US 12,067,007 B1
Analyzing a pipelined search to determine data on which to execute the pipelined search
Jesse Brandau Miller, San Francisco, CA (US); Marc V. Robichaud, San Francisco, CA (US); and Cory Eugene Burke, San Francisco, CA (US)
Assigned to Splunk Inc., San Francisco, CA (US)
Filed by SPLUNK Inc., San Francisco, CA (US)
Filed on Jul. 26, 2022, as Appl. No. 17/874,024.
Application 17/874,024 is a continuation of application No. 16/776,317, filed on Jan. 29, 2020, granted, now 11,429,600.
Application 16/776,317 is a continuation of application No. 15/221,392, filed on Jul. 27, 2016, granted, now 10,558,651, issued on Feb. 11, 2020.
Int. Cl. G06F 7/00 (2006.01); G06F 16/242 (2019.01); G06F 16/2455 (2019.01); G06F 16/248 (2019.01)
CPC G06F 16/2425 (2019.01) [G06F 16/2428 (2019.01); G06F 16/2455 (2019.01); G06F 16/248 (2019.01)] 19 Claims
OG exemplary drawing
 
1. A computer-implemented method for executing search queries, the method comprising:
analyzing at least one command of a pipelined search to determine whether to execute the pipelined search on an event source having a set of events and whether to execute the pipelined search on a result set from a previous search performed on the set of events at the event source, wherein events of the set of events comprise a time stamp and a portion of machine data reflecting security-related information of at least one computing system;
based on the determination, executing, by at least one processor, the pipelined search on the set of events of the event source or the result set from the previous search performed on the set of events at the event source; and
causing display of at least one event of a second result set from the execution of the pipelined search.