What technology area does this patent fall under?

Primary CPC classification G06F16/90335. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Nov 07 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Relating events and matching events to steps of a process using field values from different fields

US11809497B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11809497-B2
Application number	US-202318151364-A
Country	US
Kind code	B2
Filing date	Jan 6, 2023
Priority date	Mar 26, 2018
Publication date	Nov 7, 2023
Grant date	Nov 7, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Systems and methods are disclosed for processing events having raw machine data associated with a timestamp using one or more pivot identifiers and one or more step identifiers to generate one or more journey instances. Based on the one or more pivot identifier field, the system can relate events that have a common field value for the pivot identifier field. Based on the one or more step identifiers, the system can group the related events into a subset of events. Using the subset of events, the system can build a journey instance.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method, comprising: receiving identification of a first field value for a first field, the first field value indicating related events; receiving identification of a second field value for a second field, the second field value indicating a particular step of a process; determining that each event in a set of events includes the first field value for the first field and a respective field value for the second field, wherein each event of the set of events records activity within a computing environment, and wherein a particular event of the set of events is associated with the particular step of the process based on the respective field value for the second field of the particular event matching the second field value; and generating a display for the set of events, wherein the set of events is ordered using the respective field value for the second field of each event of the set of events, and each event of the set of events is represented in the display as a step of an instance of the process. 2. The computer-implemented method of claim 1 , wherein the set of events is ordered using the respective field value for the second field of each event of the set of events and based on a time stamp associated with each step event. 3. The computer-implemented method of claim 1 , wherein the display further comprises a visualization of the set of events that indicates a progression through the set of events. 4. The computer-implemented method of claim 1 , wherein events of the set of events comprise raw machine data from heterogeneous data sources, and wherein the heterogeneous data sources generate the raw machine data in heterogeneous data formats. 5. The computer-implemented method of claim 1 , wherein a first event of the set of events records activity associated with a first computing device within the computing environment and a second event of the set of events records activity associated with a second computing device within the computing environment. 6. The computer-implemented method of claim 1 , wherein the particular step is a first particular step and the particular event is a first particular event, the computer-implemented method further comprising: receiving identification of a third field value for the second field, the third field value indicating a second particular step of the process; determining that the respective field value for the second field of a second particular event of the set of events matches the third field value; and associating the second particular event with a second particular step of the process, wherein an identifier for the second particular event is included in the display for the set of events. 7. The computer-implemented method of claim 1 , wherein the set of events is a first set of events, the particular event is a first particular event, the instance of the process is a first instance of the process, and the display is a first display, the computer-implemented method further comprising: receiving identification of a third field value for the first field, the third field value indicating related events, wherein the third field value is different from the first field value; determining that each event in a second set of events includes the third field value for the first field and a respective field value for the second field, wherein each event of the second set of events records activity within the computing environment, and wherein a second particular event of the second set of events is associated with the particular step of the process based on the respective field value for the second field of the second particular event matching the second field value; and generating a second display for the second set of events, wherein the second display orders the second set of events chronologically according to a timestamp included in each event of the second set of events, wherein each event of the second set of events is represented in the second display as a step of a second instance of the process. 8. The computer-implemented method of claim 1 , wherein the set of events is a first set of events, the particular event is a first particular event, the instance of the process is a first instance of the process, and the display is a first display, the computer-implemented method further comprising: receiving identification of a third field value for the first field, the third field value indicating related events, wherein the third field value is different from the first field value; receiving identification of a fourth field value for the second field, the fourth field value indicating a second particular step of the process; determining that each event in a second set of events includes the third field value for the first field and a respective field value for the second field, wherein each event of the second set of events records activity within the computing environment, and wherein a second particular event of the second set of events is associated with the second particular step of the process based on the respective field value for the second field of the second particular event matching the fourth field value; and generating a second display for the second set of events, wherein the second display orders the second set of events chronologically according to a timestamp included in each event of the second set of events, wherein each event of the second set of events is represented in the second display as a step of a second instance of the process. 9. The computer-implemented method of claim 1 , wherein the set of events is a first set of events, the particular event is a first particular event, the instance of the process is a first instance of the process, and the display is a first display, the computer-implemented method further comprising: receiving identification of a third field value for the first field, the third field value indicating related events; determining that each event in a second set of events includes the third field value for the first field and a respective field value for the second field; and generating a second display based on the first set of events and the second set of events, wherein the first set of events and the second set of events are represented in the second display by a plurality of steps, wherein each step of the plurality of steps corresponds to at least one event from at least one of the first set of events or the second set of events, and wherein the second display illustrates one or more traversals between one or more steps of the plurality of steps based on the first set of events and the second set of events. 10. The computer-implemented method of claim 1 , wherein the set of events is a first set of events, the particular event is a first particular event, the particular step of the process is a first particular step of the process, the instance of the process is a first instance of the process, and the display is a first display, the computer-implemented method further comprising: receiving identification of a third field value for the first field, the third field value indicating related events; receiving identification of a fourth field value for the second field, the fourth field value indicating a second particular step of the process; determining that each event in a second set of events includes the third field value for the first field and a respective field value for the second field, wherein each event of the second set of events records activity within the computing environment, and wherein a second particular event of the second set of events is associated with the second particular step of the process based on the respective field value for the second field of

Assignees

Splunk Inc

Inventors

Classifications

G06F16/90335Primary
Query processing · CPC title
G06F16/287
Visualization; Browsing · CPC title
G06F16/9038
Presentation of query results · CPC title
G06F16/903Primary
Querying (for retrieval from the web G06F16/953) · CPC title
G06F16/904
Browsing; Visualisation therefor (for navigating the web G06F16/954; browsing optimisation for the web G06F16/957) · CPC title

Patent family

Related publications grouped by family.

View patent family 67984253

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11809497B2 cover?: Systems and methods are disclosed for processing events having raw machine data associated with a timestamp using one or more pivot identifiers and one or more step identifiers to generate one or more journey instances. Based on the one or more pivot identifier field, the system can relate events that have a common field value for the pivot identifier field. Based on the one or more step identi…
Who is the assignee on this patent?: Splunk Inc
What technology area does this patent fall under?: Primary CPC classification G06F16/90335. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Nov 07 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).