SlideShare a Scribd company logo

"How to" Webinar: Sending Data to Sumo Logic

Download as PPTX, PDF
Sumo Logic
Sumo Logic

Ready to send your data to Sumo Logic? Learn the details of data collection, including: - Installed versus Hosted Collectors - Deployment Options and Best Practices - Creating your Sources - Processing Rules - Local File Configuration Management - Collector Management API ** This webinar is intended for Administrators with access to create Data Collectors.

1 of 36
Sumo Logic Confidential Data Collection June 2016 How-To Webinar Welcome. To give everyone a chance to successfully connect, we’ll start at 10:05 AM Pacific.
Sumo Logic Confidential At the completion of this webinar, you will be able to… Design a Sumo Logic deployment that fits your organization Install Collectors Create your Data Sources Understand Local File Configuration Management
Sumo Logic Confidential High-Level Data Flow
Sumo Logic Confidential Sumo Logic Data Flow Data Collection Search & Analyze Visualize & Monitor Alerts Dashboards Collectors Sources Operators Charts 1 2 3
Sumo Logic ConfidentialSumo Logic Confidential Enterprise Logs are Everywhere Custom App Code Server / OS Virtual Databases Network Open Source Middleware Content Delivery IaaS, PaaS SaaS Security
Sumo Logic Confidential Designing Your Deployment • Sumo Logic Data Collection is infinitely flexible. • Design a Sumo Logic deployment that's right for your organization. • Installed versus Hosted Collectors.
Sumo Logic Confidential Host A Collectors and Sources Apache Access Apache Error Collector A Host B Collector B Host C Collector C Apache Access Apache Error IIS Logs IIS W3C Logs
Sumo Logic Confidential Collectors
Sumo Logic ConfidentialSumo Logic Confidential Collector and Deployment Options Collector Cloud Data Collection Centralized Data Collection Local Data Collection Collector CollectorCollector Collector Hosted Collectors Installed Collectors
Sumo Logic Confidential Source Types S3 Bucket  Any data written to S3 buckets via AWS, Lambda Scripts, custom Apps HTTPS  Akamai, Log Appender Libraries, etc. Google  Google API Typical Scenarios AWS Only Customers, while it's possible to rely on Cloud Data Collection entirely, this is not typical. These source types are normally just part of the overall collection strategies Benefits/Drawbacks + No Software Installation - S3 Latency issues - Https Post Caching Need Cloud Data Collection Most Data is generated in the Cloud and by Cloud Services and is collected via Sumo Logics Cloud Integrations.
Sumo Logic Confidential Local Data Collection The Sumo Logic Collector is installed on all target Hosts and, where possible, sends log data produced on those target Hosts directly to Sumo Logic Backend via https connection. Source Types Local Files  Operating Systems, Middleware, Custom Apps, etc. Windows Events  Local Windows Events Docker  Logs and Stats Syslog (dedicated Collector)  Network Devices, Snare, etc Script (dedicated Collector)  Cloud API’s, Database Content, binary data Typical Scenarios Customers with large amounts of (similar) servers, using orchestration/automation, mostly OS and application logs - On Premise Datacenters - Cloud Instances Benefits/Drawbacks + No Hardware Requirement + Automation (Chef/Puppet/Scripting) - Outbound Internet Access Required - Resource Usage on Target
Sumo Logic ConfidentialSumo Logic Confidential Collector Deployment – Local Collectors
Sumo Logic Confidential Source Types Syslog  Operating Systems, Middleware, Custom Applications, etc Windows Events  Remote Windows Events Script  Cloud API’s, Database Content, binary data Typical Scenarios Customers with mostly Windows Environments or existing logging infrastructure (syslog/logstash) - On Premise Datacenters Benefits/Drawbacks + No Outbound Internet Access + Leverage existing logging Infrastructure - Scale - Dedicated Hardware - Complexity (Failover, syslog rules) Centralized Data Collection The Sumo Logic Collector is installed on a set of dedicated machines, these collect log data from the target Hosts via various remote mechanisms and forward the data to the Sumo Logic Backend. This can be accomplished by either using Sumo Logic syslog source type or by running Syslog Servers (syslog-ng, rsyslog), write to file, and collect from there.
Sumo Logic ConfidentialSumo Logic Confidential Collector Deployment – Centralized Collector
Sumo Logic Confidential Deployment Options Summary Collector Benefits Drawbacks Local • Direct access to source logs • Ease of troubleshooting • No additional HW requirements • More Complex Management • Resource usage on target host • Need for outbound internet access Centralize d • Fewer collectors and sources • Simplified management • Target hosts don’t need outbound internet access • Need for dedicated hardware • More complex setup (users, permissions) • Harder to troubleshoot • Requires careful planning in order to scale Hosted • Agentless • Build it into your infrastructure (S3) • Direct HTTP POST • Requires local script to POST or curl messages Resources:  Design Your Deployment  Best Practices: Local and Centralized Data Collection
Sumo Logic Confidential Sources
Sumo Logic Confidential Host A Collectors and Sources Apache Access Apache Error Collector A Host B Collector B Host C Collector C Apache Access Apache Error IIS Logs IIS W3C Logs
Sumo Logic ConfidentialSumo Logic Confidential Defining a Source A single Collector can have multiple Sources. Key fields to define when configuring any Source type: • Name • Description • Historical Data • Source Host • Source Category • File path – Excluding syslog • Timestamp Parsing
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Remote File Required for remote collection: • Listening port • Remote login credentials – Username and password – Local SSH • Absolute file path
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Syslog Required for Syslog collection: • Protocol • Listening port
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Windows Event Collection Required for Windows Event Collection: • Remote specific: – Remote host name(s) – Windows Domain – Username / password • Windows Event Type
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Windows Performance Collection Required for Windows Performance Collection: • Remote specific: – Remote host name(s) – Windows Domain – Username / password • Frequency • Perfmon Queries
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Script Required for script based collection: • Execution frequency • Command type • Path to script • Script to execute • Working directory
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: HTTP Required for HTTP Source: • How to treat incoming POST requests After Configuration: • Use URL to send POST messages to the collector
Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Amazon S3 and AWS sources Required for Amazon S3: • IAM – Key ID – Security Key • Bucket name • Path expression • Scan interval
Sumo Logic ConfidentialSumo Logic Confidential Configuration: Filtering Source Data • Regular expressions are used to create rules to filter data sent from a Source. • The filters affect only data sent to Sumo Logic; logs on your end remain intact. • Filter Types – Exclude Filter (Black List) – Include Filter (White List) – Hash Filter (i.e. Replace credit card number with unique randomly generated code) – Mask Filter (i.e. Mask each character with #) – Note • Exclude filters override all other filter types for a specific value • Mask and hash filters are applied after exclusion and inclusion filters
Sumo Logic ConfidentialSumo Logic Confidential Configuration: Filtering Files (Blacklisting) • Blacklist files or set of files that shouldn’t be ingested
Sumo Logic Confidential Metadata
Sumo Logic Confidential Metadata Fields Name Description _collector Name of the collector this data came from _source Name of the source this data came through _sourceHost Hostname of the server this data came from _sourceName Name of the log file (including path) _sourceCategory Category designation of source data Tags added to your messages when data is collected Host A Apache Access Apache Error Collector A
Sumo Logic Confidential Host A Metadata Field Usage Apache Access _sourceCategory = WS/Apache/Access Apache Error _sourceCategory = WS/Apache/Error Collector A Host B Collector B Host C Collector C Apache Access _sourceCategory = WS/Apache/Access Apache Error _sourceCategory = WS/Apache/Error IIS Logs _sourceCategory = WS/IIS IIS W3C Logs _sourceCategory = WS/IIS/W3C Sample Searches for _sourceCategory: = WS/Apache/Access = WS/Apache/* = WS/*
Sumo Logic ConfidentialSumo Logic Confidential Source Category Best Practices • Recommended nomenclature for Source Categories Component1/Component2/Component3… • From least descriptive to most descriptive Networking/Firewall/Cisco/FWSM Networking/Firewall/Cisco/ASA Networking/Firewall/PAN/PA7050 Networking/Router/Cisco/2821 • Note: Not all types of logs need to have the same amount of levels. • Benefits – Simple search scoping by using wild cards anywhere in the string – Simple, intuitive and self-maintaining partitions/index – Simple and self maintaining RBAC rules • Blog Post: Good SourceCategory, Bad SourceCategory
Sumo Logic Confidential Automation
Sumo Logic ConfidentialSumo Logic Confidential Automating Deployments • Silent installation  Use sumo.conf  Provide name, credentials and source file parameter for initial setup only • Local Configuration Collector Management  Manage configuration locally using a JSON file with Chef/Puppet  Available for both new and existing collectors • Collector Management API  Define an initial Source configuration for your Collectors using a JSON file  Retrieve and update Collector Configuration from an HTTP endpoint
Sumo Logic ConfidentialSumo Logic Confidential Installed Collector Deployment Tips • Install using Collector Guidelines/Requrements • Access Keys – Used for collector registration and API – ID/Key Pair instead of user/pass • Especially important when storing credentials on disk • Collector Logs – Logs in: $SUMO_HOME/logs – Current Log: $SUMO_HOME/logs/collector.log – Check for Out of Memory Errors – Increase memory if needed as described on Support Site Post
Sumo Logic Confidential Questions? Additional Resources Search Video Library and Documentation Search/Post to Community Forums Search, post, respond Submit/vote for feature requests Submit Tips & Tricks Open a Support Case Sumo Logic Services Customer Success, Professional Services, Training
Sumo Logic Confidential Thank You! April 2016

