-
公开(公告)号:US11562023B1
公开(公告)日:2023-01-24
申请号:US15967585
申请日:2018-04-30
Applicant: Splunk Inc.
Inventor: Alexandros Batsakis , Sourav Pal , Sai Krishna Sajja , Hasan Alayli , Vishal Patel , Igor Stojanovski , Eric Woo , Steve Wong , Tameem Anwar
IPC: G06F16/901 , G06F3/06 , G06F16/23 , G06F16/27
Abstract: Systems and methods are disclosed for processing and executing queries in a data intake and query system. An indexing system of the data intake and query system receives data and stores at least a portion of it in buckets, which are then stored in a shared storage system. The indexing system merges multiple buckets to generate merged buckets and uploads the merged buckets to the shared storage system.
-
公开(公告)号:US11436116B1
公开(公告)日:2022-09-06
申请号:US16778511
申请日:2020-01-31
Applicant: Splunk Inc.
Inventor: Alexandros Batsakis , Mehul Goyal , Ashish Mathew , Douglas Rapp , Igor Stojanovski , Eric Woo
IPC: G06F11/00 , G06F11/30 , G06F16/182 , G06F11/32 , G06F16/17
Abstract: Systems and methods are described for improving data availability and/or resiliency of indexers of a data intake and query system. A data intake and query system can index large amounts of data using one or more indexers. An indexer can store a copy of the data that the indexer is assigned to process in the shared storage system, and a cluster master can track the storage of the data and the indexer assigned to process the data. In the event an indexer fails or is otherwise unable to index data that it has been assigned to index, the cluster master can assign one or more second indexers to process the data. The second indexer can download the data from the shared storage system.
-
公开(公告)号:US10178152B2
公开(公告)日:2019-01-08
申请号:US15143472
申请日:2016-04-29
Applicant: Splunk Inc.
Inventor: Ledion Bitincka , Vishal Patel , Geoffrey Hendrey , Eric Woo
Abstract: In a computer-implemented method for configuring a distributed computer system comprising a plurality of nodes of a plurality of node classes, configuration files for a plurality of nodes of each of the plurality of node classes are stored in a central repository. The configuration files include information representing a desired system state of the distributed computer system, and the distributed computer system operates to keep an actual system state of the distributed computer system consistent with the desired system state. The plurality of node classes includes forwarder nodes for receiving data from an input source, indexer nodes for indexing the data, and search head nodes for searching the data. Responsive to receiving changes to the configuration files, the changes are propagated to nodes of the plurality of nodes impacted by the changes based on a node class of the nodes impacted by the changes.
-
公开(公告)号:US12189624B1
公开(公告)日:2025-01-07
申请号:US18162622
申请日:2023-01-31
Applicant: Splunk Inc.
Inventor: Liang Han , Vishal Patel , Sundar R. Vasan , Eric Woo
IPC: G06F16/2453 , G06F16/2458
Abstract: Embodiments described herein are directed to facilitating management and storage of configurations. In one embodiment, a request to provide configurations associated with a user-application pair is identified. Based on the user-application pair, a user-defined configuration cache is accessed to obtain user-defined configurations, an application-defined configuration cache is accessed to obtain application-defined configurations, and a system-defined configuration cache is accessed to obtain system-defined configurations. Thereafter, at least a portion of the user-defined configurations, the application-defined configurations, and the system-defined configurations are aggregated or merged to generate a set of configurations associated with the user-application pair. Such a set of configurations associated with the user-application pair are provided for use in performing a task.
-
公开(公告)号:US11829415B1
公开(公告)日:2023-11-28
申请号:US16778427
申请日:2020-01-31
Applicant: Splunk Inc.
Inventor: Alexandros Batsakis , Mehul Goyal , Ashish Mathew , Douglas Rapp , Igor Stojanovski , Eric Woo
IPC: G06F17/00 , G06F16/901 , G06F16/953 , G06F16/906 , G06F16/9035
CPC classification number: G06F16/901 , G06F16/906 , G06F16/9035 , G06F16/953
Abstract: Systems and methods are described for improving data availability and/or resiliency of indexers of a data intake and query system. Due to a lag between the time at which data is received and the time at which the data is available for searching, the data intake and query system may receive a query indicating that received (but unavailable for search) data is to be included as part of the query. A cluster master can dynamically track what data is available for searching by different indexers and map the data to filter criteria using a bucket map identifier. When a search head receives a query, it can request a bucket map identifier from the cluster master and send the bucket map identifier to the indexers that will be executing the query. The indexers can use the bucket map identifier to request the individual buckets that they are assigned to search.
-
Patent Agency Ranking
公开(公告)号:US20190098071A1
公开(公告)日:2019-03-28
申请号:US16202990
申请日:2018-11-28
Applicant: Splunk Inc.
