Sumo Logic Installation Instructions
How to Integrate Sumo Logic with BigPanda
Create an App Key
First create an App Key. You'll need a separate App Key for each integrated system.
Configure the Webhook to send alerts to BigPanda.
1. Go to Manage > Connections > Add > Webhook
2. In the Create Connection dialog, enter a Name.
3. (Optional) Enter a Description.
4. In the URL field, copy the API endpoint from the BigPanda integration instructions
5. In the Authorization Header field, copy the HTTP headers from the BigPanda integration instructions.
Authorization: Bearer $TOKEN
Content-Type: application/json
6. In the Payload field, enter the JSON payload to send to BigPanda.
{
"app_key": $YOUR_APP_KEY,
"status": "<ok|critical|warning>",
"host": "SumoLogic Alert $SearchName",
"check": "Time=$FireTime, Query=$SearchQuery",
"cluster": "Customer Application",
"description": "Count=$NumRawResults, Range=$TimeRange",
"link": "$SearchQueryUrl"
}
The following Sumo Logic variables can be used as parameters within your JSON object:
| Parameter | Description |
|---|---|
| $SearchName | Name of the saved search. |
| $SearchDescription | Description of the saved search. |
| $SearchQuery | Query used to run the saved search. |
| $SearchQueryUrl | URL link to the saved search. |
| $TimeRange | Time range used to run the search. |
| $FireTime | Start time of the search. |
| $AggregateResultsJson | JSON object that contains search aggregation results. A maximum of 200 results for this field can be sent via Webhook. |
| $RawResultsJson | JSON object containing raw messages. A maximum of 10 results for this field can be sent via Webhook. |
| $NumRawResults | Number of raw results returned by the search. A maximum of 100 results for this field can be sent via Webhook. |
(Optional) Test the Integration
1. Adjust JSON payload as required.
2. Click Test Connection.
3. A message should appear at the top of the Sumo Logic Webhook configuration page. A successful test returns an HTTP 201 response.
Updated 7 months ago