At Misfit Wearables, we’ve been using Sumo Logic with great success and we wanted to share our story. We create smart devices that promote fitness and wellness. In order to develop great devices, capturing and analyzing data are critical tasks. We previously used a well-known open source log management tool. This tool was slow, limited and didn’t really deliver the value that we were looking for, yet for some time we had come to merely accept what we configured it to do for us. When we made the change to Sumo Logic, we saw some big changes. In summary Sumo Logic is an effective tool to manage logs and analyze data and is widely used by all our engineers in Misfit. However it goes way beyond that. The feedback from our product team has been tremendous and the main thing that is different is performance. Today, with Sumo Logic running in our environment, a job that once took five to ten minutes now takes several seconds. That was the beginning of our Sumo Logic story, because we are now implementing the Partition feature throughout our environment, and we’re already seeing results. Partitions has taken us to another level of performance improvement.
To describe our environment, we collect a lot of data, but our setup is not unusual. Each day, we collect various logs from different collectors such as servers, clients, customers, websites and stores. Then by using the Data Forwarding option, all of these can be backed-up by an AWS S3 bucket.
Sumo Logic also provides us an Anomaly Detection tool that can help us to automatically uncover security and other issues in real time. For those that are new to the software, there are a number of useful support features that make things easier such as Amazon Cloud Front, Data Volume, AWS Cloud Trail and Log Analysis Quick Start. Adoption and value have thus come about quickly at Misfit, and we are constantly finding ways to save time and effort with this powerful tool.
Recently, Sumo Logic introduced a feature called “Partitions” and we have started implementing it in a number of productive ways. For example, we now can easily filter a subset of one collector into a partition by creating an index. With this approach, we have seen drastically improved search query performance based on the reduced total number of messages that need to be searched and all partition indexes can now be automatically included in searches.
To better understand the new feature, we have set up the following test:
- We chose a small-size collector, which only has around 2% of total daily volume.
- Then, we measure the query time by using the default index and one specific index for this collector during last N days (N = 1, 2, 3,…,14).
For example searching some logs during “Last 14 days”, using the default index will take about 154 seconds; meanwhile it only takes 12 seconds by creating an index for this collector. We save a lot of time, effort and resources with this new feature which helps with product development cycles.
Saving time and resources on query and analysis is critical to our product. We here at Misfit Wearables have enjoyed using Sumo Logic and we look forward to further emerging features from the company that help us in what we do every day which is improve our product day by day and even hour by hour.
Binh Nguyen @ Misfit Wearables