| CPC G06F 16/24568 (2019.01) [G06F 16/248 (2019.01); G06F 16/24564 (2019.01); G06F 40/205 (2020.01); G06N 5/04 (2013.01)] | 19 Claims |
|
1. A computer-implemented method, comprising:
accessing messages of a first data stream from an ingestion buffer in communication with a streaming data processor to receive data from the first data stream, wherein the ingestion buffer obtains data via a forwarder that is separate from the streaming data processor and that receives raw data from a data source;
analyzing, by the streaming data processor, a sourcetype associated with one or more of the messages from the first data stream, the one or more of the messages including a portion of machine data;
generating, by the streaming data processor that is separate from the forwarder, a second data stream from the first data stream, the second data stream including a message of the one or more of the messages based on the message being associated with a particular sourcetype that corresponds with the second data stream and based on a condition indicating inclusion in the second data stream, wherein the condition is related to the message being associated with more than one sourcetype;
determining a topic for the second data stream, wherein the topic corresponds with a logically distinct queue of messages;
publishing the second data stream to the topic of the ingestion buffer; and
performing at least one processing operation using the second data stream.
|