Skip to main content

Sumo Logic Data Volume App

Thumbnail icon

The Data Volume App provides you with a summary and detailed views of your account's data usage volume by data type, tier, category, collector, source name, and hosts via predefined searches and dashboards.

Before you can install and use the Data Volume app, an administrator must first enable the feature. For more information, see Enable the Data Volume Index below.

The Data Volume Index gathers volume data as soon as it is enabled. It will not gather data from legacy versions or backfill data.

Enable the Data Volume Index

The Data Volume Index must be enabled by an administrator.

To enable the Data Volume Index:

  1. Go to the Administration > AccountData Management page.
  2. Under Data Volume, select Enable.
Enable Data Volume Index

A message confirms that the feature is enabled.

Installing the Data Volume app

To install the app:

  1. From the Sumo Logic navigation, select App Catalog.
  2. In the Search Apps field, search for and then select your app.
  3. Optionally, you can scroll down to preview the dashboards included with the app. Then, click Install App (sometimes this button says Add Integration).
  4. On the next configuration page, under Select Folder for your App, complete the following fields:
    • Folder Name. You can retain the existing name or enter a custom name of your choice for the app.
    • All Folders (optional). Default location is the Personal folder in your Library. If desired, you can choose a different location and/or click New Folder to add it to a new folder.
  5. Click Next.
  6. Look for the dialog confirming that your app was installed successfully.
    app-success-sumo-apps.png

Once an app is installed, it will appear in your Personal folder or the folder that you specified. From here, you can share it with other users in your organization. Dashboard panels will automatically start to fill with data matching the time range query received since you created the panel. Results won't be available immediately, but within about 20 minutes, you'll see completed graphs and maps.

Set up Burndown Rates for Consumables

Burndown rate is the ratio for the number of Credits consumed per 1 GB of ingested data. This ratio is different for each tier. Similarly, Cloud SIEM ingest, Metrics and Tracing have their own burndown rates.

Credit VariableUnitDefault Credits per Unit
Cloud SIEM1 GB25
Logs - Continuous Analytics1 GB20
Logs - Frequent Analytics1 GB9
Metrics1,000 DPM3
Logs - Infrequent Ingest1 GB0.4
Tracing- Ingest1 GB14

The Data Volume App is set up to use these default burn down rates. However, these may vary for your Sumo Logic account based on your contract. Please confirm and change these default burn-down rates if necessary by working with your Sumo Logic Account Executive. This will ensure that the Credits dashboard will match the usage reported on the Accounts page.

Viewing Data Volume Dashboards

For each panel in a dashboard, you can perform the following actions:

  • To display details for the panel time range, hover over the text in the top right corner.
  • To zoom into a panel for more information, click the magnifying glass icon in the header.

Overview

The Data Volume - Overview dashboard helps you understand your ingest in terms of Logs (by Tiers), Metrics, and Tracing capabilities.

Use this dashboard to:

  • Identify the top sources, collectors, or hosts by ingesting data volume across logs, metrics, and traces
Data volume dashboards

Logs

The largest data ingest typically comes from log volumes. The Data Volume - Logs dashboard allows you to view your log ingest volume by tier by ingesting spikes, outliers, and quota.

Use this dashboard to:

  • Determine the log ingest volume and trends in GB across various tiers.
  • Identify spikes where current hour ingestion is above 50% from the last hour. Identify outliers and forecast your data ingestion.
  • Determine the log data for default index and top non-default indexes.
  • Compare current ingestion to capacity and review any overages. You must configure the “Daily_Log_Ingest_Capacity” variable based on your Account Subscription. If you have Credit based plan, please check with your account executive to determine these values for your account. Otherwise, see Administration > Account > Account Overview to get your capacity values.
Data volume dashboards

Data Volume Logs by Metadata Fields

The Data Volume - Logs by Metadata Fields dashboard allows you to view log ingest volume by tier, source categories, collectors, and hosts.

Use this dashboard to:

  • Identify the top 5 sources categories, source hosts, and collectors by ingest volume
  • Examine ingestion trends over time
Data volume dashboards

Metrics

The Data Volume - Metrics dashboard allows you to view your metrics ingested, identifies ingest outliers/spikes, and helps predict what ingestion is going to be.

Use this dashboard to:

  • Determine the ingested DPM by various dimensions their
  • Examine trends over time.
  • Identify the spikes where current hour ingestion is above 50% from the last hour.
  • Identify ingestion outliers and forecast data ingestion, analyze the comparison of your current ingestion to your capacity, and review any overages. You must configure the “Metric_DPM_Ingest_Capacity” variable that needs to be configured based on Account Subscription. If you have a Credit-based plan, please check with your account executive to determine these values for your account. Otherwise, see Administration > Account > Account Overview to see your Capacity Values.
Data volume dashboards

Log Spikes

The Data Volume - Log Spikes Dashboard helps you quickly identify significant increases in data ingested. Review details of your data ingested for logs.

Use this dashboard to:

  • Identify ingest outliers
  • Determine the spikes for top sources compared with the previous day
Data volume dashboards

Capacity Utilization

The Data Volume - Capacity Utilization dashboard provides views of subscribed, actual, and percentage capacity utilization for logs and metrics.

Use this dashboard to:

  • Identify the log and metrics ingestion capacity of your subscription. You must configure the "Daily_Log_Ingest_Capacity" and “Metric_DPM_Ingest_Capacity” variables based on your plan with Sumo Logic. If you have a Credit-based plan, please check with your account executive to determine these values for your account. Otherwise, see Administration > Account > Account Overview to view the log ingest capacity value and metric DPM ingest capacity value.
  • Identify the average ingestion and subscribed ingestion capacity by percentage for logs and metrics.
Data volume dashboards

Tracing

The Data Volume - Tracing dashboard provides views of your Tracing data ingest by billed bytes and span counts per minute.

Use this dashboard to:

  • Determine the ingested billedBytes/spansCount for tracing and examine trends over time.
  • Identify spikes in ingestion, where ingestion for the current hour is above by 50% from the last hour.
  • Identify the outliers (and forecast your data ingestion).
  • Identify the top 5 source categories, source hosts, sources, and collectors by span count and billed bytes.
Data volume dashboards

Credits

The Data Volume - Credits Dashboard helps you understand how your credits are being used across Logs, Metrics, Traces, and data tiers.

Use this dashboard to:

  • Identify the number of credits consumed and trends across Logs (by different tiers), Metrics, Tracing.
  • Determine the top sources based on their credit usage for Logs (by different tiers), Metrics, and Tracing.
Data volume dashboards
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.