US 11,886,502 B2
Facilitating event creation via previews
Mitchell Neuman Blank, Jr., San Francisco, CA (US); Leonid Budchenko, San Jose, CA (US); David Carasso, San Rafael, CA (US); Micah James Delfino, San Francisco, CA (US); Johnvey Hwang, San Francisco, CA (US); Stephen Phillip Sorkin, San Francisco, CA (US); and Eric Timothy Woo, San Francisco, CA (US)
Assigned to Splunk Inc., San Francisco, CA (US)
Filed by Splunk Inc., San Francisco, CA (US)
Filed on May 8, 2020, as Appl. No. 16/870,233.
Application 16/870,233 is a continuation of application No. 15/642,062, filed on Jul. 5, 2017, granted, now 10,650,069.
Application 15/642,062 is a continuation of application No. 15/224,655, filed on Jul. 31, 2016, granted, now 9,740,788, issued on Aug. 22, 2017.
Application 15/224,655 is a continuation of application No. 14/929,332, filed on Oct. 31, 2015, granted, now 9,442,981, issued on Sep. 13, 2016.
Application 14/929,332 is a continuation of application No. 14/445,001, filed on Jul. 28, 2014, granted, now 9,208,206, issued on Dec. 8, 2015.
Application 14/445,001 is a continuation of application No. 13/588,939, filed on Aug. 17, 2012, granted, now 8,825,664, issued on Sep. 2, 2014.
Prior Publication US 2020/0311160 A1, Oct. 1, 2020
Int. Cl. G06F 16/901 (2019.01); G06F 16/9535 (2019.01); G06F 16/248 (2019.01); G06F 16/25 (2019.01); G06F 16/31 (2019.01); G06F 16/951 (2019.01); G06F 16/22 (2019.01); G06F 16/2458 (2019.01); G06F 16/2455 (2019.01); G06F 40/205 (2020.01); G06F 3/04842 (2022.01); G06F 3/0482 (2013.01); G06F 3/0485 (2022.01); G06V 10/24 (2022.01); G06V 40/16 (2022.01)
CPC G06F 16/901 (2019.01) [G06F 3/0482 (2013.01); G06F 3/0485 (2013.01); G06F 3/04842 (2013.01); G06F 16/2228 (2019.01); G06F 16/248 (2019.01); G06F 16/2477 (2019.01); G06F 16/24564 (2019.01); G06F 16/252 (2019.01); G06F 16/316 (2019.01); G06F 16/951 (2019.01); G06F 16/9535 (2019.01); G06F 40/205 (2020.01); G06V 10/245 (2022.01); G06V 40/161 (2022.01)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
selecting a first portion of raw data from a set of raw data from at least one data source, the set of raw data including the first portion of raw data and a second portion of raw data different from the first portion of raw data;
causing display of one or more selectable parsing rules;
receiving a first user input selecting a particular parsing rule among the one or more selectable parsing rules, the particular parsing rule to be applied to the first portion of raw data;
parsing the selected first portion of raw data into one or more sets of parsed data using the particular parsing rule, each set of parsed data including raw data from the selected portion of raw data;
causing display, via a graphical user interface, of at least a portion of the one or more sets of parsed data of the selected first portion of raw data;
in response to receiving a second user input indicating the displayed at least the portion of the one or more sets of parsed data is satisfactory, processing raw data from the selected first portion of raw data from the set of raw data using the particular parsing rule to create a first set of searchable, time-stamped events and processing additional raw data from the second portion of raw data of the set of raw data using the particular parsing rule to create a second set of searchable, time-stamped events, wherein the additional raw data from the second portion of raw data is different from the raw data from the selected first portion of raw data; and
storing the first set of searchable, time-stamped events and the second set of searchable, time-stamped events in an index store, wherein the first set of searchable, time-stamped events and the second set of searchable, time-stamped events in the index store are used to service search queries received from a search engine.