From 7aa99ca0e8910a3d8c416cddeb2e9ac5939cf5e9 Mon Sep 17 00:00:00 2001 From: chetanchoudhary-sumo Date: Thu, 21 Aug 2025 22:05:05 +0530 Subject: [PATCH 01/10] Adding OpenTelemetry Monitoring App docs --- .../opentelemetry/index.md | 4 +- .../opentelemetry-collector-monitoring.md | 450 ++++++++++++++++++ 2 files changed, 452 insertions(+), 2 deletions(-) create mode 100644 docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/index.md b/docs/integrations/hosts-operating-systems/opentelemetry/index.md index 16dc657072..637e4dad9d 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/index.md +++ b/docs/integrations/hosts-operating-systems/opentelemetry/index.md @@ -1,10 +1,10 @@ --- slug: /integrations/hosts-operating-systems/opentelemetry title: OpenTelemetry -description: Learn about our Sumo Logic OpenTelemetry apps that you can use to monitor host metrics and Linux. +description: Learn about our Sumo Logic OpenTelemetry apps for monitoring hosts, operating systems, and OpenTelemetry Collector infrastructure. --- -This guide has documentation for Sumo Logic OpenTelemetry apps. +This guide has documentation for Sumo Logic OpenTelemetry apps for hosts and operating systems monitoring. import DocCardList from '@theme/DocCardList'; import {useCurrentSidebarCategory} from '@docusaurus/theme-common'; diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md new file mode 100644 index 0000000000..63370f0ca5 --- /dev/null +++ b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md @@ -0,0 +1,450 @@ +--- +id: opentelemetry-collector-monitoring +title: OpenTelemetry Collector Monitoring +sidebar_label: OpenTelemetry Collector Monitoring +description: Learn about the Sumo Logic OpenTelemetry Collector Monitoring app. +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +Thumbnail icon + +The Sumo Logic OpenTelemetry Collector Monitoring app provides comprehensive monitoring and observability for your OpenTelemetry Collector instances. Monitor collector performance, telemetry data flow, resource utilization, and troubleshoot data collection issues with preconfigured dashboards and alerts. Track metrics and logs to ensure your telemetry pipeline is running smoothly and efficiently. + +This app supports OpenTelemetry Collector version **0.130.1-sumo-0** and later versions. + +We use the OpenTelemetry collector's built-in internal telemetry capabilities to collect metrics and logs about the collector itself. By default, the Collector exposes its own telemetry through internal metrics (via Prometheus interface on port 8888) and logs (emitted to stderr). + +The diagram below illustrates the components of the OpenTelemetry Collector self-monitoring setup. The collector is configured to export its own telemetry data (metrics and logs) to Sumo Logic through OTLP/HTTP endpoints. + +:::info +This app includes [built-in monitors](#opentelemetry-collector-monitoring-alerts). For details on creating custom monitors, refer to [Create monitors for OpenTelemetry Collector Monitoring app](#create-monitors-for-opentelemetry-collector-monitoring-app). +::: + +## Fields creation in Sumo Logic for OpenTelemetry Collector Monitoring + +Following are the [fields](/docs/manage/fields/) which will be created as part of OpenTelemetry Collector Monitoring app installation, if not already present. + +- **sumo.datasource**. Has fixed value of **otel_collector**. +- **_contentType**. Has fixed value of **OpenTelemetry**. +- **deployment.environment**. User configured. Enter a name to identify your deployment environment. + +## Prerequisites + +### For OTLP Endpoint Configuration + +Before configuring the OTEL Collector integration, ensure you have the following prerequisites in place: + +1. **OTLP Endpoint**: You need a valid base OTLP endpoint URL. The system will automatically append `/v1/logs` for logs collection and `/v1/metrics` for metrics collection. The endpoint should be accessible from your OTEL Collector instance. + +2. **Network Access**: Ensure that your OTEL Collector has network access to the configured OTLP endpoint. This includes: + - Outbound HTTPS connectivity on port 443 + - Proper firewall configurations to allow traffic to the endpoint + - DNS resolution for the endpoint hostname + +3. **Authentication**: If your OTLP endpoint requires authentication, ensure you have the proper credentials or tokens configured. + +### For metrics collection + +The OpenTelemetry Collector must be configured to export its own metrics using the built-in telemetry capabilities. This requires: +- OpenTelemetry Collector version 0.130.1-sumo-0 or later +- Collector configured with telemetry metrics enabled at `detailed` level +- Access to OTLP endpoint for metrics export +- Internal metrics exposed on port 8888 (default) + +### For logs collection + +The OpenTelemetry Collector must be configured to export its own logs using the built-in telemetry capabilities. This requires: +- Collector configured with telemetry logs enabled at `debug` level +- JSON encoding for structured log output +- Access to OTLP endpoint for logs export + +### System Requirements + +- OTEL Collector v0.130.1-sumo-0 or later +- Sufficient system resources (CPU, memory) for data processing +- Proper permissions for the collector service to access configured resources + +import LogsCollectionPrereqisites from '../../../reuse/apps/logs-collection-prereqisites.md'; + + + +## Collection configuration and app installation + +import ConfigAppInstall from '../../../reuse/apps/opentelemetry/config-app-install.md'; + + + +### Step 1: Set up collector + +import SetupColl from '../../../reuse/apps/opentelemetry/set-up-collector.md'; + + + +### Step 2: Configure integration + +In this step, you will configure the OpenTelemetry Collector's built-in telemetry to monitor itself. + +The collector's service configuration needs to be updated to enable telemetry export. Below is the required configuration that should be added to your collector's service section: + +**Required Inputs:** +- **OTLP Endpoint**: Your Sumo Logic OTLP endpoint base URL +- **Deployment Environment**: Enter a name to identify your deployment environment + +**Configuration Parameters:** +- **Endpoint Format**: The base endpoint automatically creates: + - Logs endpoint: `${OTLP_ENDPOINT}/v1/logs` + - Metrics endpoint: `${OTLP_ENDPOINT}/v1/metrics` +- **Protocol**: HTTP/protobuf for OTLP communication +- **Metrics level**: Set to **detailed** for comprehensive monitoring +- **Logs level**: Set to **debug** for detailed troubleshooting information + +```yaml +service: + telemetry: + logs: + level: debug + development: false + encoding: json + processors: + - batch: + exporter: + otlp: + protocol: http/protobuf + endpoint: ${OTLP_ENDPOINT}/v1/logs + metrics: + level: detailed + readers: + - periodic: + exporter: + otlp: + protocol: http/protobuf + endpoint: ${OTLP_ENDPOINT}/v1/metrics + resource: + _contentType: OpenTelemetry + sumo.datasource: otel_collector + deployment.environment: ${DEPLOYMENT_ENVIRONMENT} +``` + +You can add any custom fields which you want to tag along with the data ingested in Sumo. + +import EnvVar from '../../../reuse/apps/opentelemetry/env-var-required.md'; + + + +### Step 3: Send logs and metrics to Sumo Logic + +import LogsIntro from '../../../reuse/apps/opentelemetry/send-logs-intro.md'; + + + + + + + +1. Add the telemetry configuration to your existing collector configuration file in `/etc/otelcol-sumo/conf.d/` or directly in the main configuration file. +2. Place Env file in the following directory: + ```sh + /etc/otelcol-sumo/env/ + ``` +3. Restart the collector using: + ```sh + sudo systemctl restart otelcol-sumo + ``` + + + + +1. Add the telemetry configuration to your existing collector configuration file in `C:\ProgramData\Sumo Logic\OpenTelemetry Collector\config\conf.d` or the main configuration file. +2. Restart the collector using: + ```sh + Restart-Service -Name OtelcolSumo + ``` + + + + +1. Add the telemetry configuration to your existing collector configuration file in `/etc/otelcol-sumo/conf.d/` or the main configuration file. +2. Restart the otelcol-sumo process using: + ```sh + otelcol-sumo --config /etc/otelcol-sumo/sumologic.yaml --config "glob:/etc/otelcol-sumo/conf.d/*.yaml" + ``` + + + + +import ChefEnv from '../../../reuse/apps/opentelemetry/chef-with-env.md'; + + + + + + + +import AnsEnv from '../../../reuse/apps/opentelemetry/ansible-with-env.md'; + + + + + + + +import PuppetEnv from '../../../reuse/apps/opentelemetry/puppet-with-env.md'; + + + + + + +import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; + + + +### Validation + +After installation, verify that: +1. The OTEL Collector service is running +2. The configured base endpoint is reachable +3. Data is being successfully sent to both the logs (`/v1/logs`) and metrics (`/v1/metrics`) endpoints +4. Resource attributes are properly applied to the telemetry data +5. Internal metrics are accessible at `http://localhost:8888/metrics` + +## Sample log messages + +```json +{ + "timestamp": "2024-01-15T10:30:45.123Z", + "level": "info", + "msg": "Batch processor started", + "component": "batch", + "pipeline": "metrics" +} +``` + +```json +{ + "timestamp": "2024-01-15T10:30:46.456Z", + "level": "warn", + "msg": "Dropping data because sending_queue is full", + "component": "sumologicexporter", + "pipeline": "logs" +} +``` + +## Sample