Avatar

Mark Drummond

  • Total activity 62
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 11
  • Subscriptions 15

Posts

Recent activity by Mark Drummond Sort by recent activity Recent activity Votes
  • Geo lookup on "data.ip OR ip"

    Due to a change in log format, the IP addresses I want to do a geo lookup on might be stored under "data.ip" for new logs, or just "ip" for older logs. I want to do the equivalent of: | lookup lati...

  • Log access defaults to allow all?

    Is it my imagination or is the default log access behaviour in Sumo "allow all"? It seems to me that, in order to limit someone's access to logs, I must assign them at least one role that limits th...

  • Searching from a list of keywords

    Example: "I need all log entries related to users 'jane', 'john', 'alice', and 'bob'." Given a list of user identifiers, search my logs for log entries that match any of the user identifiers in the...

  • Understanding search filters

    ref: https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/Construct-a-Search-Filter-for-a-Role Just looking for some confirmation of my understanding of filters on roles: Scenario: Imagin...

  • Histogram of the elements in a list in a JSON log

    Edit: I think I am asking the same thing that is being asked here: https://support.sumologic.com/hc/en-us/community/posts/360005813714-Counting-number-of-elements-in-json-array?input_string=Histogr...

  • Auth0 app dashboards are broken

    The queries behind at least some of the default dashboard panels in the Auth0 app are pretty broken. Two examples (there are more): Top 10 Users by Successful Login _sourceCategory = my/auth0/logs ...

  • "Cannot lookup on event_code. The field event_code doesn't exist in the lookup file."

    I have a CSV here. When I try to run a lookup against it, I get: Cannot lookup on event_code. The field event_code doesn't exist in the lookup file. My query: _sourceCategory=auth0/prod| json field...

  • Library - Personal folder vs named folder

    I've been using Sumo for a couple years now, so this seems like a real basic and silly question, but what is the difference between the "Personal" folder and the folder with my name? If I open the ...

  • Shared dashboard now asking for login

    I have a dashboard that is shared with a whitelisted IP address (my corporate head office). Just recently the link / whitelisting stopped working as expected and started asking users behind the whi...

  • Counting JSON fields inside array of logs

    The sendgrid email service sends its logs in a JSON array: [ { // Log 1 event: "event1" }, { // log 2 event: "event2" }, ...] I want to extract and count the event types, but my in...