12
Feb

Micro Lesson: Adding a Source


At the end of this lesson, you will be able
to define a Source and learn how to add a Source in Sumo Logic. Sources are configurations that collect logs
and/or metrics from your hosts, appliances and cloud infrastructure. Sources are added to collectors in a specific
way, depending on the type of Collector you’re using. The maximum number of Sources allowed
on a Collector is one thousand. There are a number of Source types in Sumo
that work with Installed Collectors. Local and Remote File Sources collect logs
from selected directories, Windows Event Log Sources collect Windows events from the Collector
host, or a remote one. Docker Sources collect Docker container logs,
events, and stats from Docker. Available for Linux, MacOS, and Windows, Host
Metrics Sources collect CPU, memory, and other OS metrics. Similarly, Sumo Logic can host many types
of Sources for you. Sumo Logic offers Sources to collect from many AWS
products. Amazon Simple Storage Service (or Amazon S3)
provides a Web services interface that can be used to store and retrieve any amount of
data to Sumo Logic. You can configure a cloud syslog source to
allow a syslog client to send syslog data to Sumo Logic. Add a Google Apps Audit Source to ingest audit
logs from Google apps. You can export in real time all of the data
collected by Stackdriver to Google Cloud Pub /Sub. Sumo Logic uses the Pub/Sub integration
to push logs to our platform in real time. An HTTP Source is an endpoint for receiving
logs and metrics uploaded via a URL. You can even collect Audit Log content types
to track and monitor usage of Microsoft Office 365. Once you’ve set up a collector on a machine
in your environment, let’s see how to add a source. In Sumo Logic, from the Collection
page, select a Collector and click Add. From the drop-down list, click Add Source. For this demo, I want to look at the logs
in the Apache Access file downloaded to my computer. That’s a local file source, so I click
Local File. Let’s add a name to identify the source. For the file path, I am using the path to
the apache access text file that I downloaded earlier. Let’s enter a name for Source Host and Source
Category, so you can easily refer to the source in Search queries. Remember, defining an appropriate source category
will allow you to zero in on your data anytime by specifying the source category in your
queries. Click Save. Click Collectors and Sources to return to
the list on the Collection page. The new source is now listed. The green checkmark indicates that its status
is active. Hover over the source category and click the
blue search icon. The Search page opens to show the search results. Sumo Logic will start ingesting data from
the source. You can verify that your data is now being
ingested by running a search. If you don’t see any data, check the Apache
Access file you downloaded and make sure that the date stamp on the messages matches the
time interval on the Search page. We hope this video helps you to add a source
using Sumo Logic. Thank you for joining.

Tags: , , ,

There are no comments yet

Why not be the first

Leave a Reply

Your email address will not be published. Required fields are marked *