Verifying data in Sumo Logic

Reception of audit logs are verified using the Sumo Logic web interface. One way to do this is to search for events using the name of the collector and source.

Prerequisites

Note: The examples and graphics provided on this page are for representation purposes only and may not accurately reflect your specific instance. We do not assume responsibility for their maintenance or accuracy.
Perform the following steps to verify the data in Sumo Logic:

Procedure

  1. Generate an audit log by generating an event. For example, create a user (Create a user).
  2. Go to Audit log to see the entry in the logs.

    In Sumo Logic, you will notice the event logged in the source that you configured when setting up Sumo Logic. Setting up Sumo Logic

  3. Navigate to Manage Data > Collections
  4. On the Collection tab, click Open in Log Search icon next to the respective log source.
    Sumo Logic Open in Log Search
    It displays events filtered by collector and source. A user creation event in JSON format sent to Sumo Logic through HTTPS is displayed.
    Sumo Logic view the logs