This page provides answers for general questions regarding Azure integrations.
What types of logs does Azure support?
Azure provides a wide array of configurable security auditing and logging options, as listed in the Azure logging and auditing documentation.
Which node version is supported?
The Sumo Logic app has been tested on v0.10.40, the oldest supported version. The latest available version in Azure is v8.9.4. For information on how to change a node version, see the Azure Changing node version support article.
What happens if the template is re-deployed? Are the resources recreated? Is there any data loss?
- If the resource already exists in the resource group and its settings are unchanged, the operation results in no change.
- If you change the settings for a resource, the resource is provisioned with the new settings.
- If you attempt to update the location or type of an existing resource, the deployment fails with an error. Instead, deploy a new resource with the location or type that you need.
How do I route logs to different source categories based on log content?
To answer this question, we have to address Event Hub and Blob Storage separately.
For Event Hub, do the following:
- Go to SumoAzureLogsFunction created by the ARM template.
- Enable Edit Mode and edit the setSourceCategory function to set the source category. You can also use an if condition to set a different source category for a different message.
For Blob Storage, do the following:
- Go to the BlockTaskConsumer function created by the ARM template.
Enable Edit Mode and edit the getsourceCategory function to set the source category based on the metadata(url ,containerName ,blobName ,storageName ,resourceGroupName ,subscriptionId ) present in serviceBusTask.
How do I view Azure function logs?
Go to the function and click the Logs tab to view real time logs, as shown in the following example.
How do I export Azure function logs?
To export Azure function logs, do the following: