Top 10 Systems Administrator Searches
Hello,
I just finished deploying Sumo to our entire enterprise, some 6000+ Linux servers. I love it, but I'm having a bit of trouble selling the rest of the team on it. I've pointed them at a couple of tutorial videos that I have found on Youtube, but it hasn't helped much. I think it would be better if I could compile a list of example searches to show them, and maybe pin to a dashboard. I've figured out a couple useful searches but I'm still pretty new at this myself.
Any sysadmin-centric example searches you could provide would be greatly appreciated. Thanks in advance.
++alex
-
Have you installed the ** Linux App** ? Each of the panels runs a query which you can load by clicking on the panel.
-
Agreed. Linux App would be the best place to start for this. A whole host of searches from password changes to root activity to system events and auditing included in this app. Our Unix team has taken advantage of these searches already being written for us.. no need to recreate the wheel.
-
Did you see the "Suggested Searches for Linux OS Systems" help page?
-
Hi Richard,
There are a few possibilities here. It's possible that your Linux logs are in a different format than our parsers expect, you may not have experienced the events that the query is looking to detect, or your time range may not encompass the period when these events could have occurred. We'll reach out directly to review with you.
-C.b.C.
Please sign in to leave a comment.
Comments
6 comments