Harinder Bhandari
- Total activity 143
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 1
- Subscriptions 80
Comments
Recent activity by Harinder Bhandari Sort by recent activity-
Since your app is logging data to local file system. You can use an installed collector and configure a local file source to upload data to Sumo Logic. Here are steps to install a collector on Lin...
-
Hi Zack, You can use this search query: _sourceCategory=windows ("4723")| parse regex "\"EventID\"\:\"(?<EventID>.*?)\"," nodrop| parse regex "\"TimeCreated\":\"(?<event_time>.*?)\"," nodrop| pars...
-
Hi Zack You can use this search using parse regex: _sourceCategory=windows ("4720" OR "4723" OR "4724")| parse regex "\"EventID\"\:\"(?<EventID>.*?)\"," nodrop| parse regex "\"TargetUserName\":\"(?...
-
Hope you have created an installation token as per steps documented here: https://help.sumologic.com/Manage/Security/Installation_Tokens If it is taking longer than expected to register your colle...
-
After a partition is created in a given tier, you can't change its tier. If you decide the data should be in a different tier, you must decommission the partition and create a new one.
-
Can you please try this query: _source="IIS_source" and _collector="test1"| parse regex "(?<server_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (?<method>\S+) (?<cs_uri_stem>\S+) (?<cs_uri_query>\S+) (?<...
-
Hi Sumit, You should install a collector on the local machine as explained here: https://help.sumologic.com/03Send-Data/Installed-Collectors/03Install-a-Collector-on-Windows Configure a source to a...
-
You can add either of the built-in-metadata fields like _collector, _sourceCategory,_sourceHost or _sourceName to narrow down the scope of the search. This will you finish the search faster. Also, ...
-
These two links should be able to help you ingest Mulesoft logs into Sumo Logic. https://apisero.com/how-to-send-mule-application-logging-entries-to-sumologic/ https://docs.mulesoft.com/runtime-man...
-
Hi Juan, Can you please try this RegEx: .*START\s+RequestId.* If the messages are multiline, then try this regex: (?s).*START\s+RequestId(?s).* Let us know if this works. Thanks.