-
公开(公告)号:US20190155811A1
公开(公告)日:2019-05-23
申请号:US16193781
申请日:2018-11-16
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
IPC分类号: G06F16/2457 , G06F16/9032 , H04L12/24 , G06F16/2455 , G06F16/9535 , G06F16/9038 , G06F16/2458 , G06F16/23 , G06F16/951 , G06F16/33 , G06F16/248 , G06F16/182 , G06F16/24 , G06F16/22 , H04L29/08
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US10255310B2
公开(公告)日:2019-04-09
申请号:US14530678
申请日:2014-10-31
申请人: Splunk Inc.
IPC分类号: G06F17/30
摘要: A method and system for managing searches of a data set that is partitioned based on a plurality of events. A structure of a search query may be analyzed to determine if logical computational actions performed on the data set is reducible. Data in each partition is analyzed to determine if at least a portion of the data in the partition is reducible. In response to a subsequent or reoccurring search request, intermediate summaries of reducible data and reducible search computations may be aggregated for each partition. Next, a search result may be generated based on at least one of the aggregated intermediate summaries, the aggregated reducible search computations, and a query of adhoc non-reducible data arranged in at least one of the plurality of partitions for the data set.
-
公开(公告)号:US09129028B2
公开(公告)日:2015-09-08
申请号:US14530680
申请日:2014-10-31
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
CPC分类号: G06F17/3053 , G06F17/30194 , G06F17/30312 , G06F17/30353 , G06F17/30386 , G06F17/30477 , G06F17/30483 , G06F17/30486 , G06F17/30528 , G06F17/30545 , G06F17/30551 , G06F17/30554 , G06F17/30675 , G06F17/30864 , G06F17/30867 , G06F17/30973 , G06F17/30991 , H04L41/0604 , H04L41/22 , H04L67/1097
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
摘要翻译: 方法,系统和处理器可读存储介质被引导为生成从存储在多个分布式节点上的诸如事件数据的数据导出的报告。 在一个实施例中,使用“分割和征服”算法生成分析,使得每个分布式节点分析本地存储的事件数据,而聚合节点组合这些分析结果以生成报告。 在一个实施例中,每个分布式节点还将与分析结果相关联的事件数据引用的列表发送到聚合节点。 然后,聚合节点可以基于从每个分布式节点接收的事件数据参考的列表来生成数据引用的全局有序列表。 随后,响应于用户选择一系列全局事件数据,报告可以动态地从一个或多个分布式节点检索事件数据,以便根据全局顺序进行显示。
-
公开(公告)号:US20150058353A1
公开(公告)日:2015-02-26
申请号:US14530678
申请日:2014-10-31
申请人: Splunk Inc.
IPC分类号: G06F17/30
CPC分类号: G06F17/30321 , G06F17/30424 , G06F17/30554 , G06F17/30584 , G06F17/30946
摘要: A method and system for managing searches of a data set that is partitioned based on a plurality of events. A structure of a search query may be analyzed to determine if logical computational actions performed on the data set is reducible. Data in each partition is analyzed to determine if at least a portion of the data in the partition is reducible. In response to a subsequent or reoccurring search request, intermediate summaries of reducible data and reducible search computations may be aggregated for each partition. Next, a search result may be generated based on at least one of the aggregated intermediate summaries, the aggregated reducible search computations, and a query of adhoc non-reducible data arranged in at least one of the plurality of partitions for the data set.