metrics + +```json +{ + "metric": "otelcol_processor_batch_batch_send_size", + "sumo.datasource": "otel_collector", + "_contentType": "OpenTelemetry", + "deployment.environment": "production", + "processor": "batch", + "value": 100, + "timestamp": "2024-01-15T10:30:45.123Z" +} +``` + +```json +{ + "metric": "otelcol_exporter_queue_size", + "sumo.datasource": "otel_collector", + "_contentType": "OpenTelemetry", + "deployment.environment": "production", + "exporter": "sumologic", + "value": 150, + "timestamp": "2024-01-15T10:30:45.123Z" +} +``` + +## Key Internal Metrics + +The OpenTelemetry Collector emits comprehensive internal metrics categorized by verbosity levels: + +### Basic Level Metrics (Essential service telemetry) +- **Process metrics**: `otelcol_process_uptime`, `otelcol_process_cpu_seconds`, `otelcol_process_memory_rss` +- **Receiver metrics**: `otelcol_receiver_accepted_*`, `otelcol_receiver_refused_*` +- **Processor metrics**: `otelcol_processor_incoming_items`, `otelcol_processor_outgoing_items` +- **Exporter metrics**: `otelcol_exporter_sent_*`, `otelcol_exporter_send_failed_*`, `otelcol_exporter_enqueue_failed_*` +- **Queue metrics**: `otelcol_exporter_queue_size`, `otelcol_exporter_queue_capacity` + +### Normal Level Metrics (Standard indicators) +- **Batch processor metrics**: `otelcol_processor_batch_batch_send_size`, `otelcol_processor_batch_timeout_trigger_send` + +### Detailed Level Metrics (Most verbose) +- **HTTP metrics**: `http.client.request.duration`, `http.server.request.duration`, `http.*.request.body.size` +- **RPC metrics**: `rpc.client.duration`, `rpc.server.duration`, `rpc.*.request.size`, `rpc.*.response.size` + +## Sample queries + +This sample query is from the **Pipeline Health Overview** panel. + +```sql +sumo.datasource=otel_collector +| json auto maxdepth 1 nodrop +| if (isEmpty(log), _raw, log) as _raw +| parse "* * * *" as timestamp, level, component, msg +| where level in ("error", "warn", "info", "debug") +| count by level, component +| transpose row component column level +``` + +This sample metrics query is from the **Collector Resource Usage** panel. + +```sql title="Sample metrics query" +sumo.datasource=otel_collector metric=otelcol_process_memory_rss deployment.environment=* | avg by deployment.environment +``` + +This sample query monitors queue health from the **Exporter Queue Health** panel. + +```sql +sumo.datasource=otel_collector metric=otelcol_exporter_queue_size deployment.environment=* +| avg by exporter, deployment.environment +``` + +## Viewing OpenTelemetry Collector Monitoring dashboards + +All dashboards have a set of filters that you can apply to the entire dashboard. Use these filters to drill down and examine the data to a granular level. +- You can change the time range for a dashboard or panel by selecting a predefined interval from a drop-down list, choosing a recently used time range, or specifying custom dates and times. [Learn more](/docs/dashboards/set-custom-time-ranges/). +- You can use template variables to drill down and examine the data on a granular level. For more information, see [Filtering Dashboards with Template Variables](/docs/dashboards/filter-template-variables/). + +### Overview + +The **OpenTelemetry Collector - Overview** dashboard provides a high-level view of your OpenTelemetry Collector fleet's health and performance. This is your starting point for monitoring collector instances. + +Use this dashboard to: +- Monitor the overall health of your collector fleet +- Identify performance bottlenecks and resource constraints +- Track data flow and processing rates across collectors +- Quickly spot collectors experiencing issues + +Overview + +### Logs + +The **OpenTelemetry Collector - Logs** dashboard provides detailed insights into collector log output for root-cause analysis of errors, data dropping events, and restarts. + +Use this dashboard to: +- Analyze error patterns and troubleshoot issues +- Monitor collector startup and shutdown events +- Identify data loss or processing problems +- Track log severity trends across your collector fleet + +Logs + +### Pipeline: Receiver Health + +The **OpenTelemetry Collector - Pipeline: Receiver Health** dashboard focuses exclusively on the data ingestion stage of the pipeline to monitor data sources and receiver performance. + +Use this dashboard to: +- Monitor receiver performance and data ingestion rates +- Identify issues with data sources and input connections +- Track receiver-specific errors and failures +- Analyze accepted vs refused data points + +Pipeline Receiver Health + +### Pipeline: Processor Health + +The **OpenTelemetry Collector - Pipeline: Processor Health** dashboard is crucial for understanding if any processors (like batch, memory_limiter, or resourcedetection) are dropping data or causing performance issues. + +Use this dashboard to: +- Monitor processor performance and throughput +- Identify data drops or processing bottlenecks +- Track processor-specific configurations and health +- Analyze batch processing efficiency and triggers + +Pipeline Processor Health + +### Pipeline: Exporter Health + +The **OpenTelemetry Collector - Pipeline: Exporter Health** dashboard is the most critical dashboard for diagnosing backpressure and data loss at the egress stage of the pipeline. + +Use this dashboard to: +- Monitor exporter performance and success rates +- Identify backpressure issues and export failures +- Track data delivery to downstream systems +- Analyze queue utilization and capacity + +Pipeline Exporter Health + +### Resource Utilization + +The **OpenTelemetry Collector - Resource Utilization** dashboard provides a deep dive into the collector's own resource consumption to diagnose performance issues and plan for capacity. + +Use this dashboard to: +- Monitor CPU, memory, and disk usage by collectors +- Plan capacity and resource allocation +- Identify resource constraints and optimization opportunities +- Track heap allocation and garbage collection patterns + +Resource Utilization + +## Troubleshooting + +### Common Issues + +**Collector connection failure**: If your collector fails to connect to Sumo Logic, you may need to configure proxy settings. Check the collector's logs for connection errors: + +```bash +# On systemd systems +journalctl --unit otelcol-sumo + +# Look for errors like "Unable to get a heartbeat" +``` + +**High queue utilization**: Monitor the `otelcol_exporter_queue_size` and `otelcol_exporter_queue_capacity` metrics. If the queue is consistently full, you may need to: +- Reduce data ingestion rate +- Increase queue capacity +- Scale horizontally with more collectors + +**Data dropping**: Watch for logs containing "Dropping data because sending_queue is full" and monitor failed enqueue metrics: +- `otelcol_exporter_enqueue_failed_spans` +- `otelcol_exporter_enqueue_failed_metric_points` +- `otelcol_exporter_enqueue_failed_log_records` + +### Accessing Collector Metrics Directly + +By default, the collector's internal metrics are available in Prometheus format at `http://localhost:8888/metrics`. You can access them using: + +```bash +curl http://localhost:8888/metrics +``` + +### Log Levels and Configuration + +Configure different log levels for troubleshooting: +- **DEBUG**: Most verbose, includes detailed trace information +- **INFO**: Standard operational information (default) +- **WARN**: Warning messages about potential issues +- **ERROR**: Error conditions that need attention + +## Create monitors for OpenTelemetry Collector Monitoring app + +import CreateMonitors from '../../../reuse/apps/create-monitors.md'; + + + +### OpenTelemetry Collector Monitoring alerts + +| Alert Name | Alert Description and conditions | Alert Condition | Recover Condition | +|:--|:--|:--|:--| +| `OpenTelemetry Collector - High Memory Usage Alert` | This alert gets triggered when collector memory usage exceeds 80% of available memory. | Count >= 80 | Count < 80 | +| `OpenTelemetry Collector - High CPU Usage Alert` | This alert gets triggered when collector CPU usage exceeds 80% for more than 5 minutes. | Count >= 80 | Count < 80 | +| `OpenTelemetry Collector - Pipeline Data Loss Alert` | This alert gets triggered when data drops are detected in the collector pipeline. | Count >= 1 | Count < 1 | +| `OpenTelemetry Collector - Exporter Failure Alert` | This alert gets triggered when export failures exceed the acceptable threshold. | Count >= 5 | Count < 5 | +| `OpenTelemetry Collector - Collector Down Alert` | This alert gets triggered when a collector instance stops reporting metrics. | Count >= 1 | Count < 1 | +| `OpenTelemetry Collector - High Queue Utilization Alert` | This alert gets triggered when exporter queue utilization exceeds 90%. | Count >= 90 | Count < 90 | +| `OpenTelemetry Collector - Receiver Refusal Rate Alert` | This alert gets triggered when receivers are refusing data at a high rate. | Count >= 10 | Count < 10 | \ No newline at end of file From 1e9b372a52da331b06f2ff63cb53cea4a59c241b Mon Sep 17 00:00:00 2001 From: chetanchoudhary-sumo Date: Fri, 22 Aug 2025 17:11:27 +0530 Subject: [PATCH 02/10] updating monitor details --- .../opentelemetry-collector-monitoring.md | 47 +++++++++---------- 1 file changed, 22 insertions(+), 25 deletions(-) diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md index 