This Snap is used to execute a Sumo Logic search job and return results to the output view.
Expected upstream Snaps: This Snap does not require a specific upstream Snap. An upstream Snap, however, can provide documents to be used used to evaluate the Sumo Logic search job configuration. Each input document would trigger a SumoLogic search job execution.
Expected downstream Snaps: Expected downstream Snaps would use the Sumo Logic search results to either do routing and/or data persistence.
Expected input: Each input document would be expected to evaluate Sumo Logic search job configuration and execute the search job.
Expected output: If the Show aggregate records settings checkbox is selected, then a single document is generated with the found messages and the aggregate records (message metrics) as child list elements. If the Show aggregate records checkbox is not selected, then found messages are written to the output as separate document entries. If the field schema mapping checkbox is selected the result output fields will be converted from the default string value according to the field type schema in Sumo Logic.
This Snap uses account references created on the Accounts page of SnapLogic Manager to handle access to this endpoint. See SumoLogic Account for information on setting up this type of account.
Views:
Input
This Snap has at most one document input view.
Output
This Snap has exactly one document output view.
Error
This Snap has at most one document error view and produces zero or more documents in the view. Error output view is only written when the Field schema mapping setting checkbox is selected.
Settings
Label
Required. The name for the Snap. You can modify this to be more specific, especially if you have more than one of the same Snap in your pipeline.
Required. The beginning date time range for the search. Format: yyyy-MM-ddTHH:mm:ss
Example: 2014-09-28T00:00:00
Default value: [None]
To
Required. The ending date time range for the search. Format: yyyy-MM-ddTHH:mm:ss
Example: 2014-10-28T00:00:00
Default value: [None]
Time Zone
Required. The time zone for the "From" and "To" date time settings above.
Default value: [UTC]
Field schema mapping
Selected checkbox means the Sumo Logic response field schema will be used to convert response data into matching data types instead of using default string type for each field. Search result fields that cannot me mapped according it's field schema type will generate an error to the error view.
Example: In a scenario when the response data from SumoLogic has an entry called '_blockid', which is of 'integer' data type:
If the Field schema mapping check box is enabled, the data type of '_blockid' is retained as 'integer'.
If the Field schema mapping check box is not enabled, the data type of '_blockid' is converted to 'string'.
Default value: Selected
Aggregate search results
Aggregate search result messages into a single document along with any aggregate metrics (if search query has aggregate function).
Default value: Not selected
Snap Execution
Select one of the three modes in which the Snap executes. Available options are:
Validate & Execute: Performs limited execution of the Snap, and generates a data preview during Pipeline validation. Subsequently, performs full execution of the Snap (unlimited records) during Pipeline runtime.
Execute only: Performs full execution of the Snap during Pipeline execution without generating preview data.
Disabled: Disables the Snap and all Snaps that are downstream from it.
Examples
If you wish to archive the Sumo Logic search job results to a database from the prior month beginning the first day of each new month, your pipeline might look something like this:
The Execute Search Job settings, in this case, are looking for the word "Handling". A to_date parameter set to the first day of the month is used so that this pipeline can be scheduled each month and re-run as necessary.
The Mapper data shows the Sumo Logic schema and the MySQL schema:
The MySQL Insert message can then be written to a file:
Updated and certified against the current SnapLogic Platform release.
May 2023
main21015
Stable
Updated and certified against the current SnapLogic Platform release.
February 2023
main19844
Stable
Updated and certified against the current SnapLogic Platform release.
November 2022
main18944
Stable
Updated and certified against the current SnapLogic Platform release.
August 2022
main17386
Stable
Upgraded with the latest SnapLogic Platform release.
4.29
main15993
Stable
Upgraded with the latest SnapLogic Platform release.
4.28
main14627
Stable
Upgraded with the latest SnapLogic Platform release.
4.27
main12833
Stable
Upgraded with the latest SnapLogic Platform release.
4.26
main11181
Stable
Upgraded with the latest SnapLogic Platform release.
4.25
main9554
Stable
Upgraded with the latest SnapLogic Platform release.
4.24
main8556
Stable
Upgraded with the latest SnapLogic Platform release.
4.23
main7430
Stable
Upgraded with the latest SnapLogic Platform release.
4.22
main6403
Stable
Upgraded with the latest SnapLogic Platform release.
4.21
snapsmrc542
Stable
Upgraded with the latest SnapLogic Platform release.
4.20
snapsmrc535
Stable
Upgraded with the latest SnapLogic Platform release.
4.19
sumologic8337
Latest
Fixed the broken doc link for the Execute Search Job Snap.
4.19
snaprsmrc528
Stable
Upgraded with the latest SnapLogic Platform release.
4.18
snapsmrc523
Stable
Upgraded with the latest SnapLogic Platform release.
4.17
ALL7402
Latest
Pushed automatic rebuild of the latest version of each Snap Pack to SnapLogic UAT and Elastic servers.
4.17
sumologic7369
Latest
Fixed an issue with the Execute Search Job Snap wherein it fails to return the results correctly.
4.17
snapsmrc515
Latest
Added the Snap Execution field to all Standard-mode Snaps. In some Snaps, this field replaces the existing Execute during preview check box.
4.16
snapsmrc508
Stable
Upgraded with the latest SnapLogic Platform release.
4.15
snapsmrc500
Stable
Upgraded with the latest SnapLogic Platform release.
4.14
snapsmrc490
Stable
Upgraded with the latest SnapLogic Platform release.
4.13
snapsmrc486
Stable
Upgraded with the latest SnapLogic Platform release.
4.12
snapsmrc480
Stable
Upgraded with the latest SnapLogic Platform release.
4.11
snapsmrc465
Stable
Upgraded with the latest SnapLogic Platform release.
4.10
snapsmrc414
Stable
Upgraded with the latest SnapLogic Platform release.
4.9
snapsmrc405
Stable
Upgraded with the latest SnapLogic Platform release.
4.8
snapsmrc398
Stable
Upgraded with the latest SnapLogic Platform release.
4.7
snapsmrc382
Latest
Extended authentication support using Access ID and Access Key fields.
4.6
sumologic1961
Latest
Updated Sumo Logic Account labels to reflect the Sumo Logic API Authentication requirement of using Access Keys, rather than usernames and passwords, as of September 28th 2016. Account settings will need to be updated to no longer use username and password values and instead use registered Access ID and Access Key values.
4.6
snapsmrc362
Stable
4.5
snapsmrc344
Stable
4.41
Latest
Resolved an issue with Sumo Execute Search Job when returning over 10000 records. Snap Pack enhanced to support non-US1 Sumo Logic API Environments.