Skip to main content
Sumo Logic

Create a Whitelist for IP or CIDR Addresses

Service Whitelist Settings allow you to explicitly grant access to specific IP addresses and/or CIDR notations. By default this feature is not enabled.

The IP address of the Admin who enables the feature is automatically added to the whitelist. Once the feature is enabled, the IP address or CIDR of each user in an account must be added to the whitelist in order to log in to Sumo Logic User Interface or make any requests via the Sumo Logic APIs. The whitelist does not cover the Collector IP (Server IP) to connect to Sumo Logic. 

Users who are logged in when the whitelist is enabled will continue to be logged in; the settings take effect after a user has logged out of his or her Sumo Logic account. Any IP or CIDR addresses must be associated with your company in order to add them to the whitelist. Wildcards are not supported.

The IP is generally your host IP address. But if your request is coming through a proxy, an x-forwarded-for header is included in the HTTP requests to Sumo Logic, which is used as the IP when evaluating the whitelist.

Enable Service Whitelist Settings

  1. Go to Manage > Security.
  2. Select the Service Whitelist Settings tab.
  3. Under Service Whitelist Settings, select the Enable Service Whitelist check box.
  4. Copy and paste your IP address in the IP Address or CIDR text box and click Add.
  5. Type additional IP and/or CIDR addresses in the text box, and click Add. Repeat this step until you've added all the addresses you'd like to whitelist.
  6. Click Save.

Disable Service Whitelist Settings

  1. Go to Manage > Security.
  2. Select the Service Whitelist Settings tab.
  3. Under Service Whitelist Settings, deselect Enable Service Whitelist.
  4. Click Save.

Edit whitelisted addresses

After an IP or CIDR address has been whitelisted you can edit the address. Note that any edits are immediately put into effect.

  1. Click an address, then make any edits in the text box.
  2. Click Update.
  3. Click Save.

Changes are applied immediately.

Delete a whitelisted address

After an IP or CIDR address has been whitelisted you delete the address. Deletions are immediate and cannot be undone.

  1. Hover over the address, then click the x
  2. Click Save.

Add certificate addresses to the whitelist

If your organization has a locked down network, you will need to add the addresses for certificate authorities to the whitelist in order for the Collector to connect and upload data.

Depending on your security requirements of your organization, you can add the following addresses:

  • Microsoft SSL Certificate Authority - msocsp.com
  • GeoTrustSSL CA - geotrust.com
  • Verizon SSL CA - omniroot.com
  • Comodaca for Tanuki - comodaca.com