December 22, 2016
Custom Time Range. For searches and metrics, you can specify the time range relative to the current time, or specify a custom time range. For details see Set the Time Range.
December 21, 2016
Metrics Outliers. The metrics outlier feature allows you to identify metrics data points that are outside the range of expected values. You can use outliers to pinpoint unusual behavior in your metrics visualizations and track the behavior over time. Flexible controls are available for you to decide how unexpected a value must be to be labeled an outlier and the number and type of outliers to display. For details see Metrics Outliers.
Time Compare. The Time Compare button becomes available in the Aggregates tab when you run an aggregate search, and allows you to run a compare operation automatically from your search results. For details see Time Compare.
December 13, 2016
Manage S3 Data Forwarding Role Capability. The Manage S3 Data Forwarding Role Capability allows users with this role to manage S3 data forwarding from Sumo Logic to an S3 bucket. For details see Role Capabilities.
December 9, 2016
Color Palette Selector for Metrics. You can specify the color palette for your metrics visualization at the time series, query, and chart level. Settings at the query level overwrite settings at the chart level, and settings at the time series level overwrite settings at the query and chart levels. For details, see Work with Metrics Visualizations.
November 22, 2016
Sumo Logic App for Amazon EC2 Container Service (ECS). The Sumo Logic App for Amazon ECS provides preconfigured searches and Dashboards that allow you to monitor various metrics (CPU and Memory Utilization, CPU and Memory Reservation) across ECS clusters and services. The App also monitors API calls made by or on behalf of Amazon ECS in your AWS account. For details see Amazon EC2 Container Service (ECS).
Sumo Logic App for AWS Elastic Load Balancing Metrics (Preview). The Sumo Logic App for AWS Elastic Load Balancing Metrics allows you to collect and analyze CloudWatch Elastic Load Balancing for Application Load Balancer (ALB) and Classic Load Balancer (CLB) metrics and analyze your ELB system. The App provides preconfigured searches and Dashboards that allow you to monitor Metrics Hosts (healthy and unhealthy), HTTP backend codes, latency and requests, and more. For details see AWS Elastic Load Balancing Metrics App. This is a Preview App.
Sumo Logic App for Amazon Inspector (Preview). Amazon Inspector allows you to monitor your AWS resources for potential security risks. The Sumo Logic App for Amazon Inspector provides preconfigured searches and Dashboards that give you instant access to an overview of Amazon Inspector as well as details on assessments, runs, and findings. For details see Amazon Inspector App. This is a Preview App.
November 17, 2016
Sumo Logic App for Evident.io ESP (Preview). The Sumo Logic App for Evident.io ESP provides preconfigured searches and Dashboards that allow you to investigate Evident-specific events and provide operational visibility to team members without logging into Evident.io. For details, see Evident.io Evident Security Platform App. This is a Preview App.
November 16, 2016
Sign up for Sumo Logic via the AWS Marketplace. You can sign up for Sumo Logic via the AWS Marketplace. This creates a new Sumo Logic organization and account, and allows you to pay your bill using your Amazon account. For complete details, see Sign Up for Sumo Logic via the AWS Marketplace.
Sumo Logic App for Amazon RDS Metrics (Preview). The Sumo Logic App for Amazon RDS Metrics provides visibility into your Amazon Relational Database Service (RDS) Metrics collected via a CloudWatch Metrics Source. The App’s Dashboards provide preconfigured searches and filters that allow you to monitor your RDS system's overview, CPU, memory, storage, network transmit and receive throughput, read and write operations, database connection count, disk queue depth, and more. For details, see Amazon RDS Metrics. This is a Preview App.
Pause and Resume an S3 Source. You can pause an S3 Source at any time to stop the Source from sending data from the Source to Sumo Logic. Locate the Source on the Manage > Collection page, and click Pause. Click the Resume link when you are ready for the Source to start sending data again. For details, see Pause and Resume an S3 Source.
November 10, 2016
AWS Metadata Source for Metrics. The Sumo Logic AWS Metadata Source allows you to collect tags from EC2 instances running on AWS. The metadata is automatically attached to host metrics collected from EC2 instances. See AWS Metadata Source for Metrics.
November 9, 2016
Delta and Rate operators for Metrics Queries. Support has been added for delta and rate operators for metrics queries. For details, see the table of operators in Metrics Queries.
