Is there a way to search by source's IP address?

Follow
Avatar
Arya Goudarzi

Is there a way to search by IP address for the machine that local collector is running on? For example something like sourceIP?

1

Comments

2 comments

Sort by Date Votes
  • Avatar
    Keith

    Hi Arya,

    By default, the IP Address is not appended as message metadata. If you are searching for a known IP address contained in your logs, you can enter the IP in the search bar.

    If your logs contains unknown IP's, you can parse them out using the following instructions to return all messages containing an IP address.

    https://support.sumologic.com/entries/21646086-Parsing-an-IP-Address-Using-the-Query-Language

    Another solution is to search on _sourceHost, which should be unique to the collector.

    Best Regards, -Keith 

    0
    Comment actions Permalink
  • Avatar
    Takahiro Masuda
    • Edited

    One of the collectors I have is named incorrectly. I can't find where the logs are coming from. Is there a way to find the source IP of the collector the logs are coming from?

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post