Skip to main content
Sumo Logic

About Installed Collectors

An installed Collector is a lightweight and efficient software package that you install on a host machine in your environment. After installing a Collector, you can add Sources, which are the specific environments that the Collector connects to to gather data from to send to Sumo Logic. 

You can install Collectors and configure Sources on any mix of MacOs, Windows, and Linux hosts in your environment. This topic describes deployment options and limitations on the amount of data a Collector can handle.

Deployment options for installed Collectors

When deciding where to install Collectors, consider your network topology, available bandwidth, and domains or user groups.

Single installed Collector

A Sumo Logic Installed Collector can be installed on any standard server that you use for log aggregation or other network services. For example, you might decide to centralize all your collections with just one Collector installed on a dedicated machine, especially if all of your data can be accessed from a single network location.

Multiple installed Collectors

If you have a distributed network topology, you can install multiple Collectors on multiple machines and set up any combination Sources to collect from your infrastructure.


Cloud or data center deployment

Installed Collectors can be deployed across a cloud or data center configuration—Collectors on each machine report into Sumo Logic independently sending distinct log data so that you can query against any virtual machine or server in your deployment.

Source configuration

A Source gathers and sends logs and metrics data to the Sumo Logic Cloud. You can set up as many Sources as needed for a given Collector. A Source should be configured to collect similar data types. For example, you might set up three  local file Sources to collect router activity logs from three locations, and another local Source to collect logs from a web application. See Sources for descriptions of the supported Source types.

Each Source is tagged with its own metadata. The more Sources you set up, the easier it is to isolate one of the Sources in a search since each Source can be identified by its metadata.

Metadata collected by Installed Collector

The metadata we collect for our Support purposes depends on where you are running the Collector.

Host metadata

This information is collected on any host with a Collector installed:

  • Collector version
  • Collector uptime
  • OS version
  • OS architecture
  • Java version
  • JVM instance id

Additional metadata for Collectors running on AWS

This metadata is collected specifically by Collectors installed on AWS:

  • Instance type
  • Instance id
  • Instance region

Installed Collector Volume Limitations

When considering the amount of data you'll be collecting with Sumo Logic, it's important to understand the volume an Installed Collector can handle.

MacOS and Linux (64-bit) Collectors

Local File Source recommended limits
Message Per Second limit Max Heap
5,000 128MB
Syslog Source recommended limits
Message Per Second limit Max Heap
5,000 128MB
Remote File Source recommended limits
Message Per Second limit Max Heap
3,100 128MB
Graphite Source recommended limits
Data Points Per Second limit Max Heap
5,000 (or 300,000 data points per minute) 128MB

Windows 2008 (64-bit) Collectors

Local File Source recommended limits
Message Per Second limit Max Heap
4,250 128MB
Event Log Source recommended limits
Message Per Second limit Max Heap
250 128MB