Skip to main content
Sumo Logic

Install the Squid Proxy App and View the Dashboards

Install the Sumo Logic App

Now that you have set up collection for Squid Proxy, install the Sumo Logic App to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.

To install the app:

Locate and install the app you need from the App Catalog. If you want to see a preview of the dashboards included with the app before installing, click Preview Dashboards.

  1. From the App Catalog, search for and select the app. 
  2. To install the app, click Add to Library and complete the following fields.
    1. App Name. You can retain the existing name, or enter a name of your choice for the app.

    2. Data Source. Select either of these options for the data source.

      • Choose Source Category, and select a source category from the list.

      • Choose Enter a Custom Data Filter, and enter a custom source category beginning with an underscore. Example: (_sourceCategory=MyCategory).

    3. Advanced. Select the Location in Library (the default is the Personal folder in the library), or click New Folder to add a new folder.
    4. Click Add to Library.

Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.

Panels will start to fill automatically. It's important to note that each panel slowly fills with data matching the time range query and received since the panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps. 

Dashboards

Squid Proxy - Overview

See an overview of Squid Proxy activity, including requests served, requests denied, and requests per second; content types served; top accessed and denied URLs; and URLs with highest response times.

Requests Served. Shows a count of requests served in the last hour.

Requests/Sec. Shows the number of requests per second in the last hour.

Denied Requests. Shows a count of requests denied in the last hour.

Squid Action. Shows a count of actions in the Squid app in comparison to one another on a pie chart in the last hour.

Cache Hit Ratio. Shows the ratio of cache hits in the last hour.

MB Served. Shows a count of megabytes served in the last hour.

HTTP Method. Shows a count of HTTP methods called in the Squid app in comparison to one another on a pie chart in the last hour.

HTTP Response. Shows the top status codes based on requests on a column chart in the last hour.

Content Type Served. Shows a count of content types served in the Squid app in comparison to one another on a pie chart in the last hour.

MB Served by Content Type. Shows an aggregation table with the top content types based on megabytes served in the last hour.

Top URLs Accessed. Shows an aggregation table with the top URLs accessed based on requests in the last hour.

Top Access Denied URLs. Shows an aggregation table with the top URLs with their access denied based on requests in the last hour.

Requests Denied by Remote Hosts - Trend. Shows a count of requests denied by remote hosts on a line chart in the last hour.

Top Remote Hosts. Shows an aggregation table with the top remote hosts based on requests in the last hour.

Top 10 URLs with High Response Time. Shows an aggregation table with the top 10 URLs with high response time in the last hour.

Top Cache Miss. Shows an aggregation table with the top URLs with cache misses based on requests in the last hour.

Top Destination. Shows an aggregation table with the top destination ip addresses based on requests in the last hour.

Destination Locations. Performs a geo lookup query and displays the location and number of destination ip requests on a map of the world for the last hour.

Top 10 User Agents. Shows the top 10 user agents based based on count on a pie chart in the last hour.

Requests Served Over Time. Shows a count of requests, such as connect, head options, get, post, on an area chart in the last hour.

Squid Proxy -  HTTP Response Analysis

See information about HTTP responses, including counts of status codes types (successes, client errors, redirects, and server errors); breakdowns of status code by status code type; and URLs experiencing redirects, client errors, and server errors.

HTTP Response Trend. Shows a count of HTTP responses, such as, redirections, successes, client errors, or server errors, on an area chart in the last 24 hours.

HTTP Response. Shows an aggregation table with the top HTTP responses with columns for status code and count of events, in the last hour.

Redirections. Shows an aggregation table with redirections with columns for status code and count of events, in the last hour.

Client Errors. Shows an aggregation table with client errors with columns for status code and count of events, in the last hour.

Server Errors. Shows an aggregation table with server errors with columns for status code and count of events, in the last hour.

URLs Experiencing Redirections. Shows an aggregation table with URLs experiencing redirections with columns for URLs and status codes, in the last hour.

URLs Experiencing Client Errors. Shows an aggregation table with URLs experiencing client errors with columns for URLs, status codes and count of events, in the last hour.

URLs Experiencing Server Errors. Shows an aggregation table with URLs experiencing server errors with columns for URLs, status codes and count of events, in the last hour.

Redirections (HTTP Response) - Outlier. Shows any outliers in redirection events on a line chart with thresholds, in the last 24 hours.

Client Errors (HTTP Response) - Outlier. Shows any outliers in client error events on a line chart with thresholds, in the last 24 hours.

Server Errors (HTTP Response) - Outlier. Shows any outliers in server error events on a line chart with thresholds, in the last 24 hours.

Squid Proxy - Activity Trend

See information about request activity, including time spent to serve requests by request method, bytes served by request method, trend data for time spent to service requests and bytes served over time.

Time Spent to Serve Request. Shows an aggregation table that shows the average amount of time it takes to serve a request and the kind of method the request was, in the last hour.

Average Time Spent (in Seconds) to Serve Request. Shows the average time spent to serve requests (Connect, Head, Options, Get, Post) on an area chart in the last 24 hours.

Bytes Served. Shows an aggregation table that shows megabytes served with columns for method and bytes served, in the last hour.

Bytes Served Over Time. Shows a count of megabytes served over time on an area chart in the last 24 hours.

Request Trend by Squid Action. Shows trends in requests by actions in the squid app, on a stacked column chart in the last 24 hours.

Success (2xx) Response actions. Shows a count of successful 2xx response actions on a stacked column chart in the last 24 hours.

Non 2xx Response actions. Shows a count of non 2xx response actions on a stacked column chart in the last 24 hours.

Denied Request Trend. Shows the trends in the number of denied requests on a line chart in the last 24 hours.

Recent Denied Requests. Shows an aggregation table of recent denied requests with columns for the time, ip addresses of the remote host, method, peer status, destination ip, type, action, status code, url,  and count of events, for the last hour.

Remote Hosts Traffic by Requests. Shows an aggregation table of remote hosts traffic by requests with columns for the ip addresses of the remote host, requests, percentage of total requests, megabytes, percentage of total megabytes, for the last hour.

Remote Hosts Traffic by Data Volume. Shows an aggregation table of remote hosts traffic by data volume with columns for the ip addresses of the remote host, requests, percentage of total requests, megabytes, percentage of total megabytes, for the last hour.

Squid Proxy - Quality of Service

See information about quality of service, including destinations experiencing high response time, overall content response time, and cache hit percentage over time.

Destination Experiencing avg response time more than 5 Seconds. Performs a geo lookup query and displays the location and number of destinations experiencing average response time above five seconds on a map of the world for the last hour.

Overall Content Response Time (ms). Shows a count of overall response time in milliseconds on a column chart for the last hour.  

Cache Hit Percentage Over Time. Shows the percentage of cache hits in the last hour on a line chart.

Cacheable Content Response Time (ms). Shows a count of overall response time in milliseconds on a column chart for the last hour.  

Action. Shows a count of actions being done in the Squid app in comparison to one another on a pie chart in the last hour.