Avatar

Graham Watts

Follow
  • Total activity 106
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 1 user
  • Votes 0
  • Subscriptions 64

Activity overview

Latest activity by Graham Watts
  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. Sending Data
    3. Showing two searches in the same graph

    Hey Soumya,You can plot both series in one table like this: (_sourceCategory=app1 or  _sourceCategory=app2) "HTTP/1.1 500" | count by _sourceCategory| sort _count You could also plot these over ti...

  • Avatar

    Graham Watts commented,

    1. Community
    2. Managing Sumo Logic
    3. Data Limit per collector?

    Hi Sagan, You can use our new feature, Ingest Budgets, to apply a limit of collection per collector. This assumes you have an Enterprise Sumo subscription. Let us know if this is what you are looki...

  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. Using Sumo Logic
    3. List of unique sourceHosts in a sourceCategory

    Hey David,Can you try this query and let us know if this is what you're trying to see? _sourceCategory=prod/network| count by _sourceHost // assuming these are the source IPs| count by _sourceHost ...

  • Avatar

    Graham Watts commented,

    1. Using Sumo Logic
    2. Searching Logs
    3. How to Create and Alert on Ratios or Percentages

    Hey Ramakrishna,Are you trying to show the trend in percent of 400s? If so you could use something like this: _sourceCategory=graham/travel/nginx| parse "HTTP/1.1\" * " as sc nodrop| if(sc matches ...

  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. General Discussion
    3. Parsing- need help

    Hey Aakif,Parse regex multi will allow you to parse out as many values for LoadBalancerName as there are in each log:https://help.sumologic.com/05Search/Search-Query-Language/01-Parse-Operators/02-...

  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. Using Sumo Logic
    3. How to write this subquery

    Hey Alex,Transactionize can be very useful especially in this type of use case. Another way to get the duration is to use max() and min(), then do some math by each trace-id:| max(_messagetime), mi...

    • View comment
    • Graham Watts
    • Edited
    • 0 votes
  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. Using Sumo Logic
    3. Custom fields on metric queries

    Hey Eliezer,I would suggest 2 options here: 1. Consider using Carbon2 metrics format Depending on what is generatin the metric, that tool may have an option to do this Carbon2 format allows you to...

    • View comment
    • Graham Watts
    • Edited
    • 0 votes
  • Avatar

    Graham Watts commented,

    1. Community
    2. Sending Data
    3. integrating redshift with sumologic

    Hey Ravi,Seems like there are 2 options here: Collect the data in Sumo and query it there- Where is the data coming from? If its already in S3 or CloudWatch log groups you can use native Sumo sour...

  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. Applications and Integrations
    3. Automatic dashboard creation

    Hello Team Romania,We are currently building a Content API that will allow you to create dashboards automatically via API calls.If you don't mind, please vote and comment at the link below so that ...

  • Avatar

    Graham Watts commented,

    Official comment
    1. Community
    2. Using Sumo Logic
    3. Line or Area chart of calculated field over time?

    Hey Felipe,You'll need to use the timeslice operator to create a trend over time, you might try something like the below query to take the average of the effectiveness value in 5 minute increments ...