Recommended

Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
Sumo Logic
 
Introduction to Kibana
Introduction to KibanaIntroduction to Kibana
Introduction to Kibana
Vineet .
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
Splunk
 
Sumo Logic - Optimizing Your Search Experience (2016-08-17)
Sumo Logic - Optimizing Your Search Experience (2016-08-17)Sumo Logic - Optimizing Your Search Experience (2016-08-17)
Sumo Logic - Optimizing Your Search Experience (2016-08-17)
Sumo Logic
 
Hive Bucketing in Apache Spark with Tejas Patil
Hive Bucketing in Apache Spark with Tejas PatilHive Bucketing in Apache Spark with Tejas Patil
Hive Bucketing in Apache Spark with Tejas Patil
Databricks
 
Data Sanity
Data SanityData Sanity
Data Sanity
Uday Chaudhari
 
Deep Dive into the New Features of Apache Spark 3.0
Deep Dive into the New Features of Apache Spark 3.0Deep Dive into the New Features of Apache Spark 3.0
Deep Dive into the New Features of Apache Spark 3.0
Databricks
 
Kafka timestamp offset
Kafka timestamp offsetKafka timestamp offset
Kafka timestamp offset
DaeMyung Kang
 

Recommended

Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
Sumo Logic
 
Introduction to Kibana
Introduction to KibanaIntroduction to Kibana
Introduction to Kibana
Vineet .
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
Splunk
 
Sumo Logic - Optimizing Your Search Experience (2016-08-17)
Sumo Logic - Optimizing Your Search Experience (2016-08-17)Sumo Logic - Optimizing Your Search Experience (2016-08-17)
Sumo Logic - Optimizing Your Search Experience (2016-08-17)
Sumo Logic
 
Hive Bucketing in Apache Spark with Tejas Patil
Hive Bucketing in Apache Spark with Tejas PatilHive Bucketing in Apache Spark with Tejas Patil
Hive Bucketing in Apache Spark with Tejas Patil
Databricks
 
Data Sanity
Data SanityData Sanity
Data Sanity
Uday Chaudhari
 
Deep Dive into the New Features of Apache Spark 3.0
Deep Dive into the New Features of Apache Spark 3.0Deep Dive into the New Features of Apache Spark 3.0
Deep Dive into the New Features of Apache Spark 3.0
Databricks
 
Kafka timestamp offset
Kafka timestamp offsetKafka timestamp offset
Kafka timestamp offset
DaeMyung Kang
 
Big data and machine learning @ Spotify
Big data and machine learning @ SpotifyBig data and machine learning @ Spotify
Big data and machine learning @ Spotify
Oscar Carlsson
 
