video に戻る

2015年01月13日

Sumo Logic Demo: Getting Started

Sumo Logic is a cloud-based log management and analytic service. Sumo Logic service effortlessly collects, manages, and transforms all of your log data, regardless of volume, type, or location, into operational efficiency and security in compliance insights.

The first thing we need to do after logging in is to download a collector. Once the download finishes, let's launch it to start the installer. This installer will create a small footprint collector on the machine we downloaded it to. Now that the collector is installed, it is able to talk to the service. Let's copy the activation code and use it to activate the collector. Once the collector is activated, we need to set it up so that it can start collecting logs from a local directory. To do that, we will add a source and provide the path to the directory under which logs are stored. Notice the two stars at the end, this tells the collector to scan the entire directory for "log" file.

Now that the collectors are installed, let's switch to "status" tab and see if they're starting to send events. This can take a few seconds to a couple of minutes. It seems like, in the last few minutes, the collector has uploaded over 1,000,000 lines of log.

In order to search and analyze this log data, let's switch to the "search" tab. We will start with the star search that will return everything in the last six hours. We start getting logs from multiple servers, but we can filter it to just one host, "nite-stream-server-3." Still there are 37,000 logs spread across 2,000 pages. In order to get a comprehensive summary of your logs, you can use "summarize" operator. This operator, based on Sumo Logic's patented log reduce technology, can boil down all those logs into less than 20 signatures. In this high quality view, you can easily spot a couple of exceptions.

Let's say during this review we found a signature that we want to learn more about. Let's look for all messages with this signature. You will notice that all of them have a session ID. In order to use this value for further analysis we need to extract it. For that we will use a "parse" operator. This extracts the session ID into a new column. Now we can use this session ID in a subsequent analysis to calculate the number of logs per session.

Hope this gives you a quick idea of how, with Sumo Logic, you can turn your log data into answers and insights. Please take a look at "Search Cheat Sheet" and "Sample Use Case” videos to explore Sumo Logic capabilities in detail.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

スポットライト

これを読んだ人も楽しんでいます