Install the Sumo Logic App
Now that you have set up collection for Nginx, install the Sumo Logic App for Nginx to use the preconfigured searches and Dashboards that monitor log events generated by Nginx servers.
To install the app:
- Select App Catalog, search for and select the app, and click Add to Library. (In the classic UI, click Library, click Apps, select the app, and click Install. If you don't find the app under Apps, it might be a preview app. Try clicking Preview to find the app.)
- Click Preview Dashboards if you'd like to see a preview of the dashboards included with the app before installing.
- In the Install Application dialog box, select the installation path (the default is the Personal folder in the library), or click New Folder to add a new folder.
- Select either of these options for the log data source.
- Choose Select from Existing Source Categories, and select the source catalog from the Source Category list.
- Choose Enter a Custom Data Filter and enter a custom source category beginning with an underscore. Example: (
- Click Add to Library.
Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.
Panels will start to fill automatically. It's important to note that each Panel slowly fills with data matching the time range query and received since the Panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps.
This Dashboard shows Panels that give you an overall look at the activity of your site(s).
Visitor Locations. This geolocation Panel displays global visitors to your site(s).
Traffic Distribution by Server. Traffic to each server is displayed, allowing you to see any unexpected changes in volume.
Traffic Volume and Bytes Served. This combo chart displays the gigabytes served as a line chart over the number of hits your site received.
Responses over Time. This Panel shows response successes, client errors, redirect, and server errors. Spikes in errors or redirects are easy to spot.
The Visitor Locations Dashboard displays Panels that constantly update information about visitors to your sites, both domestic and international.
Worldwide. This geolocation Panel displays global visitors to your site(s). You can zoom in to inspect specific areas.
United States. This geolocation Panel displays visitors from just the US.
Visits by Country Over Time. Using a query similar to the Visits by US State Panel, each country is represented in a band in a column chart. Any activity that originates in a suspicious location will be easy to see.
Visits by US State Over Time. Uses a query that includes a geo lookup operator (as well as the transpose operator) to display a column chart that represents the disposition of visitors per state.
Visitor Access Types
This Dashboard displays information about the devices and OS versions visitors are using to access your sites.
Visitor Platforms. Breaks down the percentages of users accessing your site on Mac, PC, Mobile, and unknown platforms.
Popular Mobile Device Versions. Breaks down the type of mobile devices accessing your site by Android and iOS (iPhone and iPad users are reported separately).
Browsers and Operating Systems. Uses a query that parses out both the OS (mobile or computer) and browsers that are hitting your site.
Top 10 Desktop OS Versions. Need to understand which versions of operating systems your users have installed? This Panel displays each version of Linux, Mac and Windows OS installed on visitors’ machines, ranked in order of popularity.
Visitor Traffic Insight
This Dashboard provides information about the content being served to customers, as well as sites that are referring the most visitors.
Top Documents. Displays the most frequently served content to visitors, including graphics on your site.
Top Referrers. Wonder where your visitors are coming from? This Panel shows the top five referring sites.
Media Types Served. No need to guess what the most popular media types are—you’ll find them here.
Top 10 Search Terms from Popular Search Engines. This query looks at the search terms that visitors used to find your site. These results can confirm what you may have assumed users were searching for, or can uncover new search terms that you can leverage.
Web Server Operations
The Panels in this Dashboard give a deep-dive look at specific corners of your Access logs.
Top 10 Bots Observed. Parses bots from Access logs, searching against commonly-used search engines to find bots.
Client Locations -4xx Errors. A geolocation query displays a map of the IPs from where 4xx errors are originating.
Server Errors Over Time. Keep an eye on the number of server errors (5xx code errors) that occur in chunks of five minutes.
Non-200 Response Status Codes. Displays the number of non-200 responses received, sorted by status or error code. A spike in any particular response code can be immediately viewed and addressed.
Top 5 Clients Causing 4xx Errors. Displays the top five client IP addresses that are responsible for 4xx or client errors.
Top 5 Messages in the Error Logs. Displays the five most common error messages, based on the count of errors per message.
Error Responses by Server. Displays errors produced by each server in your deployment.
Top 5 URLs causing 404 Responses. Lists the five URLs that are generating the most 404 errors. By having those URLs handy, any forensic investigation can begin right away.
Error Log Levels. Parses out different logging levels present in your data.