Skip to main content
Sumo Logic

Part 5: Modify your dashboard

Now that we've created a dashboard, let's modify it to change the content of the panels.

Modify your dashboard

Now that you know how to create a dashboard and change the look and feel, let’s see how you can change the content of the data panels.

Let’s start with the Apache Overview dashboard, which is included in the Apache Access app.

  1. In the left nav, click Apache > Overview in your Personal library.

    Apache Overview
    Notice that the Visitor Locations panel includes all worldwide locations. Let’s change the panel to zero-in on the U.S. locations.
     
  2. Click the Show in Search button or icon to show the search that was used to generate the Visitor Locations panel.
    Show In Search
    The page includes all the information for the search, including the query and the chart.
    Visitor Locations World
  3. Now let’s modify the query to zoom on the U.S. portion of the map. Add a soft return right after the lookup line, to specify the country:
    | where country_name=”United States”
    The full query now looks like this.

    _sourceCategory=Apache/Access

    | parse regex "^(?<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})" nodrop

    | parse regex "(?<method>[A-Z]+)\s(?<url>\S+)\sHTTP/[\d\.]+\"\s(?<status_code>\d+)\s(?<size>[\d-]+)" nodrop

    | parse regex "(?<method>[A-Z]+)\s(?<url>\S+)\sHTTP/[\d\.]+\"\s(?<status_code>\d+)\s(?<size>[\d-]+)\s\"(?<referrer>.*?)\"\s\"(?<user_agent>.+?)\".*" nodrop

    | lookup latitude, longitude, country_code, country_name, region, city, postal_code, area_code, metro_code from geo://default on ip = src_ip
    | where country_name = "United States"
    | count by latitude, longitude, country_code, country_name, region, city, postal_code, area_code, metro_code| sort _count

  4. Click Start to run the query. The results chart now shows just the United States.
    US Only Now

  5. To show the modified panel in your dashboard, click Update Dashboard.
    Update Dashboard
    Sumo gives you the option of keeping or changing the time range.
    Save as Dashboard

  6. Let's keep the original time range for now and click Apply to reopen the dashboard with the updated panel.
    Updated with US Overview

 

Now that you know how to move between the dashboard and the Search tab, you can adjust any of the search settings for a dashboard panel.

To learn much more about how dashboards work, see the topics under Dashboards.

Now, to complete the Sumo user tutorial, Part 6 will show you how to create alerts.