Sumo Logic Webhook

You can configure the Sumo Logic webhook to post notifications to the Events API when events of interest occur.

Before you begin

This integration was validated with Sumo Logic on 6 June 2021.

Before you start to set up your integration, make sure:

  • You have an active Sumo Logic account.

  • You have the necessary permissions to create alerts and notifications channels in Sumo Logic.

  • Sumo Logic can make requests to external endpoints over port 443. This is the default.

  • You have created an API key and have access to a copy of it.

Configure the integration in Moogsoft

To configure the integration:

  1. Click Data Config > Ingestion Services.

  2. Under Ingestion Services, click Create your own integration.

  3. Click ADD NEW INTEGRATION.

  4. In the MOOGSOFT ENDPOINT field, provide a unique integration name.

    You can give it the same name as the target application or customize the name according to your business needs.

  5. In the API DESCRIPTION field, enter a description (optional) of the purpose for the API or other information relevant to your business needs.

  6. Under DATA TYPE, select Events.

  7. Click Save.

The custom API is now provisioned.

Note

Leave this browser tab open as you will use it later on in the procedure.

Note

See Create your own integration for additional help.

Define the webhook in Sumo Logic

To create a new webhook in Sumo Logic, do the following:

  1. Log in to Sumo Logic.

  2. Click Manage Data > Alerts.

  3. On the Connections tab, click the +New to add a new connection.

  4. Click webhook.

  5. Input the following

    • Name: Moogsoft

    • Description: Moogsoft

    • URL: Copy the Endpoint URL from Moogsoft and paste it in this field.

      The endpoint displays in Moogsoft under Data Config > Ingestion Services > Create Your Own Integration > <Your Integration> > Configuration Information after you save your integration

      Example:

      https://api.moogsoft.ai/express/v1/integrations/custom/cc11a9e714d1/your_application

    • Custom Headers: Enter your Moogsoft API key.

      Example: apiKey:moogsoft_!01a23bc4-567d1ab2-345c-1ab234c12abc

      NOTE: Enter your API key using this format: apiKey:<your_API_key> instead of using the example formats provided by Sumo Logic.

    • Payload: Build a payload based on your business use case.

      The body of the payload will vary depending on your specific needs. Sumo Logic allows a payload to be built using mustache template style variables from a large list of Sumo Logic data points.

  6. Click Save.

Map Sumo Logic data to event fields

To map Sumo Logic data to event fields in Moogsoft, do the following:

  1. Go back to your Moogsoft tab.

    If you closed your tab, navigate to the Map your Data section of your integration:

    1. Click Data Config > Ingestion Services.

    2. Click Create your own integration.

    3. Click the custom integration that you created in the first part of this procedure.

  2. Under Map Your Data click the received payload to view the fields.

  3. Scroll down and map the source fields from Sumo Logic to target fields relevant in Moogsoft.

    • Click Add a Mapping to add new rows for additional mappings.

    • To add a default value, click inside a field, scroll to the end of the list of possible source fields, and then click Default Value. You can then type in the default text to display.

    • To create a Tag: mapping in the Moogsoft Target Fields column, click inside a field and then click Add Tag.

    • After creating a mapping, click Add to save it.

  4. Click Map Values and map the severity values based on your business use case.

  5. Click Save.

  6. Scroll down to the Set Your Deduplication Key section and then click TEST DEDUPLICATION KEY.

  7. Click SAVE AND ENABLE.