2022 Gartner® Magic Quadrant™ SIEM
Get the reportMore
As a DevOps, SecOps, or IT operations manager, you're surrounded by all the technology for the systems running the entire organization. This means legacy infrastructure, multi-cloud environments, services, tools, and applications. All of these components generate data—a huge amount of data—some of which you need to leverage for full-stack observability to ensure those systems supporting the business are running efficiently. But how can you effectively manage data usage and consumption costs while getting the most for your observability needs?
The Data Volume App for Sumo Logic takes the guesswork out of managing data consumption for monitoring analytics of your critical business systems. Our updated Data Volume App provides you with the ability to view and track account usage by data type (logs, metrics, traces), data tier, category, collector, sources, and hosts. In addition, you will also be able to track usage in both native units as well as credits. Our goal is to make it easy for you to know exactly what and how much of the data is being consumed.
The Data Volume App is based within the Data Volume Index which needs to first be enabled by an administrator.
Once this index is enabled, it will start gathering ingest volume data for logs, metrics, and traces sent to Sumo Logic across various tiers and various Sumo Logic collector dimensions (such as collector, source category, sources, etc.) and report it back via log file messages.
You can then directly either analyze this data yourself by running log search queries or use the app to streamline the analysis for you. To search on logs and traces volume data see this document and to search on metrics ingest see this document.
Once the index is enabled, you can install the app to automatically analyze the data from the index.
The largest data ingest typically comes from log volumes. The Data Volume - Logs dashboard allows you to view your log ingest volume by tier by ingesting spikes, outliers, and quota.
Various log tiers include:
Continuous Tier - data you use to monitor and troubleshoot production applications and to ensure the security of your applications.
Frequent Tier- data you need to frequently access to troubleshoot and investigate issues. For example, you might use the Frequent tier for development and test data that helps you investigate issues during development.
Infrequent Tier - data used to troubleshoot intermittent or hard-to-reproduce issues. For example, you might use the Infrequent tier for debug logs, OS logs, thread dumps, and other occasional-use cases.
CSE Tier - used to account for any data being forwarded to CSE for security use cases. Records that include the “_siemforward” flag are the ones that count against CSE tier usage.
In addition to understanding unexpected spikes in your log ingest, check out the Data Volume - Log Spikes Dashboard to help identify ingest outliers and determine the spikes for top sources compared with the previous day.
The Data Volume - Metrics dashboard allows you to view your metrics ingested, identifies ingest outliers and spikes, and helps predict future ingestion.
You can determine ingested DPMs across various dimensions and easily analyze trends over time for better data management.
The Data Volume - Tracing Dashboard provides views of your tracing data ingest by billed bytes and span counts per minute.
This dashboard lets you easily determine the ingested billedBytes and spansCount for tracing and analyzing trends over time. Additionally, you can identify ingestion spikes and the top five source categories, source hosts, sources, and collectors by span count and billed bytes.
To understand how much allocated capacity has been used, check out The Data Volume - Capacity Utilization Dashboard that provides views of subscribed, actual, and percentage capacity utilization for logs and metrics.
This dashboard allows you to identify the ingestion capacity of your subscription. You can also see and compare the average ingestion versus the subscribed capacity to ensure capacity is meeting demand.
Sumo Logic’s credit-based licensing option provides flexibility to utilize credits and maximize the value from the analytics platform while controlling costs.
The Data Volume - Credits Dashboard helps you understand how your credits are being used across logs, metrics, traces, and data tiers, giving you more flexibility to utilize the data ingested in the right places.
This dashboard view enables you to easily see the number of credits consumed and how they are divided across logs (by different tiers), metrics, and traces. You can also determine the top sources based on their credit usage, giving you a more complete picture of how and where credits are being used.
In summary, the Sumo Logic Data Volume App provides you with a summary and detailed views of your account's data usage volume by data type, tier, category, collector, source name, and hosts via predefined searches and dashboards.
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.Start free trial