Splunk Inc.
Techniques for generating structured metrics from ingested events

Abstract:

The disclosed embodiments include a method performed by a data intake and query system. The method includes ingesting data including raw data obtained over a computer network from a plurality of remote computer systems, and generating events, where each event includes a segment of the raw data and a respective timestamp. The method further includes extracting field values from at least a portion of the raw data of the events, where the field values each include a numerical value, and each numerical value is indicative of a measured characteristic of a computing device. The method further includes generating structured metrics, where each structured metric has a respective numerical value, and indexing the plurality of structured metrics.