Machine Analytics: Correlate Your Logs and Metrics

  • View

  • Download

Embed Size (px)

Text of Machine Analytics: Correlate Your Logs and Metrics

PowerPoint Presentation

Correlate Your Logs and MetricsKalyan RamanathanVP of Product MarketingMario Snchez Director of Technical Content

April 2017

Sumo Logic ConfidentialPREPARATION: Open DemoSlack to #travel_appOpen browser to TraveLogicGenerate Errors for TravelLogic (CTRL + G) Open SE Demo + Operational Overview DashboardOpen CloudTrail Overview/Operations, AWS Lambda, AWS S3 Audit, Amazon VPC Flow, Host Mertics

Launch GTW Survey:How familiar are you with Sumo Logic?I'm new(ish) to Sumo LogicI'm familiar with Sumo Logic Logs but new to MetricsI'm familiar with both Logs and Metrics

Who is Sumo Logic? We are a cloud native machine data analytics company and we help our customers manage the operation and security of their mission critical applications.

What is machine data it includes logs, metrics and events that are generated by apps and infrastructure. Sumo knows to ingest this data, Sumo knows to get insights from this data and leveraging this data, customers can deliver great apps to the end customers


In this webinar, Overview of Sumo LogicUnified Machine Data Platform

Use Case: HootsuiteScaling for Modern Apps

Troubleshooting with a unified Logs & Metrics platform

Sending Logs and Metrics to Sumo Logic


Sumo Logic Confidential

1200+ Customers 2-4x lifetime expand1.

20 Million +Searches performed daily

100 PB +Data analyzed daily 300+ Trillion Records queried daily

Tier-1 Investors

Service ScaleNo limits

Leading Machine Data Analytics Service

Sumo Logic Confidential

Sumo Logic ConfidentialA bit about ourselves

We 1,200+ Enterprise Customers and great brands at thatWe provide fast value to our customers. AirBnB is a great example where the customer started out managing their app security with us and soon deployed it to many of their mission critical applications[USE YOUR FAVORITE EXAMPLE CUSTOMER STORIES TO HIGHLIGHT OUR CUSTOMER VALUE]We have built a very scapable platformIn one day Sumo Logic ingested over 100 TB data and users query/analyze across 300+ trillion records We are funded by Tier 1 investors who find and fund big ideas. And we are happy to have them support us3

DevOps Automation, CollaborationMicro-services Componentized architecture DevOps teams deploy 30x morePuppet Labs DevOps Survey100+ services to build a pageAmazon Architecture200B+ in public cloud spend (2016)GartnerCloud AdoptionElasticity, Scalability

Rise of Modern Applications

Sumo Logic Confidential

Sumo Logic ConfidentialBut what kinds of software applications are companies creating?

Its not the traditional (legacy) software. We are now creating modern applications on modern infrastructure (Stop and ask the customer if they are using such technologies)

We see 3 characteristics for these modern applicationThey are generally built on cloud platform. And many a times on public cloud platformAWS, Azure etc. have very robust cloud platforms with excellent SLAsThey are built using DevOPs practicesApplications are built faster and with higher quality


Unified Machine Data Platform1.

Unified Machine Data AnalyticsLog, Metrics & EventsMachine LearningScalable & Elastic

Modern Application

Track End to End Performance Full Stack VisibilityReal-Time Insights

Fast troubleshooting and root-cause analysis



Sumo Logic ConfidentialThere is a better way to manage your applications - and that is with a unified machine data analytics platform

Your apps and infrastructure already generate lots of machine data (logs, metrics, events)If you can ingest this data and analyze this data (i.e correlate it, identify patterns in this data, be able to visualize and dashboard it), you can get lots of visibility intoThe full stack from the app infrastructure to the servicesThe performance and availability of the application and infrastructure including proactively identifying issuesBe able to manage the security of the application.

Lastly, the platform should also be able to real-time data streams across all the dependent applications and infrastructures, and make sense of the volume of data collect, variety of the data, and variety of the data to provide real-time analytics to solve the problems that arise with this new architecture.


