US 12,443,589 B2
Correlating different types of data of a distributed ledger system
Stephen Robert Luedtke, Denver, CO (US); Nathaniel Gerard McKervey, Tallahassee, FL (US); Ryan Russell Moore, St. Augustine, FL (US); and Jeffrey Yung Wu, Berkeley, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Splunk Inc., San Francisco, CA (US)
Filed on Jan. 31, 2022, as Appl. No. 17/589,760.
Application 17/589,760 is a continuation of application No. 16/419,835, filed on May 22, 2019, granted, now 11,269,859.
Prior Publication US 2022/0156249 A1, May 19, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 16/23 (2019.01); G06F 16/245 (2019.01); G06F 16/248 (2019.01); G06F 16/27 (2019.01)
CPC G06F 16/2379 (2019.01) [G06F 16/245 (2019.01); G06F 16/248 (2019.01); G06F 16/27 (2019.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
receiving a query at a computing device of a query system, the query identifying a set of data associated with a distributed ledger system and a manner of processing the set of data;
identifying, from the set of data, a first event corresponding to a transaction notification event generated by a first computing node of the distributed ledger system, wherein the first computing node is configured to perform a plurality of processing tasks to generate a block for a blockchain, wherein the transaction notification event corresponds to a commitment, by the first computing node, of the block to the blockchain, wherein the block comprises a plurality of transactions processed by the distributed ledger system;
extracting a transaction identifier from the first event;
filtering, using the transaction identifier, the set of data, to identify:
a second event generated by the first computing node of the distributed ledger system, wherein the second event comprises raw machine data, wherein the second event corresponds to a first processing task of the plurality of processing tasks that precedes the transaction notification event, and
a third event generated by a second computing node of the distributed ledger system, wherein the third event comprises raw machine data, wherein the third event corresponds to a second processing task performed by the second computing node prior to the transaction notification event, wherein the second processing task comprises ordering, by the second computing node, a transaction of the plurality of transactions relative to other transactions of the plurality of transactions;
associating the first event, the second event, and the third event, wherein a result of association traces a plurality of portions of a history of the distributed ledger system generating the block for the blockchain, wherein a first portion of the history corresponds to the first processing task performed by the first computing node to generate the block of the blockchain, and wherein a second portion of the history corresponds to the second processing task performed by the second computing node;
determining a first computing node type of the first computing node and a second computing node type of the second computing node based on the association the first event, the second event, and the third event; and
outputting the plurality of portions of the history, the first computing node type of the first computing node and the second computing node type of the second computing node, as at least a portion of a response to the query.