November 8, 2016
Sumo Logic Service Status Indicator. If there has been an outage on your deployment (or pod), the Service Status Indicator displays: at the top of the Help menu, next to Help > Service Status, and next to the title of a Dashboard. For more information, go to Help > Service Status. This will take you to a web page for your pod with details on any outages, incidents, or planned maintenance. For complete details, see Help Menu.
November 7, 2016
Trend Micro Deep Security Preview App is Now GA. The Sumo Logic App for Trend Micro Deep Security is now fully GA. You can install it from Library in the Apps tab. For complete details, see Trend Micro Deep Security App.
November 1, 2016
PagerDuty Preview App is Now GA. The Sumo Logic App for PagerDuty is now fully GA. You can install it from Library in the Apps tab. For complete details, see PagerDuty App.
GitHub Preview App is Now GA. The Sumo Logic App for GitHub is now fully GA. You can install it from Library in the Apps tab. For complete details, see GitHub App.
Google Apps Preview App is Now GA. The Sumo Logic App for Google Apps is now fully GA. You can install it from Library in the Apps tab. For complete details, see Google Apps App.
GZIP Auto Detection for AWS S3 Sources. An S3 Source can collect either plain text or gzip-compressed text. Data is treated as plain text by default, but gzip decompression will be used if both of the following conditions apply:
- The target file has a .gz or .gzip extension, or no file extension.
- The target file's initial bytes match the gzip file format.
For complete details, see AWS S3 Source.
Scheduled Search Email Customization. For scheduled searches, you may now customize the subject and contents of your results email in the Schedule this search dialog. Use variables to customize the subject or your email. Then select check boxes to show or hide the Search Query, Result Set, Histogram, and attach the results as a CSV attachment. (The maximum CSV file size allowed is 5MB or 1,000 results.) For complete details see Schedule a Search.
October 31, 2016
Last Login on the Manage > Users Page. The Manage > Users page now includes information on a user's last login date. If a user is inactive, the status displayed is Never. If no login information is currently available, but the user is active, the status displayed is N/A. Information will be provided the next time the user logs in. For complete details, see Manage Users.
October 26, 2016
Amazon CloudWatch Source for Metrics Total Metrics Field. The Total Metrics field displays the total number of metrics that will be collected if the Source is created with the current configuration. The field automatically refreshes the count when there are changes to the following fields: Regions, Namespaces, Access Key ID, and Secret Access Key. For complete details, see Amazon CloudWatch Source for Metrics.
New Scheduled Search Run Frequency Options. You may now select new Run Frequency options for your Scheduled Searches, including:
- Daily. Select that your search runs every Day, every Weekday (Mon-Fri) or Weekend (Sat-Sun) and the time.
- Weekly. Also select the day of the week that it runs and the time.
- Custom Cron. Enter a custom CRON expression.
For complete details, see Schedule a Search.
October 25, 2016
Percentile (pct) Operator Improvement. The pct operator has been improved to provide smarter results using the t-digest algorithm, which:
- Provides more accurate results.
- Supports higher-precision percentiles (such as 99.9th and 99.99th percentiles).
October 10, 2016
Sort by Aggregates Tab Column Headers. On the Search page, in the Aggregates tab, you can now use the table chart column headers to sort your results, like you would in a spreadsheet. For details, see How to Use the Search Page.
State of the Aggregates Tab is Saved with a Saved or Shared Search. When you save or share a search, the current state of the Aggregates tab is also saved. So if you have created a chart, it will be displayed. When you update your chart, a new link or code is generated in the Share Search dialog. For details, see Save a Search and Share a Link to a Search.
Sumo Logic App for Zscaler Web Gateway. The Sumo Logic App for Zscaler Web Gateway collects logs from Zscaler via Nanolog Streaming Service (NSS) to populate pre-configured searches and Dashboards in order to visualize and provide insight into web traffic behaviors, security, user browsing activities, and risk. This is a Preview App.
October 6, 2016
Field Browser now Supports Aggregate Query Results. Formerly, the Field Browser was available on the Messages tab for only non-aggregate queries. Now, it is available for aggregate query results as well. For complete details and limitations, see Field Browser.
October 4, 2016
Manage Indexes Role Capability. The Manage Indexes Role Capability allows users with this role to manage Partitions and Scheduled Views. For details see Role Capabilities.
