17/30516

Abstract: A system arranged to search machine data to generate reports in real time. A search query is provided that includes a plurality of search commands. The search query is parsed to form a main search query and a remote search query. Machine data is collected from remote data sources and evaluated against one of the main and remote search queries to generate a set of search results. The main search query is then evaluated against at least a partial set of the search result to generate at least one report regarding the collected machine data. Initially a search window is pre-populated with historical machine data related to the search query. Over time the historical machine data is replaced with the collected machine data.

Abstract translation: 一种系统，用于搜索机器数据以实时生成报告。 提供了包括多个搜索命令的搜索查询。 解析搜索查询以形成主搜索查询和远程搜索查询。 机器数据从远程数据源收集，并针对主要和远程搜索查询之一进行评估，以生成一组搜索结果。 然后根据搜索结果的至少一部分集合来评估主搜索查询以生成关于所收集的机器数据的至少一个报告。 最初，搜索窗口预先填充与搜索查询相关的历史机器数据。 随着时间的推移，历史机器数据被收集的机器数据所替代。