SumoLogic 1.0.0
App Vendor: Sumo Logic
App Category: Analytics & SIEM
Connector Version: 1.0.0
API Version: 1.0.0
About App
SumoLogic provides real-time visibility into AWS, Azure, and GCP cloud applications and infrastructure. The SumoLogic app enables security teams to integrate with the Sumo Logic enterprise application to create and retrieve search jobs.
The SumoLogic app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Create a Search Job | This action creates a search job. |
Get Search Job Status | This action retrieves the status of a search job. |
Configuration Parameters
The following configuration parameters are required for the SumoLogic app to communicate with the SumoLogic enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Access ID | Enter the access ID. Example: "sample id" | Text | Required | |
Access Token | Enter the access token. Example: "sample token" | Text | Required |
Action: Create a Search Job
This action creates a search job.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter the query as an input. Example: "count _SourceCategory" | Text | Required | |
From Time | Enter the start date and time in epoch format. Example: "2019-05-03T12:00:00" | Integer | Required | |
Until Time | Enter the end date and time in epoch format. Example: "2019-05-03T12:05:00" | Text | Required | |
Time Zone | Enter the time zone. Example: "IST" | Text | Required | |
By Receipt Time | Optional preference to either run or not run the search using receipt time. Example: "true" | Text | Optional | Allowed values:
Default value: false |
Example Request
[
{
"query": "count _SourceCategory",
"epochtime_from": "2019-05-03T12:00:00",
"epochtime_until": "2019-05-03T12:05:00",
"timezone": "IST",
"byReceiptTime": "true"
}
]Action: Get Search Job Status
This action retrieves the status of a search job.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Search Job ID | Enter the search job ID. Example: "sample id" | Text | Required |
Example Request
[
{
"search_jobid": "sample id"
}
]