-
公开(公告)号:US11030229B2
公开(公告)日:2021-06-08
申请号:US15582670
申请日:2017-04-29
申请人: SPLUNK INC.
IPC分类号: G06F7/00 , G06F16/34 , G06F16/242 , G06F16/2458 , G06F40/40 , G06F40/166 , G06F40/174 , G06F3/0484 , H04L29/08
摘要: Embodiments are directed towards real time display of event records and extracted values based on at least one extraction rule, such as a regular expression. A user interface may be employed to enable a user to have an extraction rule automatically generate and/or to manually enter an extraction rule. The user may be enabled to manually edit a previously provided extraction rule, which may result in real time display of updated extracted values. The extraction rule may be utilized to extract values from each of a plurality of records, including event records of unstructured machine data. Statistics may be determined for each unique extracted value, and may be displayed to the user in real time. The user interface may also enable the user to select at least one unique extracted value to display those event records that include an extracted value that matches the selected value.
-
公开(公告)号:US20210004205A1
公开(公告)日:2021-01-07
申请号:US17028755
申请日:2020-09-22
申请人: SPLUNK INC.
IPC分类号: G06F7/24 , G06F16/2458
摘要: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.
-
公开(公告)号:US10831804B2
公开(公告)日:2020-11-10
申请号:US15582671
申请日:2017-04-29
申请人: SPLUNK, Inc.
IPC分类号: G06F16/34 , G06F16/242 , G06F16/2458 , G06F3/0484 , H04L29/08 , G06F40/40 , G06F40/166 , G06F40/174 , G06F17/24 , G06F17/28
摘要: Embodiments are directed towards real time display of event records and extracted values based on at least one extraction rule, such as a regular expression. A user interface may be employed to enable a user to have an extraction rule automatically generate and/or to manually enter an extraction rule. The user may be enabled to manually edit a previously provided extraction rule, which may result in real time display of updated extracted values. The extraction rule may be utilized to extract values from each of a plurality of records, including event records of unstructured machine data. Statistics may be determined for each unique extracted value, and may be displayed to the user in real time. The user interface may also enable the user to select at least one unique extracted value to display those event records that include an extracted value that matches the selected value.
-
公开(公告)号:US20180293051A1
公开(公告)日:2018-10-11
申请号:US16003998
申请日:2018-06-08
申请人: Splunk Inc.
CPC分类号: G06F7/24 , G06F16/2477
摘要: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.
-
公开(公告)号:US20170255601A1
公开(公告)日:2017-09-07
申请号:US15582668
申请日:2017-04-29
申请人: SPLUNK, Inc.
CPC分类号: G06F16/287 , G06F3/0482 , G06F3/04842 , G06F16/248 , G06F16/332 , G06F16/334 , G06F16/338 , G06F16/34 , G06F16/93 , G06F16/951 , G06F17/24 , G06F17/241 , G06F17/243 , G06Q10/00 , G06Q10/0637 , Y04S10/54
摘要: Embodiments are directed towards real time display of event records and extracted values based on at least one extraction rule, such as a regular expression. A user interface may be employed to enable a user to have an extraction rule automatically generate and/or to manually enter an extraction rule. The user may be enabled to manually edit a previously provided extraction rule, which may result in real time display of updated extracted values. The extraction rule may be utilized to extract values from each of a plurality of records, including event records of unstructured machine data. Statistics may be determined for each unique extracted value, and may be displayed to the user in real time. The user interface may also enable the user to select at least one unique extracted value to display those event records that include an extracted value that matches the selected value.
-
公开(公告)号:US20160055214A1
公开(公告)日:2016-02-25
申请号:US14929332
申请日:2015-10-31
申请人: Splunk Inc.
发明人: Mitchell Neuman Blank, JR. , Leonid Budchenko , David Carasso , Micah James Delfino , Johnvey Hwang , Stephen Phillip Sorkin , Eric Timothy Woo
IPC分类号: G06F17/30 , G06F3/0482 , G06F17/27 , G06F3/0484
CPC分类号: G06F17/30867 , G06F3/0482 , G06F3/04842 , G06F3/0485 , G06F17/2705 , G06F17/30321 , G06F17/30507 , G06F17/30551 , G06F17/30554 , G06F17/3056 , G06F17/30619 , G06F17/30864
摘要: Embodiments are directed towards previewing results generated from indexing data raw data before the corresponding index data is added to an index store. Raw data may be received from a preview data source. After an initial set of configuration information may be established, the preview data may be submitted to an index processing pipeline. A previewing application may generate preview results based on the preview index data and the configuration information. The preview results may enable previewing how the data is being processed by the indexing application. If the preview results are not acceptable, the configuration information may be modified. The preview application enables modification of the configuration information until the generated preview results may be acceptable. If the configuration information is acceptable, the preview data may be processed and indexed in one or more index stores.