63370f0ca5..8bb0ae787f 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md +++ b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md @@ -1,8 +1,8 @@ --- -id: opentelemetry-collector-monitoring -title: OpenTelemetry Collector Monitoring -sidebar_label: OpenTelemetry Collector Monitoring -description: Learn about the Sumo Logic OpenTelemetry Collector Monitoring app. +id: opentelemetry-collector-insights +title: OpenTelemetry Collector Insights +sidebar_label: OpenTelemetry Collector Insights +description: Learn about the Sumo Logic OpenTelemetry Collector Insights app. --- import useBaseUrl from '@docusaurus/useBaseUrl'; @@ -11,7 +11,7 @@ import TabItem from '@theme/TabItem'; Thumbnail icon -The Sumo Logic OpenTelemetry Collector Monitoring app provides comprehensive monitoring and observability for your OpenTelemetry Collector instances. Monitor collector performance, telemetry data flow, resource utilization, and troubleshoot data collection issues with preconfigured dashboards and alerts. Track metrics and logs to ensure your telemetry pipeline is running smoothly and efficiently. +The Sumo Logic OpenTelemetry Collector Insights app provides comprehensive monitoring and observability for your OpenTelemetry Collector instances. Monitor collector performance, telemetry data flow, resource utilization, and troubleshoot data collection issues with preconfigured dashboards and alerts. Track metrics and logs to ensure your telemetry pipeline is running smoothly and efficiently. This app supports OpenTelemetry Collector version **0.130.1-sumo-0** and later versions. @@ -20,12 +20,12 @@ We use the OpenTelemetry collector's built-in internal telemetry capabilities to The diagram below illustrates the components of the OpenTelemetry Collector self-monitoring setup. The collector is configured to export its own telemetry data (metrics and logs) to Sumo Logic through OTLP/HTTP endpoints. :::info -This app includes [built-in monitors](#opentelemetry-collector-monitoring-alerts). For details on creating custom monitors, refer to [Create monitors for OpenTelemetry Collector Monitoring app](#create-monitors-for-opentelemetry-collector-monitoring-app). +This app includes [built-in monitors](#opentelemetry-collector-insights-alerts). For details on creating custom monitors, refer to [Create monitors for OpenTelemetry Collector Insights app](#create-monitors-for-opentelemetry-collector-insights-app). ::: -## Fields creation in Sumo Logic for OpenTelemetry Collector Monitoring +## Fields creation in Sumo Logic for OpenTelemetry Collector Insights -Following are the [fields](/docs/manage/fields/) which will be created as part of OpenTelemetry Collector Monitoring app installation, if not already present. +Following are the [fields](/docs/manage/fields/) which will be created as part of OpenTelemetry Collector Insights app installation, if not already present. - **sumo.datasource**. Has fixed value of **otel_collector**. - **_contentType**. Has fixed value of **OpenTelemetry**. @@ -314,7 +314,7 @@ sumo.datasource=otel_collector metric=otelcol_exporter_queue_size deployment.env | avg by exporter, deployment.environment ``` -## Viewing OpenTelemetry Collector Monitoring dashboards +## Viewing OpenTelemetry Collector Insights dashboards All dashboards have a set of filters that you can apply to the entire dashboard. Use these filters to drill down and examine the data to a granular level. - You can change the time range for a dashboard or panel by selecting a predefined interval from a drop-down list, choosing a recently used time range, or specifying custom dates and times. [Learn more](/docs/dashboards/set-custom-time-ranges/). @@ -322,7 +322,7 @@ All dashboards have a set of filters that you can apply to the entire dashboard. ### Overview -The **OpenTelemetry Collector - Overview** dashboard provides a high-level view of your OpenTelemetry Collector fleet's health and performance. This is your starting point for monitoring collector instances. +The **OpenTelemetry Collector Insights - Overview** dashboard provides a high-level view of your OpenTelemetry Collector fleet's health and performance. This is your starting point for monitoring collector instances. Use this dashboard to: - Monitor the overall health of your collector fleet @@ -334,7 +334,7 @@ Use this dashboard to: ### Logs -The **OpenTelemetry Collector - Logs** dashboard provides detailed insights into collector log output for root-cause analysis of errors, data dropping events, and restarts. +The **OpenTelemetry Collector Insights - Logs** dashboard provides detailed insights into collector log output for root-cause analysis of errors, data dropping events, and restarts. Use this dashboard to: - Analyze error patterns and troubleshoot issues @@ -346,7 +346,7 @@ Use this dashboard to: ### Pipeline: Receiver Health -The **OpenTelemetry Collector - Pipeline: Receiver Health** dashboard focuses exclusively on the data ingestion stage of the pipeline to monitor data sources and receiver performance. +The **OpenTelemetry Collector Insights - Pipeline: Receiver Health** dashboard focuses exclusively on the data ingestion stage of the pipeline to monitor data sources and receiver performance. Use this dashboard to: - Monitor receiver performance and data ingestion rates @@ -358,7 +358,7 @@ Use this dashboard to: ### Pipeline: Processor Health -The **OpenTelemetry Collector - Pipeline: Processor Health** dashboard is crucial for understanding if any processors (like batch, memory_limiter, or resourcedetection) are dropping data or causing performance issues. +The **OpenTelemetry Collector Insights - Pipeline: Processor Health** dashboard is crucial for understanding if any processors (like batch, memory_limiter, or resourcedetection) are dropping data or causing performance issues. Use this dashboard to: - Monitor processor performance and throughput @@ -370,7 +370,7 @@ Use this dashboard to: ### Pipeline: Exporter Health -The **OpenTelemetry Collector - Pipeline: Exporter Health** dashboard is the most critical dashboard for diagnosing backpressure and data loss at the egress stage of the pipeline. +The **OpenTelemetry Collector Insights - Pipeline: Exporter Health** dashboard is the most critical dashboard for diagnosing backpressure and data loss at the egress stage of the pipeline. Use this dashboard to: - Monitor exporter performance and success rates @@ -382,7 +382,7 @@ Use this dashboard to: ### Resource Utilization -The **OpenTelemetry Collector - Resource Utilization** dashboard provides a deep dive into the collector's own resource consumption to diagnose performance issues and plan for capacity. +The **OpenTelemetry Collector Insights - Resource Utilization** dashboard provides a deep dive into the collector's own resource consumption to diagnose performance issues and plan for capacity. Use this dashboard to: - Monitor CPU, memory, and disk usage by collectors @@ -431,20 +431,17 @@ Configure different log levels for troubleshooting: - **WARN**: Warning messages about potential issues - **ERROR**: Error conditions that need attention -## Create monitors for OpenTelemetry Collector Monitoring app +## Create monitors for OpenTelemetry Collector Insights app import CreateMonitors from '../../../reuse/apps/create-monitors.md'; -### OpenTelemetry Collector Monitoring alerts +### OpenTelemetry Collector Insights Alerts -| Alert Name | Alert Description and conditions | Alert Condition | Recover Condition | +| Name | Description | Alert Condition | Recover Condition | |:--|:--|:--|:--| -| `OpenTelemetry Collector - High Memory Usage Alert` | This alert gets triggered when collector memory usage exceeds 80% of available memory. | Count >= 80 | Count < 80 | -| `OpenTelemetry Collector - High CPU Usage Alert` | This alert gets triggered when collector CPU usage exceeds 80% for more than 5 minutes. | Count >= 80 | Count < 80 | -| `OpenTelemetry Collector - Pipeline Data Loss Alert` | This alert gets triggered when data drops are detected in the collector pipeline. | Count >= 1 | Count < 1 | -| `OpenTelemetry Collector - Exporter Failure Alert` | This alert gets triggered when export failures exceed the acceptable threshold. | Count >= 5 | Count < 5 | -| `OpenTelemetry Collector - Collector Down Alert` | This alert gets triggered when a collector instance stops reporting metrics. | Count >= 1 | Count < 1 | -| `OpenTelemetry Collector - High Queue Utilization Alert` | This alert gets triggered when exporter queue utilization exceeds 90%. | Count >= 90 | Count < 90 | -| `OpenTelemetry Collector - Receiver Refusal Rate Alert` | This alert gets triggered when receivers are refusing data at a high rate. | Count >= 10 | Count < 10 | \ No newline at end of file +| `OpenTelemetry Collector Insights - Collector Instance is Down` | This alert fires when a Collector instance stops sending telemetry for more than 10 minutes, indicating it is down or has a connectivity issue. | Missing Data | Data Found | +| `OpenTelemetry Collector Insights - Exporter Queue Nearing Capacity` | This alert fires when an exporter's sending queue is over 90% full. This is a strong leading indicator of back pressure and imminent data loss. | Count > = 90 | Count < 90 | +| `OpenTelemetry Collector Insights - High Memory Usage (RSS)` | This alert fires when a Collector's memory usage (RSS) exceeds 2GB. This could