| 发明名称 | Generation of a data model applied to object queries | ||
| 摘要 | Embodiments include generating data models that may give semantic meaning for unstructured or structured data that may include data generated and/or received by search engines, including a time series engine. A method includes generating a data model for data stored in a repository. Generating the data model includes generating an initial query string, executing the initial query string on the data, generating an initial result set based on the initial query string being executed on the data, determining one or more candidate fields from one or results of the initial result set, generating a candidate data model based on the one or more candidate fields, iteratively modifying the candidate data model until the candidate data model models the data, and using the candidate data model as the data model. | ||
| 申请公布号 | US9589012(B2) | 申请公布日期 | 2017.03.07 |
| 申请号 | US201514815884 | 申请日期 | 2015.07.31 |
| 申请人 | Splunk Inc. | 发明人 | Neels Alice Emily;Ganapathi Archana Sulochana;Robichaud Marc Vincent;Sorkin Stephen Phillip;Zhang Steve Yu |
| 分类号 | G06F17/30;G06F17/24 | 主分类号 | G06F17/30 |
| 代理机构 | Wong & Rees LLP | 代理人 | Wong & Rees LLP ;Wong Kirk D. |
| 主权项 | 1. A computer-implemented method, comprising: receiving from a user a selection of an object among one or more objects included in a data model, the selection made through an object-selection interface; retrieving from computer memory a previously stored object definition that corresponds to the selected object, the previously stored object definition includes: an object query that, when executed, retrieves a set of time stamped events from a data store on a computing device, each event including a portion of raw machine data reflecting activity in an information technology environment; andan object schema identifying a set of one or more fields, each field defined by an extraction rule or regular expression that locates the field in the raw machine data and can be used to extract a field value from the field location from the raw machine data in each event in a subset of the set of time stamped events, each extraction rule or regular expression operating on the raw machine data in an event without modifying the event's raw machine data; and executing, against events in the data store that meet filtering criteria of the object query, a search query that references only field values that are extracted using the object schema and that produces a result based at least in part on the data reflecting the activity of the information technology environment. | ||
| 地址 | San Francisco CA US | ||