×

Data model for machine data for semantic search

  • US 8,788,525 B2
  • Filed: 09/07/2012
  • Issued: 07/22/2014
  • Est. Priority Date: 09/07/2012
  • Status: Active Grant
First Claim
Patent Images

1. A computer implemented method, comprising:

  • accessing time stamped events in a data store on a computing device including one or more processors, wherein the set of events are searchable;

    maintaining a data model that is associated with a set of the time stamped events, wherein the data model defines a schema to apply to the set of the time stamped events, wherein the data model includes one or more sub-models, and wherein each sub-model of the one or more sub-models is associated with a subset of events in the set of the time stamped events, the subset of events being smaller than the set of the time stamped events;

    causing display of a graphical interface that lists the one or more sub-models of the data model;

    receiving first input corresponding to a selection of a particular sub-model of the one or more sub-models through the graphical interface;

    responsive to the first input, narrowing the set of the time stamped events that are searchable to a particular subset of events that is associated with the selected particular sub-model;

    subsequent to receiving the first input, receiving second input corresponding to criteria for a search query;

    after receiving the second input, initiating a search that uses the received criteria to evaluate values extracted using an extraction rule or a regular expression from events in the particular subset of events, wherein the extraction rule or the regular expression corresponds to a field in the schema.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×