Display of data ingestion information based on counting generated events
First Claim
1. A method comprising:
- receiving raw data from one or more data sources, the raw data including first raw data received via one or more first devices for a first user account and second raw data received via one or more second devices for a second user account;
generating a plurality of events from the raw data by parsing the raw data into the plurality of events, each event of the plurality of events including a portion of the raw data, the plurality of events enabling execution of time-based searches across the portions of the raw data included in the plurality of events;
determining a number of events of the plurality of events that were generated from the raw data during a defined time period by determining a first number of events generated from the first raw data during the defined time period and a second number of events generated from the second raw data during the defined time period;
calculating one or more first metrics related to a first amount of data ingestion based on the determined first number of events generated from the first raw data during the defined time period and one or more second metrics related to a second amount of data ingestion based on the determined second number of events generated from the second raw data during the defined time period;
generating a user interface that includes a display of the one or more first metrics related to the first amount of data ingestion associated with the first user account, a display of the one or more second metrics related to the second amount of data ingestion associated with the second user account, and a display of a threshold input option to receive a user-specified threshold value related to data ingestion associated with at least the first user account that, when exceeded, results in an alert; and
causing display of the user interface.
1 Assignment
0 Petitions
Accused Products
Abstract
A data intake and query system measures an amount of raw data ingested by the system during defined periods of time. As used herein, ingesting raw data generally refers to receiving the raw data from one or more computing devices and processing the data for storage and searchability. Processing the data may include, for example, parsing the raw data into “events,” where each event includes a portion of the received data and is associated with a timestamp. Based on a calculated number of events generated by the system during one or more defined time periods, the system may calculate various metrics including, but not limited to, a number of events generated during a particular day, a number of events generated per day over a period of time, a maximum number of events generated in a day over a period of time, an average number of events generated per day, etc.
63 Citations
29 Claims
-
1. A method comprising:
-
receiving raw data from one or more data sources, the raw data including first raw data received via one or more first devices for a first user account and second raw data received via one or more second devices for a second user account; generating a plurality of events from the raw data by parsing the raw data into the plurality of events, each event of the plurality of events including a portion of the raw data, the plurality of events enabling execution of time-based searches across the portions of the raw data included in the plurality of events; determining a number of events of the plurality of events that were generated from the raw data during a defined time period by determining a first number of events generated from the first raw data during the defined time period and a second number of events generated from the second raw data during the defined time period; calculating one or more first metrics related to a first amount of data ingestion based on the determined first number of events generated from the first raw data during the defined time period and one or more second metrics related to a second amount of data ingestion based on the determined second number of events generated from the second raw data during the defined time period; generating a user interface that includes a display of the one or more first metrics related to the first amount of data ingestion associated with the first user account, a display of the one or more second metrics related to the second amount of data ingestion associated with the second user account, and a display of a threshold input option to receive a user-specified threshold value related to data ingestion associated with at least the first user account that, when exceeded, results in an alert; and causing display of the user interface. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. One or more non-transitory computer-readable storage media, storing instructions, which when executed by one or more processors cause performance of:
-
receiving raw data from one or more data sources, the raw data including first raw data received via one or more first devices for a first user account and second raw data received via one or more second devices for a second user account; generating a plurality of events from the raw data by parsing the raw data into the plurality of events, each event of the plurality of events including a portion of the raw data, the plurality of events enabling execution of time-based searches across the portions of the raw data included in the plurality of events; determining a number of events of the plurality of events that were generated from the raw data during a defined time period by determining a first number of events generated from the first raw data during the defined time period and a second number of events generated from the second raw data during the defined time period; calculating one or more first metrics related to a first amount of data ingestion based on the determined first number of events generated from the first raw data during the defined time period and one or more second metrics related to a second amount of data ingestion based on the determined second number of events generated from the second raw data during the defined time period; generating a user interface that includes a display of the one or more first metrics related to the first amount of data ingestion associated with the first user account, a display of the one or more second metrics related to the second amount of data ingestion associated with the second user account, and a display of a threshold input option to receive a user-specified threshold value related to data ingestion associated with at least the first user account that, when exceeded, results in an alert; and causing display of the user interface.
-
-
29. An apparatus, comprising:
-
one or more memories storing instructions; and one or more hardware processors to execute the instructions, the instructions comprising; receiving raw data from one or more data sources, the raw data including first raw data received via one or more first devices for a first user account and second raw data received via one or more second devices for a second user account; generating a plurality of events from the raw data by parsing the raw data into the plurality of events, each event of the plurality of events including a portion of the raw data, the plurality of events enabling execution of time-based searches across the portions of the raw data included in the plurality of events; determining a number of events of the plurality of events that were generated from the raw data during a defined time period by determining a first number of events generated from the first raw data during the defined time period and a second number of events generated from the second raw data during the defined time period; calculating one or more first metrics related to a first amount of data ingestion based on the determined first number of events generated from the first raw data during the defined time period and one or more second metrics related to a second amount of data ingestion based on the determined second number of events generated from the second raw data during the defined time period; generating a user interface that includes a display of the one or more first metrics related to the first amount of data ingestion associated with the first user account, a display of the one or more second metrics related to the second amount of data ingestion associated with the second user account, and a display of a threshold input option to receive a user-specified threshold value related to data ingestion associated with at least the first user account that, when exceeded, results in an alert; and causes display of the user interface.
-
Specification