1

I am getting some experience with SumoLogic dashboards and alerting. I would like to have all possible configuration in code. Does anyone have experience with automation of SumoLogic configuration? At the moment I am using Ansible for general server and infra provisioning.

Thanks for all info!

Best Regards, Rafal.

Zeitounator
  • 38,476
  • 7
  • 53
  • 66
Rafał Radecki
  • 151
  • 1
  • 1
  • 7

2 Answers2

0

(The dashboards, alerts, etc. are referred to as Content in Sumo Logic parlance)

You can use the Content Management API, especially the content-import-job. I am not an expert in Ansible, but I am not aware of any way to plug that API into Ansible.

Also there's a community Terraform provider for Sumo Logic and it supports content:

resource "sumologic_content" "test" {
parent_id = "%s"
  config = 
    {
        "type": "SavedSearchWithScheduleSyncDefinition",
        "name": "test-333",
        "search": {
            "queryText": "\"warn\"",
            "defaultTimeRange": "-15m",
[...]

Disclaimer: I am currently employed by Sumo Logic

Grzegorz Oledzki
  • 23,614
  • 16
  • 68
  • 106
  • Thanks, Grzegorz, for provided info. Are you able to tell if Content Management API may be usable for dashboard and metric monitor's creation? – Rafał Radecki Apr 22 '20 at 08:29
  • Yes, both of them. I only remember the former being called `DashboardSyncDefinition`. The latter is most likely `MetricsSavedSearchSyncDefinition` (I only see the public doc right now). – Grzegorz Oledzki Apr 22 '20 at 09:05
0

Below is the shell script to import the dashboard. Here it is SumoLogic AU instance. eg: https://api.au.sumologic.com/api. This will be changed based on your country.

Note: You can export all of your dashboard as json files.

#!/usr/bin/env bash
set -e

# if you are using AWS parameter store
# accessKey=$(aws ssm get-parameter --name path_to_your_key --with-decryption  --query 'Parameter.Value' --region=ap-southeast-2 |  tr -d \")
# accessSecret=$(aws ssm get-parameter --name name path_to_your_secret  --with-decryption --query 'Parameter.Value' --region=ap-southeast-2 |  tr -d \")
# yourDashboardFolderName="xxxxx" # this is the folder id in the sumologic where you want to create dashboards

# if you are using just key and secreat
accessKey= "your_sumologic_key"
accessSecret= "your_sumologic_secret"
yourDashboardFolderName="xxxxx" # this is the folder id in the sumologic


# you can place all the json files of dashboard in ./Sumologic/Dashboards folder.
for f in $(find ./Sumologic/Dashboards -name '*.json'); \
do \
curl -X POST https://api.au.sumologic.com/api/v2/content/folders/$yourDashboardFolderName/import \
-H "Content-Type: application/json" \
-u "$accessKey:$accessSecret" \
-d @$f \
;done
Sam
  • 516
  • 3
  • 7