-
公开(公告)号:US11176146B2
公开(公告)日:2021-11-16
申请号:US16396569
申请日:2019-04-26
申请人: SPLUNK INC.
IPC分类号: G06F16/00 , G06F16/2457 , G06F16/22 , G06F16/24 , G06F16/182 , G06F16/248 , G06F16/33 , G06F16/951 , G06F16/23 , G06F16/2455 , G06F16/2458 , G06F16/9038 , G06F16/9535 , G06F16/9032 , H04L12/24 , H04L29/08
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US10860591B2
公开(公告)日:2020-12-08
申请号:US16193781
申请日:2018-11-16
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
IPC分类号: G06F16/2457 , G06F16/22 , G06F16/24 , G06F16/182 , G06F16/248 , G06F16/33 , G06F16/951 , G06F16/23 , G06F16/2455 , G06F16/2458 , G06F16/9038 , G06F16/9535 , G06F16/9032 , H04L12/24 , H04L29/08
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US20190317943A1
公开(公告)日:2019-10-17
申请号:US16455193
申请日:2019-06-27
申请人: SPLUNK INC.
IPC分类号: G06F16/2457 , G06F16/9032 , H04L12/24 , G06F16/2455 , G06F16/9535 , G06F16/9038 , G06F16/2458 , G06F16/23 , G06F16/951 , G06F16/33 , G06F16/248 , G06F16/182 , G06F16/24 , G06F16/22 , H04L29/08
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US10318535B2
公开(公告)日:2019-06-11
申请号:US15006055
申请日:2016-01-25
申请人: Splunk Inc.
IPC分类号: G06F16/2458 , G06F16/2457 , G06F16/22 , G06F16/24 , G06F16/182 , G06F16/248 , G06F16/33 , G06F16/951 , G06F16/23 , G06F16/2455 , G06F16/9038 , G06F16/9535 , G06F16/9032 , H04L12/24 , H04L29/08
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US20190163721A1
公开(公告)日:2019-05-30
申请号:US16264581
申请日:2019-01-31
申请人: Splunk Inc.
发明人: Steve Yu Zhang
摘要: A method, system, and processor-readable storage medium are directed towards calculating approximate order statistics on a collection of real numbers. In one embodiment, the collection of real numbers is processed to create a digest comprising hierarchy of buckets. Each bucket is assigned a real number N having P digits of precision and ordinality O. The hierarchy is defined by grouping buckets into levels, where each level contains all buckets of a given ordinality. Each individual bucket in the hierarchy defines a range of numbers—all numbers that, after being truncated to that bucket's P digits of precision, are equal to that bucket's N. Each bucket additionally maintains a count of how many numbers have fallen within that bucket's range. Approximate order statistics may then be calculated by traversing the hierarchy and performing an operation on some or all of the ranges and counts associated with each bucket
-
公开(公告)号:US10235345B2
公开(公告)日:2019-03-19
申请号:US15476899
申请日:2017-03-31
申请人: Splunk Inc.
发明人: Steve Yu Zhang
摘要: A method, system, and processor-readable storage medium are directed towards calculating approximate order statistics on a collection of real numbers. In one embodiment, the collection of real numbers is processed to create a digest comprising hierarchy of buckets. Each bucket is assigned a real number N having P digits of precision and ordinality O. The hierarchy is defined by grouping buckets into levels, where each level contains all buckets of a given ordinality. Each individual bucket in the hierarchy defines a range of numbers—all numbers that, after being truncated to that bucket's P digits of precision, are equal to that bucket's N. Each bucket additionally maintains a count of how many numbers have fallen within that bucket's range. Approximate order statistics may then be calculated by traversing the hierarchy and performing an operation on some or all of the ranges and counts associated with each bucket.
-
公开(公告)号:US10162863B2
公开(公告)日:2018-12-25
申请号:US14530692
申请日:2014-11-01
申请人: Splunk Inc.
