Skip to main content
Sumo Logic

Part 1: Viewing Data

This first tutorial on using Sumo gets you started viewing your data through a basic search, installing an app, and viewing a dashboard.

Viewing Data

To get started, let’s sign in to Sumo and take a look at some of the data that’s available to you.

Sign in

Open a browser, go to your Sumo URL, and sign in. URLs can vary based on your setup or your sign-in credentials, so check with your organization’s Sumo administrator. You begin on the Home page experience.

See what data is available

To see what data is available to you, you can always click Manage > Collections and search your collectors for sources of logs and metrics.

 But you can also see the same data sources by running a quick search.

Let’s open the Search page.

  1. Click   on the top tab bar to select an action.
  2. Select Log Search.

  3. The Search page opens.

    The data that’s available to you is organized by source categories. To see all the available categories, let’s do a simple search query that counts all the log messages by source category.
  4. In the search query area, enter:

    * | count by _sourceCategory
     
  5. Press Return. Sumo completes the search and presents the results.

    The top area shows a histogram of results, but that’s not what we’re interested in at the moment. Instead, take a look at the text results below the histogram. There’s a list of all the available source categories, with a count of the messages for each that have been ingested by Sumo during the past 15 minutes (the default 15-minute interval has been pre-selected in the upper right corner).

Suppose you’re interested in log messages for Apache Access, which is listed as a source category. You could start creating queries now to find the messages you’re interested, but that might not be necessary.  

  • Someone else in your org might have shared saved searches or dashboards for Apache Access.

  • If no one else has installed and shared the data, the Apache Access app might have what you’re looking for.

Let's explore both options.

Find and display a shared dashboard

To see whether someone if your organization has shared Apache Access searches or dashboards:

  1. Select Org from the left-nav menu, enter Apache Access in the search field, and press Return.


     
  2. The search results include any matching saved searches or dashboards. In this case, the search finds a dashboard that’s been shared by someone in your org.
     
  3. Double-click the entry to open the dashboard. The dashboard contains the panels that the owner has set up to monitor Apache Access messages in meaningful ways.

     
  4. If the dashboard contains the information you’re looking for, or something close to that, great! Part 4 of this tutorial shows how you can modify dashboards and the associated search queries to tune your results.  

Install an app and view content

If the dashboard doesn’t show the type of information you’re looking for, or if your library search didn’t find any useful shared searches, it’s a good idea to install the Apache Access app.

Sumo Logic apps deliver out-of-the-box dashboards, saved searches, and field extraction for popular data sources. They’re the best way to start exploring a new data source on your own.

To install the Apache Access app:

  1. Click App Catalog in the left nav.


     
  2. Enter Apache in the search field, and press Return to show the matching apps.

  3. Double-click Apache to open its app page, and click Add to Library.


    Clicking this button isn't the final installation. Instead it will launch a window with a few options for the app.
    1. You can name it something else if you want more than one copy of the app in your personal folder, for example. For now, keep the name Apache.
    2. You can choose a data source or have Sumo pick the most logical data source for you. For now, let's take the default.
  4. Click Add to Library in the dialog box to confirm your selection.

    The app is added to the library. Now you can share the app with others in your organization so they can see the dashboards and saved searches for the Apache Access app.
  5. Hover over the Apache Access app in the left nav to display its details pane. Click the three dots to see the menu.


     
  6. Select Share from the dotted menu.

  7. Select Your organization, and click Save.

    Now others in your organization will see the Apache Access app when they select the Org folder in the library.
  8. Now that the app is created and shared, let’s see what it contains. Click Personal on the left nav or on the Library page, and double-click the Apache folder. 
  9. The app includes a bunch of predefined saved searches and dashboards. Let’s open a dashboard. Scroll down to the Apache - Overview dashboard, and double-click to open it. Notice the panels that are already created for you.

Summary

Congratulations! You’ve completed these tasks in Part 1 of the Using Sumo Quick Start tutorial:

  1. Signed in to Sumo Logic.

  2. Searched for source categories to see what data is available to you.

  3. Searched for and viewed a dashboard that’s been shared by someone in your organization.

  4. Installed an app, shared it with others, and opened one of the dashboards included in the app.