This collection of topics introduces you to the core foundational concepts involved in understanding Humio. They’re related topics are grouped into categories. Click on the title for each topic to see the tutorial article on it.
The general idea of Humio is to bring together all of you log files and other server metrics into one data repository that’s accessible by the Humio software, a user interface that’s easy to use and configure.
To understand better the concept of a repository, at least as it’s referred with Humio’s software, read this tutorial article on repositories.
In Humio there is by default a sandbox repository for testing data, queries, and new features of Humio software. This brief tutorial provides more information on how you might use a sandbox repository.
There may be a situation in which you want subset of a repository. This is basically a view. You might want it a security measure, limiting some of your staff to certain data. It could also be a way to focus on relevant areas of the data. How views are constructed and more details on the reasons for using them is discussed in this tutorial.
As mentioned above, repositories are meant to contain log entries and metrics from your servers. After creating a repository, you will need to configure Humio to receive that data.
You will have to prepare Humio for a particular source of data from your servers, as well as have an authentication token for your server utility to identify itself. This tutorial will explain this.
For better results in Humio, you may want to implement a system and policies related to the management of logs on your servers. This article will tell you how to approach that.
Raw data coming into Humio is fairly useless. It will need to be parsed properly so that you can search the data for the information you need to monitor and administer your servers. This and related topics are covered in this tutorial on ingest flow.
Once you have your server logs and metrics stored and steaming into Humio, you’ll want to query that data for specific events. These tutorials will introduce you to these concepts.
Each entry stored in a Humio repository is known as an event — in part because it includes a time stamp and it’s basically something that happened on your server. The elements of events — such as which repository, metadata associated with it (e.g., user name, IP address) — are listed and described in this tutorial.
Queries are the method by which you search the data, look for events that meet a specific criteria you give Humio. There is a specific, albeit familiar syntax for queries. It’s presented in this tutorial.
System administrators are particularly interested in spotting problems or certain situations as it happens, so they may react quickly and appropriately. As such, Humio allows you to query data as it’s streaming in. Read this tutorial to learn more.
Rather than having to re-enter queries you use often, you can create widgets to store them. These are then assembled in a dashboard. The results may be displayed as graphs or tables containing aggregated data or raw data. It’s the best way to monitor you servers. This tutorial will tell you more.
Some may want to know more about some of the foundational concepts. These tutorial go deeper or are related to more advanced topics, like clusters.
This is a little more advanced topic, but it’s still foundational. We recommend you read this tutorial on Humio architecture after you’ve familiarized yourself with the other aspects of Humio presented in the previously listed tutorials.
Humio software is very robust. It can track data from single servers, or a cluster of servers. This tutorial talks about how nodes are organized in Humio.