Quickstart Tutorial- Windows Collector- Featured Video

Quickstart Tutorial- Windows Collector - Featured Video

In this demo we're going to focus on installing a collector on Windows. If you have never installed any collectors into your Sumo Logic account, you will see this screen whenever you log-in. It will help guide you through the collector install. So we'll click on next. You would see two choices, install collector and hosted collector. We're going to go to install collector because those are the kind you install in servers. We can see the different source of collector installs we have available. In this case, we're installing a 64-bit Windows so that's the one that I want to download. Now I've already downloaded that on to another system so I'm going to switch over that now. Run that. Then accept the license agreement. Now I'm going to use a default installation directly but you can install it indirectly if you like. My default, the installer was set up to run as administrator. You do not have to have the collector run as administrator. But if you don't use administrator, make sure that it has a log on a service rights and has access to the logs that you would like to monitor. Okay, now we can choose the collector name we'd like to use. I'm going to choose Windows Collector. You can also choose to have a default with the local Windows event log. I'd like to have that. Set our credentials and our password. Now the installer will attempt to register and activate the collector on sumologic.com. Okay, looks like it worked.

Okay. Now let's take a look at our installer we just set up. There we can see the local Windows event log. Now I want to set up a source for my IS logs as well. Okay, and let's put in the file path. Now the source host, you should only use that when you like to override the default host name being provided. In this case, I'm going to leave that alone. The source category allows me a way of searching across lots of different servers with logs of the same types. In this case, I'm going to name it ISS Access. Now it's also very important that you set your time zone. If you set that incorrectly, your logs can look like they're in the future or in the past depending on how different the time zone is from the actual time zone in the server. In this case, we're going to pick UTC. Now the trick with IS logs is that they will be in UTC no matter what based on the settings from Microsoft so make sure to set that in UTC. Let's go look at our collector again. In here, we can see we have both sources. If we go look at status, we can see that we properly ingested logs from our Windows server. So thank you for watching this Quickstart tutorial. I encourage you to go look at our other tutorials about searching and creating dashboards, another thing to help you be more productive with Sumo Logic. Thank you.