发明人: Steve Yu Zhang , Stephen P. Sorkin
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US10061821B2
公开(公告)日:2018-08-28
申请号:US15224657
申请日:2016-07-31
申请人: Splunk Inc.
CPC分类号: G06F16/24578 , G06F16/182 , G06F16/22 , G06F16/2322 , G06F16/24 , G06F16/2455 , G06F16/24553 , G06F16/24554 , G06F16/24575 , G06F16/2471 , G06F16/2477 , G06F16/248 , G06F16/334 , G06F16/90328 , G06F16/9038 , G06F16/951 , G06F16/9535 , H04L41/0604 , H04L41/22 , H04L67/1097
摘要: A method, system, and processor-readable storage medium are directed towards generating a report derived from data, such as event data, stored on a plurality of distributed nodes. In one embodiment the analysis is generated using a “divide and conquer” algorithm, such that each distributed node analyzes locally stored event data while an aggregating node combines these analysis results to generate the report. In one embodiment, each distributed node also transmits a list of event data references associated with the analysis result to the aggregating node. The aggregating node may then generate a global ordered list of data references based on the list of event data references received from each distributed node. Subsequently, in response to a user selection of a range of global event data, the report may dynamically retrieve event data from one or more distributed nodes for display according to the global order.
-
公开(公告)号:US09817854B2
公开(公告)日:2017-11-14
申请号:US15007185
申请日:2016-01-26
申请人: Splunk Inc.
CPC分类号: G06F17/30321 , G06F17/30 , G06F17/30457 , G06F17/30477 , G06F17/30554 , G06F17/30595 , G06F17/30864
摘要: Embodiments are directed are towards the transparent summarization of events. Queries directed towards summarizing and reporting on event records may be received at a search head. Search heads may be associated with one more indexers containing event records. The search head may forward the query to the indexers the can resolve the query for concurrent execution. If a query is a collection query, indexers may generate summarization information based on event records located on the indexers. Event record fields included in the summarization information may be determined based on terms included in the collection query. If a query is a stats query, each indexer may generate a partial result set from previously generated summarization information, returning the partial result sets to the search head. Collection queries may be saved and scheduled to run and periodically update the summarization information.
-
公开(公告)号:US20160154832A1
公开(公告)日:2016-06-02
申请号:US15007185
申请日:2016-01-26
申请人: Splunk Inc.
IPC分类号: G06F17/30
CPC分类号: G06F17/30321 , G06F17/30 , G06F17/30457 , G06F17/30477 , G06F17/30554 , G06F17/30595 , G06F17/30864
摘要: Embodiments are directed are towards the transparent summarization of events. Queries directed towards summarizing and reporting on event records may be received at a search head. Search heads may be associated with one more indexers containing event records. The search head may forward the query to the indexers the can resolve the query for concurrent execution. If a query is a collection query, indexers may generate summarization information based on event records located on the indexers. Event record fields included in the summarization information may be determined based on terms included in the collection query. If a query is a stats query, each indexer may generate a partial result set from previously generated summarization information, returning the partial result sets to the search head. Collection queries may be saved and scheduled to run and periodically update the summarization information.
摘要翻译: 实施例针对事件的透明总结。 可以在搜索头收到针对事件记录的总结和报告的查询。 搜索头可能与一个包含事件记录的索引器相关联。 搜索头可以将查询转发给索引器,可以解析用于并发执行的查询。 如果查询是集合查询,则索引器可以基于位于索引器上的事件记录生成摘要信息。 包含在汇总信息中的事件记录字段可以基于收集查询中包含的项来确定。 如果查询是统计查询,则每个索引器可以从先前生成的摘要信息生成部分结果集,将部分结果集返回到搜索头。 收集查询可以保存并计划运行,并定期更新摘要信息。
-
-
-
-
-
-
-
-
-
搜索结果
95 条记录 (耗时 0.033 秒)