Use Case: HootsuiteMigration to Sumo Logic



ZERO Deploy & Upgrade times No Management OverheadFully ElasticOn DemandUnified Support of Logs and MetricsMachine Learning AnalyticsSecure byDesignNext Generation Multi-tenant SaaSWebinar: Scaling your Tools for Modern Apps

Sumo Logic ConfidentialHootSuiteCloud based modern apps and infrastructureAll in Amazon AWS1500+ nodes running cloud servicesMicroservice based architectureDevOps/AgileDynamic environment with dozens of deploys in production per week

Initial Set upEasy to get startedWidely adopted by startups and technology companiesOpen source (free solution)Good enough capabilities to get started

ChallengesHard to scale and manageWhat works for 100 nodes is challenging at 1000Resource and cost expenditures Too many resources just managing management softwareAvailability and redundancy adds additional expense to the solutionOpen source for logging and metrics looks attractive on paper, costs add up when bulletproofing

Benefits Easy to get startedFull support for AWS with OOB apps & dashboards Very scalable solutionHigh performance and redundancyZero upgrade costsSecurity and compliance of platformPCI, SOC2, etc.Low TCOOne solution to manage all app operations dataSaaS offering - no management required

Unified support for logs and metricsOne dashboard to visualize logs & metrics with integrated contextMachine learning AnalyticsLogReduce, LogCompare dramatically reduce identification and troubleshooting timesMetrics outlier, anomaly detectionMulti-geo capableAvailable globallyFocus on core Hootsuite infrastructureSumo manages operations on monitoring and logging for usDeliver better metrics performance and SLA5 times faster time for logs and metrics in dashboardHigh resolution Logging and metrics infrastructure SLAReduced overall TCO of management of solutionEase of scaleEase of onboardingZero management and infrastructure costsBuild-in upgrades and feature improvements


Sumo Logic: How It Works

MonitorDashboard & AlertTroubleshootAnalyze & CorrelateOptimizeTrend & predict


Sumo Logic ConfidentialHow does Sumo work?

Sumo logic offers a Cloud native SaaS service so we manage the service for you.

Sumo Logic offers locally deployed Collectors or Cloud API to ingest the machine data from apps and infrastructure. Once ingested, Sumpo logic will index the data and you can instantly start to query and analyze the dataYou can setup alerts which will instantly inform you when your thresholds have been breached. You can also create dashboards and reports and share it with your team.


TroubleshootingUnified Logs and Metrics

Sumo Logic Confidential


Unified Logs and Metrics Troubleshooting Demo

ALERT notifies of a critical eventMETRICS to identify whats going onLOGS to identify why its happening

Sumo Logic ConfidentialThis demo will show you how a unified Logs and Metrics solution can reduce your troubleshooting time.- First, well use Alerts to notify a user of a critical event- The Alert will direct us to a Metrics dashboard that helps us identify WHAT is going on- Lastly, well dive into the relevant logs to Identify WHY this is happening

Lets jump right into it.


TravelLogic Travel Booking Site

Sumo Logic ConfidentialTraveLogic is a booking site that uses Sumo Logic the keep an eye on the health of its infrastructure as well as its own application. Lets look at how they use Sumo to troubleshoot.10


Reduced MTTI/MTTRFaster Troubleshooting Contextual analysis of logs and metricsImproved DevOps CollaborationSingle source of truth for Ops & DevOps teamsReduced TCOEliminate multiple tools for logs and metrics analytics

Sumo Logic ConfidentialGreat! Weve seen how Sumo can 1. Reduce the mean time to identification and resolution by providing contextual analysis2. Improve your teams collaboration by using a single source of truth that can be securely accessed and analyzed.3. And lastly, a Unified Logs and Metrics solution eliminates the need for multiple tools, lowering your total cost of ownership.


Sending Data

Sumo Logic Confidential


Sending Logs to Sumo Logic

CollectorCloud Data CollectionCentralized Data CollectionLocal Data Collection




CollectorHosted CollectorsInstalled Collectors123

Sumo Logic Confidential

Sumo Logic ConfidentialHosted CollectorsAllow for seamless collection from Amazon S3 buckets and HTTP Sources.Hosted Collectors don't require installation or activation, and they dont have physical requirements, since they're hosted in AWS.Because there are no performance issues to consider, you can configure as many S3 and HTTPSources as you'd like for a single Hosted Collector.

Installed CollectorsSumo Logic Installed Collectors are lightweight and efficient. You can choose to install a small number of Collectors to minimize maintenance or just because you want to keep your topology simple (Centralized). Alternatively, you can choose to install many Collectors on many machines (Local) to distribute the bandwid