| CPC G06F 16/24554 (2019.01) [G06F 9/542 (2013.01); G06F 16/2228 (2019.01)] | 19 Claims |
|
1. A method comprising:
receiving, by an analytics system, an original query request for continual monitoring;
generating, by the analytics system, a data stream object for the original query request;
determining, by the analytics system, a plurality of parameters for the data stream object;
generating, by the analytics system, a query using the original query request and the plurality of parameters;
transmitting, by the analytics system, the query to a search head;
receiving, by the search head in a data intake and query system, the query from the analytics system;
distributing, by the search head, a portion of the query to an indexer for processing the query;
transmitting, by the indexer, bypassing the search head, and to the analytics system, a plurality of events matching the query;
receiving, by the search head, from the indexer, data regarding the plurality of events;
sending, by the search head, the data regarding the plurality of events to the analytics system;
processing, by the analytics system, the plurality of events, wherein processing the plurality of events comprising obtaining an analytics system event count;
comparing the analytics system event count with an event count received from the search head to obtain a comparison result, the event count received from the search head being in the data regarding the plurality of events; and
determining whether data loss exists based on the comparison result.
|