Setup the Sumo Logic as a SIEM tool to collect logs.

Prerequisites

Note: The examples and graphics provided on this page are for representation purposes only and may not accurately reflect your specific instance. We do not assume responsibility for their maintenance or accuracy.

To use Sumo Logic as a logging endpoint, you will need to create a Sumo Logic account, add a new source, and save the HTTP source URL.

To add a new source in the Sumo Logic website, perform the following steps:

Procedure

  1. After you create your Sumo Logic account, the Sumo Logic Setup Wizard appears. If you already have an account, you can access the wizard by selecting Setup Wizard from the Manage menu at the top of the Sumo Logic application. In the Setup Wizard, click Set Up Streaming Data
    Sumo Login Welcome screen

    The Select Data Type window appears.

  2. Click All Other Sources.
    Select Data type in Sumo Logic

    The Set Up Collection window appears.

  3. Click HTTP Source.
    Setup collection

    The Configure Source: HTTP Source window appears.

  4. Enter a name in the Source Category (for example, Http Input), and select a timezone for your log files.
    Suma Logic HTTP source
  5. Click Continue to see a magic url such as the following:https://endpoint1.collection.us2.sumologic.com/receiver/v1/http/ZaVnA4dhaV0nFJAEMuwFDGEEZUnDedm7hYhkdUJSAE44bmKKp1mp4LsYDCr2MzTA0C21czkqjz9UVjC1mk4lw512KQ7Usz3OAmNwCMWO09eK9r7h2VZT7B==
  6. Save this URL in an editor. You will need it when you add Sumo Logic as an SIEM logging endpoint. Adding Sumo Logic as an SIEM logging endpoint