This page provides instructions for deploying script based collection for G Suite Alert Center. This script collects logs for the Sumo Logic G Suite Alert Center App.
This task assumes you have successfully added a Hosted Collector and HTTP source, as described in Configure Collection for G Suite Alert Center.
Configure the script on a Linux machine
This task shows you how to install the script on a Linux machine.
To deploy the script, do the following:
- Setup the Alert Center API as described in the following Google documentation.
- If pip is not already installed, follow the instructions in the pip documentation to download and install pip.
- Log in to a Linux machine (compatible with either Python 3.7 or Python 2.7) and install the script using the following command.
pip install sumologic-gsuitealertcenter
- Create a configuration file named gsuitealertcenter.yaml in home directory by copying the following snippet.
SumoLogic: SUMO_ENDPOINT: <SUMO LOGIC HTTP URL> GsuiteAlertCenter: DELEGATED_EMAIL: "<use the default email address>" CREDENTIALS_FILEPATH: "<path to json Service Accouont JSON file>" Collection: ENVIRONMENT: onprem
Add the SUMO_ENDPOINT and CREDENTIALS_FILEPATH (from step 1 above), and DELEGATED_EMAIL parameters, then save the file.
- Create a cron job for running the collector every 5 minutes by using crontab -e and adding the following line.
*/5 * * * * /usr/bin/python -m sumogsuitealertscollector.main > /dev/null 2>&1