If your firewall has outbound restrictions, you'll need to whitelist the appropriate IP addresses to be able to connect to Sumo Logic. You can specify the whitelist by endpoint DNS names instead of addresses if your firewall supports DNS whitelisting.
The addresses to whitelist depend on your Sumo Logic deployment. To determine the IP addresses that require whitelisting, download the JSON object provided by Amazon Web Services (AWS). Amazon advises that this file will change several times a week. For details on how the file is updated, its usage, its syntax, and downloading the JSON file, go to http://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html.
Use the following mapping of Sumo Logic deployment and AWS region:
- US1 (PROD): us-east-1
- US2: us-west-2
- PROD: us-east-1
- EU: eu-west-1
- AU: ap-southeast-2
You can run the following query against the downloaded file in Sumo Logic to determine the IP addresses for each deployment.
| parse regex "\s+\"ip_prefix\":\s+\"(?<ip_prefix>.*?)\",\n\s+\"region\":\s+\"(?<region>.*?)\",\n\s+\"service\":\s+\"(?<service>.*?)\"" multi | where service="AMAZON" and (region="us-west-2" or region="us-east-1" or region="eu-west-1" or region="ap-southeast-2") | if (region="us-west-2", "US2", region) as region | if (region="us-east-1", "PROD", region) as region | if (region="eu-west-1", "EU", region) as region | if (region="ap-southeast-2", "AU", region) as region | count by ip_prefix, region, service | fields - _count | sort by region, ip_prefix