Sumo Logic Verification

Updated 2 months ago by Michael Cretzman

With Sumo Logic, you can interact with and analyze your data in the cloud in real-time. Sumo Logic uses a powerful and intuitive search capability to expedite functions like forensic analysis, troubleshooting, and system health checks.

You can add a Sumo Logic verification step to your workflow and Sumo Logic will be used by Harness to verify the performance and quality of your deployments using Harness machine-learning verification analysis.

Search with Sumo Logic

Harness Analysis

Verification Setup Overview

You set up Sumo Logic and Harness in the following way:

  1. Using Sumo Logic, you monitor your microservice or application.
  2. In Harness, you connect Sumo Logic to your Harness account, adding Sumo Logic as a Harness Verification Provider.
  3. After you have built and run a successful deployment of your microservice or application in Harness, you then add Sumo Logic verification steps to your Harness deployment workflow.
  4. Harness uses Sumo Logic to verify your future microservice/application deployments.
  5. Harness Continuous Verification uses unsupervised machine-learning to analyze your deployments and Sumo Logic analytics/logs, discovering events that might be causing your deployments to fail. Then you can use this information to improve your deployments.

Intended Audience

  • Developers
  • DevOps

Before You Begin

Connect to Sumo Logic

Connect Harness to Sumo Logic to have Harness verify the success of your deployments. Harness will use your tools to verify deployments and use its machine learning features to identify sources of failures.

The Sumo Logic API is available to Sumo Logic Enterprise Accounts only. For more information, see About the Search Job API from Sumo Logic

To add Sumo Logic as a verification provider, do the following:

  1. Click Setup.
  2. Click Connectors.
  3. Click Verification Providers.
  4. Click Add Verification Provider, and select Sumo Logic. The Add Sumo Logic Verification Provider dialog appears.

The Add Sumo Logic Verification Provider dialog has the following fields.

Field

Description

Sumo Logic API Server URL

The API URL for your Sumo Logic account. The format of the URL is:

https://api.YOUR_DEPLOYMENT.sumologic.com/api/v1/

Where YOUR_DEPLOYMENT is either us1, us2, eu, de, or au. For us1, use api.sumologic.com.

Sumo Logic applies default rate limiting.

For more information, see API Authentication from Sumo Logic.

Access ID

Enter the access ID for the user account you want to use to connect to Sumo Logic. Access keys are generated by an individual user in Sumo Logic depending on the permissions set for their account.

For more information on creating the access keys, see Access Keys from Sumo Logic.

Access Key

Enter the access key for the Sumo Logic user account using the connection.

For more information, see Access Keys from Sumo Logic.

Display Name

The name for the Sumo Logic verification provider connection in Harness. If you will have multiple Sumo Logic connections, enter a unique name.

You will use this name to select this connection when integrating Sumo Logic with the Verify Steps of your workflows, described below.

Usage Scope

If you want to restrict the use of a provider to specific applications and environments, do the following:

In Usage Scope, click the drop-down under Applications, and click the name of the application.

In Environments, click the name of the environment.

Once you have set up Sumo Logic as a verification provider, you can integrate it into your workflows, as described below.

Verify with Sumo Logic

The following procedure describes how to add Sumo Logic as a verification step in a Harness workflow. For more information about workflows, see Add a Workflow.

Once you run a deployment and Sumo Logic preforms its analysis, Harness' machine-learning verification analysis will assess the risk level of the deployment. The more often your deployment is run, the more data Harness obtains and the more your deployments can be improved.

In order to obtain the names of the host(s), pod(s), or container(s) where your service is deployed, the verification provider should be added to your workflow after you have run at least one successful deployment.

To verify your deployment with Sumo Logic, do the following:

  1. Ensure that you have added Sumo Logic as a verification provider, as described above.
  2. In your workflow, under Verify Service, click Add Verification, and then click Sumo Logic. The Sumo Logic dialog appears.

The Sumo Logic dialog has the following fields.

Field

Description

Sumo Logic Server

Select the Sumo Logic verification provider you added, as described above.

Search Keywords

Enter the keywords for your search. Use the Sumo Logic search field and then copy your keywords into the Sumo Logic dialog.

Example keywords: *exception* and *error*.

For more information, see Search Syntax Overview and Keyword Search Expressions from Sumo Logic.

Field name for Host/Container

Enter the message field that contains the host name. You can find this in the Sumo Logic search. In the Sumo Logic search field, start typing _source and see the metadata options:

Click on the source host option, _sourceHost, and execute a query with it.

View the query results and confirm that the _sourceHost field returns the name of the host. And then enter _sourceHost in the Field name for Host/Container field.

Expression for Host/Container name

Add an expression that evaluates to the hostname value for the Message field host information. For example, in Sumo Logic, if you look at an exception Message, you will see a Host field:

In the service infrastructure where your workflow deployed your artifact (see Add a Service Infrastructure), the hostname is listed in a JSON name label under a host label.

Locate the name label that displays the same value as the Host field in your Sumo Logic Message. Locate the path to that name label and use it as the expression in Expression for Host/Container name.

The default expression is ${host.hostName}.

Analysis Time duration

Set the duration for the verification step. If a verification step exceeds the value, the workflow Failure Strategy is triggered. For example, if the Failure Strategy is Ignore, then the verification state is marked Failed but the workflow execution continues.

Baseline for Risk Analysis

Select Previous Analysis to have this verification use the previous analysis for a baseline comparison. If your workflow is a Canary workflow type, you can select Canary Analysis to have this verification compare old versions of nodes to new versions of nodes in real-time.

Algorithm Sensitivity

Select the sensitivity that will result in the most useful results for your analysis.

Execute with previous steps

Check this checkbox to run this verification step in parallel with the previous steps in Verify Service.

Failure Criteria

Specify the sensitivity of the failure criteria. When the criteria is met, the workflow Failure Strategy is triggered.

Include instances from previous phases

If you are using this verification step in a multi-phase deployment, select this checkbox to include instances used in previous phases when collecting data. Do not apply this setting to the first phase in a multi-phase deployment.

When you are finished, click SUBMIT. The Sumo Logic verification step is added to your workflow.

Verification Results

Once you have deployed your workflow (or pipeline) using the Sumo Logic verification step, you can automatically verify cloud application and infrastructure performance across your deployment. For more information, see Add a Workflow and Add a Pipeline.

Workflow Verification

To see the results of Harness machine-learning evaluation of your Sumo Logic verification, in your workflow or pipeline deployment you can expand the Verify Service step and then click the Sumo Logic step.

Continuous Verification

You can also see the evaluation in the Continuous Verification dashboard. The workflow verification view is for the DevOps user who developed the workflow. The Continuous Verification dashboard is where all future deployments are displayed for developers and others interested in deployment analysis.

To learn about the verification analysis features, see the following sections.

Deployments

Deployment info
See the verification analysis for each deployment, with information on its service, environment, pipeline, and workflows.

Verification phases and providers
See the vertfication phases for each vertfication provider. Click each provider for logs and analysis.

Verification timeline
See when each deployment and verification was performed.

Transaction Analysis

Execution details
See the details of verification execution. Total is the total time the verification step took, and Analysis duration is how long the analysis took.

Risk level analysis
Get an overall risk level and view the cluster chart to see events.

Transaction-level summary
See a summary of each transaction with the query string, error values comparison, and a risk analysis summary.

Execution Analysis

Event type
Filter cluster chart events by Unknown Event, Unexpected Frequency, Anticipated Event, Baseline Event, and Ignore Event.

Cluster chart
View the chart to see how the selected event contrast. Click each event to see its log details.

Event Management

Event-level analysis
See the threat level for each event captured.

Tune event capture
Remove events from analysis at the service, workflow, execution, or overall level.

Event distribution
Click the chart icon to see an event distribution including the measured data, baseline data, and event frequency.

Next Steps


How did we do?