Inventor: Ledion Bitincka , Vishal Patel , Geoffrey Hendrey , Eric Woo
CPC classification number: H04L67/06 , H04L29/08072 , H04L41/0813 , H04L41/0843 , H04L41/0856 , H04L67/34 , H04L69/329
Abstract: In a computer-implemented method for configuring a distributed computer system comprising a plurality of nodes of a plurality of node classes, configuration files for a plurality of nodes of each of the plurality of node classes are stored in a central repository. The configuration files include information representing a desired system state of the distributed computer system, and the distributed computer system operates to keep an actual system state of the distributed computer system consistent with the desired system state. The plurality of node classes includes forwarder nodes for receiving data from an input source, indexer nodes for indexing the data, and search head nodes for searching the data. Responsive to receiving changes to the configuration files, the changes are propagated to nodes of the plurality of nodes impacted by the changes based on a node class of the nodes impacted by the changes.
-
公开(公告)号:US20160034490A1
公开(公告)日:2016-02-04
申请号:US14448919
申请日:2014-07-31
Applicant: SPLUNK INC.
Inventor: Eric Woo
IPC: G06F17/30
CPC classification number: G06F16/178 , G06F16/27 , G06F16/285
Abstract: Replication of search-related configuration customizations across multiple individual configuration files of search heads of a cluster for a consistent user experience. The cluster of search heads may be synchronized such that the search heads operate to receive the configuration or knowledge object customizations from one or more clients. Following synchronization, the respective search heads may display the knowledge object customizations to the one or more clients via a user interface.
Abstract translation: 在集群搜索头的多个单独配置文件之间复制搜索相关的配置自定义,以保持一致的用户体验。 搜索头的集群可以被同步,使得搜索头操作以接收来自一个或多个客户端的配置或知识对象定制。 在同步之后,相应的搜索头可以经由用户界面向一个或多个客户端显示知识对象定制。
-
公开(公告)号:US12003572B1
公开(公告)日:2024-06-04
申请号:US17804260
申请日:2022-05-26
Applicant: SPLUNK INC.
Inventor: Ledion Bitincka , Vishal Patel , Geoffrey Hendrey , Eric Woo
IPC: H04L41/0813 , H04L41/084 , H04L41/0853 , H04L67/00 , H04L67/06 , H04L69/329
CPC classification number: H04L67/06 , H04L41/0813 , H04L41/0843 , H04L41/0856 , H04L67/34 , H04L69/329
Abstract: In a computer-implemented method for configuring a distributed computer system comprising a plurality of nodes of a plurality of node classes, configuration files for a plurality of nodes of each of the plurality of node classes are stored in a central repository. The configuration files include information representing a desired system state of the distributed computer system, and the distributed computer system operates to keep an actual system state of the distributed computer system consistent with the desired system state. The plurality of node classes includes forwarder nodes for receiving data from an input source, indexer nodes for indexing the data, and search head nodes for searching the data. Responsive to receiving changes to the configuration files, the changes are propagated to nodes of the plurality of nodes impacted by the changes based on a node class of the nodes impacted by the changes.
-
公开(公告)号:US11934408B1
公开(公告)日:2024-03-19
申请号:US17665406
申请日:2022-02-04
Applicant: Splunk Inc.
Inventor: Eric Woo
IPC: G06F16/24 , G06F16/2455 , G06F16/2458 , G06F16/248
CPC classification number: G06F16/24564 , G06F16/2477 , G06F16/248
Abstract: Embodiments of the present disclosure are directed to an interactive development environment (IDE) interface that provides historical visualization of queries and query result information iteratively and intuitively. According to an embodiment of the present disclosure, a process is provided to generate visualizations of queries and processed query result information in a single, persistent, integrated display. Each query and resultant search data information is presented iteratively in chronological order, and maintain a persistent, viewable history of a search data exploration session.
-
公开(公告)号:US11416465B1
公开(公告)日:2022-08-16
申请号:US16513378
申请日:2019-07-16
Applicant: Splunk Inc.
Inventor: Tameem Anwar , Alexandros Batsakis , Sai Krishna Sajja , Igor Stojanovski , Eric Woo
Abstract: Systems and methods are described for processing incoming data. The system can receive, from a first partition manager of a data intake and query system, first data that is associated with a first identifier, and can receive, from a second partition manager of the data intake and query system, second data that is associated with a second identifier. The system can process the first data and store first results of said processing the first data in one or more first buckets associated with the first tenant identifier. The system can process the second data and store second results of said processing the second data in one or more second buckets associated with the second tenant identifier.
-
-
-
-
-
-
-
-
-
Search Results
27
records
(took 0.029 seconds)
