Moogsoft Docs

Sumo Logic

The Sumo Logic integration allows you to retrieve alerts from Sumo Logic and send them to Moogsoft AIOps as events.

Refer to the Sumo Logic LAM Reference to see the integration's default properties. When you use the integrations UI, you can only configure the visible properties.

If you want to implement a more complex Sumo Logic LAM with custom settings, see Configure the Sumo Logic LAM .

See the Sumo Logic documentation for details on Sumo Logic components.

Before You Begin

The Sumo Logic integration has been validated with Sumo Logic v2018. Before you start to set up your Sumo Logic integration, ensure you have met the following requirements:

  • You have an active Sumo Logic account.
  • You have the necessary permissions to configure a webhook connection and metric monitor in Sumo Logic.
  • Sumo Logic can make requests to external endpoints over port 443.

Configure the Sumo Logic Integration

Configure the Sumo Logic integration in Moogsoft AIOps as follows:

  1. Navigate to the Integrations tab.
  2. Click Sumo Logic in the Monitoring section.
  3. Provide the connection details to create the integration.

Configure Sumo Logic

Log in to Sumo Logic to configure a webhook connection to send alert data to your system. For more help, see the Sumo Logic docs .

  1. Create a new webhook connection in Sumo Logic:

    Field Value
    Name Moogsoft AIOps
    Username Username generated in the Moogsoft AIOps UI
    Password Password generated in the Moogsoft AIOps UI
  2. Add the following custom JSON payload:

    {
        "signature":"$SearchName::$AlertSource",
        "agent_location":"service.us2.sumologic.com",
        "source":"parse _sourceHost from AlertSource",
        "class":"sumo_metric",
        "description":"$SearchDescription - $AlertThreshold",
        "type":"$SearchName",
        "source_id":"$SearchQueryUrl",
        "SearchQuery": "$SearchQuery",
        "TimeRange":"$TimeRange",
        "FireTime":"$FireTime",
        "AlertSource": "$AlertSource",
        "external_id":"$AlertID",
        "severity":"$AlertStatus"
    }
  3. Optionally send a test notification to verify your system can receive a test alert from Sumo Logic.

  4. Assign the webhook connection to one or more metric monitors in Sumo Logic. You can create a new metric monitor or add the webhook to an existing monitor.

When Sumo Logic detects alerts matching the metric monitor, it automatically notifies Moogsoft AIOps over the webhook notification channel.