&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12066995.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,066,995 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Generating a query response by combining partial results from separate partitions of event records</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> David Ryan Marquardt,  San Francisco, CA (US);  Stephen Phillip Sorkin,  San Francisco, CA (US); and  Steve Yu Zhang,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  SPLUNK INC.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  SPLUNK INC.,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Sep.  23, 2021, as Appl. No. 17/482,781.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/482,781 is a continuation of application No. 16/451,450, filed on Jun.  25, 2019, granted, now 11,163,738.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 16/451,450 is a continuation of application No. 15/705,875, filed on Sep.  15, 2017, granted, now 10,387,396, issued on Aug.  20, 2019.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/705,875 is a continuation of application No. 15/007,185, filed on Jan.  26, 2016, granted, now 9,817,854, issued on Nov.  14, 2017.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/007,185 is a continuation of application No. 14/815,973, filed on Aug.  1, 2015, granted, now 9,990,386, issued on Jun.  5, 2018.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 14/815,973 is a continuation of application No. 14/170,159, filed on Jan.  31, 2014, granted, now 9,128,985, issued on Sep.  8, 2015.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 14/170,159 is a continuation of application No. 13/756,147, filed on Jan.  31, 2013, granted, now 8,682,925, issued on Mar.  25, 2014.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2022/0012221 A1, Jan.  13, 2022</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 7/00</b></i> (2006.01); <i><b>G06F 16/00</b></i> (2019.01); <i><b>G06F 16/22</b></i> (2019.01); <i><b>G06F 16/2453</b></i> (2019.01); <i><b>G06F 16/2455</b></i> (2019.01); <i><b>G06F 16/248</b></i> (2019.01); <i><b>G06F 16/28</b></i> (2019.01); <i><b>G06F 16/951</b></i> (2019.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 16/2228</b></i> (2019.01)&#xa0;[<i><b>G06F 16/00</b></i> (2019.01); <i><b>G06F 16/24539</b></i> (2019.01); <i><b>G06F 16/2455</b></i> (2019.01); <i><b>G06F 16/248</b></i> (2019.01); <i><b>G06F 16/284</b></i> (2019.01); <i><b>G06F 16/951</b></i> (2019.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12066995-20240820-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method for generating a query response, the method comprising:<div class="claim_text">creating two or more partitions of event records that are field searchable and time-stamped from raw data stored in a data store, wherein each event record in the two or more partitions of event records includes a portion of the raw data and is associated with a time stamp derived from the raw data, wherein each of the two or more partitions of event records are stored at a different one of a plurality of distributed locations in the data store, and wherein each of the plurality of distributed locations is associated with a different indexer that manages a respective partition of event records;</div>
                <div class="claim_text">indexing and storing each event record of each of the two or more partitions of event records;</div>
                <div class="claim_text">generating a respective summarization table for each partition of the two or more partitions that:<div class="claim_text">identifies a field value comprising a value that corresponds to an associated field extracted from a respective record; and</div>
                  <div class="claim_text">for the field value, includes a posting value to the respective event record within a respective partition, wherein the respective event record contains the field value for the associated field;</div>
                </div>
                <div class="claim_text">generating one or more partial results for a received query using summarization tables for the two or more partitions by executing the received query individually across each summarization table for a respective partition; and</div>
                <div class="claim_text">generating a response to the received query by combining the one or more partial results.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>