September 26, 2016
Sumo Logic App for CrowdStrike Falcon Host (Preview). The Sumo Logic App for CrowdStrike Falcon Host allows you to analyze CrowdStrike security events by type, status, and detection method. You can use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console. This is a Preview App.
September 23, 2016
Deprecation of Username/Password for Collector and Source API Authentication. As of September 28, username and password will no longer be supported for API authentication. The API topics have been updated accordingly. See API Authentication.
September 15, 2016
Timezone for Scheduled Search. Sumo Logic now allows you to select the timezone that your scheduled search will use. For details, see Schedule a Search.
View or Download Collector or Source JSON Configuration. You can view and download a JSON configuration file for a Collector or Source from Sumo Logic:
- For Collectors, the JSON file defines a set of Sources used to register a new Collector.
- For Sources, the JSON file defines a single Source to use when managing a folder of multiple Sources or when uploading a new Source using the API.
Downloading the configuration allows you to create scripts to configure multiple Collectors and Sources or to create configuration backups. See View or Download Collector or Source JSON Configuration.
Managing Users and Roles. The ability to manage users and roles can now be expanded beyond admin users. When adding or editing a role, you can add the ability to manage users and roles on the Capabilities tab. See Role Capabilities.
September 12, 2016
Real Time Alert Time Range Limitation. The time range limit for Real Time Alerts has changed. It must now be between 5 and 15 minutes. Previously, it was between 1 and 15 minutes. For details, see Create a Real Time Alert.
Search Results Headers are Now Static. When you run a search query, resulting messages are displayed in the Messages, Aggregates, or Signatures tabs in the lower half of the browser window. The search results headers are now static. For details, see Navigate Through Messages in Search Results.
September 8, 2016
Click the Sumo Logic Logo to Go to the Search "Home" Page. Within the Sumo Logic Web Application, on the Dashboards page, or in the Setup Wizard, click the Sumo Logic logo to return to the Search page, which is considered the Sumo Logic "home" page. For details, see How to Use the Search Page.
September 1, 2016
Scheduled Search Email Alert Template Improvements. The Scheduled Search Email Alert template is now easier to read and includes more pertinent information, including the title of the saved search, description, search query string, time range, run frequency, notification threshold, time that the scheduled search was run, and the name and email of the person who scheduled the search. For complete details, see Receive Email Alerts from Scheduled Searches.
August 29, 2016
Host Metrics App is GA. The Sumo Logic App for Host Metrics allows you to collect your local host metrics and display them using predefined search queries and Dashboards. The App provides Dashboards to display analysis of local host metrics for the CPU, disk, memory, network, and TCP. For details see Host Metrics App.
August 22, 2016
Setup Wizard Metrics Sources. The Setup Wizard now supports the following metrics Sources: Host Metrics, and Graphite-Formatted Metrics including CollectD, DropWizard, and StatsD. For complete details, see Collect Streaming Data for Metrics.
August 15, 2016
Sumo Logic App for Host Metrics (Preview). The Sumo Logic App for Host Metrics allows you to collect your local host metrics and display them using predefined search queries and Dashboards. The App provides Dashboards to display analysis of local host metrics for the CPU, disk, memory, network, and TCP. This is a Preview App.
Search Cookbook (Beta). Doc Hub has a new section, a Problem / Solution / Discussion format that provides an alternative way to access the documentation. Because it is a Beta Release, we're looking for everyone's feedback.
August 11, 2016
New! Longer Web Session Timeouts Available. On the Preferences page, you can now select new longer web timeout session times, from 1 day to 7 days. For details, see Preferences Page.
The Sumo Logic App for Azure Web Apps (Preview). The Sumo Logic App for Azure Web Apps allows you to collect Azure web server and application diagnostics logs and monitor the health of your Azure Web Apps environment. The App provides preconfigured Dashboards that allow you to monitor server operation and traffic requests and response times. This is a Preview App.
August 9, 2016
Sumo Logic App for Trend Micro Deep Security (Preview). The Sumo Logic App for Trend Micro Deep Security works with system and security events to monitor event history such as anti-malware, IPS, web reputation, firewall, integrity and log inspection events. For complete details, see Trend Micro Deep Security App. This is a Preview App.
