公开(公告)号：US20160321369A1

公开(公告)日：2016-11-03

申请号：US15143579

申请日：2016-04-30

Applicant: Splunk Inc.

Inventor： Alice Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Robichaud ,  Divanny Lamas

IPC: G06F17/30

CPC classification number: G06F16/338 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/24575 ,  G06F16/2477 ,  G06F16/248 ,  G06F16/26 ,  G06F16/334 ,  G06F16/335 ,  G06F16/345 ,  G06F16/9024 ,  G06F16/9535 ,  G06F17/24 ,  G06T11/206 ,  G06T2200/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

Abstract translation: 本公开涉及用于从非结构化数据生成报告的某些系统和方法实施例。 在一个实施例中，一种方法可以包括识别匹配初始搜索查询的标准的事件（每个事件包括与时间相关联的原始机器数据的一部分），标识一组字段，每个字段被定义为一个或多个 识别的事件，导致显示包括一个或多个交互元件的交互式图形用户界面（GUI），使得用户能够定义用于提供与匹配事件有关的信息的报告（每个交互元件能够处理或呈现在 通过GUI接收指示如何报告与匹配事件有关的信息的报告定义，以及基于报告定义生成包括与所述事件相关的信息的报告的报告 匹配事件。

公开(公告)号：US11704341B2

公开(公告)日：2023-07-18

申请号：US16159893

申请日：2018-10-15

Applicant: Splunk Inc.

Inventor： Anirban Rahut ,  Sundar Vasan

IPC: G06F16/28 ,  G06F16/27 ,  G06F16/951

CPC classification number: G06F16/285 ,  G06F16/27 ,  G06F16/951

Abstract: Systems and methods for search result replication in a search head cluster of a data aggregation and analysis system. An example method may comprise maintaining a replication count in a data store associated with at least one of the plurality of search heads, the replication count corresponding to how many of the replicas of the search result are stored in the search head cluster, determining that the replication count is greater than a target replication count, based on determining that the replication count is greater than the target replication count, initiating a deletion of at least one replica of the replicas of the search result from a target search head of the plurality of search heads storing the replicas, receiving an indication that the deletion is complete, and based on receiving the indication that the deletion is complete, decreasing the replication count corresponding to the search result.

公开(公告)号：US10977286B2

公开(公告)日：2021-04-13

申请号：US16034289

申请日：2018-07-12

Applicant: Splunk Inc.

Inventor： Alice Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Robichaud ,  Divanny Lamas

IPC: G06F16/338 ,  G06F16/26 ,  G06F16/248 ,  G06F16/33 ,  G06F16/335 ,  G06F16/34 ,  G06F16/2458 ,  G06F16/901 ,  G06F16/9535 ,  G06F16/2457 ,  G06F40/166 ,  G06F3/0482 ,  G06T11/20 ,  G06F3/0484

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

公开(公告)号：US20180322190A1

公开(公告)日：2018-11-08

申请号：US16034289

申请日：2018-07-12

Applicant: Splunk Inc.

Inventor： Alice Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Robichaud ,  Divanny Lamas

IPC: G06F17/30 ,  G06T11/20 ,  G06F3/0482 ,  G06F17/24 ,  G06F3/0484

CPC classification number: G06F17/30696 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F17/24 ,  G06F17/30528 ,  G06F17/30551 ,  G06F17/30554 ,  G06F17/30572 ,  G06F17/30675 ,  G06F17/30699 ,  G06F17/30719 ,  G06F17/30867 ,  G06F17/30958 ,  G06T11/206 ,  G06T2200/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

公开(公告)号：US20150019537A1

公开(公告)日：2015-01-15

申请号：US14503335

申请日：2014-09-30

Applicant: Splunk Inc.

Inventor： Alice Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Robichaud ,  Divanny Lamas

IPC: G06F17/30 ,  G06F3/0484 ,  G06F3/0481

CPC classification number: G06F16/338 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/24575 ,  G06F16/2477 ,  G06F16/248 ,  G06F16/26 ,  G06F16/334 ,  G06F16/335 ,  G06F16/345 ,  G06F16/9024 ,  G06F16/9535 ,  G06F17/24 ,  G06T11/206 ,  G06T2200/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

Abstract translation: 本公开涉及用于从非结构化数据生成报告的某些系统和方法实施例。 在一个实施例中，一种方法可以包括识别匹配初始搜索查询的标准的事件（每个事件包括与时间相关联的原始机器数据的一部分），标识一组字段，每个字段被定义为一个或多个 识别的事件，导致显示包括一个或多个交互元件的交互式图形用户界面（GUI），使得用户能够定义用于提供与匹配事件有关的信息的报告（每个交互元件能够处理或呈现在 通过GUI接收指示如何报告与匹配事件有关的信息的报告定义，以及基于报告定义生成包括与所述事件相关的信息的报告的报告 匹配事件。

公开(公告)号：US11755634B2

公开(公告)日：2023-09-12

申请号：US16849873

申请日：2020-04-15

Applicant: SPLUNK INC.

