CPC G06F 16/2425 (2019.01) [G06F 16/2428 (2019.01); G06F 16/2455 (2019.01); G06F 16/248 (2019.01)] | 19 Claims |
1. A computer-implemented method for executing search queries, the method comprising:
analyzing at least one command of a pipelined search to determine whether to execute the pipelined search on an event source having a set of events and whether to execute the pipelined search on a result set from a previous search performed on the set of events at the event source, wherein events of the set of events comprise a time stamp and a portion of machine data reflecting security-related information of at least one computing system;
based on the determination, executing, by at least one processor, the pipelined search on the set of events of the event source or the result set from the previous search performed on the set of events at the event source; and
causing display of at least one event of a second result set from the execution of the pipelined search.
|