be an early indicator of a memory leak or an under-provisioned host. | Count > 2000000000 | Count < = 2000000000 | +| `OpenTelemetry Collector Insights - High Metadata Cardinality` | This alert fires when the batch processor is handling more than 1000 unique combinations of metadata. This is a known cause of performance degradation, high CPU, and high memory usage. | Count > 1000 | Count < = 1000 | From 4b99edf94fae62fd63ba845c72b106fbccac3e06 Mon Sep 17 00:00:00 2001 From: chetanchoudhary-sumo Date: Mon, 25 Aug 2025 17:18:03 +0530 Subject: [PATCH 03/10] updating filename, adding sidebar --- ...llector-monitoring.md => opentelemetry-collector-insights.md} | 0 sidebars.ts | 1 + 2 files changed, 1 insertion(+) rename docs/integrations/hosts-operating-systems/opentelemetry/{opentelemetry-collector-monitoring.md => opentelemetry-collector-insights.md} (100%) diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md similarity index 100% rename from docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-monitoring.md rename to docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md diff --git a/sidebars.ts b/sidebars.ts index 1efcce5cff..d2705a5fac 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -2494,6 +2494,7 @@ integrations: [ 'integrations/hosts-operating-systems/opentelemetry/linux-opentelemetry', 'integrations/hosts-operating-systems/opentelemetry/macos-opentelemetry', 'integrations/hosts-operating-systems/opentelemetry/windows-opentelemetry', + 'integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights', ], }, 'integrations/hosts-operating-systems/host-metrics', From 7677a81f85a50db3c4d41efc2de6df416bfaed6a Mon Sep 17 00:00:00 2001 From: chetanchoudhary-sumo Date: Mon, 25 Aug 2025 17:22:53 +0530 Subject: [PATCH 04/10] Updating s3 links for screenshots --- .../opentelemetry-collector-insights.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md index 8bb0ae787f..cbfa2c16e4 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md +++ b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md @@ -330,7 +330,7 @@ Use this dashboard to: - Track data flow and processing rates across collectors - Quickly spot collectors experiencing issues -Overview +Overview ### Logs @@ -342,7 +342,7 @@ Use this dashboard to: - Identify data loss or processing problems - Track log severity trends across your collector fleet -Logs +Logs ### Pipeline: Receiver Health @@ -354,7 +354,7 @@ Use this dashboard to: - Track receiver-specific errors and failures - Analyze accepted vs refused data points -Pipeline Receiver Health +Pipeline Receiver Health ### Pipeline: Processor Health @@ -366,7 +366,7 @@ Use this dashboard to: - Track processor-specific configurations and health - Analyze batch processing efficiency and triggers -Pipeline Processor Health +Pipeline Processor Health ### Pipeline: Exporter Health @@ -378,7 +378,7 @@ Use this dashboard to: - Track data delivery to downstream systems - Analyze queue utilization and capacity -Pipeline Exporter Health +Pipeline Exporter Health ### Resource Utilization @@ -390,7 +390,7 @@ Use this dashboard to: - Identify resource constraints and optimization opportunities - Track heap allocation and garbage collection patterns -Resource Utilization +Resource Utilization ## Troubleshooting From d3bdbc34dd2e25454391095351628eafcd40874d Mon Sep 17 00:00:00 2001 From: John Pipkin Date: Mon, 25 Aug 2025 10:01:29 -0500 Subject: [PATCH 05/10] Updates from review --- .../opentelemetry-collector-insights.md | 112 +++++++++--------- 1 file changed, 59 insertions(+), 53 deletions(-) diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md index cbfa2c16e4..1e91ac9a89 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md +++ b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md @@ -13,7 +13,7 @@ import TabItem from '@theme/TabItem'; The Sumo Logic OpenTelemetry Collector Insights app provides comprehensive monitoring and observability for your OpenTelemetry Collector instances. Monitor collector performance, telemetry data flow, resource utilization, and troubleshoot data collection issues with preconfigured dashboards and alerts. Track metrics and logs to ensure your telemetry pipeline is running smoothly and efficiently. -This app supports OpenTelemetry Collector version **0.130.1-sumo-0** and later versions. +This app supports OpenTelemetry Collector version `0.130.1-sumo-0` and later versions. We use the OpenTelemetry collector's built-in internal telemetry capabilities to collect metrics and logs about the collector itself. By default, the Collector exposes its own telemetry through internal metrics (via Prometheus interface on port 8888) and logs (emitted to stderr). @@ -27,24 +27,24 @@ This app includes [built-in monitors](#opentelemetry-collector-insights-alerts). Following are the [fields](/docs/manage/fields/) which will be created as part of OpenTelemetry Collector Insights app installation, if not already present. -- **sumo.datasource**. Has fixed value of **otel_collector**. -- **_contentType**. Has fixed value of **OpenTelemetry**. -- **deployment.environment**. User configured. Enter a name to identify your deployment environment. +- `sumo.datasource`. Has fixed value of `otel_collector`. +- `_contentType`. Has fixed value of `OpenTelemetry`. +- `deployment.environment`. User configured. Enter a name to identify your deployment environment. ## Prerequisites -### For OTLP Endpoint Configuration +### For OTLP endpoint configuration Before configuring the OTEL Collector integration, ensure you have the following prerequisites in place: -1. **OTLP Endpoint**: You need a valid base OTLP endpoint URL. The system will automatically append `/v1/logs` for logs collection and `/v1/metrics` for metrics collection. The endpoint should be accessible from your OTEL Collector instance. +1. **OTLP Endpoint**. You need a valid base OTLP endpoint URL. The system will automatically append `/v1/logs` for logs collection and `/v1/metrics` for metrics collection. The endpoint should be accessible from your OTEL Collector instance. -2. **Network Access**: Ensure that your OTEL Collector has network access to the configured OTLP endpoint. This includes: +2. **Network Access**. Ensure that your OTEL Collector has network access to the configured OTLP endpoint. This includes: - Outbound HTTPS connectivity on port 443 - Proper firewall configurations to allow traffic to the endpoint - DNS resolution for the endpoint hostname -3. **Authentication**: If your OTLP endpoint requires authentication, ensure you have the proper credentials or tokens configured. +3. **Authentication**. If your OTLP endpoint requires authentication, ensure you have the proper credentials or tokens configured. ### For metrics collection @@ -90,16 +90,16 @@ In this step, you will configure the OpenTelemetry Collector's built-in telemetr The collector's service configuration needs to be updated to enable telemetry export. Below is the required configuration that should be added to your collector's service section: **Required Inputs:** -- **OTLP Endpoint**: Your Sumo Logic OTLP endpoint base URL -- **Deployment Environment**: Enter a name to identify your deployment environment +- **OTLP Endpoint**. Your Sumo Logic OTLP endpoint base URL +- **Deployment Environment**. Enter a name to identify your deployment environment **Configuration Parameters:** -- **Endpoint Format**: The base endpoint automatically creates: +- **Endpoint Format**. The base endpoint automatically creates: - Logs endpoint: `${OTLP_ENDPOINT}/v1/logs` - Metrics endpoint: `${OTLP_ENDPOINT}/v1/metrics` -- **Protocol**: HTTP/protobuf for OTLP communication -- **Metrics level**: Set to **detailed** for comprehensive monitoring -- **Logs level**: Set to **debug** for detailed troubleshooting information +- **Protocol**. HTTP/protobuf for OTLP communication +- **Metrics level**. Set to **detailed** for comprehensive monitoring +- **Logs level**. Set to **debug** for detailed troubleshooting information ```yaml service: @@ -215,11 +215,11 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; ### Validation After installation, verify that: -1. The OTEL Collector service is running -2. The configured base endpoint is reachable -3. Data is being successfully sent to both the logs (`/v1/logs`) and metrics (`/v1/metrics`) endpoints -4. Resource attributes are properly applied to the telemetry data -5. Internal metrics are accessible at `http://localhost:8888/metrics` +1. The OTEL Collector service is running. +2. The configured base endpoint is reachable. +3. Data is being successfully sent to both the logs (`/v1/logs`) and metrics (`/v1/metrics`) endpoints. +4. Resource attributes are properly applied to the telemetry data. +5. Internal metrics are accessible at `http://localhost:8888/metrics`. ## Sample log messages @@ -325,10 +325,10 @@ All dashboards have a set of filters that you can apply to the entire dashboard. The **OpenTelemetry Collector Insights - Overview** dashboard provides a high-level view of your OpenTelemetry Collector fleet's health and performance. This is your starting point for monitoring collector instances. Use this dashboard to: -- Monitor the overall health of your collector fleet -- Identify performance bottlenecks and resource constraints -- Track data flow and processing rates across collectors -- Quickly spot collectors experiencing issues +- Monitor the overall health of your collector fleet. +- Identify performance bottlenecks and resource constraints. +- Track data flow and processing rates across collectors. +- Quickly spot collectors experiencing issues. Overview @@ -337,10 +337,10 @@ Use this dashboard to: The **OpenTelemetry Collector Insights - Logs** dashboard provides detailed insights into collector log output for root-cause analysis of errors, data dropping events, and restarts. Use this dashboard to: -- Analyze error patterns and troubleshoot issues -- Monitor collector startup and shutdown events -- Identify data loss or processing problems -- Track log severity trends across your collector fleet +- Analyze error patterns and troubleshoot issues. +- Monitor collector startup and shutdown events. +- Identify data loss or processing problems. +- Track log severity trends across your collector fleet. Logs @@ -349,10 +349,10 @@ Use this dashboard to: The **OpenTelemetry Collector Insights - Pipeline: Receiver Health** dashboard focuses exclusively on the data ingestion stage of the pipeline to monitor data sources and receiver performance. Use this dashboard to: -- Monitor receiver performance and data ingestion rates -- Identify issues with data sources and input connections -- Track receiver-specific errors and failures -- Analyze accepted vs refused data points +- Monitor receiver performance and data ingestion rates. +- Identify issues with data sources and input connections. +- Track receiver-specific errors and failures. +- Analyze accepted vs refused data points. Pipeline Receiver Health @@ -361,10 +361,10 @@ Use this dashboard to: The **OpenTelemetry Collector Insights - Pipeline: Processor Health** dashboard is crucial for understanding if any processors (like batch, memory_limiter, or resourcedetection) are dropping data or causing performance issues. Use this dashboard to: -- Monitor processor performance and throughput -- Identify data drops or processing bottlenecks -- Track processor-specific configurations and health -- Analyze batch processing efficiency and triggers +- Monitor processor performance and throughput. +- Identify data drops or processing bottlenecks. +- Track processor-specific configurations and health. +- Analyze batch processing efficiency and triggers. Pipeline Processor Health @@ -373,10 +373,10 @@ Use this dashboard to: The **OpenTelemetry Collector Insights - Pipeline: Exporter Health** dashboard is the most critical dashboard for diagnosing backpressure and data loss at the egress stage of the pipeline. Use this dashboard to: -- Monitor exporter performance and success rates -- Identify backpressure issues and export failures -- Track data delivery to downstream systems -- Analyze queue utilization and capacity +- Monitor exporter performance and success rates. +- Identify backpressure issues and export failures. +- Track data delivery to downstream systems. +- Analyze queue utilization and capacity. Pipeline Exporter Health @@ -385,18 +385,20 @@ Use this dashboard to: The **OpenTelemetry Collector Insights - Resource Utilization** dashboard provides a deep dive into the collector's own resource consumption to diagnose performance issues and plan for capacity. Use this dashboard to: -- Monitor CPU, memory, and disk usage by collectors -- Plan capacity and resource allocation -- Identify resource constraints and optimization opportunities -- Track heap allocation and garbage collection patterns +- Monitor CPU, memory, and disk usage by collectors. +- Plan capacity and resource allocation. +- Identify resource constraints and optimization opportunities. +- Track heap allocation and garbage collection patterns. Resource Utilization ## Troubleshooting -### Common Issues +### Common issues -**Collector connection failure**: If your collector fails to connect to Sumo Logic, you may need to configure proxy settings. Check the collector's logs for connection errors: +##### Collector connection failure + +If your collector fails to connect to Sumo Logic, you may need to configure proxy settings. Check the collector's logs for connection errors: ```bash # On systemd systems @@ -405,17 +407,21 @@ journalctl --unit otelcol-sumo # Look for errors like "Unable to get a heartbeat" ``` -**High queue utilization**: Monitor the `otelcol_exporter_queue_size` and `otelcol_exporter_queue_capacity` metrics. If the queue is consistently full, you may need to: +##### High queue utilization + +Monitor the `otelcol_exporter_queue_size` and `otelcol_exporter_queue_capacity` metrics. If the queue is consistently full, you may need to: - Reduce data ingestion rate - Increase queue capacity - Scale horizontally with more collectors -**Data dropping**: Watch for logs containing "Dropping data because sending_queue is full" and monitor failed enqueue metrics: +##### Data dropping + +Watch for logs containing "Dropping data because sending_queue is full" and monitor failed enqueue metrics: - `otelcol_exporter_enqueue_failed_spans` - `otelcol_exporter_enqueue_failed_metric_points` - `otelcol_exporter_enqueue_failed_log_records` -### Accessing Collector Metrics Directly +### Accessing collector metrics directly By default, the collector's internal metrics are available in Prometheus format at `http://localhost:8888/metrics`. You can access them using: @@ -423,13 +429,13 @@ By default, the collector's internal metrics are available in Prometheus format curl http://localhost:8888/metrics ``` -### Log Levels and Configuration +### Log levels and configuration Configure different log levels for troubleshooting: -- **DEBUG**: Most verbose, includes detailed trace information -- **INFO**: Standard operational information (default) -- **WARN**: Warning messages about potential issues -- **ERROR**: Error conditions that need attention +- **DEBUG**. Most verbose, includes detailed trace information +- **INFO**. Standard operational information (default) +- **WARN**. Warning messages about potential issues +- **ERROR**. Error conditions that need attention ## Create monitors for OpenTelemetry Collector Insights app From 6147568e45f33d1f93799fd5d0afd5b1023a4c15 Mon Sep 17 00:00:00 2001 From: chetanchoudhary-sumo Date: Tue, 26 Aug 2025 11:32:20 +0530 Subject: [PATCH 06/10] adding form screenshot, made few updates --- .../opentelemetry-collector-insights.md | 24 +++++++------------ 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md index cbfa2c16e4..037449ee98 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md +++ b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md @@ -15,9 +15,7 @@ The Sumo Logic OpenTelemetry Collector Insights app provides comprehensive monit This app supports OpenTelemetry Collector version **0.130.1-sumo-0** and later versions. -We use the OpenTelemetry collector's built-in internal telemetry capabilities to collect metrics and logs about the collector itself. By default, the Collector exposes its own telemetry through internal metrics (via Prometheus interface on port 8888) and logs (emitted to stderr). - -The diagram below illustrates the components of the OpenTelemetry Collector self-monitoring setup. The collector is configured to export its own telemetry data (metrics and logs) to Sumo Logic through OTLP/HTTP endpoints. +We use the OpenTelemetry collector's built-in internal telemetry capabilities to collect metrics and logs about the collector itself. By default, the Collector exposes its own telemetry through internal metrics (via Prometheus interface on port 8888) and logs (emitted to stderr). The collector can also be configured to export its own telemetry data (metrics and logs) to Sumo Logic through OTLP/HTTP endpoints. :::info This app includes [built-in monitors](#opentelemetry-collector-insights-alerts). For details on creating custom monitors, refer to [Create monitors for OpenTelemetry Collector Insights app](#create-monitors-for-opentelemetry-collector-insights-app). @@ -37,14 +35,9 @@ Following are the [fields](/docs/manage/fields/) which will be created as part o Before configuring the OTEL Collector integration, ensure you have the following prerequisites in place: -1. **OTLP Endpoint**: You need a valid base OTLP endpoint URL. The system will automatically append `/v1/logs` for logs collection and `/v1/metrics` for metrics collection. The endpoint should be accessible from your OTEL Collector instance. - -2. **Network Access**: Ensure that your OTEL Collector has network access to the configured OTLP endpoint. This includes: - - Outbound HTTPS connectivity on port 443 - - Proper firewall configurations to allow traffic to the endpoint - - DNS resolution for the endpoint hostname +1. **Sumo Logic OTLP Source**: You need to create an OTLP source in your Sumo Logic hosted collector. The OTLP source will provide the endpoint URL that the OTEL Collector will use to send telemetry data. -3. **Authentication**: If your OTLP endpoint requires authentication, ensure you have the proper credentials or tokens configured. + **Documentation**: [Creating a Sumo Logic OTLP Source](https://help.sumologic.com/docs/send-data/hosted-collectors/http-source/otlp/) ### For metrics collection @@ -85,21 +78,20 @@ import SetupColl from '../../../reuse/apps/opentelemetry/set-up-collector.md'; ### Step 2: Configure integration +OpenTelemetry works with a [configuration](https://opentelemetry.io/docs/collector/configuration/) YAML