Sumo Logic: Making It Easier to Dig Deeper into Machine Data

Log management and analytics vendor Sumo Logic wants to put more data — even old log data — into customers’ hands, adding new features to make that possible and digging deeper in support of Docker and Kubernetes.
It announced the enhancements last week at DockerCon 2018 in San Francisco, along with results from a survey it commissioned from 451 Research outlining businesses’ increasing use of machine data not just for IT operations, but to help drive their core mission.
From the 250 businesses polled, 54 percent said their companies already use machine data tools for business insight — 50 percent use these tools specifically to support the end-user experience.
Machine data — Ben Newton, director of product marketing, calls it the “data exhaust” — comes from servers, routers, applications and sensors in the IT environment.
Respondents said they’re using it to fix issues before they affect customer experience, perform more efficient compliance audits, better understand user behavior and approach product development more smartly.
“With Sumo Logic, we can leverage machine data insights to understand how our clients are using our different services as well as other trending data on loan requests to better understand our business and ensure each customer’s needs are adequately being met,”said said Cesar Olea, director of software development at loan lifecycle software vendor Simnang.
The enhancements include native support for Amazon Elastic Container Service for Kubernetes (Amazon EKS) and for performance metrics and metadata via the open source standard Prometheus.
“We’re also doing deeper integration with Kubernetes to be able to pull more information about how to set up Kubernetes and use that to get more value out of your Kubernetes deployment. They use information to describe what they’re running on and how it’s configured in terms of metadata,” Newton said.
The company also is focused on helping customers more effectively use metadata.
“If you’re going to be deriving business value out of machine data, logs and performance metrics are very often closely tied to the platform you’re running on, and they may be difficult to interpret unless you describe how they’re related to what the business does,” he said.
New features enable users to extract performance metrics and key performance indicators from unstructured logs, while still retaining those logs for root-cause analysis. Used with the Sumo Logic time-series engine, this can provide vast analytics performance improvements over unstructured log data searches, the company says, as well as support long-term trending of metrics.
From the company’s longstanding logs and metrics program, it’s enabling customers to pull key performance indicators and transform that existing Graphite-formatted performance metrics in real time to the metadata-rich Metrics 2.0 format.
“Customers don’t have time to retool their applications to take advantage of these new ways of doing telemetry, so we now have a real-time streaming engine that will transform unstructured application logs allowing them to extract these performance indicators out of those logs,” he said. The company built an engine a couple of years back specifically for these time-series performance metrics, but users had to retool applications to take advantage of the performance gains.
“[Now] they can take these logs they’ve had for years, extract the information out of it and store it in this new high-performance format. How slow is this interaction for a customer? How long did this transaction take?
“They’ll be able to use this tool to say, ‘Here’s my KPI, go extract that, here’s the granularity I want’ — every minute or every 30 seconds, whatever it is — then that will get dumped into our time-series engine and they’ll be able to do training on that for up to a year,” Newton said.
Feature image via Pixabay.