August 8, 2016
JFrog Artifactory Sumo Logic Integration. JFrog Artifactory is a universal Artifact Repository Manager that integrates with CI/CD and DevOps tools to provide artifact tracking. The JFrog Artifactory Sumo Logic integration provides the ability to access preconfigured Sumo Logic Dashboards directly from Artifactory that will allow you to analyze data from your Artifactory logs. Enable the JFrog Artifactory Sumo Logic integration directly from Artifactory. When you enable the integration, a Connector and Source are automatically configured, and the Sumo Logic App for Artifactory is automatically installed. For details, see JFrog Artifactory Sumo Logic Integration.
Collector Upgrade Notifications in the Audit Index. The status is provided to the Audit Index (_index=sumologic_audit) for each event in the User Activity Source Category (_sourceCategory=user_activity), and Collector Source (_sourceName=COLLECTOR), including the returned log message of success or failure. For complete details, see Enable and Manage the Audit Index.
August 2, 2016
Metrics. Sumo Logic is now a unified machine data analytics platform for logs and metrics. With the introduction of metrics, you can measure infrastructure, such as operating system performance or disk activity; application performance; or custom business and operational data that is coded into an organization’s applications. You can track key performance indicators (KPIs) over time, determine if an outage has occurred and restore service, or determine why an event occurred and how it might prevented in the future. For details, see Metrics.
August 1, 2016
Predict Operator Autoregressive (AR) Model. The Predict Operator now also includes support for the autoregressive (AR) model, which predicts future data points, along with the linear regression that predicts existing data points. For complete details, see Predict.
Field Extraction Rules now Support JSON and CSV. Field Extraction Rules (FERs) now support the JSON and CSV operators. (JSON auto and CSV auto) are not supported. For details, see Create a Field Extraction Rule.
July 28, 2016
Sumo Logic App for Auth0 (Preview). Auth0 is a cloud-based, extensible identity provider for applications. The Sumo Logic App for Auth0 makes it easy to analyze and visualize your Auth0 event logs, and provides insight into security and operational issues. This is a Preview App.
July 19, 2016
New UI for Users and Roles. As the first step in introducing advanced Role Based Access Control (RBAC) to Sumo Logic, the UI for the Manage > User and Manage > Roles pages has been updated. The new UI provides Sumo Logic administrators with an easy and intuitive way to create new roles based on business needs, define the capabilities the roles can access, assign users to roles, and manage the settings for users, roles, and capabilities. For complete details, see Users and Roles.
July 15, 2016
The Sumo Logic App for Azure Audit (Preview). The Sumo Logic App for Azure Audit allows you to collect Azure Audit logs and monitor the health of your Azure environment. The App provides preconfigured Dashboards that allow you to monitor Active Directory activity, resource usage, service health, and user activity. For complete details, see Sumo Logic App for Azure Audit. This is a Preview App.
July 13, 2016
Secure Third-Party Service Access. Within Sumo Logic, several links in the Help menu connect to third-party services, such as Support, Feature Request, and Community. Users that do not authenticate to Sumo Logic using a username and password are required to complete the email verification process. This usually applies to users that log in using a third-party Single Sign-On (SSO) service implementing SAML, users that access Sumo Logic from the Heroku add-on, and users of other Sumo Logic integration partners that provide SSO. For complete details, see Secure Third-Party Service Access.
July 5, 2016
Search Links Lifetime Extended to Three Years. Previously, the lifetime of a search link was only 30 days. This lifetime has been extended to three years. For details, see Share a Link to a Search.
June 30, 2016
Information about Throttling Notifications Added to Audit Index. Status is now provided to the Audit Index when throttling events occur. See the "Throttling Notifications" section in Enable and Manage the Audit Index.
June 28, 2016
fillmissing operator. When you run a standard group-by query, Sumo Logic only returns non-empty groups in the results. For example, if you are grouping by timeslice, then only the timeslices that have data are returned. The fillmissing operator addresses this shortcoming, by allowing you to specify groups that should be represented in the output, even if those groups have no data. For complete details, see fillmissing.
Sumo Logic App for Cylance (Preview). The Sumo Logic App for Cylance allows you to analyze Cylance security events by type, status, and detection method. You can use the App to investigate Cylance-specific events and provide operational visibility to team members without needing to log into Cylance. This is a Preview App.
June 27, 2016
Account Page Updates. The Account Usage page has been updated to provide more information on your Sumo Logic Organization, users, and retention period, and the current and previous billing periods. Your Account's Organization ID was previously displayed on the Preferences page, but now it is displayed on the Account page. Also, the Usage Reports page has been removed, as that information is now on the Accounts page.