file with all the details concerning the data that needs to be collected. + In this step, you will configure the OpenTelemetry Collector's built-in telemetry to monitor itself. The collector's service configuration needs to be updated to enable telemetry export. Below is the required configuration that should be added to your collector's service section: **Required Inputs:** -- **OTLP Endpoint**: Your Sumo Logic OTLP endpoint base URL -- **Deployment Environment**: Enter a name to identify your deployment environment +- **OTLP Endpoint**: Your Sumo Logic OTLP endpoint URL **Configuration Parameters:** - **Endpoint Format**: The base endpoint automatically creates: - Logs endpoint: `${OTLP_ENDPOINT}/v1/logs` - Metrics endpoint: `${OTLP_ENDPOINT}/v1/metrics` -- **Protocol**: HTTP/protobuf for OTLP communication -- **Metrics level**: Set to **detailed** for comprehensive monitoring -- **Logs level**: Set to **debug** for detailed troubleshooting information + ```yaml service: @@ -134,6 +126,8 @@ import EnvVar from '../../../reuse/apps/opentelemetry/env-var-required.md'; +YAML + ### Step 3: Send logs and metrics to Sumo Logic import LogsIntro from '../../../reuse/apps/opentelemetry/send-logs-intro.md'; From afe751a46e03931e2da1908a9e376ce6af33ee6d Mon Sep 17 00:00:00 2001 From: chetanchoudhary-sumo Date: Tue, 26 Aug 2025 14:29:56 +0530 Subject: [PATCH 07/10] Implementing more feedbacks --- .../opentelemetry-collector-insights.md | 37 +++---------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md index fb3cac9bd9..b4736ca0da 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md +++ b/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md @@ -17,10 +17,6 @@ This app supports OpenTelemetry Collector version `0.130.1-sumo-0` and later ver We use the OpenTelemetry collector's built-in internal telemetry capabilities to collect metrics and logs about the collector itself. By default, the Collector exposes its own telemetry through internal metrics (via Prometheus interface on port 8888) and logs (emitted to stderr). The collector can also be configured to export its own telemetry data (metrics and logs) to Sumo Logic through OTLP/HTTP endpoints. -:::info -This app includes [built-in monitors](#opentelemetry-collector-insights-alerts). For details on creating custom monitors, refer to [Create monitors for OpenTelemetry Collector Insights app](#create-monitors-for-opentelemetry-collector-insights-app). -::: - ## Fields creation in Sumo Logic for OpenTelemetry Collector Insights Following are the [fields](/docs/manage/fields/) which will be created as part of OpenTelemetry Collector Insights app installation, if not already present. @@ -50,8 +46,8 @@ The OpenTelemetry Collector must be configured to export its own metrics using t ### For logs collection The OpenTelemetry Collector must be configured to export its own logs using the built-in telemetry capabilities. This requires: -- Collector configured with telemetry logs enabled at `debug` level -- JSON encoding for structured log output +- Collector configured with telemetry logs enabled at `debug` level (automatically configured in the provided template) +- JSON encoding for structured log output (automatically configured in the provided template) - Access to OTLP endpoint for logs export ### System Requirements @@ -60,9 +56,6 @@ The OpenTelemetry Collector must be configured to export its own logs using the - Sufficient system resources (CPU, memory) for data processing - Proper permissions for the collector service to access configured resources -import LogsCollectionPrereqisites from '../../../reuse/apps/logs-collection-prereqisites.md'; - - ## Collection configuration and app installation @@ -82,16 +75,10 @@ OpenTelemetry works with a [configuration](https://opentelemetry.io/docs/collect In this step, you will configure the OpenTelemetry Collector's built-in telemetry to monitor itself. -The collector's service configuration needs to be updated to enable telemetry export. Below is the required configuration that should be added to your collector's service section: +Below are the inputs required: -**Required Inputs:** - **OTLP Endpoint**: Your Sumo Logic OTLP endpoint URL. -**Configuration Parameters:** -- **Endpoint Format**. The base endpoint automatically creates: - - Logs endpoint: `${OTLP_ENDPOINT}/v1/logs` - - Metrics endpoint: `${OTLP_ENDPOINT}/v1/metrics` - ```yaml service: @@ -265,21 +252,7 @@ After installation, verify that: ## Key Internal Metrics -The OpenTelemetry Collector emits comprehensive internal metrics categorized by verbosity levels: - -### Basic Level Metrics (Essential service telemetry) -- **Process metrics**: `otelcol_process_uptime`, `otelcol_process_cpu_seconds`, `otelcol_process_memory_rss` -- **Receiver metrics**: `otelcol_receiver_accepted_*`, `otelcol_receiver_refused_*` -- **Processor metrics**: `otelcol_processor_incoming_items`, `otelcol_processor_outgoing_items` -- **Exporter metrics**: `otelcol_exporter_sent_*`, `otelcol_exporter_send_failed_*`, `otelcol_exporter_enqueue_failed_*` -- **Queue metrics**: `otelcol_exporter_queue_size`, `otelcol_exporter_queue_capacity` - -### Normal Level Metrics (Standard indicators) -- **Batch processor metrics**: `otelcol_processor_batch_batch_send_size`, `otelcol_processor_batch_timeout_trigger_send` - -### Detailed Level Metrics (Most verbose) -- **HTTP metrics**: `http.client.request.duration`, `http.server.request.duration`, `http.*.request.body.size` -- **RPC metrics**: `rpc.client.duration`, `rpc.server.duration`, `rpc.*.request.size`, `rpc.*.response.size` +The OpenTelemetry Collector emits comprehensive internal metrics categorized by verbosity levels. For a complete list of internal metrics and their descriptions, see the [OpenTelemetry Collector Internal Telemetry documentation](https://opentelemetry.io/docs/collector/internal-telemetry/#lists-of-internal-metrics). ## Sample queries @@ -313,6 +286,8 @@ sumo.datasource=otel_collector metric=otelcol_exporter_queue_size deployment.env All dashboards have a set of filters that you can apply to the entire dashboard. Use these filters to drill down and examine the data to a granular level. - You can change the time range for a dashboard or panel by selecting a predefined interval from a drop-down list, choosing a recently used time range, or specifying custom dates and times. [Learn more](/docs/dashboards/set-custom-time-ranges/). - You can use template variables to drill down and examine the data on a granular level. For more information, see [Filtering Dashboards with Template Variables](/docs/dashboards/filter-template-variables/). +- **Log-based dashboards** use the `_sourceHost` filter to identify specific collector instances. +- **Metrics-based dashboards** use the `service.instance.id` filter to identify specific collector instances. ### Overview From b06ff66b085da2e41840b114e2fa097372eee762 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 26 Aug 2025 16:05:14 +0530 Subject: [PATCH 08/10] Updates --- cid-redirects.json | 2 ++ docs/integrations/sumo-apps/index.md | 8 ++++++++ .../opentelemetry-collector-insights.md | 20 +++++++++---------- sidebars.ts | 2 +- 4 files changed, 21 insertions(+), 11 deletions(-) rename docs/integrations/{hosts-operating-systems/opentelemetry => sumo-apps}/opentelemetry-collector-insights.md (95%) diff --git a/cid-redirects.json b/cid-redirects.json index 283b8910d6..ebd1827622 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -2094,6 +2094,7 @@ "/cid/22674": "/docs/integrations/google/cloud-functions", "/cid/22675": "/docs/integrations/google/cloud-sql", "/cid/23233": "/docs/integrations/saas-cloud/zendesk", + "/cid/23234": "/docs/integrations/saas-cloud/zimperium", "/cid/2323": "/docs/integrations/saas-cloud/zoom", "/cid/23239": "/docs/integrations/saas-cloud/lastpass", "/cid/2324": "/docs/integrations/saas-cloud/workday", @@ -2926,6 +2927,7 @@ "/cid/10999": "/docs/send-data/collect-from-other-data-sources/azure-monitoring/ms-azure-event-hubs-source", "/cid/11000": "/docs/platform-services/automation-service/automation-service-playbooks", "/cid/1105": "/docs/integrations/cloud-security-monitoring-analytics/aws-security-hub-ocsf", + "/cid/1106": "/docs/integrations/sumo-apps/opentelemetry-collector-insights", "/Cloud_SIEM_Enterprise": "/docs/cse", "/Cloud_SIEM_Enterprise/Administration": "/docs/cse/administration", "/Cloud_SIEM_Enterprise/Administration/Cloud_SIEM_Enterprise_Feature_Update_(2022)": "/docs/cse/administration", diff --git a/docs/integrations/sumo-apps/index.md b/docs/integrations/sumo-apps/index.md index d18fd140e6..01d508da59 100644 --- a/docs/integrations/sumo-apps/index.md +++ b/docs/integrations/sumo-apps/index.md @@ -24,6 +24,8 @@ You may upgrade your account at any time. In these instances, an admin can reque Once a request has been submitted, a support ticket is automatically opened. A representative from Sumo Logic will respond to your request as soon as possible, generally between one and two business days. Depending on the app that's been requested, Sumo Logic may need additional information, or may need to work with your organization to change the account type to enable some apps. +## Guides +
@@ -79,6 +81,12 @@ Once a request has been submitted, a support ticket is automatically opened. A r

A guide to the Sumo Logic Log Analysis QuickStart app.

