US 10,891,281 B2
Storing events derived from log data and performing a search on the events and data that is not log data
Michael Joseph Baum, Ross, CA (US); R. David Carasso, San Rafael, CA (US); Robin Kumar Das, Redwood City, CA (US); Rory Greene, San Francisco, CA (US); Bradley Hall, Palo Alto, CA (US); Nicholas Christian Mealy, Oakland, CA (US); Brian Philip Murphy, San Francisco, CA (US); Stephen Phillip Sorkin, San Francisco, CA (US); Andre David Stechert, Brooklyn, NY (US); and Erik M. Swan, Piedmont, CA (US)
Assigned to Splunk Inc., San Francisco, CA (US)
Filed by Splunk Inc., San Francisco, CA (US)
Filed on Apr. 26, 2018, as Appl. No. 15/963,740.
Application 15/963,740 is a continuation of application No. 15/661,260, filed on Jul. 27, 2017, granted, now 9,996,571.
Application 15/661,260 is a continuation of application No. 15/420,938, filed on Jan. 31, 2017, granted, now 9,747,316, issued on Aug. 29, 2017.
Application 15/420,938 is a continuation of application No. 14/611,170, filed on Jan. 30, 2015, granted, now 9,594,789, issued on Mar. 14, 2017.
Application 14/611,170 is a continuation of application No. 13/353,135, filed on Jan. 18, 2012, granted, now 9,002,854, issued on Apr. 7, 2015.
Application 13/353,135 is a continuation of application No. 11/868,370, filed on Oct. 5, 2007, granted, now 8,112,425, issued on Feb. 7, 2012.
Claims priority of provisional application 60/828,283, filed on Oct. 5, 2006.
Prior Publication US 2018/0246919 A1, Aug. 30, 2018
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 16/00 (2019.01); G06F 16/22 (2019.01); G06F 16/248 (2019.01); G06F 16/951 (2019.01); G06F 16/23 (2019.01); G06F 16/2458 (2019.01); G06F 16/2455 (2019.01); G06F 16/2457 (2019.01)
CPC G06F 16/2272 (2019.01) [G06F 16/2228 (2019.01); G06F 16/2291 (2019.01); G06F 16/2322 (2019.01); G06F 16/248 (2019.01); G06F 16/2477 (2019.01); G06F 16/24568 (2019.01); G06F 16/24575 (2019.01); G06F 16/24578 (2019.01); G06F 16/951 (2019.01)] 30 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
obtaining log data generated by at least one component in an information processing environment;
obtaining data that is not log data from a real-time monitoring environment;
storing a plurality of events in a data store, wherein each event is derived from at least a portion of the log data and is associated with a time stamp extracted from the log data;
storing the data that is not log data in the data store; and
executing a search on one or more events of the plurality of events and at least a portion of the data that is not log data in the data store.