Skip to main content
Sumo Logic

Lab 9 - Monitoring Metrics using dashboards and alerts

This lab teaches you how to add metrics charts as panels to dashboards.

Dashboards are a collection of metric or log Panels, allowing users to easily monitor trends or critical events over time. 

Create a Dashboard with 4 queries from previous labs. Your results will vary from the screenshot below, depending on which labs you decided to display, and what display options (line vs area, colors, outliers) you select.


Metric Monitors

For your metrics query, you can set the monitor on a time series to alert when the metric has crossed a static threshold, and then send an email or Webhook notification. You can set a maximum of one critical alert, one warning alert, and one missing data alert for each monitor, each with one or more notification destinations.

A monitor can alert on a single time series, multiple time series, or a Join of two metrics queries. In other words, if your monitor query produces 10 different time series, you will get alerts on all of those time series individually. If your query applies to the Join condition only, you will receive a separate alert on that Joined value. For example, if you create a monitor to alert on CPU across 10 hosts, you will receive a separate alert for each individual host that crosses the threshold you set.

Sumo Logic has monitors for both metrics and logs in one location.

For this lab, let's create some metric monitors to alert on CPU Usage for all our containers.

  1. In the main menu, select Manage Data, select Alerts and click on the Monitors tab. Click the Add button on the far right side. You will notice that you can a) create a folder to group your monitors together b) create a New Montior c) Import a monitor from an existing on.  For this exercise, we will select the New Monitor option.

  2. Select Metrics under the Monitor Type. 

  3. Create the following query

    metric=CPU_usage container=container*

Trigger Type
  1. In the Monitor screen, you'll be able to specify thresholds for Critical, Warning and Missing Data.

  2. Select the Critical tab and set the following threshold: greater than or equal to 90 for the last 15 mins, as shown below: 


  3. Now select the Warning tab and create an alert for when the results are greater than 85 continously for the last 15 mins.
    Note: You might need to adjust the values according to your metrics data.

  4.  Use the following:

  5. Your metrics will reflect this graphically


Now let's set the Notifications for when these alerts occur.  As you can see, we can add either Group Notifications or Separate Notifications for Critical, Warning, or Missing Data either alert state or a recovery state.


  1. Select Group Notifications and under Connection Type select Create New Email.  In the To field enter your email address.  You will notice that the subject line is filled in.  Add in the Message field: We have an alert condition!: {{TriggerType}}.

  2. Place checkmarks in the Critical Alert and Recovery and the Warning Alert and Recovery checkboxes, as shown below: 



Monitor Details
  1. In the Monitor Details, give your monitor a name.  Recommend you name them CPU Alert <Your initials>.  For the description, put Metrics Mastery class - lab 10.

  2. Click the Save button  clipboard_e34425dee63049fe5fee4cdc833eff221.png in the upper left of your screen to save your alert.

  3. Feel free to edit your monitor and adjust the thresholds so that your alert is triggered and your email is sent.  

Clean up and delete your monitor
  1.  Delete your training Monitor: 

    • In the left Navigation bar, go to Manage Data > Alerts > Monitors

    • Find your Monitor by Name and Delete it on the right-hand side, as shown below: 


Congratulations - you have created an active monitor and also deleted it.  Let's move on to the last lab.