Sumo Logic

Sumo Logic is a very common and powerful SIEM that is used by many companies. Multicloud Defense supports Log Forwarding to Sumo Logic to send Security Events and Traffic Log information for processing, storage, access and correlation. The information sent is in a semi-structured JSON format where the attribute-value pairs can be accessed and processed.

Requirements

In order to forward logs to Sumo Logic, the following information is required:

  • Sumo Logic account

  • Sumo Logic collector endpoint

Tip

For information on how to setup Sumo Logic Collector, refer to Sumo Logic Setup Guide (https://help.sumologic.com/docs/send-data/setup-wizard/).

Profile Parameters

Parameter

Requirement

Default

Description

Profile Name

Required

A unique name to use to reference the Profile

Description

Optional

A description for the Profile

Destination

Required

Sumo Logic

The SIEM used for the Profile

Endpoint

Required

The URL endpoint used to receive the forwarded Events/Logs