摘要翻译: 实施例针对在将对应的索引数据添加到索引存储之前预览从索引数据原始数据生成的结果。 可以从预览数据源接收原始数据。 在可以建立一组初始配置信息之后,可以将预览数据提交给索引处理流水线。 预览应用可以基于预览索引数据和配置信息生成预览结果。 预览结果可能可以预览索引应用程序如何处理数据。 如果预览结果不可接受,则可以修改配置信息。 预览应用程序可以修改配置信息,直到生成的预览结果可以接受。 如果配置信息是可接受的,则预览数据可以在一个或多个索引存储中被处理和索引。
-
公开(公告)号:US11119728B2
公开(公告)日:2021-09-14
申请号:US17028755
申请日:2020-09-22
申请人: SPLUNK INC.
IPC分类号: G06F3/048 , G06F7/24 , G06F16/2458
摘要: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.
-
公开(公告)号:US10802797B2
公开(公告)日:2020-10-13
申请号:US16003998
申请日:2018-06-08
申请人: Splunk Inc.
IPC分类号: G06F3/048 , G06F7/24 , G06F16/2458
摘要: Embodiments are directed towards real time display of event records with an indication of previously provided extraction rules. A plurality of extraction rules may be provided to the system, such as automatically generated and/or user created extraction rules. These extraction rules may include regular expressions. A plurality of event records may be displayed to the user, such that text in a field defined by an extraction rule is emphasized in the display of the event record. The same emphasis may be provided for text in overlapping fields, or the emphasis may be somewhat different for different fields. The user interface may enable a user to select a portion of text of an event record, such as by rolling-over or clicking on an emphasized part of the event record. By selecting the portion of the event record, the interface may display each extraction rule associated with the selected portion.
-
公开(公告)号:US10585919B2
公开(公告)日:2020-03-10
申请号:US15582667
申请日:2017-04-29
申请人: SPLUNK, Inc.
IPC分类号: G06F16/28 , G06F3/0484 , G06F3/0482 , G06F16/34 , G06F16/93 , G06F16/248 , G06F16/332 , G06F16/33 , G06F16/338 , G06F16/951 , G06Q10/06 , G06Q10/00 , G06F17/24
摘要: Embodiments are directed towards real time display of event records and extracted values based on at least one extraction rule, such as a regular expression. A user interface may be employed to enable a user to have an extraction rule automatically generate and/or to manually enter an extraction rule. The user may be enabled to manually edit a previously provided extraction rule, which may result in real time display of updated extracted values. The extraction rule may be utilized to extract values from each of a plurality of records, including event records of unstructured machine data. Statistics may be determined for each unique extracted value, and may be displayed to the user in real time. The user interface may also enable the user to select at least one unique extracted value to display those event records that include an extracted value that matches the selected value.
-
公开(公告)号:US20160342696A1
公开(公告)日:2016-11-24
申请号:US15224655
申请日:2016-07-31
申请人: Splunk Inc.
发明人: Mitchell Neuman Blank, JR. , Leonid Budchenko , David Carasso , Micah James Delfino , Johnvey Hwang , Stephen Phillip Sorkin
IPC分类号: G06F17/30 , G06F3/0485 , G06F3/0482 , G06F17/27
CPC分类号: G06F17/30867 , G06F3/0482 , G06F3/04842 , G06F3/0485 , G06F17/2705 , G06F17/30321 , G06F17/30507 , G06F17/30551 , G06F17/30554 , G06F17/3056 , G06F17/30619 , G06F17/30864
摘要: Embodiments are directed towards previewing results generated from indexing data raw data before the corresponding index data is added to an index store. Raw data may be received from a preview data source. After an initial set of configuration information may be established, the preview data may be submitted to an index processing pipeline. A previewing application may generate preview results based on the preview index data and the configuration information. The preview results may enable previewing how the data is being processed by the indexing application. If the preview results are not acceptable, the configuration information may be modified. The preview application enables modification of the configuration information until the generated preview results may be acceptable. If the configuration information is acceptable, the preview data may be processed and indexed in one or more index stores.
摘要翻译: 实施例针对在将对应的索引数据添加到索引存储之前预览从索引数据原始数据生成的结果。 可以从预览数据源接收原始数据。 在可以建立一组初始配置信息之后,可以将预览数据提交给索引处理流水线。 预览应用可以基于预览索引数据和配置信息生成预览结果。 预览结果可能可以预览索引应用程序如何处理数据。 如果预览结果不可接受,则可以修改配置信息。 预览应用程序可以修改配置信息,直到生成的预览结果可以接受。 如果配置信息是可接受的,则预览数据可以在一个或多个索引存储中被处理和索引。
-
-
-
-
-
-
-
-
-
搜索结果
43 条记录 (耗时 0.023 秒)
