Sources for Installed Collectors
You can configureΒ a variety of Sources on Installed Collectors.
In this section, we'll introduce the following concepts:
ποΈ Collect Forwarded Events from a Windows Event Collector
Use a Windows Event Source to collect forwarded events from a Windows Event Collector.
ποΈ Docker Sources
Configure a Docker Logs or Docker Stats Source.
ποΈ Host Metrics Source
An installed Sumo Logic Collector can collect host metrics from a local host.
ποΈ Local File Source
Create a Local File Source to collect log messages from the same machine where a Collector is installed.
ποΈ Local Windows Event Log Source
You can collect local events from the Windows Events Viewer.
ποΈ Windows Event Source Custom Channels
Find Windows event channels to collect with a Local Windows Event Source.
ποΈ Local Windows Performance Monitor Log Source
Collect local performance data from the Windows Performance Monitor.
ποΈ Streaming Metrics Source
Add a streaming metric source to an installed collector to collect Graphite, Carbon 2.0, or Prometheus metrics.
ποΈ Syslog Source
The Syslog Source obtains syslog messages by listening on a designated port.
ποΈ Define Boundary Regex for Multiline Messages
By default, Sumo Logic Sources have multiline processing enabled, which is useful when logs contain messages that span multiple lines separated by line breaks, such as a stack trace.
ποΈ Preconfigure a Machine to Collect Remote Windows Events
You can configure a system for remote access by a Remote Windows Event Log Source.
ποΈ Preconfigure a Machine to Collect Remote Windows Performance Monitoring Logs
You can configure a system for remote access by a Remote Windows Performance Monitoring Log Source.
ποΈ Windows Active Directory Inventory Source
A Windows Active Directory Inventory Source collects inventory data from Active Directory Database.
ποΈ Remote Windows Event Log Source
Collect Windows event logs from a remote machine.
ποΈ Remote Windows Performance Monitor Log Source
Set up a Remote Windows Performance Monitor Log Source to collect remote performance data from Windows Performance Monitor.
ποΈ Script Action
A Script Action receives data uploads that are triggered by a scheduled search.
ποΈ Remote File Source
2 items
ποΈ Script Source
3 items