US 12,032,637 B2
Single click delta analysis
Matt K. Amel, Campbell, CA (US); Christian Friedrich Beedgen, San Carlos, CA (US); Kumar Saurabh, Menlo Park, CA (US); and Bruno Kurtic, Belmont, CA (US)
Assigned to Sumo Logic, Inc., Redwood City, CA (US)
Filed by Sumo Logic, Inc., Redwood City, CA (US)
Filed on Jul. 22, 2021, as Appl. No. 17/383,066.
Application 17/383,066 is a continuation of application No. 16/872,180, filed on May 11, 2020, granted, now 11,188,619.
Application 16/872,180 is a continuation of application No. 15/406,281, filed on Jan. 13, 2017, granted, now 10,706,127, issued on Jul. 7, 2020.
Claims priority of provisional application 62/278,862, filed on Jan. 14, 2016.
Prior Publication US 2021/0349953 A1, Nov. 11, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 16/951 (2019.01); G06F 16/248 (2019.01); G06F 16/28 (2019.01); G06F 16/245 (2019.01); G06Q 10/06 (2023.01); H04L 9/40 (2022.01); G06F 16/242 (2019.01); G06F 16/2458 (2019.01); H04L 43/0817 (2022.01); H04L 69/22 (2022.01); G06F 16/2455 (2019.01); G06F 21/55 (2013.01); G06F 21/56 (2013.01)
CPC G06F 16/951 (2019.01) [G06F 16/245 (2019.01); G06F 16/248 (2019.01); G06F 16/2428 (2019.01); G06F 16/2462 (2019.01); G06F 16/24568 (2019.01); G06F 16/285 (2019.01); G06F 21/552 (2013.01); G06F 21/566 (2013.01); G06Q 10/06 (2013.01); H04L 43/0817 (2013.01); H04L 63/08 (2013.01); H04L 63/1408 (2013.01); H04L 69/22 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A system, comprising:
one or more processors configured to:
receive, from a user, a first query for status information collected from a plurality of nodes and stored in a data store;
collect the status information from the data store based on the first query;
present the status information on a user interface;
receive, via the user interface, a user request to determine a variance between the collected status information for a first node and the collected status information for other nodes in the plurality of nodes, wherein the status information includes a plurality of logs messages or metrics collected from the first node and a plurality of log messages or metrics collected from the other nodes;
modify, in response to the user request, the first query to obtain a second query for the first node, wherein modifying the first query to obtain the second query comprises rewriting the first query to include a set of operator components for the first node to obtain the second query;
modify the first query to obtain a third query for the other nodes, wherein modifying the first query to obtain the third query comprises rewriting the first query to include a set of operator components for the other nodes to obtain the third query;
receive a first set of status information results and a second set of status information results from the data store in response to performing, respectively, the second query and the third query against data in the data store;
determine a variance between the first set of status information results and the second set of status information results; and
present, via the user interface, information on the variance between the first node and the other nodes; and
a memory coupled to the one or more processors and configured to provide the one or more processors with instructions.