X15 Enterprise™ Query Parallelism

X15 is a machine data platform that has been designed from the ground up to store massive quantities of semistructured data, and allow interactive search and complex analysis over it. X15 uses multi-level parallelism to produce query results as quickly as possible. In this post, we will look at the benefits of multi-level parallelism and its impact on performance and scalability.

Read more

X15 Indexing

Indexing data in X15 boosts performance significantly, reducing the latency of many queries that use indexed fields by several orders of magnitude. Consider an events table with the fields id (integer), title (string), starttime (timestamp) and endtime (timestamp). Let’s say we want to find the entries where the title of the event has a word […]

Read more

The Power of JOIN For Large-Scale Searches

In this post, we introduce X15 basics that we will discuss in future posts—taking it from the very top. X15 is a data management system that looks a lot like a relational database but has many new tricks up its sleeve to address the challenges of event or log data (we will use the term […]

Read more

The Need for a Dedicated Analytics Platform for SIEM Users

The evolution of data warehousing during the 1990s clearly showed the power of dedicated systems for in-depth analysis. Attempts to analyze data in mission-critical OLTP systems—often running at maximum capacity—were strategically flawed. The explosion of data, particularly unstructured and semistructured data, and the rise of Hadoop have accelerated a secular change in analytic depth, breadth […]

Read more