Historically, agents used by this Chart sent logs and metrics data to a generic HTTP Source in Sumo Logic. Ever since the version 3 release, the Chart predominantly uses the OpenTelemetry Collector, and consequently also the OTLP protocol. The data needed to be converted to the formats the generic HTTP source supports before being sent.
Recently, we've added support for directly sending data using the OTLP protocol to Sumo Logic. This is achieved using the OTLP source. This document explains how to use this new source with the Helm Chart.
Add the following to your configuration:
sumologic:
logs:
sourceType: otlp
Add the following to your configuration:
sumologic:
metricss:
sourceType: otlp
Add the following to your configuration:
sumologic:
traces:
sourceType: otlp
tracesSampler:
config:
exporters:
otlphttp:
traces_endpoint: ${SUMO_ENDPOINT_DEFAULT_OTLP_TRACES_SOURCE}
sumologic:
events:
sourceType: otlp
Note: The source is automatically created during Chart installation. This setting simply makes the Chart start sending data to it. If you normally have setup disabled, you need to either enable it after enabling the otlp source, or create the source manually.
Sending data directly via OTLP is more efficient, as we skip the conversion step. OTLP is also a binary-encoded format, which improves the efficiency further.
As a structured log format, OTLP frees us from the need to parse metadata out of the log body on the Sumo side. This makes the following features work without additional manual configuration:
- multiline parsing for the
text
log format - correct timestamps for the
text
log format