Skip to main content
Sumo Logic

Linux App Dashboards

The Sumo Logic App for Linux includes Dashboards that give you instant access to your system overview, including event sources, login status, and security status.

Overview

linux_app_overview_700x341.png

Total Event Distribution. Displays the total number of events by destination host name over the last 24 hours in a pie chart.

Logins by Outcome. Shows login successes and failures in a pie chart for the last 24 hours.

User Assignments. Displays the number of user assignments as a single value chart for the last 24 hours.

Reporting Hosts. Shows the number of reporting hosts as a single value chart for the last 24 hours.

Sudo Attempts. Shows an aggregation table that provides information on Sudo attempts for the last 24 hours. Information includes the destination hostname, source user, destination user, command, and the number of attempts.

Event Sources

linux_app_event_sources_new_700x353.png

Total Event Distribution. Displays the total number of events by destination host name over the last 24 hours in a pie chart.

Event Count by Host and Service. Shows the total number of events by host name and service name for the last 24 hours, displayed as a stacked column chart.

Event Count per Host by Hour. Provides the number of events per host name by hour for the last 24 hours, displayed as an time line area chart.

Reporting Hosts by Hour. Displays the number of hosts reporting by hour for the last 24 hours in a time line chart.

Login Status

linux_app_login_new_700x355.png

Logins by Hour. Displays the number of user logins by hour over the last 24 hours in a stacked column chart. Successes and failures are displayed in contrasting colors.

Failed Logins per Host by Hour. Shows the failed user logins per host by hour for the last 24 hours in a time line chart, which allows you to easily identify any login problems immediately.

Top 30 Successful User Logins. Provides an aggregation table that displays the top 30 successful user logins for the last 24 hours. Information includes the user, the hostname, and the login count.

Top 30 Successful Remote Logins. Shows an aggregation table of the top 30 successful remote logins for the last 24 hours. Information includes the user, the hostname, and the login count.

Top 30 Failed Logins. Displays an aggregation table that details the top 30 failed logins over the last 24 hours. Information includes the source hostname, user, destination hostname, and number of attempts.

Top 30 Failed Remote Logins. Provides an aggregation table of the top 30 failed remote login attempts over the last 24 hours. Information includes the source hostname, user, destination hostname, and number of attempts.

Security Status

linux_app_security_new_700x353.png

Failed SU Attempts. Displays an aggregation table that details failed SU (superuser) attempts for the last 24 hours. Information includes the destination hostname, source user, destination user, and the number of attempts.

Sudo Attempts. Shows an aggregation table that provides information on Sudo attempts for the last 24 hours. Information includes the destination hostname, source user, destination user, command, and the number of attempts.

New User Assignments. Provides information on the number of new user assignments by host by hour for the last 24 hours, displayed in a stacked column chart.

Existing User Assignments. Displays the number of existing user assignments by host by hour for the last 24 hours, displayed in a stacked column chart.

Package Operations. Shows the number of package operations, both installed and uninstalled, performed on a source host for the last 24 hours in a stacked column chart.

System Starts. Provides an aggregation table with information on system starts for the last two hours. Information includes the destination hostname, the process name, and the start time.