Configure script based collection for G Suite Alert Center

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

This page provides instructions for deploying script based collection for G Suite Alert Center. This script collects logs for the Sumo Logic G Suite Alert Center App.

Prerequisites

This task assumes you have successfully added a Hosted Collector and HTTP source, as described in Configure Collection for G Suite Alert Center.

Configure the script on a Linux machine

This task shows you how to install the script on a Linux machine.

To deploy the script, do the following:

Setup the Alert Center API as described in the following Google documentation.

If pip is not already installed, follow the instructions in the pip documentation to download and install pip.
Log in to a Linux machine (compatible with either Python 3.7 or Python 2.7) and install the script using the following command.

pip install sumologic-gsuitealertcenter

Create a configuration file named gsuitealertcenter.yaml in home directory by copying the following snippet.

SumoLogic:
  SUMO_ENDPOINT: <SUMO LOGIC HTTP URL>
  
GsuiteAlertCenter:
  DELEGATED_EMAIL: "<use the default email address>"
  CREDENTIALS_FILEPATH: "<path to json Service Accouont JSON file>"
  
Collection:
  ENVIRONMENT: onprem

Add the SUMO_ENDPOINT and CREDENTIALS_FILEPATH (from step 1 above), and DELEGATED_EMAIL parameters, then save the file.
Create a cron job for running the collector every 5 minutes by using crontab -e and adding the following line.

 */5 * * * * /usr/bin/python -m sumogsuitealertscollector.main > /dev/null 2>&1