Skip to main content
Sumo Logic

Install the AWS Elastic Load Balancer - Classic App and view the Dashboards

Install the Sumo Logic App

Now that you have set up collection for AWS ELB, install the Sumo Logic App for AWS Elastic Load Balancer - Classic to use the preconfigured searches and dashboards to analyze your data. 

To install the app:

  1. Select App Catalog, search for and select the app, and click Add to Library. (In the classic UI, click Library, click Apps, select the app, and click Install. If you don't find the app under Apps, it might be a preview app. Try clicking Preview to find the app.)
  2. Click Preview Dashboards if you'd like to see a preview of the dashboards included with the app before installing.
  3. In the Install Application dialog box, select the installation path (the default is the Personal folder in the library), or click New Folder to add a new folder.
  4. Select either of these options for the log data source.
  • Choose Select from Existing Source Categories, and select the source catalog from the Source Category list.
  • Choose Enter a Custom Data Filter and enter a custom source category beginning with an underscore. Example: (_sourceCategory=MyCategory).
  1. Click Add to Library.

Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.

Panels will start to fill automatically. It's important to note that each Panel slowly fills with data matching the time range query and received since the Panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps. 

What if data isn't displaying in all Panels?

Amazon S3 buckets are scanned for new files according to the Scan Interval you set when configuring the S3 Source used for AWS Elastic Load Balancing logs. Even if you set a shorter Scan Interval, say five minutes, if no new files are found, the Scan Interval is automatically doubled, up to 24 hours (you can read more in Set the S3 Source Scan Interval). If the Scan Interval increases, it means that a Panel set to a 60-minute time range may not find any data to display, because no files have uploaded to Sumo Logic. This isn't to say that no data is being collected from your S3 bucket; you can confirm that data is being collected on the Status page.

Additionally, you can change the time range of a Panel. Even though these Panels have been preconfigured, they can be edited just like any other Panel. You'll find instructions in Changing the time range of a Panel.

Dashboards

The Sumo Logic App for AWS Elastic Load Balancing helps you monitor the overall health of your ELB deployment. Dashboards keep an eye on errors being generated by back-end applications as well as errors generated from ELB instances.

Overview

Track your Elastic Load Balancer activity at a glance to identify areas for further investigation such as requests by geolocation, browsers most frequently used, requests by protocol and cipher, which load balancers make the most requests, data sent and received, status codes, response times, and latencies.

  • Requests by Geolocation. Uses a geolocation query to display a map of the IP addresses used by clients accessing your apps for the last three hours.
  • Browsers and Operating Systems. See requests by browser used, broken down by  operating system for the last three hours.
  • Requests by SSL Protocol and Cipher. See which version of TSL or SSL is being used by requests, broken down by which cryptographic cipher was used for the last three hours.
  • Requests by Load Balancer. See how many requests are hitting a load balancer for the last three hours.
  • Data Sent and Received in MB. Compare the data being sent and received by client IP in a bar chart for the last three hours.
  • 4XX and 5XX Status Codes by Backend Instance and ELB. Charts the number of 4XX and 5XX status codes for each backend instance and ELB in a bar chart over the last 24 hours.
  • Average Req and Resp Processing Time by ELB. Compare the request and response time for each ELB for the last three hours.
  • Latency by Load Balancer. See the latency of each load balancer in AWS in a stacked column chart for the last three hours.

Latency Analysis

  • Definitions Panel. Understand the definitions of request, response, and backend processing times. You can close this panel once you have a good grasp of the terms defined.
  • Latency by Domain. See the latency of each domain in your EC2 deployment for the last 24 hours.
  • Total Processing TIme Latency 90th, 95th pct. Compare the highest latencies by percentile over the last 24 hours.
  • Latency by ELB Server. Compare the latencies of ELB servers over the last 24 hours.
  • Average Request Processing Time by ELB Server. Compare the average request processing times of ELB servers as a line chart for the last 24 hours.
  • Request Processing Time by ELB Server. See the min, max, and average request processing times for each server for the last 24 hours as a bar chart.
  • Average Response Processing Time by ELB Server. See the average response processing time for each ELB server for the last 24 hours as a line chart.
  • Response Processing Time by ELB Server.  See the min, max, and average request processing times for each server for the last 24 hours as a bar chart.
  • Average Backend Processing Time by Backend. Compare average processing times by backend servers over the last 24 hours to find any unusual spikes of activity on a particular backend.
  • Backend Processing Time by Backend. View the average, min, and max processing times for your backend systems for the last 24 hours, broken down by backends.
  • Top 20 Latencies Paths. View the paths of the top 20 latencies in your system for the last 3 hours.
  • Top 20 Latencies by Clients. View the IP addresses of the clients in your deployment with the top 20 latencies in the last 24 hours.
  • Top 20 Latencies by Backend Instances. Focus solely on the back end of your AWS EC2 deployment, review the instances with the top 20 latencies for the last 24 hours

Requests Analysis

See the geolocation of requests by geolocation, data volume, load balancer, and compare to requests over time to identify issues.

  • Requests by Geolocation. Uses a geolocation query to display a map of the IP addresses used by clients accessing your apps for the last three hours.
  • Total Requests and Data Volume. Displays the data being sent and received by client IP in a line chart on a timeline for the last three hours.
  • Total Requests by Load Balancer. Show the requests per load balancer over time in a bar chart for the last three hours.
  • Requests by Load Balancer Over Time. Displays a line chart of how many requests are hitting a load balancer on a timeline over the last 24 hours.

Status Codes Analysis

  • ELB Status Over Time. Compare 4xx and 5xx ELB status codes over the last 24 hours.
  • ELB Backend Status Over Time. Compare 4xx and 5xx backend status codes over the last 24 hours.
  • 4XX ELB Status by Location. See the geolocation of your ELB 4xx statuses over the last 24 hours.
  • 5XX ELB Status by Location. See the geolocation of your ELB 5xx statuses over the last 24 hours.
  • 4XX Backend Status by Location. See the geolocation of your backend 4xx statuses over the last 24 hours.
  • 5XX ELB Status by Location. See the geolocation of your backend 5xx status codes over the last 24 hours.
  • ELB Status by ELB Server. Compare the 4xx and 5xx codes of your ELB servers for the last 24 hours with a bar chart.
  • Backend Status by Domain. Compare the number of backend 4xx and 5xx statuses over the last 24 hours by domain name.
  • Backend Status by Path. Compare the number of backend 4xx and 5xx statuses over the last 24 hours by path name.
  • ELB Status by Client. Compare the number of ELB 4xx and 5xx statuses by client IP address over the last 24 hours.
  • Backend Status by Client. Compare the number of backend 4xx and 5xx statuses by client.

Failed Dispatch Monitoring

See failed dispatches broken down by geolocation, outliers, backend, count, client, path, and domain to identify issues.

  • Failed Dispatches. Read this informational panel on what failure means. You can close it when you understand the reasons for -1.
  • Failed Dispatch Outlier. See if any dispatch failures fall outside the designated threshold for the last 24 hours.
  • Failed Dispatches by Backend. See the dispatch failures that occur by backend IP address for the last 24 hours, time sliced by 15 minutes. This panel can help you isolate a failure at a particular time or see patterns over time.
  • Failed Dispatch Count. See a count of the total failed dispatches over the last 24 hours time sliced by 15 minutes.
  • Failed Dispatches by Client. See the count of total dispatch failures for the last 24 hours broken down by client IP address.
  • Failed Dispatches by Domain. See the failed dispatches for the last 24 hours broken down by domain and time sliced by 15 minutes. This panel can help you isolate a failure at a particular time or see patterns over time.