Change the Name of the Org. The Account Owner can change the display name of their Organization. This can be useful if you are using Multi-account Access to switch between several Sumo Logic Organizations. See the Account Usage page for your account type for more information.
Multiline Processing Enabled by Default in the UI. Multiline processing for Sources is now enabled by default in the Sumo Logic Source Configuration UI, to be consistent with the API configuration. For details, see Define Boundary Regex for Multiline Messages.
June 22, 2016
Sumo Logic App for MongoDB - Preview to GA. The Sumo Logic App for MongoDB has graduated from a Preview App to a fully supported GA Sumo Logic App. It can now be found in the Library under the Apps tab.
May 31, 2016
Change Email Address. As a user, you can now change your email address in Sumo Logic. Or as an administrator, you can change a user's email address. For details, see Change Your Email Address and Change a User's Email Address.
Quick Search for Collectors and Sources. You can quickly start a search for a Collector, Source, or Source Category from the Manage Collection page. For instructions, see Quick Search for Collectors and Sources.
May 26, 2016
Sumo Logic App for Microsoft Office 365 - Preview to GA. The Sumo Logic App for Microsoft Office 365 has graduated from a Preview App to a fully supported GA Sumo Logic App. It can now be found in the Library under the Apps tab.
May 24, 2016
Sumo Logic App for AWS Lambda - Preview to GA. The Sumo Logic App for AWS Lambda has graduated from a Preview App to a fully supported GA Sumo Logic App. It can now be found in the Library under the Apps tab.
Export and Import Content In the Library. In the Library, you can export content as JSON, including whole folders with subfolders, saved searches, and Dashboards. Then you can import the content as JSON into the Personal folder in the same Sumo Logic organization. (All content names must be unique.) You can also export and download your content as a JSON file to import it into another Sumo Logic organization.
For complete details, see Export and Import Content in the Library.
May 17, 2016
Sumo Logic App for Artifactory Refresh. The Sumo Logic App for Artifactory has been refreshed with new Overview Dashboard Panels and other important updates. For complete details, see Artifactory App.
May 13, 2016
Sumo Logic App for MongoDB. The Sumo Logic App for MongoDB provides insight into your MongoDB environment, allowing you to track overall system health, queries, logins and connections, errors and warnings, replication, and sharding. This is a Preview App.
May 5, 2016
Sumo Logic App for PagerDuty. The Sumo Logic App for PagerDuty collects incident messages from your PagerDuty account via a webhook, and displays that incident data in pre-configured Dashboards, so that you can monitor and analyze the activity of your PagerDuty account and Services. This is a Preview App.
April 29, 2016
New Dashboards. New Dashboards combine all of the functionality of Interactive and Live Dashboards in a unified environment. The interactive mode is now the default when you open a Dashboard, and you can click a toggle to go to Live mode. For details, see About Dashboards.
April 27, 2016
Unlock a User's Account. If a user tries to log into their account several times and fails, his or her account will be locked out for security reasons. During the lockout period, an administrator may now unlock a user's account manually. For details, see Unlock a User's Account.
April 25, 2016
Sumo Logic App for AWS Lambda. The Sumo Logic App for AWS Lambda uses the Lambda logs via CloudWatch and visualizes operational and performance trends about all the Lambda functions in your account, providing insight into executions such as memory and duration usage, broken down by function versions or aliases. This is a Preview App.
April 20, 2016
Sumo Logic Multi-account Access. For users with accounts in multiple deployments, Multi-account Access allows you to log into multiple Sumo Logic accounts (also called organizations) using one username (email address) and password. If the same username already exists in more than one Sumo Logic organization, the accounts are linked automatically. No action is required, though initially, you will be asked to change your password. When you do, this will become your multi-account password. After you log into Sumo Logic, in the menu under your name, you will see the list of organizations that you can access under Switch Org.
Other important notes:
- Sumo Logic Multi-account users may have access to organizations that use different Password Policies. With Multi-account, the password policy data from different organizations is centralized.
- For Multi-account users, Collector registration with username and password is longer supported. Multi-account users must use the token or accessid/access key option.
- Also, with Multi-account, to use the API, like with Collectors, you will not be able to log in using a username and password. You will be required to use an Access ID and Access Key.
For complete details, see Multi-account Access.
April 15, 2016
Search the Library for Content Types. In the Library, in the Personal folder, you can now use the search field to search for certain content types. For example, you could enter type:search and the results would list all saved searches. You may also search for folders, Dashboards, and Scheduled Searches. For complete details see Search the Library.
