Sumo Logic – example json’ery
Creating a configuration strategy for your Sumo Logic collector requires you to decide on whether you are going to use the web interface to control your collector or use a JSON configuration file.
Creating a configuration strategy for your Sumo Logic collector requires you to decide on whether you are going to use the web interface to control your collector or use a JSON configuration file.
My dashboard – I took the Cisco ASA application from Sumo Logic and converted it into a dashboard that is built from the logging of a Fortigate firewall.
An additional panel that provides a representation of IPS triggered rules.
What you trade for in using Sumo Logic (simplicity, no-maintenance, available everywhere) you pay for in time and complexity when you use ELK for your log management activities.
Finding usage of applications behind your Fortigate firewall can be easily done using Sumo Logic via a dashboard or scheduled search.
Sumo Logic charges for their service by the amount of date ingested into their platform. The examples in this post show you how to get a report of usage broken down by category.
Postfix + Dovecot syslog logs fed into your into Sumo Logic collector.
Parse it to display dashboards of meaningful information and graphs.
Did you know that the Fortigate emits events specific to performance metrics for further analysis?
Me either. Until earlier today.
Finding usage of specific IPs behind your Fortigate firewall can be easily done using Sumo Logic and a dashboard or scheduled search result.