公开(公告)号：US10169434B1

公开(公告)日：2019-01-01

申请号：US15011651

申请日：2016-01-31

Applicant: Splunk, Inc.

Inventor： Glenn Block ,  Patrick Lane Ogdin

IPC: G06F17/30

Abstract: A data intake and query system receives raw machine via an internet protocol (IP) such as the hypertext transfer protocol (HTTP). The system has configurable global settings for the received raw machine data that determine properties such as the metadata that is associated with raw machine data. Each event is associated with a token, which is also configurable and provides settings such as metadata settings for the raw machine data. The raw machine data is stored as events based on the metadata. Electronic devices that generate raw machine data may transmit the raw machine data to the data intake and query system within HTTP messages. The HTTP messages may also include settings such as metadata for the raw machine data. The raw machine data is stored as events based on the global metadata settings, token metadata settings, and HTTP message metadata settings.

公开(公告)号：US10984013B1

公开(公告)日：2021-04-20

申请号：US16189124

申请日：2018-11-13

Applicant: Splunk Inc.

Inventor： Glenn Block ,  Patrick Lane Ogdin

IPC: G06F16/00 ,  G06F16/25 ,  G06F16/22

Abstract: A data intake and query system receives raw machine via an internet protocol (IP) such as the hypertext transfer protocol (HTTP). The system has configurable global settings for the received raw machine data that determine properties such as the metadata that is associated with raw machine data. Each event is associated with a token, which is also configurable and provides settings such as metadata settings for the raw machine data. The raw machine data is stored as events based on the metadata. Electronic devices that generate raw machine data may transmit the raw machine data to the data intake and query system within HTTP messages. The HTTP messages may also include settings such as metadata for the raw machine data. The raw machine data is stored as events based on the global metadata settings, token metadata settings, and HTTP message metadata settings.

公开(公告)号：US20200097484A1

公开(公告)日：2020-03-26

申请号：US16698810

申请日：2019-11-27

Applicant: Splunk Inc.

Inventor： Glenn Block ,  Patrick Lane Ogdin

IPC: G06F16/26 ,  G06F16/951 ,  G06F16/25 ,  G06F16/22 ,  G06F16/248

Abstract: A data intake and query system processes and stores events, which are associated with token identifiers for tokens corresponding to data sources for the messages that the events are generated from. Thus, the data intake and query system can receive a request to provide analyses and visualizations regarding stored events associated with a particular component associated with a plurality of events, such as a data source for the messages from which the plurality of events are generated from. These requests and the resulting visualizations can be customized based on selected tokens and selected components.

公开(公告)号：US10534791B1

公开(公告)日：2020-01-14

申请号：US15011652

申请日：2016-01-31

Applicant: Splunk, Inc.

Inventor： Glenn Block ,  Patrick Lane Ogdin

IPC: G06F16/22 ,  G06F16/26 ,  G06F16/248 ,  G06F16/951 ,  G06F16/25

Abstract: A data intake and query systems processes events received via the hypertext transfer protocol (HTTP). The HTTP events are associated with tokens. The received events are received by event collectors and distributed for storage. The data intake and query system receives requests to provide analyses and visualizations regarding the stored HTTP events. These requests can be customized based on selected tokens and selected data storage components. The visualizations are generated in response to the requests, and transmitted to the requesting device.

公开(公告)号：US09922114B2

公开(公告)日：2018-03-20

申请号：US14610704

申请日：2015-01-30

Applicant: Splunk Inc.

Inventor： Alexander D. Munk ,  Patrick Lane Ogdin

IPC: G06F17/30

CPC classification number: G06F17/30619

Abstract: Provided are systems and methods for causing display of an index management graphical user interface (GUI). In one embodiment, a method can be provided. The method can include causing display of an index management GUI including one or more user editable fields for specifying one or more index settings; receiving, via the one or more user editable fields of the index management GUI, one or more user specified index settings; generating an index definition corresponding to the one or more user specified index settings; and distributing the index definition to one or more indexers of a data processing system. The one or more indexers are able to manage storage of data in one or more indexes based at least in part on the index definition.

