Process metadata triggers and events
US-2016299933-A1 · Oct 13, 2016 · US
Display of data ingestion information based on counting generated events
US2016307173A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016307173-A1 |
| Application number | US-201514691475-A |
| Country | US |
| Kind code | A1 |
| Filing date | Apr 20, 2015 |
| Priority date | Apr 20, 2015 |
| Publication date | Oct 20, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a portion of the received data and is associated with a timestamp. Based on a calculated number of events generated by the system during one or more defined time periods, the system may calculate various metrics including, but not limited to, a number of events generated during a particular day, a number of events generated per day over a period of time, a maximum number of events generated in a day over a period of time, an average number of events generated per day, etc.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: receiving raw data from one or more devices; generating a plurality events from the raw data by: parsing the raw data into a plurality of events, each event of the plurality of events including a portion of the raw data; determining a respective timestamp for each event of the plurality of events; determining a number of events of the plurality of events that were generated during a defined time period; causing display of a user interface that displays one or more metrics based on the determined number of events. 2 . The method of claim 1 , further comprising storing the plurality of events in an index. 3 . The method of claim 1 , wherein determining the number of events of the plurality that were generated during the defined time period includes determining that the number of events are associated with a particular user account of a plurality of user accounts. 4 . The method of claim 1 , wherein determining the number of events of the plurality that were generated during the defined time period includes determining that the number of events are associated with a particular project of a plurality of projects. 5 . The method of claim 1 , wherein the plurality of events includes a first set of events associated with a first project and a second set of events associated with a second project, and wherein the user interface displays both a first set of metrics associated with the first project and a second set of metrics associated with the second project. 6 . The method of claim 1 , wherein parsing the raw data into a plurality of events further comprises determining event boundaries for the plurality of events. 7 . The method of claim 1 , wherein the plurality of events are searchable using a late-binding schema comprising one or more extraction rules for extracting values from the events. 8 . The method of claim 1 , wherein the defined time period corresponds to one or more days. 9 . The method of claim 1 , wherein the defined time period corresponds to one or more seconds. 10 . The method of claim 1 , further comprising calculating an average number of events that were generated over a plurality of time periods. 11 . The method of claim 1 , further comprising calculating a fee amount based on the number of events of the plurality of events that were generated during the defined time period. 12 . The method of claim 1 , further comprising: comparing the number of events to a licensed amount; in response to determining that the number of events exceeds the licensed amount, storing excess events in a non-searchable index. 13 . The method of claim 1 , further comprising: comparing the number of events to a licensed amount; in response to determining that the number of events exceeds the licensed amount, storing excess events in a non-searchable index; enabling access the indexed events that are stored in the non-searchable index when additional capacity to increase the licensed amount is purchased. 14 . The method of claim 1 , further comprising: comparing the number of events to a licensed amount; in response to determining that the number of events exceeds the licensed amount, automatically increasing the licensed amount. 15 . The method of claim 1 , further comprising: comparing the number of events to a licensed amount; in response to determining that the number of events exceeds the licensed amount, generating an alert. 16 . The method of claim 1 , further comprising: comparing the number of events to a licensed amount; in response to determining that the number of events exceeds the licensed amount, sending an alert to a particular user. 17 . The method of claim 1 , further comprising calculating a fee amount based on a peak number of events generated during a defined time period. 18 . The method of claim 1 , further comprising calculating a fee amount based on a number of devices from which raw data is received. 19 . The method of claim 1 , further comprising calculating a fee amount based on both of a first fee rate for a first number of events generated and a second fee rate for a second number of events generated. 20 . The method of claim 1 , wherein the one or more devices are managed by a managed security service provider (MSSP). 21 . The method of claim 1 , wherein the metrics include a number of events generated during a defined period of time. 22 . The method of claim 1 , wherein the metrics include a number of events generated during each of one or more previous periods of time. 23 . The method of claim 1 , wherein the metrics include a comparison of a number of events generated during at least two different time periods. 24 . The method of claim 1 , further comprising calculating a number of events that are stored in one or more particular indexes of the one or more indexes. 25 . The method of claim 1 , wherein the data is associated with a particular project of a plurality of projects, each project of the plurality of projects having an associated licensed amount of data ingestion. 26 . The method of claim 1 , further comprising: wherein the data includes first data received from one or more first devices, and the data further includes second data received from one or more second devices; determining a first number of events associated with the one or more first devices generated during a defined time period; determining a second number of events associated with the one or more second devices generated during the defined time period. 27 . The method of claim 1 , further comprising: wherein a first number of events is associated with a first project, and a second number of events is associated with a second project; determining a first number of events associated with the first project generated during a defined time period; determining a second number of events associated with the second project generated during the defined time period. 28 . The method of claim 1 , further comprising: wherein the one or more devices includes both a first set of devices associated with a first company and a second set of devices associated with a second company, each of the first set of devices and the second set of devices managed by a managed security service provider (MSSP); wherein the raw data includes first raw data received from the first set of devices and second raw data received from the second set of devices; wherein determining the number of events of the plurality of events that were generated during a defined time period includes determining a first number of events generated based on the first raw data and a second number of events generated based on the second raw data; wherein causing display of the user interface includes separately displaying first metrics based on the first number of events associated with the first company, and second metrics based on the second number of events associated with the second company. 29 . One or more non-transitory computer-readable storage media, storing instructions, which when executed by one or more processors cause performance of: receiving raw data from one or more devices; generating a plurality events from the raw data by: parsing the raw data into a plurality of events, each event of the plurality of events including a portion of the r
Assignees
Inventors
Classifications
Physics · mapped topic
Licensing · CPC title
Physics · mapped topic
- G06Q20/145Primary
Payments according to the detected use or quantity · CPC title
Physics · mapped topic
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016307173A1 cover?
- A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a po…
- Who is the assignee on this patent?
- Splunk Inc
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/145. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Oct 20 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).