Sumo Logic FAQ

Frequently asked questions about Sumo Logic.

What is the optimal log format to use with Sumo Logic?

When you have full control over your logging format we recommend human readable key-value pairs whenever possible. JSON and XML are also acceptable, though XML is harder to read and parse than JSON. 

Whatever you use follow these rules:

• Use key-value pairs in a regular, defined format such as key=value, so they're easy to parse.
• Start logs with a regular, well-defined timestamp, ideally including a time zone. See timestamp considerations and supported formats for details.
• Start logs with a regular format to make automatically detecting message boundaries easier. See collecting multiline logs for details.

For example, from our own production logs, we use the following:

2012-08-16 13:39:36,979 [metrics] INFO com.sumologic.util.Reporter - com.sumologic.util.scala.Aggregator.Buffer[/usr/sumo/stream-19.5-3/logs/stream.log]-Size-Meter (bytes/s) count=78847, fifteenMinuteRate=0.26, fiveMinuteRate=0.11, oneMinuteRate=0.00, meanRate=1.06

This is a key-value pair log, which is easy to parse and easy to read in Sumo.

What Types of Logs Can I Collect?

The following table lists data types and some of the popular sources that produce logs, which can be collected by Sumo Logic. This list is a sample only to provide a general idea of the possible sources of log data; it is not complete.

Data Type	Popular Log Sources
Custom App Code	Java Log4J Log4J 2 Microsoft .NET Rails
Open Source	Apache Apache Tomcat Hadoop Lucene
Middleware	JBoss Oracle WebLogic webMethods WebSphere
Databases	IBM DB2 MySQL Microsoft SQL Server Oracle
Server / OS	HP UX Linux Mac Red Hat Ubuntu Windows
Virtual	Citrix Microsoft Hyper-V VMware
Network	Cisco ASA Palo Alto Networks McAfee Symantec
Content Delivery	Akamai Amazon CloudFront Fastly Limelight Networks
IaaS / PaaS	Amazon Heroku Windows Google Audit Google Cloud Platform (GCP)
SaaS	Box ServiceNow Salesforce Microsoft Office 365
Security	Cisco McAfee Symantec Qualys

Where is My Data Stored?

Where your data is stored depends on the geographical location the Account Owner selected when establishing your Sumo Logic account. 

• Australia. Your data is stored in the AWS ap-southeast-2 (Sydney) region.
• Canada. Your data is stored in the AWS ca-central-1 (Central) region.
• Europe. Ireland. Your data is stored in the AWS eu-west-1 (Ireland) region.
• Europe. Frankfurt. Your data is stored in the AWS eu-central-1 (Frankfurt) region.
• India. Mumbai. Your data is stored in the AWS ap-south-1 (Mumbai) region.
• Japan. Your data is stored in the AWS ap-northeast-1 (Tokyo) region.
• North America. Your data is stored in the AWS us-east-1 (Northern Virginia) or us-west-2 (Oregon) region.
• South Korea. Your data is stored in the AWS ap-northeast-12 (Seoul) region.
• Federal. Your data is stored in the AWS us-east-1 (Northern Virginia) region.

Your data is stored only in your region. 

For more information, see AWS Regions and Endpoints and our Privacy Statement.