How can we help you?
Browse the Sumo Logic Support Center to find information on data collection, search queries, alerting, account settings and more
Knowledge Base
Troubleshooting tips, frequently asked questions and how to articles
Account Management and Billing
- How can I get a copy of an invoice?
- Can we delete data already sent into Sumo Logic so that search results don't show this data?
- Discrepancy between Account Usage Details and Log Data Volume Index data
- How to I change or edit my Organization name?
- How to increase the number of users?
- Can I merge multiple Sumo Logic accounts into a single account?
Applications
Content Management
Field Extraction Rules
Managing Users and Roles
- "Unable to sign in. Your account has been locked"
- What are Role Search filter limitations?
- When I try to enter any of the certification courses, I encounter an SSO error that says 'last name is required.'
- Azure AD SSO error SAML authentication request's RequestedAuthenticationContext's Comparison value must be "exact".
- Users are not receiving the welcome or password reset email
- When are password Policy Changes Applied to Users?
Security
Collectors
- How do Sumo Logic store access tokens for collecting Office 365 logs?
- How can I update a collector name after installing a collector?
- High Collector CPU Use After Leap Second
- How to remove HPROF dump files (java_pid*) inside collector installation folder utilising disk space?
- ALB/ELB multiple log lines are being concatenated as single line. What could be causing this and how to resolve it?
- SLF4J errors ingested into Sumo Logic while collecting OKTA logs via SumoJanus package.
Sources
- * ERROR: Registration failed: Invalid source: * The json file C:\Scripts\Sumologic\source.json contains invalid value.
- Collector refuse to remove sources from sources.json (Local file Management Mode) due to multiple filters supplied with the same "Name" key.
- Remote Windows Event Log source fails to connect to the event channel
- Data ingested from an S3 bucket or an HTTP source consumes more storage in Sumo Logic
- How can I ingest Microsoft Teams logs in to Sumologic?
- Cloud Syslog in PEM format
Data Forwarding
- Is there a way to forward the parsed fields used in the scheduled views via Data Forwarding in Sumo Logic?
- When forwarding data to S3, are the logs sent before or after processing rules have been applied?
- If I create a Scheduled View with a start date in the past and data forwarding enabled, how will the data be forwarded?
- Error when creating S3 Data Forwarding: Unable to initiate S3 object uploads
- Data is not Forwarding from Sumo Logic to our S3 Bucket
- Collector Warning message: Unable to forward message to <ip address>-<Port>
Field Extraction Rules
Scheduled Views/Partitions
- Is there any extra data cost when using Partition/Scheduled View?
- Search query does not produce results for frequent tier partition.
- Does SumoLogic use receipt time or message time for calculating data retention?
- If we use the Save To Index feature for alerting, what is the retention period for the same index?
- When I use Save to Index, metadata fields from the Collector (for example, _collector) will be dropped. Does that mean the data in the index will not have any associated metadata?
Metrics
- "Disk_UsedPercent" metric not available for the sources configured under the windows collector. How to resolve it??
- Is there any way to put a custom field on a Host Metrics source or is it constrained?
- Is it possible to export metrics as csv or json data out of Sumo Logic?
- "Count by Log Messages" option in Log to Metrics does not populate the metric values with proper aggregate counts and shows as 1
Searching Logs
- How to return the week number of the year for a timestamp?
- Why aren't my recent logs showing up with my search?
- How should I achieve NOT EQUAL TO in lookup and restrict the display of the records which are there in lookup table?
- Role Filter creation failed with "Internal Limit Error"
- Do you have a parse regex for both IPv6 and IPv4?
- The Live Tail feature is not working. Pressing "Run" does not do anything.
Alerting and Scheduled Search
- Include all the results in a scheduled search email alert.
- What is the default webhook timeout in Sumo Logic? Can we increase it?
- How can I send the alerts to Google hangout?
- Can a Scheduled Search have multiple alert conditions?
- Search Condition does not Trigger Scheduled Search Alert
- Is there a way to recover Scheduled Searches/Alerts that were deleted inadvertently?
Dashboards and Panels
- Explore dashboards are not populated with metrics from my kubernetes cluster
- Switching to live mode dashboard gives "This panel cannot be converted to Live Mode because it has a literal time range"
- How to share a dashboard with an absolute time-range on it.
- There was a problem adding panel to the dashboard.
- Can I manage/edit other user's Dashboard as a content administrator?
- Shared Live Mode Dashboard will not populate for public URL
User Preferences
- Why is the default web session timeout set to 15 minutes for new users in Sumo Logic UI?
- SAML SSO showing "Last Name" required error while accessing certification page
- Is there any way to query user activity for those that have access to SumoLogic?
- How can I set the User Session Timeout Preferences?
Search Job
General
- Terraform Sumo Logic Provider fails with "401-Full-authentication-is-required"
- Internal Error (500) when calling Sumo Logic APIs
- SSL error when running a curl request to the Sumo Logic APIs
- API - 404 Error - Job ID is invalid
- API - 401 Error - Credential could not be verified
- API - 403 Error - This operation is not allowed for your account type
Collector Management
Contact Us
Not finding what your looking for? Reach out to us
