Invented by Qianjie Zhong, Geng QIN, Ting Wang, Min Zhang, Micah Delfino, Jef Bekes, D. Randall Young, Cary Noel, Feng Shao, Dritan Bitincka, Splunk Inc
The Splunk Inc invention works as followsTechniques are disclosed which enable the collection of different types of data using cloud computing services, and the creation of dashboards and visualisations for viewing information about cloud computing resource collections. Cloud computing management applications allow users to configure data collection from cloud computing services, and to view visualizations. The cloud computing management software may also be configured to display interactive topology maps of cloud computing resources generated based on collected data. Interactive topology maps allow users to see a visual representation of a collection computing resources and perform actions efficiently with respect to the various resources displayed.
Background for Displaying interactive topology maps for cloud computing resources
The approaches described herein are possible approaches, but not necessarily those that have been used before. It is not possible to assume that any of these approaches are prior art, except as otherwise stated.
Cloud computing services are used by an increasing number of companies as part of their infrastructure. Cloud computing is a service that consists of a number of remote computing resources (e.g. servers, storage, network, backup, etc.). Users can choose from a variety of payment options. “Amazon Web Services (AWS), offered by Amazon.com; Azure, offered by Microsoft; and Google Cloud Platform, offered by Google, are examples of popular cloud computing.
Cloud computing services usually provide a web management console or another interface to allow users to manage cloud computing resources. A typical management console, for example, may display a listing of the user’s cloud server instances that are active, another list of storage volumes that are associated with those instances, yet another list that shows a user?s configured virtual private cloud, etc. These interfaces are useful for displaying information about some aspects of an organisation’s cloud computing resource, but their disconnected nature makes it difficult to obtain a comprehensive picture of cloud computing resources.
The following description provides a detailed explanation of the invention. However, it will become apparent that the present invention can be used without these details. Other instances of well-known devices and structures are shown in block diagrams to avoid obscure the invention.
Embodiments” are described in the following outline:
1.0. “General Overview
Modern data centers and other computing environments may contain a small number of host computers or thousands of systems that can process data and service remote clients. Many components in these computing environments can generate large amounts of machine-generated information during operation. Machine data can be generated by many components of the information technology environment (IT), such as servers and sensors, routers, mobile devices and Internet of Things devices (IoT). Machine-generated data includes system logs and network packet data, sensor information, application program data as well as error logs, stack trace, system performance data, and system logs. Machine-generated data may also include diagnostic information and performance data.
Machine-generated data can be analyzed with a variety of tools. Many of these tools pre-process data to reduce the amount of potentially large amounts of machine data. To facilitate the retrieval and analysis of data items during search time, pre-specified items can be extracted from machine data and stored in a database. The rest of the data is usually not saved or discarded during pre-processing. There are many reasons to keep more data, as storage capacity is becoming more affordable and more readily available.
This abundant storage capacity makes it possible to store large quantities of minimally processed data for later retrieval or analysis. An analyst can search the entire machine data at once, rather than focusing on a specific set of items. This allows for greater flexibility and allows them to store minimally processed data. An analyst may be able to examine different aspects of the data, which could allow them to analyze other parts.
However, it is difficult to analyze and search large amounts of machine data. A data center, server, or network appliance may produce many types and formats (e.g. system logs, packet data (e.g. wire data), etc. ), sensor data, application program data, error logs, stack traces, system performance data, operating system data, virtualization data, etc.) There are thousands of components that can make it difficult to analyze. Mobile devices can also generate large amounts information about data accesses and network performance. These types of information can be reported by millions of mobile devices.
In certain cases, machine data may have a predefined structure, in which data items with particular data formats are stored at specific locations within the data. Machine data could include data stored in fields within a database table. Machine data may also not be in a predefined format. This means that the data is not stored at a fixed location, but it does not follow a predictable pattern and is not random. Machine data may contain a variety of data items from different types, and these data items can be stored in different places within the data. An example is that if the data source is an Operating System Log, an event may include one or more lines of the log that contain raw data. This data can include diagnostic information and performance data associated with a particular point in time.
The data generated by such data sources can include, for example and without limitation, server log files, activity log files, configuration files, messages, network packet data, performance measurements, sensor measurements, etc. Data generated by these data sources may include, but is not limited to, server logs, activity logs, configuration files and messages.
In some embodiments, the common field name can be used to refer to two or more fields that contain equivalent data, even if they are associated with different types events, which may have different data formats, and extraction rules. The system makes it easier to use a “common information model” by allowing a field name to identify similar fields generated from disparate data sources. By allowing a common field name to be used to identify equivalent fields from different types of events generated by disparate data sources, the system facilitates use of a?common information model? 5).
2.0. Operating Environment
FIG. “FIG. The skilled person would know that FIG. “Figure 1 is one example of an interconnected computer system. Other embodiments can use different arrangements.Click here to view the patent on Google Patents.