Skip to main content
Sumo Logic

Lab 11 - Identify Future Trends

This lab teaches you how to use the predict operator to use identify future trends of log data.
Use the predict operator to understand future trends based on your existing data.

 

  1. Search your Labs/Apache/Access logs looking for status_code 404 for  the last 60 minutes.

  2. Slice your 60 minutes by 1-minute increments and count your 404 status codes by timeslice.

  3. Predict your future trend of 404s in 1 minute increments and plot results on a line graph.

_sourceCategory=Labs/Apache/Access status_code=404

| timeslice 1m

| count(status_code) as error_count by _timeslice

| predict error_count by 1m