| CPC G06F 16/43 (2019.01) [G06F 16/438 (2019.01)] | 17 Claims |
|
1. A computer-implemented method comprising:
generating a first dataset of events and a second dataset of events,
wherein each event of the first dataset of events corresponds to a portion of non-text machine data, the non-text machine data comprising images, video, audio, or a combination thereof, the events of the first dataset of events generated by:
automatically annotating, via machine learning, the non-text machine data with associated textual annotations using textual content to describe non-context content of the non-text machine data, and
generating the events, of the first dataset of events, using timestamps associated with the non-text machine data and the textual annotations associated with the non-text machine data, and
wherein each event of the second dataset of events includes a portion of raw machine data in textual form and produced by a component within an information technology environment and associated with a timestamp;
receiving, from a client device by a data intake and query system, a query instructing correlation of:
the first dataset of events, with
the second dataset of events;
generating, by the data intake and query system, a representation of a third dataset of combined events, each combined event combining corresponding events from the first and second datasets of events based on the corresponding events including a common field value for a field specified by the query; and
causing, by the data intake and query system, the client device to display a representation of the third dataset including a first combined event to provide a correlation between a first portion of text machine data associated with the second dataset and a first portion of non-text machine data associated with the first dataset; and
causing, by the data intake and query system, the client device to present an alert based on identification of a trigger identified in association with the first combined event.
|