Sentiment analysis of twitter data
Sentiment analysis of twitter dataSentiment analysis of twitter data
Sentiment analysis of twitter data
Bhagyashree Deokar
 
Introducing DataFrames in Spark for Large Scale Data Science
Introducing DataFrames in Spark for Large Scale Data ScienceIntroducing DataFrames in Spark for Large Scale Data Science
Introducing DataFrames in Spark for Large Scale Data Science
Databricks
 
SPEECH BASED EMOTION RECOGNITION USING VOICE
SPEECH BASED EMOTION RECOGNITION USING VOICESPEECH BASED EMOTION RECOGNITION USING VOICE
SPEECH BASED EMOTION RECOGNITION USING VOICE
VamshidharSingh
 
MMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
MMCF: Multimodal Collaborative Filtering for Automatic Playlist ConitnuationMMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
MMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
Hojin Yang
 
HIVE: Data Warehousing & Analytics on Hadoop
HIVE: Data Warehousing & Analytics on HadoopHIVE: Data Warehousing & Analytics on Hadoop
HIVE: Data Warehousing & Analytics on Hadoop
Zheng Shao
 
Centralized log-management-with-elastic-stack
Centralized log-management-with-elastic-stackCentralized log-management-with-elastic-stack
Centralized log-management-with-elastic-stack
Rich Lee
 
Anomaly detection
Anomaly detectionAnomaly detection
Anomaly detection
Hitesh Mohapatra
 
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Lucidworks
 
Unit testing of spark applications
Unit testing of spark applicationsUnit testing of spark applications
Unit testing of spark applications
Knoldus Inc.
 
Kibana + timelion: time series with the elastic stack
Kibana + timelion: time series with the elastic stackKibana + timelion: time series with the elastic stack
Kibana + timelion: time series with the elastic stack
Sylvain Wallez
 
The Solr (Multi-Terms) Synonyms Maze (Graphs)
The Solr (Multi-Terms) Synonyms Maze (Graphs)The Solr (Multi-Terms) Synonyms Maze (Graphs)
The Solr (Multi-Terms) Synonyms Maze (Graphs)
Bertrand Rigaldies
 
Primeiros Passos Com Elasticsearch
Primeiros Passos Com ElasticsearchPrimeiros Passos Com Elasticsearch
Primeiros Passos Com Elasticsearch
Anael Ferraz de Carvalho
 
Lucene basics
Lucene basicsLucene basics
Lucene basics
Nitin Pande
 
Apache Hive Hook
Apache Hive HookApache Hive Hook
Apache Hive Hook
Minwoo Kim
 
The 8 Best Examples Of Real-Time Data Analytics
The 8 Best Examples Of Real-Time Data AnalyticsThe 8 Best Examples Of Real-Time Data Analytics
The 8 Best Examples Of Real-Time Data Analytics
Bernard Marr
 
Découverte de Elastic search
Découverte de Elastic searchDécouverte de Elastic search
Découverte de Elastic search
JEMLI Fathi
 
Interactive Recommender Systems
Interactive Recommender SystemsInteractive Recommender Systems
Interactive Recommender Systems
Roelof van Zwol
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
Fabian Reinartz
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to Elasticsearch
Ismaeel Enjreny
 
Sumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled SearchesSumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled Searches
Sumo Logic
 
How To Webinar - Sumo Logic API
How To Webinar - Sumo Logic APIHow To Webinar - Sumo Logic API
How To Webinar - Sumo Logic API
Sumo Logic
 

More Related Content

What's hot

Big data and machine learning @ Spotify
Big data and machine learning @ SpotifyBig data and machine learning @ Spotify
Big data and machine learning @ Spotify
Oscar Carlsson
 
Sentiment analysis of twitter data
Sentiment analysis of twitter dataSentiment analysis of twitter data
Sentiment analysis of twitter data
Bhagyashree Deokar
 
Introducing DataFrames in Spark for Large Scale Data Science
Introducing DataFrames in Spark for Large Scale Data ScienceIntroducing DataFrames in Spark for Large Scale Data Science
Introducing DataFrames in Spark for Large Scale Data Science
Databricks
 
SPEECH BASED EMOTION RECOGNITION USING VOICE
SPEECH BASED EMOTION RECOGNITION USING VOICESPEECH BASED EMOTION RECOGNITION USING VOICE
SPEECH BASED EMOTION RECOGNITION USING VOICE
VamshidharSingh
 
MMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
MMCF: Multimodal Collaborative Filtering for Automatic Playlist ConitnuationMMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
MMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
Hojin Yang
 
HIVE: Data Warehousing & Analytics on Hadoop
HIVE: Data Warehousing & Analytics on HadoopHIVE: Data Warehousing & Analytics on Hadoop
HIVE: Data Warehousing & Analytics on Hadoop
Zheng Shao
 
Centralized log-management-with-elastic-stack
Centralized log-management-with-elastic-stackCentralized log-management-with-elastic-stack
Centralized log-management-with-elastic-stack
Rich Lee
 
Anomaly detection
Anomaly detectionAnomaly detection
Anomaly detection
Hitesh Mohapatra
 
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Lucidworks
 
Unit testing of spark applications
Unit testing of spark applicationsUnit testing of spark applications
Unit testing of spark applications
Knoldus Inc.
 
