Edge Delta Sumo Logic Output
3 minute read
See the latest version here.
Overview
The Sumo Logic output will stream analytics and insights to a Sumo Logic HTTPs Endpoint.
Before you can create an output, you must have the Sumo Logic HTTPs Endpoint. To learn how to create new Sumo Logic HTTPs endpoint or locate an existing one, review this document from Sumo Logic.
Example
- name: '{{ Env "TEST_SUMO" "sumo-us" }}'
type: sumologic
endpoint: "https://endpoint4.collection.us2.sumologic.com/receiver/v1/http/XYZ"
custom_tags:
"app": "transaction_manager"
"region": "us-west-2"
"File Path": "{{.FileGlobPath}}"
"K8s PodName": "{{.K8sPodName}}"
"K8s Namespace": "{{.K8sNamespace}}"
"K8s ControllerKind": "{{.K8sControllerKind}}"
"K8s ContainerName": "{{.K8sContainerName}}"
"K8s ContainerImage": "{{.K8sContainerImage}}"
"K8s ControllerLogicalName": "{{.K8sControllerLogicalName}}"
"ECSCluster": "{{.ECSCluster}}"
"ECSContainerName": "{{.ECSContainerName}}"
"ECSTaskVersion": "{{.ECSTaskVersion}}"
"ECSTaskFamily": "{{.ECSTaskFamily}}"
"DockerContainerName": "{{.DockerContainerName}}"
"ConfigID": "{{.ConfigID}}"
"Host": "{{.Host}}"
"Source": "{{.Source}}"
"SourceType": "{{.SourceType}}"
"Tag": "{{.Tag}}"
- name: sumo-us-2
type: sumologic
endpoint: '{{ Env "EMPTY" "https://endpoint4.collection.us2.sumologic.com/receiver/v1/http/XYZ" }}'
send_as_json: true
Parameters
name
Required
Enter a descriptive name for the output or integration.
For outputs, this name will be used to map this destination to a workflow.
name: sumo-us-2
integration_name
Optional
This parameter refers to the organization-level integration created in the Integrations page.
If you need to add multiple instances of the same integration into the config, then you can add a custom name to each instance via the name parameter. In this situation, the name should be used to refer to the specific instance of the destination in the workflows.
integration_name: orgs-sumologic
type: sumologic
Required
Enter sumologic.
type: sumologic
endpoint
Required
Enter the full HTTPs URL for this endpoint.
endpoint: '{{ Env "EMPTY" "https://endpoint4.collection.us2.sumologic.com/receiver/v1/http/XYZ" }}'
features
Optional
This parameter defines which data types to stream to the destination. If you do not provide a value, then all will be set. To learn more, see the following section on supported feature types.
features: metric
custom_tags
Optional
This parameter defines key-value pairs that are streamed with every request.
custom_tags:
"ConfigID": "{{.ConfigID}}"
"Host": "{{.Host}}"
"Source": "{{.Source}}"
"SourceType": "{{.SourceType}}"
"Tag": "{{.Tag}}"
send_as_json
Optional
Enter true or false to send data in a JSON format, which allows the fields to be auto-parsed and extracted in Sumo.
send_as_json: true
buffer_ttl
Optional
Enter a length of time to retry failed streaming data.
After this length of time is reached, the failed streaming data will no longer be tried.
buffer_ttl: 2h
buffer_path
Optional
Enter a folder path to temporarily store failed streaming data.
The failed streaming data will be retried until the data reaches its destinations or until the Buffer TTL value is reached.
If you enter a path that does not exist, then the agent will create directories, as needed.
buffer_path: /var/log/edgedelta/pushbuffer/
buffer_max_bytesize
Optional
Enter the maximum size of failed streaming data that you want to retry.
If the failed streaming data is larger than this size, then the failed streaming data will not be retried.
buffer_max_bytesize: 100MB
Supported Features
See Streaming Features.
| Feature Type | Supported? |
|---|---|
| Log | Yes |
| Metrics | Yes |
| Alert as event | No |
| Alert as log | Yes |
| Health | No |
| Dimensions as attribute | No |
| Send as is | No |
| Send as JSON | Yes |
| Custom tags | Yes |
| EDAC enrichment | No |
| Message template | No |
| outgoing_bytes.sum | Yes |
| outgoing__raw_bytes.sum | Yes (only data in raw message field) |
| outgoing_lines.count | Yes |
| output buffering to disk | No |