US 11,657,065 B2
Clustering events while excluding extracted values
Jesse Brandau Miller, San Francisco, CA (US); Katherine Kyle Feeney, San Francisco, CA (US); Yuan Xie, San Francisco, CA (US); Steve Zhang, San Francisco, CA (US); Adam Jamison Oliner, San Francisco, CA (US); Jindrich Dinga, San Francisco, CA (US); and Jacob Leverich, San Francisco, CA (US)
Assigned to Splunk Inc., San Francisco, CA (US)
Filed by SPLUNK INC., San Francisco, CA (US)
Filed on Jan. 26, 2021, as Appl. No. 17/158,880.
Application 17/158,880 is a continuation of application No. 15/276,693, filed on Sep. 26, 2016, granted, now 10,909,140.
Prior Publication US 2021/0149912 A1, May 20, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 16/26 (2019.01)
CPC G06F 16/26 (2019.01) 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
identifying values from events by applying an extraction rule to the events, each event of the events comprising a time stamp and a portion of raw machine data;
clustering the events into a plurality of clusters based on comparisons between the portions of raw machine data of the events, wherein portions of raw machine data that correspond to the values identified using the extraction rule are excluded from the comparisons; and
causing presentation of data corresponding to a cluster of the plurality of clusters.