Sumo Logic
Sumo Logic is a cloud data analytics platform focused on security, operations, and business intelligence use cases.
Sumo Logic in a Spot Connect workflow enables you to search log data based on query described in Sumo Logic query syntax.
Configure Sumo Logic in Spot Connect
- In the left main menu, click Connect and click Settings.
- Under the Integrations tab, select Sumo Logic.
- Configure a new integration instance with the information below.
Details needed to set up a Sumo Logic instance in Spot Connect:
Follow the steps below in your Sumo Logic Account and get the desired parameters to enter in the Spot Connect console.
-
Sign in to your Sumo Logic Account and click your name (bottom left side).
-
Click Administration and then Security.
-
Click Add Access Key and enter the Access Key name.
-
Click Save.
In Spot Connect
- Copy the Sumo Logic Access ID and paste it into the Sumo Logic Access ID field.
- Copy the Sumo Logic Access Key and paste it into the Sumo Logic Access Key field.
| Parameter | Description | Required |
|---|---|---|
| Integration Alias | A name for the integration instance | True |
| Sumo Logic Access Id | Unique access_id to access your Sumo Logic account | True |
| Sumo Logic Access Key | API key for authorization | True |
Integration Actions
You can add these actions in the Spot Connect workflow builder as part of your workflow.
Sumo Logic Search
This action performs a search query on Sumo Logic.
Input
| Parameter | Description | Required |
|---|---|---|
| Sumo Logic Instance | Select a Sumo Logic integration instance configured in Spot Connect | True |
| Query | Search query to perform in Sumo Logic service | True |
| From Time | Time from where search should start | True |
| To Time | Time till where search should be performed | True |
| S3 Bucket | An S3 bucket to store the query and result. | False |
Output
| Parameter | Type | Description |
|---|---|---|
| result | Object | Result of search run |
| is_result_truncated | Boolean | Is the result truncated |
| result_bucket_key | String | Object path in the bucket |
| s3_bucket | String | It shows the bucket name where the output is stored |
| execution_status | String | The current status of the incident |
Action Example
From the left panel, drag and drop the Sumo Logic Search action node in the workflow builder. Configure the necessary parameters and save your workflow. During the workflow execution, downstream action nodes in the workflow can be designed to take action on data returned from the Sumo Logic Search action node.