Sumo Logicの製品概要や事例等のお役立ちコンテンツはこちら! さらに詳しく

blog に戻る

2022年01月25日 Pratik Indap, Somya Agarwal and Michael Baldani

Make the most of your observability data with the Data Volume app

As a DevOps, SecOps, or IT operations manager, you're surrounded by all the technology for the systems running the entire organization. This means legacy infrastructure, multi-cloud environments, services, tools, and applications. All of these components generate data—a huge amount of data—some of which you need to leverage for full-stack observability to ensure those systems supporting the business are running efficiently. But how can you effectively manage data usage and consumption costs while getting the most for your observability needs?

The Data Volume App for Sumo Logic takes the guesswork out of managing data consumption for monitoring analytics of your critical business systems. Our updated Data Volume App provides you with the ability to view and track account usage by data type (logs, metrics, traces), data tier, category, collector, sources, and hosts. In addition, you will also be able to track usage in both native units as well as credits. Our goal is to make it easy for you to know exactly what and how much of the data is being consumed.

How does it work?

Collection

The Data Volume App is based within the Data Volume Index which needs to first be enabled by an administrator.

Once this index is enabled, it will start gathering ingest volume data for logs, metrics, and traces sent to Sumo Logic across various tiers and various Sumo Logic collector dimensions (such as collector, source category, sources, etc.) and report it back via log file messages.

You can then directly either analyze this data yourself by running log search queries or use the app to streamline the analysis for you. To search on logs and traces volume data see this document and to search on metrics ingest see this document.

Using the app

Once the index is enabled, you can install the app to automatically analyze the data from the index.

Monitoring log ingest

The largest data ingest typically comes from log volumes. The Data Volume - Logs dashboard allows you to view your log ingest volume by tier by ingesting spikes, outliers, and quota.

Various log tiers include:

  • Continuous Tier - data you use to monitor and troubleshoot production applications and to ensure the security of your applications.

  • Frequent Tier- data you need to frequently access to troubleshoot and investigate issues. For example, you might use the Frequent tier for development and test data that helps you investigate issues during development.

  • Infrequent Tier - data used to troubleshoot intermittent or hard-to-reproduce issues. For example, you might use the Infrequent tier for debug logs, OS logs, thread dumps, and other occasional-use cases.

  • CSE Tier - used to account for any data being forwarded to CSE for security use cases. Records that include the “_siemforward” flag are the ones that count against CSE tier usage.

In addition to understanding unexpected spikes in your log ingest, check out the Data Volume - Log Spikes Dashboard to help identify ingest outliers and determine the spikes for top sources compared with the previous day.

Monitoring metrics

The Data Volume - Metrics dashboard allows you to view your metrics ingested, identifies ingest outliers and spikes, and helps predict future ingestion.

You can determine ingested DPMs across various dimensions and easily analyze trends over time for better data management.

Monitoring tracing Ingest

The Data Volume - Tracing Dashboard provides views of your tracing data ingest by billed bytes and span counts per minute.

This dashboard lets you easily determine the ingested billedBytes and spansCount for tracing and analyzing trends over time. Additionally, you can identify ingestion spikes and the top five source categories, source hosts, sources, and collectors by span count and billed bytes.

Monitoring capacity

To understand how much allocated capacity has been used, check out The Data Volume - Capacity Utilization Dashboard that provides views of subscribed, actual, and percentage capacity utilization for logs and metrics.

This dashboard allows you to identify the ingestion capacity of your subscription. You can also see and compare the average ingestion versus the subscribed capacity to ensure capacity is meeting demand.

Monitoring credits

Sumo Logic’s credit-based licensing option provides flexibility to utilize credits and maximize the value from the analytics platform while controlling costs.

The Data Volume - Credits Dashboard helps you understand how your credits are being used across logs, metrics, traces, and data tiers, giving you more flexibility to utilize the data ingested in the right places.

This dashboard view enables you to easily see the number of credits consumed and how they are divided across logs (by different tiers), metrics, and traces. You can also determine the top sources based on their credit usage, giving you a more complete picture of how and where credits are being used.

Get started now!

In summary, the Sumo Logic Data Volume App provides you with a summary and detailed views of your account's data usage volume by data type, tier, category, collector, source name, and hosts via predefined searches and dashboards.

To get started, check out the Sumo Logic Data Volume App help doc If you don’t yet have a Sumo Logic account, you can sign up for a free trial today.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Pratik Indap, Somya Agarwal and Michael Baldani

This blog post is a collaboration between Pratik Indap (Senior Backend Software Developer), Somya Agarwal (Integration Engineer) and Michael Baldani (Product Marketing Manager).

More posts by Pratik Indap, Somya Agarwal and Michael Baldani.

これを読んだ人も楽しんでいます