Skip to main content
Sumo Logic

Lab 2: Add a Source

Learn how to add an Apache Access source.
Move the apache file to the tmp or temp directory on your computer

Copy the apache_access_logs_tutorial.txt file to your tmp directory (Mac computer) or temp directory (Windows) the images below are for a Mac computer. When you launch Finder, if you do not see your tmp directory. Perform the following: 

Select your hard drive from the Finder locations as shown below
clipboard_ecb99af6c74b64784e5d74d532d8b98dd.png

Using the Finder pulldown menu, select Go and then select Go to Folder, type in tmp

clipboard_ea0c85b9ef6afce3f6a3476332970705b.png

Copy the apache_access_logs_tutorial.txt file to this tmp directory
clipboard_ed6b99c8ec127069ce4d9cebca1c6f1a1.png

Create the Apache log source


Now that you’ve set up a collector on a machine in your environment, you can add a source. Let's add an Apache Access log source.

clipboard_ea27a7597edafe5785ea5d46a572d3741.png

 

Find the collector by name on the Collection page and select Add > Add Source.

clipboard_ebf2f8809a8dcd11fda352345f92ec3e8.png

Sumo Logic supports many source types. For this tutorial, we’re going to look at the logs in the Apache Access file that you downloaded to your computer in Part 1. That’s a local file source, so click Local File.

clipboard_eb17f8768235471e34fd47823163d771e.png

This page has lots of options, but just a few settings are required. Add a name to identify the source. For the file path, use the path /tmp/apache_access_logs_tutorial.txt. Enter a name for Source Host and Source Category, so you can easily refer to the source in search queries. Tip: Defining an appropriate source category will let you zero in on your data anytime by specifying the source category in your queries. Click Save.

clipboard_e1dc3465c8c30db72cae6c28a96bac7a6.png

Click Collectors and Sources to return to the list on the Collection page.

clipboard_e215ab575cf8a59d3ef1856e0e803bbee.png

The new source is now listed. The green checkmark indicates that its status is active and that Sumo Logic will start ingesting data from the source.

clipboard_eadb8bec0356d63f923094a6f627efcdd.png

Test your new source

You can verify that your data is now being ingested by running a search. A quick way to do that is to hover over the source category and click the blue search icon.

clipboard_e9d0f798da3ad0436bd5ccc055afcd93e.png

The Search page opens to show the search results. If you don't see any data, then change the time to Last 24 Hours. You may also double check the Apache Access file you downloaded in Part 1 of this tutorial and make sure that the date stamp on the messages matches the time interval on the Search page. 

clipboard_e83fea0a85b908d222ae4e9c71346e460.png

Nice job! You've now set up a source on your local machine, so the data in the Apache Access file that you downloaded to your machine in Part 1 is now available in Sumo Logic.  In Part 4 you'll install the Apache Access app, which has predefined searches and dashboards that make it a snap to view your data.