+
+
+ Thumbnail icon

OpenTelemetry Collector Insights

 +

A guide to the Sumo Logic OpenTelemetry Collector Insights app.

+
+
Thumbnail icon

Security Analytics

 diff --git a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md b/docs/integrations/sumo-apps/opentelemetry-collector-insights.md similarity index 95% rename from docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md rename to docs/integrations/sumo-apps/opentelemetry-collector-insights.md index b4736ca0da..2810239e12 100644 --- a/docs/integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights.md +++ b/docs/integrations/sumo-apps/opentelemetry-collector-insights.md @@ -59,13 +59,13 @@ The OpenTelemetry Collector must be configured to export its own logs using the ## Collection configuration and app installation -import ConfigAppInstall from '../../../reuse/apps/opentelemetry/config-app-install.md'; +import ConfigAppInstall from '../../reuse/apps/opentelemetry/config-app-install.md'; ### Step 1: Set up collector -import SetupColl from '../../../reuse/apps/opentelemetry/set-up-collector.md'; +import SetupColl from '../../reuse/apps/opentelemetry/set-up-collector.md'; @@ -109,7 +109,7 @@ service: You can add any custom fields which you want to tag along with the data ingested in Sumo. -import EnvVar from '../../../reuse/apps/opentelemetry/env-var-required.md'; +import EnvVar from '../../reuse/apps/opentelemetry/env-var-required.md'; @@ -117,7 +117,7 @@ import EnvVar from '../../../reuse/apps/opentelemetry/env-var-required.md'; ### Step 3: Send logs and metrics to Sumo Logic -import LogsIntro from '../../../reuse/apps/opentelemetry/send-logs-intro.md'; +import LogsIntro from '../../reuse/apps/opentelemetry/send-logs-intro.md'; @@ -166,7 +166,7 @@ import LogsIntro from '../../../reuse/apps/opentelemetry/send-logs-intro.md'; -import ChefEnv from '../../../reuse/apps/opentelemetry/chef-with-env.md'; +import ChefEnv from '../../reuse/apps/opentelemetry/chef-with-env.md'; @@ -174,7 +174,7 @@ import ChefEnv from '../../../reuse/apps/opentelemetry/chef-with-env.md'; -import AnsEnv from '../../../reuse/apps/opentelemetry/ansible-with-env.md'; +import AnsEnv from '../../reuse/apps/opentelemetry/ansible-with-env.md'; @@ -182,14 +182,14 @@ import AnsEnv from '../../../reuse/apps/opentelemetry/ansible-with-env.md'; -import PuppetEnv from '../../../reuse/apps/opentelemetry/puppet-with-env.md'; +import PuppetEnv from '../../reuse/apps/opentelemetry/puppet-with-env.md'; -import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; +import LogsOutro from '../../reuse/apps/opentelemetry/send-logs-outro.md'; @@ -408,7 +408,7 @@ Configure different log levels for troubleshooting: ## Create monitors for OpenTelemetry Collector Insights app -import CreateMonitors from '../../../reuse/apps/create-monitors.md'; +import CreateMonitors from '../../reuse/apps/create-monitors.md'; @@ -419,4 +419,4 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md'; | `OpenTelemetry Collector Insights - Collector Instance is Down` | This alert fires when a Collector instance stops sending telemetry for more than 10 minutes, indicating it is down or has a connectivity issue. | Missing Data | Data Found | | `OpenTelemetry Collector Insights - Exporter Queue Nearing Capacity` | This alert fires when an exporter's sending queue is over 90% full. This is a strong leading indicator of back pressure and imminent data loss. | Count > = 90 | Count < 90 | | `OpenTelemetry Collector Insights - High Memory Usage (RSS)` | This alert fires when a Collector's memory usage (RSS) exceeds 2GB. This could be an early indicator of a memory leak or an under-provisioned host. | Count > 2000000000 | Count < = 2000000000 | -| `OpenTelemetry Collector Insights - High Metadata Cardinality` | This alert fires when the batch processor is handling more than 1000 unique combinations of metadata. This is a known cause of performance degradation, high CPU, and high memory usage. | Count > 1000 | Count < = 1000 | +| `OpenTelemetry Collector Insights - High Metadata Cardinality` | This alert fires when the batch processor is handling more than 1000 unique combinations of metadata. This is a known cause of performance degradation, high CPU, and high memory usage. | Count > 1000 | Count < = 1000 | \ No newline at end of file diff --git a/sidebars.ts b/sidebars.ts index d2705a5fac..a15ce29a35 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -2494,7 +2494,6 @@ integrations: [ 'integrations/hosts-operating-systems/opentelemetry/linux-opentelemetry', 'integrations/hosts-operating-systems/opentelemetry/macos-opentelemetry', 'integrations/hosts-operating-systems/opentelemetry/windows-opentelemetry', - 'integrations/hosts-operating-systems/opentelemetry/opentelemetry-collector-insights', ], }, 'integrations/hosts-operating-systems/host-metrics', @@ -2675,6 +2674,7 @@ integrations: [ 'integrations/sumo-apps/infrequent-data-tier', 'integrations/sumo-apps/kickstart-data', 'integrations/sumo-apps/log-analysis-quickstart', + 'integrations/sumo-apps/opentelemetry-collector-insights', 'integrations/sumo-apps/security-analytics', ], }, From bc09e7cb81f180112cc7917e06f17805dbacde2a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 26 Aug 2025 16:08:32 +0530 Subject: [PATCH 09/10] Update cid-redirects.json --- cid-redirects.json | 1 - 1 file changed, 1 deletion(-) diff --git a/cid-redirects.json b/cid-redirects.json index ebd1827622..37ffd291f9 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -2094,7 +2094,6 @@ "/cid/22674": "/docs/integrations/google/cloud-functions", "/cid/22675": "/docs/integrations/google/cloud-sql", "/cid/23233": "/docs/integrations/saas-cloud/zendesk", - "/cid/23234": "/docs/integrations/saas-cloud/zimperium", "/cid/2323": "/docs/integrations/saas-cloud/zoom", "/cid/23239": "/docs/integrations/saas-cloud/lastpass", "/cid/2324": "/docs/integrations/saas-cloud/workday", From 4a09bf725e128db0e0872c4e224f41482f6e668c Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 26 Aug 2025 16:34:39 +0530 Subject: [PATCH 10/10] release note and product list --- blog-service/2025-08-26-apps.md | 14 ++++++++++++++ docs/integrations/product-list/product-list-m-z.md | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 blog-service/2025-08-26-apps.md diff --git a/blog-service/2025-08-26-apps.md b/blog-service/2025-08-26-apps.md new file mode 100644 index 0000000000..b0d69defa4 --- /dev/null +++ b/blog-service/2025-08-26-apps.md @@ -0,0 +1,14 @@ +--- +title: OpenTelemetry Collector Insights (Apps) +image: https://help.sumologic.com/img/reuse/rss-image.jpg +keywords: + - apps + - sumo-logic + - opentelemetry-collector-insights +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + + +We're excited to introduce the new OpenTelemetry Collector Insights app for Sumo Logic. This app offers robust monitoring and observability for Sumo Logic OpenTelemetry Collector instances (version 0.130.1-sumo-0 and above), enabling you to track performance, data flow, and resource usage through prebuilt dashboards and alerts. [Learn more](/docs/integrations/sumo-apps/opentelemetry-collector-insights/). \ No newline at end of file diff --git a/docs/integrations/product-list/product-list-m-z.md b/docs/integrations/product-list/product-list-m-z.md index 8383a746a7..45519c3130 100644 --- a/docs/integrations/product-list/product-list-m-z.md +++ b/docs/integrations/product-list/product-list-m-z.md @@ -163,7 +163,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Strimzi](https://strimzi.io/) | App: [Strimzi Kafka](/docs/integrations/containers-orchestration/strimzi-kafka/) | | Thumbnail icon | [Stripe](https://stripe.com/) | Webhook: [Stripe](/docs/integrations/webhooks/stripe/) | | Thumbnail icon | [Sucuri](https://sucuri.net/) | Cloud SIEM integration: [Sucuri](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/cdfd2ba0-77eb-4e11-b071-6f4d01fda607.md) | -| Thumbnail icon | [Sumo Logic](https://www.sumologic.com/) | Apps:
- [Enterprise Audit - Cloud SIEM](/docs/integrations/sumo-apps/cse/)
- [Flex](/docs/integrations/sumo-apps/flex/)
- [Sumo Collection](/docs/integrations/saas-cloud/sumo-collection)
- [Sumo Logic Audit](/docs/integrations/sumo-apps/audit/)
- [Sumo Logic Data Volume](/docs/integrations/sumo-apps/data-volume/)