Inventor： Alice Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Robichaud ,  Divanny Lamas

IPC: G06F16/33 ,  G06F16/338 ,  G06F16/26 ,  G06F16/248 ,  G06F16/335 ,  G06F16/34 ,  G06F16/2458 ,  G06F16/901 ,  G06F16/9535 ,  G06F16/2457 ,  G06F40/166 ,  G06F3/0482 ,  G06T11/20 ,  G06F3/04842 ,  G06F3/04847

CPC classification number: G06F16/338 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/248 ,  G06F16/2477 ,  G06F16/24575 ,  G06F16/26 ,  G06F16/334 ,  G06F16/335 ,  G06F16/345 ,  G06F16/9024 ,  G06F16/9535 ,  G06F40/166 ,  G06T11/206 ,  G06T2200/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

公开(公告)号：US10387448B2

公开(公告)日：2019-08-20

申请号：US14929089

申请日：2015-10-30

Applicant: Splunk Inc.

Inventor： Da Xu ,  Sundar Vasan ,  Dhruva Kumar Bhagi

IPC: G06F3/06 ,  G06F11/20 ,  G06F11/30 ,  G06F11/32 ,  G06F11/34 ,  G06F16/22 ,  G06F16/27 ,  H04L29/08

Abstract: Techniques and mechanisms are disclosed to increase the availability of summary data within a clustered data intake and query system by replicating the summary data within the cluster. In general, summary data may store “pre-computed” results for one or more search queries and can be used by indexers of a cluster to process subsequent instances of the same search queries. At a high level, replication of summary data within a cluster may include ensuring that each instance of summary data created by an indexer of a cluster is replicated to other indexers within the cluster that store copies of the same grouped subset(s) of data to which the summary data relates. In this manner, if one or more indexers of an indexer cluster fail, other indexers of the cluster can make immediate use of replicated copies of the summary data without re-creating it.

公开(公告)号：US10331720B2

公开(公告)日：2019-06-25

申请号：US15421425

申请日：2017-01-31

Applicant: Splunk Inc.

Inventor： Alice Emily Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Vincent Robichaud ,  Divanny Lamas

IPC: G06F16/338 ,  G06F16/33 ,  G06F16/26 ,  G06F16/248 ,  G06F16/34 ,  G06T11/20 ,  G06F16/335 ,  G06F16/901 ,  G06F3/0482 ,  G06F3/0484 ,  G06F16/2457 ,  G06F16/2458 ,  G06F16/9535 ,  G06F17/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

公开(公告)号：US20170140039A1

公开(公告)日：2017-05-18

申请号：US15421425

申请日：2017-01-31

Applicant: Splunk Inc.

Inventor： Alice Emily Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Vincent Robichaud ,  Divanny Lamas

IPC: G06F17/30 ,  G06F17/24 ,  G06F3/0482

CPC classification number: G06F16/338 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/24575 ,  G06F16/2477 ,  G06F16/248 ,  G06F16/26 ,  G06F16/334 ,  G06F16/335 ,  G06F16/345 ,  G06F16/9024 ,  G06F16/9535 ,  G06F17/24 ,  G06T11/206 ,  G06T2200/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

公开(公告)号：US20160140743A1

公开(公告)日：2016-05-19

申请号：US15007180

申请日：2016-01-26

Applicant: Splunk Inc.

Inventor： Alice Neels ,  Sundar Vasan ,  Simon Fishel ,  Marc Robichaud ,  Divanny Lamas

IPC: G06T11/20 ,  G06F3/0482 ,  G06F17/30

CPC classification number: G06F16/338 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/24575 ,  G06F16/2477 ,  G06F16/248 ,  G06F16/26 ,  G06F16/334 ,  G06F16/335 ,  G06F16/345 ,  G06F16/9024 ,  G06F16/9535 ,  G06F17/24 ,  G06T11/206 ,  G06T2200/24

Abstract: The disclosure relates to certain system and method embodiments for generating reports from unstructured data. In one embodiment, a method can include identifying events matching criteria of an initial search query (each of the events including a portion of raw machine data that is associated with a time), identifying a set of fields, each field defined for one or more of the identified events, causing display of an interactive graphical user interface (GUI) that includes one or more interactive elements enabling a user to define a report for providing information relating to the matching events (each interactive element enabling processing or presentation of information in the matching events using one or more fields in the identified set of fields), receiving, via the GUI, a report definition indicating how to report information relating to the matching events, and generating, based on the report definition, a report including information relating to the matching events.

Abstract translation: 本公开涉及用于从非结构化数据生成报告的某些系统和方法实施例。 在一个实施例中，一种方法可以包括识别匹配初始搜索查询的标准的事件（每个事件包括与时间相关联的原始机器数据的一部分），标识一组字段，每个字段被定义为一个或多个 识别的事件，导致显示包括一个或多个交互元件的交互式图形用户界面（GUI），使得用户能够定义用于提供与匹配事件有关的信息的报告（每个交互元件能够处理或呈现在 通过GUI接收指示如何报告与匹配事件有关的信息的报告定义，以及基于报告定义生成包括与所述事件相关的信息的报告的报告 匹配事件。