Kibana + timelion: time series with the elastic stack
Kibana + timelion: time series with the elastic stackKibana + timelion: time series with the elastic stack
Kibana + timelion: time series with the elastic stack
Sylvain Wallez
 
The Solr (Multi-Terms) Synonyms Maze (Graphs)
The Solr (Multi-Terms) Synonyms Maze (Graphs)The Solr (Multi-Terms) Synonyms Maze (Graphs)
The Solr (Multi-Terms) Synonyms Maze (Graphs)
Bertrand Rigaldies
 
Primeiros Passos Com Elasticsearch
Primeiros Passos Com ElasticsearchPrimeiros Passos Com Elasticsearch
Primeiros Passos Com Elasticsearch
Anael Ferraz de Carvalho
 
Lucene basics
Lucene basicsLucene basics
Lucene basics
Nitin Pande
 
Apache Hive Hook
Apache Hive HookApache Hive Hook
Apache Hive Hook
Minwoo Kim
 
The 8 Best Examples Of Real-Time Data Analytics
The 8 Best Examples Of Real-Time Data AnalyticsThe 8 Best Examples Of Real-Time Data Analytics
The 8 Best Examples Of Real-Time Data Analytics
Bernard Marr
 
Découverte de Elastic search
Découverte de Elastic searchDécouverte de Elastic search
Découverte de Elastic search
JEMLI Fathi
 
Interactive Recommender Systems
Interactive Recommender SystemsInteractive Recommender Systems
Interactive Recommender Systems
Roelof van Zwol
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
Fabian Reinartz
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to Elasticsearch
Ismaeel Enjreny
 

What's hot (20)

Big data and machine learning @ Spotify
Big data and machine learning @ SpotifyBig data and machine learning @ Spotify
Big data and machine learning @ Spotify
 
Sentiment analysis of twitter data
Sentiment analysis of twitter dataSentiment analysis of twitter data
Sentiment analysis of twitter data
 
Introducing DataFrames in Spark for Large Scale Data Science
Introducing DataFrames in Spark for Large Scale Data ScienceIntroducing DataFrames in Spark for Large Scale Data Science
Introducing DataFrames in Spark for Large Scale Data Science
 
SPEECH BASED EMOTION RECOGNITION USING VOICE
SPEECH BASED EMOTION RECOGNITION USING VOICESPEECH BASED EMOTION RECOGNITION USING VOICE
SPEECH BASED EMOTION RECOGNITION USING VOICE
 
MMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
MMCF: Multimodal Collaborative Filtering for Automatic Playlist ConitnuationMMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
MMCF: Multimodal Collaborative Filtering for Automatic Playlist Conitnuation
 
HIVE: Data Warehousing & Analytics on Hadoop
HIVE: Data Warehousing & Analytics on HadoopHIVE: Data Warehousing & Analytics on Hadoop
HIVE: Data Warehousing & Analytics on Hadoop
 
Centralized log-management-with-elastic-stack
Centralized log-management-with-elastic-stackCentralized log-management-with-elastic-stack
Centralized log-management-with-elastic-stack
 
Anomaly detection
Anomaly detectionAnomaly detection
Anomaly detection
 
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
Learning to Rank in Solr: Presented by Michael Nilsson & Diego Ceccarelli, Bl...
 
Unit testing of spark applications
Unit testing of spark applicationsUnit testing of spark applications
Unit testing of spark applications
 
Kibana + timelion: time series with the elastic stack
Kibana + timelion: time series with the elastic stackKibana + timelion: time series with the elastic stack
Kibana + timelion: time series with the elastic stack
 
The Solr (Multi-Terms) Synonyms Maze (Graphs)
The Solr (Multi-Terms) Synonyms Maze (Graphs)The Solr (Multi-Terms) Synonyms Maze (Graphs)
The Solr (Multi-Terms) Synonyms Maze (Graphs)
 
Primeiros Passos Com Elasticsearch
Primeiros Passos Com ElasticsearchPrimeiros Passos Com Elasticsearch
Primeiros Passos Com Elasticsearch
 
Lucene basics
Lucene basicsLucene basics
Lucene basics
 
Apache Hive Hook
Apache Hive HookApache Hive Hook
Apache Hive Hook
 
The 8 Best Examples Of Real-Time Data Analytics
The 8 Best Examples Of Real-Time Data AnalyticsThe 8 Best Examples Of Real-Time Data Analytics
The 8 Best Examples Of Real-Time Data Analytics
 
Découverte de Elastic search
Découverte de Elastic searchDécouverte de Elastic search
Découverte de Elastic search
 
Interactive Recommender Systems
Interactive Recommender SystemsInteractive Recommender Systems
Interactive Recommender Systems
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to Elasticsearch
 

Viewers also liked

Sumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled SearchesSumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled Searches
Sumo Logic
 
How To Webinar - Sumo Logic API
How To Webinar - Sumo Logic APIHow To Webinar - Sumo Logic API
How To Webinar - Sumo Logic API
Sumo Logic
 
Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017
Sumo Logic
 
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced AnalyticsSumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic
 
Bring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo LogicBring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo Logic
Sumo Logic
 
Sumo Logic Search Job API
Sumo Logic Search Job APISumo Logic Search Job API
Sumo Logic Search Job API
Sumo Logic
 
How to Webinar: Monitoring through Alerts
How to Webinar: Monitoring through AlertsHow to Webinar: Monitoring through Alerts
How to Webinar: Monitoring through Alerts
Sumo Logic
 
Introduction to LogCompare - Reducing MTTI/MTTR with Ease
Introduction to LogCompare - Reducing MTTI/MTTR with EaseIntroduction to LogCompare - Reducing MTTI/MTTR with Ease
Introduction to LogCompare - Reducing MTTI/MTTR with Ease
Sumo Logic
 
How Netskope Mastered DevOps with Sumo Logic
How Netskope Mastered DevOps with Sumo Logic How Netskope Mastered DevOps with Sumo Logic
How Netskope Mastered DevOps with Sumo Logic
Sumo Logic
 
Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...
Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...
Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...
Dataconomy Media
 
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host MetricsSumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic
 
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic
 
Sumo Logic quickStart Webinar June 2016
Sumo Logic quickStart Webinar June 2016Sumo Logic quickStart Webinar June 2016
Sumo Logic quickStart Webinar June 2016
Sumo Logic
 
Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016
Sumo Logic
 
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and MetricsHow Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
Sumo Logic
 
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic
 
Standing Up an Effective Enterprise Data Hub -- Technology and Beyond
Standing Up an Effective Enterprise Data Hub -- Technology and BeyondStanding Up an Effective Enterprise Data Hub -- Technology and Beyond
Standing Up an Effective Enterprise Data Hub -- Technology and Beyond
Cloudera, Inc.
 
The Future of Data Management: The Enterprise Data Hub
The Future of Data Management: The Enterprise Data HubThe Future of Data Management: The Enterprise Data Hub
The Future of Data Management: The Enterprise Data Hub
Cloudera, Inc.
 
