Kevin Keech

1. Community
2. Sending Data
3. How to get Http Request header information from the sumo logs

This is something that would need to be configured within IIS, not within Sumo Logic. You would need to configure IIS to post this information into its logs so it can then be picked up by your Coll...

• View comment
• Kevin Keech
• May 27, 2019 03:35
• 0 votes

1. Community
2. Sending Data
3. Collecting custom application metrics from docker containers

Not currently through the installed Collector. Collecting Prometheus metrics will require a Hosted Collector and HTTP(S) Source and the following script.  https://github.com/SumoLogic/sumologic-pro...

• View comment
• Kevin Keech
• May 20, 2019 16:08
• 0 votes

1. Community
2. Managing Sumo Logic
3. List all Users and their roles in Sumo

Hi Bharat, There is no user export options within the Sumo Logic UI that will allow export of user and role information. However, you can use the user and roles management APIs to pull this informa...

• View comment
• Kevin Keech
• May 17, 2019 16:58
• 0 votes

1. Community
2. Sending Data
3. How to get Http Request header information from the sumo logs

To simply find messages that contain the string "X-On-Behalf-Of" you can add that as a keyword to your search and you should then see any messages containing this string in your results. As long as...

• View comment
• Kevin Keech
• May 17, 2019 16:47
• 0 votes

1. Community
2. Query Library
3. Identify Known Crawlers/Bots in AWS Load Balancer (ALB or ELB) Logs

Austin, This is great. Thanks for posting the details of your query. 

• View comment
• Kevin Keech
• May 17, 2019 16:40
• 1 vote

1. Community
2. Using Sumo Logic
3. Log file time stamp is incorrect for specific logs for the same collector

So the issue is your Source is probably configured to parse out a timestamp from these messages. (this is the default) What is happening is Sumo Logic is parsing the timestamp found in your "Launch...

• View comment
• Kevin Keech
• April 26, 2019 17:28
• 0 votes

1. Community
2. Using Sumo Logic
3. Log file time stamp is incorrect for specific logs for the same collector

The 'Time" value is the time Sumo Logic parsed from the raw log message at ingest time. based on your current Source configurations settings. Your screenshot does not show the raw message content s...

• View comment
• Kevin Keech
• April 26, 2019 17:05
• 0 votes

1. Community
2. Using Sumo Logic
3. summing data from multiple fields and calculating a percentage

Hi SaiKiran, Your question seems unrelated to the original topic of this post so might be good to post this as a separate topic. Just from looking at the results set and your query I am not sure ab...

• View comment
• Kevin Keech
• April 25, 2019 15:05
• 0 votes

1. Community
2. Sending Data
3. Only the First message is being logged.

Hi Frank, From the initial description, it sounds like you might have a timestamp parsing misconfiguration with your Source. If the first line of your logs does not have a timestamp the receipt tim...

• View comment
• Kevin Keech
• April 18, 2019 20:54
• 0 votes

1. Community
2. Using Sumo Logic
3. count duplicates by timeslice

Does the following work? This should provide a value for duplicates for each timeslice.  _sourceCategory=prod | parse "Id=*;" as marketId| timeslice 1s| count(marketId) as c, count_distinct(marketI...

• View comment
• Kevin Keech
• April 03, 2019 17:49
• 0 votes