Skip to main content

Sumo Logic Notifications By Gmail

sumo-logic-notifications

Version: 1.0
Updated: Aug 13, 2024

Integration with Sumo Logic platform for monitors and Gmail notification.

Actions

  • Assess Alert Status (Scheduled) - Periodically monitor status of a Sumo Logic alert and notify a Gmail user about an unresolved alert.
  • Authorize DO NOT USE IN PLAYBOOK (Enrichment) - Authorize access to Gmail. This should only be run once and not from a playbook.
  • Confirm DO NOT USE IN PLAYBOOK (Enrichment) - Confirm access to Gmail. This should only be run once and not from a playbook.

Sumo Logic Notifications By Gmail configuration

  1. In the main Sumo Logic menu, select your username and then Preferences.

  2. From the preferences screen, in the section My Access Keys, click Add Access Key.
    sumo-logic-notifications

  3. Populate the name and click Create Key.
    sumo-logic-notifications

  4. Copy the Access ID and Access Key and store them (temporally) into a text editor.

    note

    They won't be available again once you close this screen.

  5. Click Done after you copied the Access ID and Access Key.
    sumo-logic-notifications

  6. Create a new Project in the Developer Console.

  7. In the APIs & Services section, navigate to Credentials and select Create Credentials: https://console.cloud.google.com/apis/api.

  8. Select OAuth Client ID as the credential type and set the following inputs:

    • Application Type. Web Application.
    • Authorized redirect URIs > Add URI. Enter http://localhost/.
      note

      Will only be used to generate a refresh token.

  9. Copy the resulting Client ID and Client Secret Key values, as these will be used later.
    gmail

  10. Navigate to the OAuth Consent Screen section and set the following inputs:

    • App Name
    • User Support Email. Set to an email that you have access to.
    • Developer Contact Information. Set to an email that you have access to.
  11. The following Scopes are needed:

    • https://mail.google.com
    • https://www.googleapis.com/auth/gmail.modify
    • https://www.googleapis.com/auth/gmail.readonly
    • https://www.googleapis.com/auth/admin.directory.user
    • https://www.googleapis.com/auth/gmail.compose
    • https://www.googleapis.com/auth/gmail.send
    • https://www.googleapis.com/auth/gmail.settings.basic
    • https://www.googleapis.com/auth/gmail.settings.sharing
  12. In Cloud SOAR, navigate to Automation > Integrations > Gmail, add a new Resource and provide the following inputs:

    • Client ID (generated in step 4)
    • Client Secret Key (generated in step 4)
  13. Save and close the Resource.

  14. Click and execute the Authorize DO NOT USE IN PLAYBOOK action. If successful, a URL will be returned.
    gmail

  15. Open a new browser tab, and navigate to the URL generated in the previous step.

  16. Provide consent for this developer project to access the Gmail API.

  17. The response to this consent flow is the localhost redirect specified earlier. Copy this URL.

  18. Within this URL, copy the code nested in this URL:

    http://localhost/?code=4/0AbUR2VXXXXFe8kuMTUE4Dkxts4J8mo3\_BkZKxXAcdzXXXXtd9lrjai00pEuG0YXWtWjimg&scope=https://mail.google.com/%20https://www.googleapis.com/auth/gmail.settings.basic

    gmail
  19. In Cloud SOAR, click and run the Confirm DO NOT USE IN PLAYBOOK action, providing the code generated above in the Code input.
    gmail

  20. This will return a JSON result with a "credentials" key. Copy the value of this key, which is a base64-encoded string JSON credential we will use in the next and final step.
    gmail

  21. Paste the base64 string in the "credentials" field of the Integration Resource created in step 12. Save and close the resource window.

External Libraries

Sumo Logic Notifications By Gmail in Automation Service and Cloud SOAR

  1. Access integrations in the Automation Service or Cloud SOAR.
  2. After the list of the integrations appears, search for the integration and click on the row.
  3. The integration details will appear. Click the + button to add a new Resource.
    sumo-logic-notifications
  4. Populate all the required fields (*) and then click Save.
    sumo-logic-notifications
    • Label. The name of the resource.
    • Sumo Logic API URL. URL to the API of the instance (learn more).
    • Access ID (Sumologic). The access ID that you copied earlier.
    • Access Key (Sumologic). The access key that you copied earlier.
    • Client ID (Gmail). To set up the Client ID, please refer to step 6 .
    • Client Secret Key (Gmail). To set up the Client Secret Key, please refer to step 6.
    • Credentials(Gmail). Retrieve Credentials from the "Confirm DO NOT USE IN PLAYBOOK" Action

Change Log

  • Aug 13, 2024 - First upload
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.