How to Reduce your MTTI/MTTR with a Single Click
How to Reduce your MTTI/MTTR with a Single ClickHow to Reduce your MTTI/MTTR with a Single Click
How to Reduce your MTTI/MTTR with a Single Click
Sumo Logic
 
Enterprise Data Hub: The Next Big Thing in Big Data
Enterprise Data Hub: The Next Big Thing in Big DataEnterprise Data Hub: The Next Big Thing in Big Data
Enterprise Data Hub: The Next Big Thing in Big Data
Cloudera, Inc.
 

Viewers also liked (20)

Sumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled SearchesSumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled Searches
 
How To Webinar - Sumo Logic API
How To Webinar - Sumo Logic APIHow To Webinar - Sumo Logic API
How To Webinar - Sumo Logic API
 
Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017
 
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced AnalyticsSumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced Analytics
 
Bring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo LogicBring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo Logic
 
Sumo Logic Search Job API
Sumo Logic Search Job APISumo Logic Search Job API
Sumo Logic Search Job API
 
How to Webinar: Monitoring through Alerts
How to Webinar: Monitoring through AlertsHow to Webinar: Monitoring through Alerts
How to Webinar: Monitoring through Alerts
 
Introduction to LogCompare - Reducing MTTI/MTTR with Ease
Introduction to LogCompare - Reducing MTTI/MTTR with EaseIntroduction to LogCompare - Reducing MTTI/MTTR with Ease
Introduction to LogCompare - Reducing MTTI/MTTR with Ease
 
How Netskope Mastered DevOps with Sumo Logic
How Netskope Mastered DevOps with Sumo Logic How Netskope Mastered DevOps with Sumo Logic
How Netskope Mastered DevOps with Sumo Logic
 
Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...
Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...
Marcel Kornacker, Software Enginner at Cloudera - "Data modeling for data sci...
 
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host MetricsSumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host Metrics
 
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016
 
Sumo Logic quickStart Webinar June 2016
Sumo Logic quickStart Webinar June 2016Sumo Logic quickStart Webinar June 2016
Sumo Logic quickStart Webinar June 2016
 
Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016
 
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and MetricsHow Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
 
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016
 
Standing Up an Effective Enterprise Data Hub -- Technology and Beyond
Standing Up an Effective Enterprise Data Hub -- Technology and BeyondStanding Up an Effective Enterprise Data Hub -- Technology and Beyond
Standing Up an Effective Enterprise Data Hub -- Technology and Beyond
 
The Future of Data Management: The Enterprise Data Hub
The Future of Data Management: The Enterprise Data HubThe Future of Data Management: The Enterprise Data Hub
The Future of Data Management: The Enterprise Data Hub
 
How to Reduce your MTTI/MTTR with a Single Click
How to Reduce your MTTI/MTTR with a Single ClickHow to Reduce your MTTI/MTTR with a Single Click
How to Reduce your MTTI/MTTR with a Single Click
 
Enterprise Data Hub: The Next Big Thing in Big Data
Enterprise Data Hub: The Next Big Thing in Big DataEnterprise Data Hub: The Next Big Thing in Big Data
Enterprise Data Hub: The Next Big Thing in Big Data
 

Similar to "How to" Webinar: Sending Data to Sumo Logic

Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018
Sumo Logic
 
Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic
 
Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018
Sumo Logic
 
Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017
mariosany
 
Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017
Sumo Logic
 
Sumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - AdministrationSumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - Administration
Sumo Logic
 
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic
 
Sumo Logic QuickStart Webinar
Sumo Logic QuickStart WebinarSumo Logic QuickStart Webinar
Sumo Logic QuickStart Webinar
Sumo Logic
 
Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017
Sumo Logic
 
Anatomy of a Cloud Hack
Anatomy of a Cloud HackAnatomy of a Cloud Hack
Anatomy of a Cloud Hack
NotSoSecure Global Services
 
Microsoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptxMicrosoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptx
saadatali65
 
Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...
Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...
Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...
Amazon Web Services
 
Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416
Jarrett Plante
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
Using AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics ServiceUsing AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics Service
Christian Beedgen
 
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsDEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Felipe Prado
 
Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016
Sumo Logic
 
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...
Amazon Web Services
 
Sumo Logic QuickStart Webinar Sep 2016
Sumo Logic QuickStart Webinar Sep 2016Sumo Logic QuickStart Webinar Sep 2016
Sumo Logic QuickStart Webinar Sep 2016
Sumo Logic
 
Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017
Sumo Logic
 

Similar to "How to" Webinar: Sending Data to Sumo Logic (20)

Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018
 
Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016
 
Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018
 
Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017
 
Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017
 
Sumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - AdministrationSumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - Administration
 
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015
 
Sumo Logic QuickStart Webinar
Sumo Logic QuickStart WebinarSumo Logic QuickStart Webinar
Sumo Logic QuickStart Webinar
 
Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017
 
Anatomy of a Cloud Hack
Anatomy of a Cloud HackAnatomy of a Cloud Hack
Anatomy of a Cloud Hack
 
Microsoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptxMicrosoft Sentinel Deployment V1.pptx
Microsoft Sentinel Deployment V1.pptx
 
Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...
Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...
Using AWS to Build a Scalable Big Data Management & Processing Service (BDT40...
 
Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 
Using AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics ServiceUsing AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics Service
 
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsDEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
 
Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016
 
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...
 