April 12, 2016
Early access to Unified Logs and Metrics. Interested customers can log in to Sumo Logic, then click the new Metrics page to gain early access to the Sumo Logic Metrics feature set, which delivers advanced analytics, powered by machine learning algorithms, for unified log data and time-series metrics.
Scheduled searches are retained when a user is deleted. Previously, when a user account was deleted from Sumo, the user's content was added to a "Content from deleted user..." folder in an Admin account, but scheduled searches were stopped. Now, schedule information associated with searches is retained, even when a user account is deleted. Notifications continue to arrive via email to the same recipients.
April 6, 2016
Preview Tab in the Library, Featuring Preview Apps. Preview Apps are Sumo Logic Apps that are currently under development, but are not yet released or officially supported. They appear in the Library under the Preview tab. You can install and use Preview Apps to test how well their use cases work for you, and provide feedback to Sumo Logic.
New Preview Apps include:
Delete the Organization for a Free or Trial Account. The owner of a Sumo Logic Free or Trial account may delete his or her Organization from Sumo Logic, which will close the account permanently. When you delete your Organization, you will delete all users and data from Sumo Logic, close the account, and log yourself out as a user.
Merge operator and revised Transactionize operator. The new Merge operator summarizes a set of events and works with changes to the Transactionize operator. The _group_signature field added by the Transactionize operator is now deprecated, replaced by the Merge operator.
February 17, 2016
LogCompare. LogCompare allows you to compare a section of your log messages from one point in time with the same section at another point in time, and display the changes in patterns. For example, you could use LogCompare to determine if your last software deployment has broken something. To use LogCompare, run a search query with non-aggregate results, then click the LogCompare button in the Messages tab. This automatically compares the current query result with the result of the same query 24 hours in the past to show what has changed.LogCompare to determine if your last software deployment has broken something. To use LogCompare, run a search query with non-aggregate results, then click the LogCompare button in the Messages tab. This automatically compares the current query result with the result of the same query 24 hours in the past to show what has changed.
Date Format preference. On the Preferences page, you can now choose an option for Date Format, which sets how dates appear on the Search page and in saved searches. Changing this from the default option (which uses your browser's default date format) has no affect on collection or timestamps of logs.
February 3, 2016
Manage Security Page UI Update. The Manage > Security page user interface has been updated with fonts, colors, and a new tab style. Some settings have changed locations.
February 2, 2016
Live Tail CLI. The Live Tail Command Line Interface (CLI) is a standalone application that allows you to start and use a Live Tail session from the command line. With the Live Tail CLI, just as with Live Tail in the Sumo Logic Web Application, you can search and filter on the following metadata fields: _sourceCategory, _sourceHost, _sourceName, _source, or _collector. You may also filter on keywords.
In Operator. The In operator returns a Boolean value: true if the specified property is in the specified object, or false if it is not.
January 30, 2016
Access to Partion and Scheduled View Management pages. Non-admins can now view the Manage > Partitions and Manage > Scheduled Views pages. While only Admins can create and manage these search optimization tools, non-Admins may find it useful to see the available Partitions and Scheduled Views.
Sumo Logic App for AWS ELB. The Sumo Logic App for Elastic Load Balancing ingests logs generated by this activity, providing greater visibility into events that, in turn, help you understand the overall health of your EC2 deployment.
January 22, 2016
Sumo Logic App for Box. The Box App has been updated with new scripts and instructions for collecting Box Events. There are no changes to the Dashboards.
January 21, 2016
Live Tail. Sumo Logic Live Tail allows you to see a real-time live feed of log events associated with a Source orCollector, which you can use as a tool for development and troubleshooting. The Live Tail user interface mimics the command line with a solid black background and easy to read white text. It provides all log messages as they come in, with low latency.
You can start and filter a Live Tail session using the following supported metadata categories: _sourceHost, _sourceCategory, _sourceName, _source, and _collector.
Other Live Tail features include multiple Live Tail sessions, opening your Live Tail query in the Search page (or Show in Search), opening your Live Tail session in a new "pop-out" window, and changing the preferences of your Live Tail display, including line spacing, message text size, and message color.
January 13, 2016
Export 100,000 records. You can now export 100,000 records from Sumo Logic. The previous limit was 10,000 (via the UI).