Edge Delta Sumo Logic Destination

Configure the Edge Delta Sumo Logic Destination to send telemetry data using the sumologic_output node.

3 minute read

Overview

The Sumo Logic destination node sends items to Sumo Logic destination. It sends raw bytes that are generated via marshaling items as JSON, or in push format.

incoming_data_types: cluster_pattern_and_sample, log, metric, signal, custom, edac, health

You must have a Sumo Logic HTTPs endpoint to create this output. To learn how to create a new Sumo Logic HTTPs endpoint or locate an existing one, review this document from Sumo Logic.

Example Configuration

nodes:
  - name: my_sumo
    type: sumologic_output
    endpoint: <REDACTED>

Required Parameters

name

A descriptive name for the node. This is the name that will appear in pipeline builder and you can reference this node in the YAML using the name. It must be unique across all nodes. It is a YAML list element so it begins with a - and a space followed by the string. It is a required parameter for all nodes.

nodes:
  - name: <node name>
    type: <node type>

type: sumologic_output

The type parameter specifies the type of node being configured. It is specified as a string from a closed list of node types. It is a required parameter.

nodes:
  - name: <node name>
    type: <node type>

endpoint

The endpoint parameter is the full Sumo Logic collector endpoint. It is specified as a string and is required.

nodes:
  - name: <node name>
    type: sumologic_output
    endpoint: <REDACTED>

Optional Parameters

custom_tags

The custom_tags parameter lists key:template pairs that are calculated per item and sent to the destination as attributes/fields/tags. They are only honored if use_legacy_formatting: true. It is optional.

nodes:
  - name: <node name>
    type: sumologic_output
    endpoint: <REDACTED>
    use_legacy_formatting: true
    custom_tags:
        <key template pairs>

buffer_max_bytesize

The buffer_max_bytesize parameter configures the maximum byte size for total unsuccessful items. If the limit is reached, the remaining items are discarded until the buffer space becomes available. It is specified as a datasize.Size, has a default of 0 indicating no size limit, and it is optional.

nodes:
  - name: <node name>
    type: sumologic_output
    endpoint: <REDACTED>
    buffer_max_bytesize: 2048

buffer_path

The buffer_path parameter configures the path to store unsuccessful items. Unsuccessful items are stored there to be retried back (exactly once delivery). It is specified as a string and it is optional.

nodes:
  - name: <node name>
    type: sumologic_output
    endpoint: <REDACTED>
    buffer_path: <path to unsuccessful items folder>

buffer_ttl

The buffer_ttl parameter configures the time-to-Live for unsuccessful items, which indicates when to discard them. It is specified as a duration, has a default of 10m, and it is optional.

nodes:
  - name: <node name>
    type: sumologic_output
    endpoint: <REDACTED>
    buffer_ttl: 20m

use_legacy_formatting

The use_legacy_formatting parameter configures whether to use try match the Edge Delta legacy format. It is specified as a Boolean and the default is false. It is optional.

nodes:
  - name: <node name>
    type: sumologic_output
    endpoint: <REDACTED>
    use_legacy_formatting: true