Sumo Logic QuickStart Webinar Sep 2016
Sumo Logic QuickStart Webinar Sep 2016Sumo Logic QuickStart Webinar Sep 2016
Sumo Logic QuickStart Webinar Sep 2016
 
Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017
 

More from Sumo Logic

Welcome Webinar Slides
Welcome Webinar SlidesWelcome Webinar Slides
Welcome Webinar Slides
Sumo Logic
 
Welcome Webinar PDF
Welcome Webinar PDFWelcome Webinar PDF
Welcome Webinar PDF
Sumo Logic
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic
 
Sumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security AnalyticsSumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security Analytics
Sumo Logic
 
Sumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search MasterySumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search Mastery
Sumo Logic
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
Sumo Logic
 
Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic
 
Security Certification: Security Analytics using Sumo Logic - Oct 2018
Security Certification: Security Analytics using Sumo Logic - Oct 2018Security Certification: Security Analytics using Sumo Logic - Oct 2018
Security Certification: Security Analytics using Sumo Logic - Oct 2018
Sumo Logic
 
Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018
Sumo Logic
 
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic
 
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get CertifiedSumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic WebinarMaking the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Sumo Logic
 
Machine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and MetricsMachine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and Metrics
Sumo Logic
 
Scaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern ApplicationScaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern Application
Sumo Logic
 

More from Sumo Logic (19)

Welcome Webinar Slides
Welcome Webinar SlidesWelcome Webinar Slides
Welcome Webinar Slides
 
Welcome Webinar PDF
Welcome Webinar PDFWelcome Webinar PDF
Welcome Webinar PDF
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & Compliance
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
 
Sumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security AnalyticsSumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security Analytics
 
Sumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search MasterySumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search Mastery
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
 
Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
 
Security Certification: Security Analytics using Sumo Logic - Oct 2018
Security Certification: Security Analytics using Sumo Logic - Oct 2018Security Certification: Security Analytics using Sumo Logic - Oct 2018
Security Certification: Security Analytics using Sumo Logic - Oct 2018
 
Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018
 
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)
 
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get CertifiedSumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get Certified
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
 
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic WebinarMaking the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
 
Machine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and MetricsMachine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and Metrics
 
Scaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern ApplicationScaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern Application
 

Recently uploaded

E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
Quickdice ERP
 
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
Gerardo Pardo-Castellote
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
Peter Muessig
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
Hornet Dynamics
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - DeugloEmpowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
Deuglo Infosystem Pvt Ltd
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Łukasz Chruściel
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
ICS
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
lorraineandreiamcidl
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
rodomar2
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
kalichargn70th171
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024
Hironori Washizaki
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
pavan998932
 

Recently uploaded (20)

E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
 
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - DeugloEmpowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
 
SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
 

"How to" Webinar: Sending Data to Sumo Logic

  • 1. Sumo Logic Confidential Data Collection June 2016 How-To Webinar Welcome. To give everyone a chance to successfully connect, we’ll start at 10:05 AM Pacific.
  • 2. Sumo Logic Confidential At the completion of this webinar, you will be able to… Design a Sumo Logic deployment that fits your organization Install Collectors Create your Data Sources Understand Local File Configuration Management
  • 4. Sumo Logic Confidential Sumo Logic Data Flow Data Collection Search & Analyze Visualize & Monitor Alerts Dashboards Collectors Sources Operators Charts 1 2 3
  • 5. Sumo Logic ConfidentialSumo Logic Confidential Enterprise Logs are Everywhere Custom App Code Server / OS Virtual Databases Network Open Source Middleware Content Delivery IaaS, PaaS SaaS Security
  • 6. Sumo Logic Confidential Designing Your Deployment • Sumo Logic Data Collection is infinitely flexible. • Design a Sumo Logic deployment that's right for your organization. • Installed versus Hosted Collectors.
  • 7. Sumo Logic Confidential Host A Collectors and Sources Apache Access Apache Error Collector A Host B Collector B Host C Collector C Apache Access Apache Error IIS Logs IIS W3C Logs
  • 9. Sumo Logic ConfidentialSumo Logic Confidential Collector and Deployment Options Collector Cloud Data Collection Centralized Data Collection Local Data Collection Collector CollectorCollector Collector Hosted Collectors Installed Collectors
  • 10. Sumo Logic Confidential Source Types S3 Bucket  Any data written to S3 buckets via AWS, Lambda Scripts, custom Apps HTTPS  Akamai, Log Appender Libraries, etc. Google  Google API Typical Scenarios AWS Only Customers, while it's possible to rely on Cloud Data Collection entirely, this is not typical. These source types are normally just part of the overall collection strategies Benefits/Drawbacks + No Software Installation - S3 Latency issues - Https Post Caching Need Cloud Data Collection Most Data is generated in the Cloud and by Cloud Services and is collected via Sumo Logics Cloud Integrations.
  • 11. Sumo Logic Confidential Local Data Collection The Sumo Logic Collector is installed on all target Hosts and, where possible, sends log data produced on those target Hosts directly to Sumo Logic Backend via https connection. Source Types Local Files  Operating Systems, Middleware, Custom Apps, etc. Windows Events  Local Windows Events Docker  Logs and Stats Syslog (dedicated Collector)  Network Devices, Snare, etc Script (dedicated Collector)  Cloud API’s, Database Content, binary data Typical Scenarios Customers with large amounts of (similar) servers, using orchestration/automation, mostly OS and application logs - On Premise Datacenters - Cloud Instances Benefits/Drawbacks + No Hardware Requirement + Automation (Chef/Puppet/Scripting) - Outbound Internet Access Required - Resource Usage on Target
  • 12. Sumo Logic ConfidentialSumo Logic Confidential Collector Deployment – Local Collectors
  • 13. Sumo Logic Confidential Source Types Syslog  Operating Systems, Middleware, Custom Applications, etc Windows Events  Remote Windows Events Script  Cloud API’s, Database Content, binary data Typical Scenarios Customers with mostly Windows Environments or existing logging infrastructure (syslog/logstash) - On Premise Datacenters Benefits/Drawbacks + No Outbound Internet Access + Leverage existing logging Infrastructure - Scale - Dedicated Hardware - Complexity (Failover, syslog rules) Centralized Data Collection The Sumo Logic Collector is installed on a set of dedicated machines, these collect log data from the target Hosts via various remote mechanisms and forward the data to the Sumo Logic Backend. This can be accomplished by either using Sumo Logic syslog source type or by running Syslog Servers (syslog-ng, rsyslog), write to file, and collect from there.
  • 14. Sumo Logic ConfidentialSumo Logic Confidential Collector Deployment – Centralized Collector
  • 15. Sumo Logic Confidential Deployment Options Summary Collector Benefits Drawbacks Local • Direct access to source logs • Ease of troubleshooting • No additional HW requirements • More Complex Management • Resource usage on target host • Need for outbound internet access Centralize d • Fewer collectors and sources • Simplified management • Target hosts don’t need outbound internet access • Need for dedicated hardware • More complex setup (users, permissions) • Harder to troubleshoot • Requires careful planning in order to scale Hosted • Agentless • Build it into your infrastructure (S3) • Direct HTTP POST • Requires local script to POST or curl messages Resources:  Design Your Deployment  Best Practices: Local and Centralized Data Collection
  • 17. Sumo Logic Confidential Host A Collectors and Sources Apache Access Apache Error Collector A Host B Collector B Host C Collector C Apache Access Apache Error IIS Logs IIS W3C Logs
  • 18. Sumo Logic ConfidentialSumo Logic Confidential Defining a Source A single Collector can have multiple Sources. Key fields to define when configuring any Source type: • Name • Description • Historical Data • Source Host • Source Category • File path – Excluding syslog • Timestamp Parsing
  • 19. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Remote File Required for remote collection: • Listening port • Remote login credentials – Username and password – Local SSH • Absolute file path
  • 20. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Syslog Required for Syslog collection: • Protocol • Listening port
  • 21. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Windows Event Collection Required for Windows Event Collection: • Remote specific: – Remote host name(s) – Windows Domain – Username / password • Windows Event Type
  • 22. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Windows Performance Collection Required for Windows Performance Collection: • Remote specific: – Remote host name(s) – Windows Domain – Username / password • Frequency • Perfmon Queries
  • 23. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Script Required for script based collection: • Execution frequency • Command type • Path to script • Script to execute • Working directory
  • 24. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: HTTP Required for HTTP Source: • How to treat incoming POST requests After Configuration: • Use URL to send POST messages to the collector
  • 25. Sumo Logic ConfidentialSumo Logic Confidential Source Specific: Amazon S3 and AWS sources Required for Amazon S3: • IAM – Key ID – Security Key • Bucket name • Path expression • Scan interval
  • 26. Sumo Logic ConfidentialSumo Logic Confidential Configuration: Filtering Source Data • Regular expressions are used to create rules to filter data sent from a Source. • The filters affect only data sent to Sumo Logic; logs on your end remain intact. • Filter Types – Exclude Filter (Black List) – Include Filter (White List) – Hash Filter (i.e. Replace credit card number with unique randomly generated code) – Mask Filter (i.e. Mask each character with #) – Note • Exclude filters override all other filter types for a specific value • Mask and hash filters are applied after exclusion and inclusion filters
  • 27. Sumo Logic ConfidentialSumo Logic Confidential Configuration: Filtering Files (Blacklisting) • Blacklist files or set of files that shouldn’t be ingested
  • 29. Sumo Logic Confidential Metadata Fields Name Description _collector Name of the collector this data came from _source Name of the source this data came through _sourceHost Hostname of the server this data came from _sourceName Name of the log file (including path) _sourceCategory Category designation of source data Tags added to your messages when data is collected Host A Apache Access Apache Error Collector A
  • 30. Sumo Logic Confidential Host A Metadata Field Usage Apache Access _sourceCategory = WS/Apache/Access Apache Error _sourceCategory = WS/Apache/Error Collector A Host B Collector B Host C Collector C Apache Access _sourceCategory = WS/Apache/Access Apache Error _sourceCategory = WS/Apache/Error IIS Logs _sourceCategory = WS/IIS IIS W3C Logs _sourceCategory = WS/IIS/W3C Sample Searches for _sourceCategory: = WS/Apache/Access = WS/Apache/* = WS/*
  • 31. Sumo Logic ConfidentialSumo Logic Confidential Source Category Best Practices • Recommended nomenclature for Source Categories Component1/Component2/Component3… • From least descriptive to most descriptive Networking/Firewall/Cisco/FWSM Networking/Firewall/Cisco/ASA Networking/Firewall/PAN/PA7050 Networking/Router/Cisco/2821 • Note: Not all types of logs need to have the same amount of levels. • Benefits – Simple search scoping by using wild cards anywhere in the string – Simple, intuitive and self-maintaining partitions/index – Simple and self maintaining RBAC rules • Blog Post: Good SourceCategory, Bad SourceCategory
  • 33. Sumo Logic ConfidentialSumo Logic Confidential Automating Deployments • Silent installation  Use sumo.conf  Provide name, credentials and source file parameter for initial setup only • Local Configuration Collector Management  Manage configuration locally using a JSON file with Chef/Puppet  Available for both new and existing collectors • Collector Management API  Define an initial Source configuration for your Collectors using a JSON file  Retrieve and update Collector Configuration from an HTTP endpoint
  • 34. Sumo Logic ConfidentialSumo Logic Confidential Installed Collector Deployment Tips • Install using Collector Guidelines/Requrements • Access Keys – Used for collector registration and API – ID/Key Pair instead of user/pass • Especially important when storing credentials on disk • Collector Logs – Logs in: $SUMO_HOME/logs – Current Log: $SUMO_HOME/logs/collector.log – Check for Out of Memory Errors – Increase memory if needed as described on Support Site Post
  • 35. Sumo Logic Confidential Questions? Additional Resources Search Video Library and Documentation Search/Post to Community Forums Search, post, respond Submit/vote for feature requests Submit Tips & Tricks Open a Support Case Sumo Logic Services Customer Success, Professional Services, Training
  • 36. Sumo Logic Confidential Thank You! April 2016

