Skip to main content

C2C Source

Thumbnail icon

\Introduction\

The {{source name}} collects {{data/event types}} from {{source of origin}}{{What the app does}}.

Example: The Microsoft Graph Security API Source provides a secure endpoint to consume alerts from the Microsoft Graph Security API endpoint. It securely stores the required authentication, scheduling, and state tracking information. One threat event is reported for each affected device.

\Depending on the availability in the Fed, add the below note.\

note

This source is not yet available in the Fed deployment.

Data collected

\Add all the data sources and respective polling interval information.\

Polling IntervalData
{{Polling time in minutes}}{{Data sources}}

Example: | Polling Interval | Data | | ;--- | :--- | | 5 min | Team Events

Setup

Vendor configuration

Prerequisites

\NOTE: This section doesn't apply to all sources; use only where needed.\

Example: You'll need a Dropbox App Key, App Secret, and Access Code to provide to Sumo Logic. To generate these credentials, ...

\Insert steps to configure the Source in the Vendor UI.\

Example: Vendor configuration

Source configuration

\Insert steps to configure the Source in the Sumo Logic UI.\

Example: Source configuration

Metadata fields

\Insert metadata fields in the Sumo Logic UI. Update the below table accordingly.\

FieldValueDescription
{{field}}{{value}}{{Description}}

JSON schema

Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See how to use JSON to configure Sources for more details. 

ParameterTypeValueRequiredDescription
schemaRefJSON Object{"type":"/*c2c-name*/"}YesDefine the specific schema type.
sourceTypeString"Universal"YesType of source.
configJSON ObjectConfiguration parametersYesSource type specific values.

Config Object

\Add information about the configuration parameters. Update the below table accordingly.\

ParameterTypeRequiredDefaultDescriptionExample
nameStringYesnullType a desired name of the source. The name must be unique per Collector. This value is assigned to the metadata field _source."mySource"
descriptionStringNonullType a description of the source."Testing source"
categoryStringNonullType a category of the source. This value is assigned to the metadata field _sourceCategory. See best practices for details."mySource/test"
fieldsJSON ObjectNonullJSON map of key-value fields (metadata) to apply to the Collector or Source. Use the boolean field _siemForward to enable forwarding to SIEM.{"_siemForward": false, "fieldA": "valueA"}
{{Parameter}}{{Type}}{{Yes/No}}null{{Description}} {{Example}}

JSON example

\Create and add the JSON config in the dropbox and import it here.\

component-name

Terraform example

\Create and add the Terraform config in the dropbox and import it here.\

component-name}

Troubleshooting

\This section doesn't apply to all sources; use only where needed\

FAQ

info

Click here for more information about Cloud-to-Cloud sources.

Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.