Sumo Logic
Sumo Logic is a very common and powerful SIEM that is used by many companies. Multicloud Defense supports Log Forwarding to Sumo Logic to send Security Events and Traffic Log information for processing, storage, access and correlation. The information sent is in a semi-structured JSON format where the attribute-value pairs can be accessed and processed.
Requirements
In order to forward logs to Sumo Logic, the following information is required:
-
Sumo Logic account
-
Sumo Logic collector endpoint
Tip | For information on how to setup Sumo Logic Collector, refer to Sumo Logic Setup Guide (https://help.sumologic.com/docs/send-data/setup-wizard/). |
Profile Parameters
Parameter |
Requirement |
Default |
Description |
---|---|---|---|
Profile Name |
Required |
A unique name to use to reference the Profile |
|
Description |
Optional |
A description for the Profile |
|
Destination |
Required |
Sumo Logic |
The SIEM used for the Profile |
Endpoint |
Required |
The URL endpoint used to receive the forwarded Events/Logs |