Editor's Notes

  1. Welcome everyone. My name is…. I’m joined by Maisie and Ryan who are part of our Engineering team that works on Data Collection. They will be fielding questions at the end of this webinar’s Q&A session. Housekeeping items: Everyone is on mute to avoid distractions If you want to ask a question, please do so using the GTW question panel This webinar will be recorded and shared with all of you, along with the slides
  2. Please note that this webinar is specifically for users with Admin priviledges who have access to install and manage Collectors. At the completion of this webinar, you will be able to…
  3. Sumo Logic Data Flow is broken into 3 main areas: Data Collection through configurable Collectors and Sources. Collectors collect, compress, cache and encrypt the data for secure transfer. Search and Analyze – Users can run searches and correlate events in real-time across the entire application stack. We will be spending most of our time in this area during this webinar, as this is most likely what you will first be doing as a new user. Visualize and Monitor- Users have the ability to create custom dashboards to help you easily monitor your data in real-time. Custom alerts notify you when specific events are identified across your stack. I will cover Data Collection at a high-level, and cover the next 2 areas through a demo.
  4. What data can we ingest? We can ingest data from just about any source you can imagine - structured or unstructured. Here are just a few of the devices, applications and frameworks you may be using - all of which produce log data that SL can analyze. The left hands side can present you technology stack – from custom application code all the way down to your network devices.
  5. Sumo Logic Installed and Hosted Collectors are infinitely flexible. Design a Sumo Logic deployment that's right for your organization. <Review slide citing some examples>
  6. At a High-level, Customers collect and send data to Sumo Logic through the use of Collectors and Sources. We’ll cover collectors first and then dive into Sources. This is an great example what we see at a typical customer. This customer is sending web server log files to the Sumo Logic service. Host A and Host B are each sending a couple of log files through a locally installed Sumo Logic collector. In the case of Host C, which is sending IIS log files, it’s using a hosted collector where a local script can send data to an HTTP endpoint (running curl and POST commands).
  7. Hosted Collectors Allow for seamless collection from Amazon S3 buckets and HTTP Sources. Hosted Collectors don't require installation or activation, nor do Hosted Collectors have physical requirements, since they're hosted in AWS. Because there are no performance issues to consider, you can configure as many S3 and HTTP Sources as you'd like for a single Hosted Collector. Installed Collectors Sumo Logic Installed Collectors are lightweight and efficient. You can choose to install a small number of Collectors to minimize maintenance or just because you want to keep your topology simple (Centralized). Alternatively, you can choose to install many Collectors on many machines (Local) to distribute the bandwidth impact across your network. Installed Collectors are deployed in your environment, either on a local machine, a machine in your organization, or even an Amazon Machine Image (AMI). Installed Collectors require a software download and installation. Upgrades to Collector software are released regularly. A few things to consider: Consider having an Installed Collector on a dedicated machine if: You are running a very high-bandwidth network with high logging levels. You want a central collection point for many Sources. Consider having more than one Installed Collector if: You expect the combined number of files coming into one Collector to exceed 500. Your hardware has memory or CPU limitations. You expect combined logging traffic for one Collector to be higher than 15,000 events per second. Your network clusters or regions are geographically separated. You prefer to install many Collectors, for example, one per machine to collect local files. IMPORTANT: For system requirement details, see Installed Collector Requirements.
  8. The Sumo Logic Collector is installed on all target Hosts and, where possible, sends log data produced on those target Hosts directly to Sumo Logic Backend via https connection.
  9. The Sumo Logic Collector is installed on all target Hosts and, where possible, sends log data produced on those target Hosts directly to Sumo Logic Backend via https connection.
  10. The Sumo Logic Collector is installed on a set of dedicated machines, these collect log data from the target Hosts via various remote mechanisms and forward the data to the Sumo Logic Backend. This can be accomplished by either using Sumo Logic syslog source type or by running Syslog Servers (syslog-ng, rsyslog), write to file, and collect from there.
  11. The Sumo Logic Collector is installed on a set of dedicated machines, these collect log data from the target Hosts via various remote mechanisms and forward the data to the Sumo Logic Backend. This can be accomplished by either using Sumo Logic syslog source type or by running Syslog Servers (syslog-ng, rsyslog), write to file, and collect from there.
  12. In most cases our customers will employ a mix of the above options to account for different limitations on both the log types and source types. For example, network devices only broadcast syslog, so even if you generally employ local file collection paradigm, you still need some syslog infrastructure to collect these logs. Same is true for any Cloud API logs (e.g. Okta Event, etc) you may want to collect via script. Another example: an AWS-only customer, will most likely still choose to install collectors on all their EC2 instances (local collection) and collect AWS Audit logs (CloudTrail, ELB, etc) via the S3 integration. Which strategy you choose does not depend primarily on where the data lives, but on the following: sensitivity in terms of outbound internet access, technical abilities in your team (setting up centralized infrastructure requires knowledge, hardware and a need for monitoring/scaling/fault tolerance) Whether or not there is a logging infrastructure already in place. At a high-level, we only recommend the Centralize method if the following are true: - You absolutely cannot live with the internet access requirements - You have an existing infrastructure (syslog/logstash) - Your data volume or your number of target hosts is pretty large
  13. At a High-level, Customers collect and send data to Sumo Logic through the use of Collectors and Sources. We’ll cover collectors first and then dive into Sources. This is an great example what we see at a typical customer. This customer is sending web server log files to the Sumo Logic service. Host A and Host B are each sending a couple of log files through a locally installed Sumo Logic collector. In the case of Host C, which is sending IIS log files, it’s using a hosted collector where a local script can send data to an HTTP endpoint (running curl and POST commands). Hosted collectors are also able to load data from AWS S3 buckets.
  14. Name: something that is relevant to the data you are collecting Description: reference to understand the source Source Category; custom label that you can easily use to search data gathered by this source Timestamp Host File Path or Source (Name) Source Specific Config Local/Remote Path script/ File/Windows
  15. Name: something that is relevant to the data you are collecting Description: reference to understand the source Source Category; custom label that you can easily use to search data gathered by this source Timestamp Host Hosted: S3: path expression allows you to identify which objects to upload from S3 can use wildcard to define the path expression and capture more files. Exact file name will only pick up files that match that
  16. Great, data is ingested into the Sumo Logic service, but something else is also happening in the background. Every single message ingested gets tagged with metadata that makes it much easier to search for related messages. This table shows the 5 main tags (review them all) In particular, I want to point out the source Category metadata field, as choosing the right naming convention can make a big impact on your searching capabilities and performance.
  17. This example will highlight the importance of defining the proper source category: Notice I’ve added the desired SourceCategory for each Source: = WS/Apache/Access Searches across Apache Security logs in both Host A and Host B = WS/Apache/* Searches across all Apache sources in both Host A and Host B = WS/* Searches across all Web Servers across all hosts