Humio organizes data into Repositories (or Repos). Each repository has its own set of users, dashboards, saved queries, and parsers.
A repository is a container for data with associated storage. Often you will have one physical repository per project or system. But use-cases vary based on your data volume, user permissions and many other factors.
On a repository you can control retention and create parsers to parse incoming data.
When sending data to humio it will end up in a repository.
The repository has a close cousin called Views. Views are similar to the views you may know from SQL databases.
Views lets you search across multiple repositories. They also have user management and search filters, making it possible to define which users can see what data. This is how fine grained access controls are implemented in Humio
You can search directly in a repository or search using a view. Using a view can give added benefits
You can read more about views in their doc section.
All accounts have a special private repository called the sandbox. Unlike other repositories you cannot add additional users or change retention. You can use the sandbox for testing things out or as your main repo if your needs are simple.
If you are using a the free version of Humio Cloud the sandbox is your main storage repository and is where you send all your logs and events. You can use views to make your data easier to navigate if you have logs from several sources.
Humio provides a few repositories by default to help you monitor your Humio instances.
humio-audit is a system repository that keep the audit trail of the actions users take in Humio.
Special access restrictions apply: A user can get access to search this repo using the same set of rules as any other repo. But any user who does not have access through those rules can search this repo while being restricted to searching only the events that has said user as the “actor” that did the event.
humio-metric is a system repository that holds metrics generated by Humio itself. There are metrics on both system-wide scope, such as total number of live queries active, and metrics for each repository.
Special access restrictions apply: A user can get access to search this repo using the same set of rules as any other repo. But any user who does not have access through those rules can search this repo, being restricted to searching only the events that directly relates to other repos, that said user has access to. You can thus not see what other repos may exist in Humio through this access, and neither can you query the “global” metrics without being a member of the repo.
The metrics logged into this repository are also available on JMX and Prometheus endpoints provided those are enabled. By default those listeners are disabled, whereas logging to this repository is always enabled.
humio is a system repository that holds debug logs generated by Humio internally. It also has a few built-in dashboards to help you quickly ascertain the state of you Humio cluster or server.