On this page
Table of Contents | ||||
---|---|---|---|---|
|
Snap type: | Read | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Description: | This Snap is used to execute a Sumo Logic search job and return results to the output view.
| |||||||||||||
Prerequisites: | [None] | |||||||||||||
Support and limitations: |
| |||||||||||||
Account: | This Snap uses account references created on the Accounts page of SnapLogic Manager to handle access to this endpoint. See Configuring SumoLogic AccountAccounts for information on setting up this type of account. | |||||||||||||
Views: |
| |||||||||||||
Settings | ||||||||||||||
Label | Required. The name for the Snap. You can modify this to be more specific, especially if you have more than one of the same Snap in your pipeline. | |||||||||||||
Query | Required. The Sumo Logic search expression. See Sumo Logic documentation for searching at https://service.sumologic.com/help/ Example: Unsuccessful | summarize Default value: [None] | |||||||||||||
From | Required. The beginning date time range for the search. Format: yyyy-MM-ddTHH:mm:ss Example: 2014-09-28T00:00:00 Default value: [None] | |||||||||||||
To | Required. The ending date time range for the search. Format: yyyy-MM-ddTHH:mm:ss Example: 2014-10-28T00:00:00 Default value: [None] | |||||||||||||
Time Zone | Required. The time zone for the "From" and "To" date time settings above. Default value: [UTC] | |||||||||||||
Field schema mapping | Selected checkbox means the Sumo Logic response field schema will be used to convert response data into matching data types instead of using default string type for each field. Search result fields that cannot me mapped according it's field schema type will generate an error to the error view. Example:
Default value: Selected | |||||||||||||
Aggregate search results | Aggregate search result messages into a single document along with any aggregate metrics (if search query has aggregate function). Default value: Not selected | |||||||||||||
|
|
Examples
If you wish to archive the Sumo Logic search job results to a database from the prior month beginning the first day of each new month, your pipeline might look something like this:
The Execute Search Job settings, in this case, are looking for the word "Handling".
A to_date parameter set to the first day of the month is used so that this pipeline can be scheduled each month and re-run as necessary.
The Mapper data shows the Sumo Logic schema and the MySQL schema:
The MySQL Insert message can then be written to a file:
Related Information
See Also
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|