- [Sumo Logic Enterprise Audit](/docs/integrations/sumo-apps/enterprise-audit/) (multiple apps)
- [Sumo Logic Enterprise Search Audit](/docs/integrations/sumo-apps/enterprise-search-audit/)
- [Sumo Logic Infrequent Data Tier](/docs/integrations/sumo-apps/infrequent-data-tier/)
- [Sumo Logic Kickstart Data](/docs/integrations/sumo-apps/kickstart-data)
- [Sumo Logic Log Analysis QuickStart](/docs/integrations/sumo-apps/log-analysis-quickstart/)
- [Sumo Logic Security Analytics](/docs/integrations/sumo-apps/security-analytics/)
Automation integrations:
- [Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools/)
- [Basic Tools](/docs/platform-services/automation-service/app-central/integrations/basic-tools/)
- [ESMTP](/docs/platform-services/automation-service/app-central/integrations/esmtp/)
- [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools/)
- [Incident Tools](/docs/platform-services/automation-service/app-central/integrations/incident-tools/)
- [IMAP](/docs/platform-services/automation-service/app-central/integrations/imap/)
- [Mail Tools](/docs/platform-services/automation-service/app-central/integrations/mail-tools/)
- [POP3](/docs/platform-services/automation-service/app-central/integrations/pop3/)
- [SMTP V3](/docs/platform-services/automation-service/app-central/integrations/smtp-v3/)
- [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem/)
- [Sumo Logic Cloud SIEM Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem-internal/)
- [Sumo Logic Log Analytics](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics/)
- [Sumo Logic Log Analytics Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics-internal/)
- [Sumo Logic Notifications](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications/)
- [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail/)
- [Sumo Logic Notifications by Microsoft](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-microsoft)
- [Triage Tools](/docs/platform-services/automation-service/app-central/integrations/triage-tools/)
- [ZIP Tools](/docs/platform-services/automation-service/app-central/integrations/zip-tools/)
Cloud SIEM integration: [Sumo Logic](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/34A5019C-7BEC-4BF8-A3B7-C38D567126C6.md)
Collector:
- [Sumo Collection](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sumo-collection-source)
- [Universal Connector](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source)
Community app: [Cloud Security Posture Management (CSPM) for Sumo Logic](https://github.com/SumoLogic/sumologic-content/tree/master/CSPM)
Webhooks:
- [Scheduled Searches for Webhook Connections](/docs/alerts/webhook-connections/schedule-searches-webhook-connections/)
- [Using the Audit Index with Webhook Connections](/docs/alerts/webhook-connections/audit-index/)
- [Webhook Connection for Cloud SOAR](/docs/alerts/webhook-connections/cloud-soar/) | +| Thumbnail icon | [Sumo Logic](https://www.sumologic.com/) | Apps:
- [Enterprise Audit - Cloud SIEM](/docs/integrations/sumo-apps/cse/)
- [Flex](/docs/integrations/sumo-apps/flex/)
- [Sumo Collection](/docs/integrations/saas-cloud/sumo-collection)
- [Sumo Logic Audit](/docs/integrations/sumo-apps/audit/)
- [Sumo Logic Data Volume](/docs/integrations/sumo-apps/data-volume/)
- [Sumo Logic Enterprise Audit](/docs/integrations/sumo-apps/enterprise-audit/) (multiple apps)
- [Sumo Logic Enterprise Search Audit](/docs/integrations/sumo-apps/enterprise-search-audit/)
- [Sumo Logic Infrequent Data Tier](/docs/integrations/sumo-apps/infrequent-data-tier/)
- [Sumo Logic Kickstart Data](/docs/integrations/sumo-apps/kickstart-data)
- [Sumo Logic Log Analysis QuickStart](/docs/integrations/sumo-apps/log-analysis-quickstart/)
- [Sumo Logic OpenTelemetry Collector Insights](/docs/integrations/sumo-apps/opentelemetry-collector-insights/)
- [Sumo Logic Security Analytics](/docs/integrations/sumo-apps/security-analytics/)
Automation integrations:
- [Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools/)
- [Basic Tools](/docs/platform-services/automation-service/app-central/integrations/basic-tools/)
- [ESMTP](/docs/platform-services/automation-service/app-central/integrations/esmtp/)
- [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools/)
- [Incident Tools](/docs/platform-services/automation-service/app-central/integrations/incident-tools/)
- [IMAP](/docs/platform-services/automation-service/app-central/integrations/imap/)
- [Mail Tools](/docs/platform-services/automation-service/app-central/integrations/mail-tools/)
- [POP3](/docs/platform-services/automation-service/app-central/integrations/pop3/)
- [SMTP V3](/docs/platform-services/automation-service/app-central/integrations/smtp-v3/)
- [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem/)
- [Sumo Logic Cloud SIEM Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem-internal/)
- [Sumo Logic Log Analytics](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics/)
- [Sumo Logic Log Analytics Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics-internal/)
- [Sumo Logic Notifications](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications/)
- [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail/)
- [Sumo Logic Notifications by Microsoft](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-microsoft)
- [Triage Tools](/docs/platform-services/automation-service/app-central/integrations/triage-tools/)
- [ZIP Tools](/docs/platform-services/automation-service/app-central/integrations/zip-tools/)
Cloud SIEM integration: [Sumo Logic](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/34A5019C-7BEC-4BF8-A3B7-C38D567126C6.md)
Collector:
- [Sumo Collection](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sumo-collection-source)
- [Universal Connector](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source)
Community app: [Cloud Security Posture Management (CSPM) for Sumo Logic](https://github.com/SumoLogic/sumologic-content/tree/master/CSPM)
Webhooks:
- [Scheduled Searches for Webhook Connections](/docs/alerts/webhook-connections/schedule-searches-webhook-connections/)
- [Using the Audit Index with Webhook Connections](/docs/alerts/webhook-connections/audit-index/)
- [Webhook Connection for Cloud SOAR](/docs/alerts/webhook-connections/cloud-soar/) | | Thumbnail icon | [Superwise](https://superwise.ai/) | Webhook: [Superwise](/docs/integrations/webhooks/superwise/) | | Thumbnail icon | [Symantec](https://sep.securitycloud.symantec.com/v2/landing) | App:
- [Symantec Endpoint Security Service](/docs/integrations/saas-cloud/symantec-endpoint-security-service/)
- [Symantec Web Security Service](/docs/integrations/saas-cloud/symantec-web-security-service/)
Automation integrations:
- [Javelin AD Protect](/docs/platform-services/automation-service/app-central/integrations/javelin-ad-protect/)
- [Symantec DeepSight](/docs/platform-services/automation-service/app-central/integrations/symantec-deepsight/)
- [Symantec EDR](/docs/platform-services/automation-service/app-central/integrations/symantec-edr/)
- [Symantec Endpoint Protection](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection/)
- [Symantec Endpoint Protection Cloud](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection-cloud/)
- [Symantec Secure Web Gateway (Bluecoat)](/docs/platform-services/automation-service/app-central/integrations/symantec-secure-web-gateway-bluecoat/)
- [Symantec WebPulse](/docs/platform-services/automation-service/app-central/integrations/symantec-webpulse/)
Collectors:
- [Symantec Endpoint Security Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source/)
- [Symantec Web Security Service Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-web-security-service-source/)
Cloud SIEM integration: [Symantec](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/64c7f49c-f95a-4f4a-8540-56ec5fb1d96b.md)
Community app: [Sumo Logic for Symantec WSS](https://github.com/SumoLogic/sumologic-content/tree/master/Symantec/WSS) | | Thumbnail icon | [Sysdig](https://sysdig.com/) | App: [Sysdig Secure](/docs/integrations/saas-cloud/sysdig-secure/)
Cloud SIEM integration: [Sysdig](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c4de0854-e718-45e1-a4c8-63623755aa43.md)
Collector: [Sysdig Secure](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md) |