To get started, let’s sign in to Sumo and take a look at some of the data that’s available to you.
Open a browser, go to your Sumo URL, and sign in. URLs can vary based on your setup or your sign-in credentials, so check with your organization’s Sumo administrator. You begin on the Home page experience.
See what data is available
To see what data is available to you, you can always click Manage Data > Collection > Collection and search your collectors for sources of logs and metrics.
But you can also see the same data sources by running a quick search.
Let’s open the Search page.
- Click on the top tab bar to select an action.
- Select Log Search.
- The Search page opens.
The data that’s available to you is organized by source categories. To see all the available categories, let’s do a simple search query that counts all the log messages by source category.
- In the search query area, enter:
* | count by _sourceCategory
- Press Return. Sumo completes the search and presents the results.
The top area shows a histogram of results, but that’s not what we’re interested in at the moment. Instead, take a look at the text results below the histogram. There’s a list of all the available source categories, with a count of the messages for each that have been ingested by Sumo during the past 15 minutes (the default 15-minute interval has been pre-selected in the upper right corner).
Suppose you’re interested in log messages for Apache Access, which is listed as a source category. You can now start creating queries to find the messages you’re interested in, but that might not be necessary.
- Someone else in your org might have shared saved searches or dashboards for Apache Access.
- If no one else has installed and shared the data, the Apache Access app might have what you’re looking for.
Let's explore both options.
Find and display a shared dashboard
To see whether someone in your organization has shared Apache Access searches or dashboards:
- Select Library from the left navigation menu, enter Apache Access in the search field, and press Return.
- The search results include any matching saved searches or dashboards. In this case, the search finds a dashboard that’s been shared by someone in your Org.
- Click Apache Access and then click Apache - Overview to open the dashboard. The dashboard contains the panels that the owner has set up to monitor Apache Access messages in meaningful ways.
- If the dashboard contains the information you’re looking for, or something close to that, great! Part 5 of this tutorial shows how you can modify dashboards and the associated search queries to tune your results.
Install an app and view content
If the dashboard doesn’t show the type of information you’re looking for, or if your library search didn’t find any useful shared searches, it’s a good idea to install the Apache Access app.
Sumo Logic apps deliver out-of-the-box dashboards, saved searches, and field extraction for popular data sources. They’re the best way to start exploring a new data source on your own.
To install the Apache Access app:
- Click App Catalog in the left nav.
- Enter Apache in the search field, and press Return to show the matching apps.
- Double-click Apache to open its app page, and click Add to Library.
Clicking this button isn't the final installation. Instead it will launch a window with a few options for the app.
- You can name it something else if you want more than one copy of the app in your personal folder, for example. For now, append your initials to the name Apache_<your initials>
- You can choose a data source or enter a custom data filter. For now, let's choose from our existing data sources.
- For the Apache Log Source, Select Enter a Custom Data Filter and type webserver_system=apache. This assigns a keyvalue pair to pull all apache incoming logs that contain this keyvalue pair.
- Click Add to Library in the dialog box to confirm your selection.
The app is added to the library. Now you can share the app with others in your organization so they can see the dashboards and saved searches for the Apache Access app.
- in the left navigation panel, hover over the Apache Access app to display its details pane. Click the details icon to see the menu.
- Select Share from the menu.
- Select Your organization, and click Share.
Now others in your organization will see the Apache Access app when they select the Org folder in the library.
- Now that the app is created and shared, let’s see what it contains. Click Personal on the left navigation panel or on the Library page, and double-click the Apache folder.
- The app includes a bunch of predefined saved searches and dashboards. To open a dashboard, scroll down to the Apache - Overview dashboard, and double-click to open it. Notice the panels that are already created for you.
Congratulations! You’ve completed these tasks in Part 1 of the Using Sumo Quick Start tutorial:
Signed in to Sumo Logic.
Searched for source categories to see what data is available to you.
Searched for and viewed a dashboard that’s been shared by someone in your organization.
Installed an app, shared it with others, and opened one of the dashboards included in the app.