Data Management

Collectors

• How do Sumo Logic store access tokens for collecting Office 365 logs?
• How can I update a collector name after installing a collector?
• High Collector CPU Use After Leap Second
• Windows collector fails to start after Windows 10 1903 feature update
• Windows Collector installation fails when using automation tools (Ansible)
• How can I find a collector id ?

See all 51 articles

Sources

• Collector refuse to remove sources from sources.json (Local file Management Mode) due to multiple filters supplied with the same "Name" key.
• Falco container is crashing while installing Kubernetes on our GKE clusters
• Does Sumo Logic support spaces and dots in the folder names for local file sources and how do I specify the path expression in sources json file?
• How do the Multi-Line processing options work?
• What is Multi-Line processing?
• Why my compressed .gz file is not being ingested by local file source?

See all 36 articles

Data Forwarding

• Error when creating S3 Data Forwarding: Unable to initiate S3 object uploads
• Data is not Forwarding from Sumo Logic to our S3 Bucket
• Collector Warning message: Unable to forward message to <ip address>-<Port>
• How can I store data for longer than my retention period?

Field Extraction Rules

• Does Sumo Logic has any Field Extraction Rule templates?

Scheduled Views/Partitions

• Is there any extra data cost when using Partition/Scheduled View?
• Does SumoLogic use receipt time or message time for calculating data retention?
• When I use Save to Index, metadata fields from the Collector (for example, _collector) will be dropped. Does that mean the data in the index will not have any associated metadata?