摘要翻译: 一种用于管理基于多个事件划分的数据集的搜索的方法和系统。 可以分析搜索查询的结构以确定对数据集执行的逻辑计算动作是否可减少。 分析每个分区中的数据以确定分区中的数据的至少一部分是否可缩减。 响应于随后或重复出现的搜索请求,可以针对每个分区聚合可缩减数据和可缩减搜索计算的中间摘要。 接下来,可以基于聚合中间摘要,聚合可缩减搜索计算以及排列在用于数据集的多个分区中的至少一个分区中的adhoc不可还原数据的查询中的至少一个来生成搜索结果。
-
公开(公告)号:US20150058325A1
公开(公告)日:2015-02-26
申请号:US14530689
申请日:2014-10-31
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
IPC分类号: G06F17/30
CPC分类号: G06F16/24578 , G06F16/182 , G06F16/22 , G06F16/2322 , G06F16/24 , G06F16/2455 , G06F16/24553 , G06F16/24554 , G06F16/24575 , G06F16/2471 , G06F16/2477 , G06F16/248 , G06F16/334 , G06F16/90328 , G06F16/9038 , G06F16/951 , G06F16/9535 , H04L41/0604 , H04L41/22 , H04L67/1097
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
摘要翻译: 方法,系统和处理器可读存储介质被引导为生成从存储在多个分布式节点上的诸如事件数据的数据导出的报告。 在一个实施例中,使用“分割和征服”算法生成分析,使得每个分布式节点分析本地存储的事件数据,而聚合节点组合这些分析结果以生成报告。 在一个实施例中,每个分布式节点还将与分析结果相关联的事件数据引用的列表发送到聚合节点。 然后,聚合节点可以基于从每个分布式节点接收的事件数据参考的列表来生成数据引用的全局有序列表。 随后,响应于用户选择一系列全局事件数据,报告可以动态地从一个或多个分布式节点检索事件数据,以便根据全局顺序进行显示。
-
公开(公告)号:US20150058326A1
公开(公告)日:2015-02-26
申请号:US14530692
申请日:2014-11-01
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
IPC分类号: G06F17/30
CPC分类号: G06F17/3053 , G06F17/30194 , G06F17/30312 , G06F17/30353 , G06F17/30386 , G06F17/30477 , G06F17/30483 , G06F17/30486 , G06F17/30528 , G06F17/30545 , G06F17/30551 , G06F17/30554 , G06F17/30675 , G06F17/30864 , G06F17/30867 , G06F17/30973 , G06F17/30991 , H04L41/0604 , H04L41/22 , H04L67/1097
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
摘要翻译: 方法,系统和处理器可读存储介质被引导为生成从存储在多个分布式节点上的诸如事件数据的数据导出的报告。 在一个实施例中,使用“分割和征服”算法生成分析,使得每个分布式节点分析本地存储的事件数据,而聚合节点组合这些分析结果以生成报告。 在一个实施例中,每个分布式节点还将与分析结果相关联的事件数据引用的列表发送到聚合节点。 然后,聚合节点可以基于从每个分布式节点接收的事件数据参考的列表来生成数据引用的全局有序列表。 随后,响应于用户选择一系列全局事件数据,报告可以动态地从一个或多个分布式节点检索事件数据,以便根据全局顺序进行显示。
-
公开(公告)号:US10860591B2
公开(公告)日:2020-12-08
申请号:US16193781
申请日:2018-11-16
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
IPC分类号: G06F16/2457 , G06F16/22 , G06F16/24 , G06F16/182 , G06F16/248 , G06F16/33 , G06F16/951 , G06F16/23 , G06F16/2455 , G06F16/2458 , G06F16/9038 , G06F16/9535 , G06F16/9032 , H04L12/24 , H04L29/08
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US10162863B2
公开(公告)日:2018-12-25
申请号:US14530692
申请日:2014-11-01
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US20150058375A1
公开(公告)日:2015-02-26
申请号:US14530680
申请日:2014-10-31
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
CPC分类号: G06F17/3053 , G06F17/30194 , G06F17/30312 , G06F17/30353 , G06F17/30386 , G06F17/30477 , G06F17/30483 , G06F17/30486 , G06F17/30528 , G06F17/30545 , G06F17/30551 , G06F17/30554 , G06F17/30675 , G06F17/30864 , G06F17/30867 , G06F17/30973 , G06F17/30991 , H04L41/0604 , H04L41/22 , H04L67/1097
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
摘要翻译: 方法,系统和处理器可读存储介质被引导为生成从存储在多个分布式节点上的诸如事件数据的数据导出的报告。 在一个实施例中,使用“分割和征服”算法生成分析,使得每个分布式节点分析本地存储的事件数据,而聚合节点组合这些分析结果以生成报告。 在一个实施例中,每个分布式节点还将与分析结果相关联的事件数据引用的列表发送到聚合节点。 然后,聚合节点可以基于从每个分布式节点接收的事件数据参考的列表来生成数据引用的全局有序列表。 随后,响应于用户选择一系列全局事件数据,报告可以动态地从一个或多个分布式节点检索事件数据,以便根据全局顺序进行显示。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.014 秒)
