Sumo Logic Apps provide a host of pre-built saved searches for popular data Sources that you can run against your data without installing the App itself. This way, you can try the searches in a Sumo Logic App against your data before you decide to install it. Or you can run the searches to see how good example queries are written.
To run a saved search from a Sumo Logic App, just find the search you want to run in the Library, click it, and select a Source Category or a custom data filter to run the search against. The Search page opens and runs the search in a new tab automatically using the query's time range.
In order to run a search from an App, you would first need to have data ingested in your system that the search query would find. For example, before you can run a search from the Sumo Logic App for Apache, you must set up a Collector and Source to ingest your Apache data. If you don't have data that matches the requirements of the search query, or if you select the incorrect Source Category or data filter, you will either get no results, or bad results.
After the search has run, you can save the search to use it again in the future from the Library.
To run a search from a Sumo Logic App:
- Find the Sumo Logic App for the data Source you would like to search in the App Catalog (Library > Apps in the classic UI). For example, we've picked Cloud Passage Halo's Outlier in Critical Issues.
- Find the search you want to run and click it.
- In the Run Search dialog, select a Source Category or enter a Custom data filter to run the search against.
- Click Run Search.
The Search page opens, the search populates a new tab, and the search runs using the query's time range. If you would like to use a different time range, stop the search and reset it.
If you don't have data that matches the requirements of the search query, or if you select the incorrect Source Category or data filter, you will either get no results, or bad results.