公开(公告)号：US12105724B1

公开(公告)日：2024-10-01

申请号：US17225900

申请日：2021-04-08

Applicant: Splunk Inc.

Inventor： Glenn Block ,  Patrick Lane Ogdin

IPC: G06F16/00 ,  G06F16/22 ,  G06F16/25

CPC classification number: G06F16/254 ,  G06F16/2228

Abstract: A data intake and query system receives raw machine via an internet protocol (IP) such as the hypertext transfer protocol (HTTP). The system has configurable global settings for the received raw machine data that determine properties such as the metadata that is associated with raw machine data. Each event is associated with a token, which is also configurable and provides settings such as metadata settings for the raw machine data. The raw machine data is stored as events based on the metadata. Electronic devices that generate raw machine data may transmit the raw machine data to the data intake and query system within HTTP messages. The HTTP messages may also include settings such as metadata for the raw machine data. The raw machine data is stored as events based on the global metadata settings, token metadata settings, and HTTP message metadata settings.

公开(公告)号：US10909151B2

公开(公告)日：2021-02-02

申请号：US15885517

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： Alexander D. Munk ,  Patrick Lane Ogdin

IPC: G06F16/31

Abstract: Provided are systems and methods for causing display of an index management graphical user interface (GUI). In one embodiment, a method can be provided. The method can include causing display of an index management GUI including one or more user editable fields for specifying one or more index settings; receiving, via the one or more user editable fields of the index management GUI, one or more user specified index settings; generating an index definition corresponding to the one or more user specified index settings; and distributing the index definition to one or more indexers of a data processing system. The one or more indexers are able to manage storage of data in one or more indexes based at least in part on the index definition.

公开(公告)号：US20180157737A1

公开(公告)日：2018-06-07

申请号：US15885517

申请日：2018-01-31

Applicant: SPLUNK INC.

Inventor： Alexander D. Munk ,  Patrick Lane Ogdin

IPC: G06F17/30

CPC classification number: G06F16/316

Abstract: Provided are systems and methods for causing display of an index management graphical user interface (GUI). In one embodiment, a method can be provided. The method can include causing display of an index management GUI including one or more user editable fields for specifying one or more index settings; receiving, via the one or more user editable fields of the index management GUI, one or more user specified index settings; generating an index definition corresponding to the one or more user specified index settings; and distributing the index definition to one or more indexers of a data processing system. The one or more indexers are able to manage storage of data in one or more indexes based at least in part on the index definition.

公开(公告)号：US20160224660A1

公开(公告)日：2016-08-04

申请号：US14610704

申请日：2015-01-30

Applicant: Splunk Inc.

Inventor： Alexander D. Munk ,  Patrick Lane Ogdin

IPC: G06F17/30

CPC classification number: G06F17/30619

Abstract: Provided are systems and methods for causing display of an index management graphical user interface (GUI). In one embodiment, a method can be provided. The method can include causing display of an index management GUI including one or more user editable fields for specifying one or more index settings; receiving, via the one or more user editable fields of the index management GUI, one or more user specified index settings; generating an index definition corresponding to the one or more user specified index settings; and distributing the index definition to one or more indexers of a data processing system. The one or more indexers are able to manage storage of data in one or more indexes based at least in part on the index definition.

Abstract translation: 提供了用于引起索引管理图形用户界面（GUI）的显示的系统和方法。 在一个实施例中，可以提供一种方法。 该方法可以包括引起包括用于指定一个或多个索引设置的一个或多个用户可编辑字段的索引管理GUI的显示; 通过索引管理GUI的一个或多个用户可编辑字段接收一个或多个用户指定的索引设置; 生成与所述一个或多个用户指定的索引设置相对应的索引定义; 并将索引定义分发到数据处理系统的一个或多个索引器。 一个或多个索引器能够至少部分地基于索引定义来管理在一个或多个索引中的数据的存储。