Install the Sumo Logic App
Now that you have set up collection for Box, install the Sumo Logic App for Box to use the preconfigured searches and dashboards to analyze your data.
To install the app:
Locate and install the app you need from the App Catalog. If you want to see a preview of the dashboards included with the app before installing, click Preview Dashboards.
- From the App Catalog, search for and select the app.
- To install the app, click Add to Library and complete the following fields.
- App Name. You can retain the existing name, or enter a name of your choice for the app.
- Data Source. Select either of these options for the data source.
- Choose Source Category, and select a source category from the list.
- Choose Enter a Custom Data Filter, and enter a custom source category beginning with an underscore. Example: (_sourceCategory=MyCategory).
- Advanced. Select the Location in Library (the default is the Personal folder in the library), or click New Folder to add a new folder.
- Click Add to Library.
Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.
Panels will start to fill automatically. It's important to note that each panel slowly fills with data matching the time range query and received since the panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps.
The Script Source is available for Linux or Windows environments with Java Runtime Environments.
Box Collaborations and Shares
Users with Most Collaboration Activities. Shows the top users with the most collaboration activities and displays them as a column chart for the last 24 hours.
Collaborations by Item. Top items invoked in collaboration activities, displayed as a column chart for the last 24 hours.
Collaboration Details. Displays Box collaboration event information details in an aggregation table with columns for message time, event type, item name, source user, and source login for the last 24 hours.
Shared Resources. Displays the details of shared resources such as message time, event type, item name, item type, source user, and source login in an aggregation table for the last 24 hours.
Box Resource Access
Top 10 Resource Creators. Displays the top 10 resource creators by showing details of Box upload or create events by user and count as a pie chart for the last 24 hours.
Top 10 Resource Consumers. Provides information on the top 10 resource consumers by showing Box download or preview events by user and event count as a pie chart for the last 24 hours.
Access Types Over Time. Shows access event types by count as a stacked column chart using timeslices of one hour on a timeline for the last 24 hours.
Top 10 Most Accessed Resources. Lists the top 10 most accessed resources by name in a bar chart for the last 24 hours.
Top 10 Most Downloaded or Viewed Resources. Lists the top 10 most downloaded or viewed resources by name in a bar chart for the last 24 hours.
Resources Moved or Copied. Displays details on resources that have been copied or moved such as message time, item type, item name, event type, source login, and source user in an aggregation table for the last 24 hours.
Box User Monitoring
Top 10 Logins by User. Displays details about the top 10 users with the most logins, such as source user, source login, and event count in an aggregation table for the last 24 hours.
Top 10 Logins by IP. Shows the top 10 IP address that logged into the account in a pie chart for the last 24 hours.
Top 10 Failed Logins. Provides details on failed logins by user and event count in a column chart for the last 24 hours.
Administrative Activities. Displays administrative details such as message time, event type, source IP address, source user, source login, destination user, and destination login in an aggregation table for the last 24 hours.
Recent Login Devices Added. Reports details on recently added login devices such as message time, source login, source user, and source IP address in an aggregation table for the last 24 hours.
Top 10 Automated Users. Displays information on top automated users by user and event count in a column chart for the last 24 hours. Automated users are devices or applications that login through a user account.