Skip to main content
Sign in

Creating an extended integration for Sumo Logic users

  • November 13, 2024 14:07
  • Updated

Let Oomnitza be your single source of truth!

You'll get visibility of your users as data from Sumo Logic is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Sumo Logic in minutes

Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:

  • Configurable dashboards and list views of key user information
  • Configurable reports to share information about your users with your colleagues and management
  • Configurable workflows that you can easily create such as:
    • Workflows for deactivating users
    • Workflows for deleting users

Before you start

To create the integration with Oomnitza, you need to have the following details to hand:

  1. A Sumo Logic access ID and key
  2. The name of your deployment prod

Generating an access ID and key

We recommend that you create a new user for the integration with Oomnitza rather than using an existing user account.

blue_link.svg Create an access key

blue_link.svg Access ID and key for Sumo Logic

Important
When you generate an access ID and key in Sumo Logic, make sure you copy the access key. Once the access ID and key are generated, the value for the key will no longer be available. 

When you add your access ID and key that you generated for Sumo Logic to Oomnitza, enter your access ID as the username and the access key as the password.

Getting your deployment prod

The deployment pod is assigned to you by Sumo Logic based on your location and the date that your account was created. To find out the name of your deployment pod, check your Sumo Logic URL. Let's say your URL is https://service. us1 .sumologic.com/ui/#/search... The deployment pod for your URL is us1

Add deployment codes to global settings

To save time entering deployment information when you integrate Sumo Logic with Oomnitza, you can add the deployment code as a global setting.

  1. In Oomnitza, click Configuration >General > Global Settings.
  2. Click Add new variable (+). 
  3. Enter SumoLogic.Deployment as the variable name.
  4. Enter the value such as 
    au, eu, us1, or us2. 

blue_link.svg Sumo Logic deployment codes

Add credentials to the vault in Oomnitza

Complete these steps:

  1. In Oomnitza, go to Configuration>Security>Credentials.
  2. Click Add new credential (+).
  3. Search for the integration, and then click the forward button > to select the integration.
  4. Enter the user name and password of your account
  5. Click Create.

Integration not in the list? Click Advanced Mode and complete these steps:

  1. Add the information details.
  2. Click the AUTHORIZATION tab.
  3. Ensure that Basic Auth is selected as the authorization type.
  4. Enter the user name and password of your account.
  5. Click Create

blue_link.svg See Oomnitza vault

Next step

You use the access ID and key to add credentials to the Oomnitza vault and to integrate Sumo Logic with Oomnitza.

Integrate Oomnitza with Sumo Logic

  1. In Oomnitza, click Configuration > Integrations > Overview.
  2. Click Block view block_view.PNG.
  3. On the Integrations page, scroll down to the Extended section for user integrations.
  4. Click NEW INTEGRATION.
  5. In the sidebar, search for the integration.
  6. Click ADD.

Integration details overview

More information is provided about the following fields to help you complete the integration:

  • User only. Add user records.
  • User plus SaaS user. Add user and SaaS user records. 

The benefit of adding SaaS user records is that you can run a workflow to validate the status and activity of SaaS users and retrieve information such as the role of the SaaS user. The information that can be retrieved depends on whether SaaS user workflows are available for the integration. 

Installation types

  • Cloud. Store credentials in the Oomnitza cloud.
  • Local. Store credentials locally. If you want to sync Oomnitza with vendor applications that require AWS or OAUTH authentication, select cloud as the type of installation. Local installations don't support AWS and OAuth authentication. 

Integration preferences

  • Create & Update. Add and update records.
  • Create only. Add records.
  • Update only. Update records.

Editing the integration details

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make your changes.

Editing the credential details

If you selected Cloud as the installation type, choose one of the following options:

  • Select the credentials that were created for the integration.
  • Edit the credentials that were created for the integration.
  • Create new credentials

Scheduling the integration

By default, data is synced once every day. Change the interval or the time so that the data is streamed when your system isn't busy.

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make and save your changes.

Mapping fields to Oomnitza

To map the fields to Oomnitza, click Edit edit_black_pencil_icon.svg.

 cog_red_dot_small_icon.svg Selecting Edit integration to add rules for syncing data. small_blue_link.svg Filtering integration results.  
 

You can add new fields to your integration by selecting Add new field  add_grey_rectangel_icon.svg on the mapping page. 
small_blue_link.svg Creating custom API fields. 

blue_link.svg See Sumo Logic Endpoints and Firewall Security

Creating custom mappings

Before you map the fields, create a connector filter with two conditions:

  • The first condition ensures only active accounts are uploaded to Oomnitza
  • The second condition is used to remove Sumo Logic service accounts
  1. On the Mappings page, click Edit integration.
  2. Select create/update the record in Oomnitza if.
  3. To add a condition, click ADD CONDITION, and then enter these conditions:
    1. Connector field value Is Active equals 1
    2. Connector field value Email does not contain sumologic.com
  4. Click Save.

Map the Sumo Logic to Oomnitza fields and create custom mappings to get the information that you need to manage your assets.

Complete these actions:

  1. Click Smart Mapping to automatically detect appropriate mapping fields. Values from the integration can also be dragged to the appropriate field on the Oomnitza side, or selected from the integration field dropdown.
  2. Create a custom mapping for the Sumo Logic User ID. To do this, complete these steps:
    1. Click the down arrow on the Sumo Logic User ID field.
    2. Select Add new Oomnitza users field.
    3. Change the name of the new field to Sumo Logic User ID
    4. Select the Unique checkbox.
    5. Click CREATE
  3. Ensure that the Email is mapped to the
    1. Username field on the Oomnitza side (required for integration).
    2. Email field on the Oomnitza side (required for integration).
  4. Select the Role field on the Oomnitza mapping side.
  5. Choose a suitable role from the list (a defined role is necessary for the integration)
  6. Assign a sync key to a unique field, such as the Email.
  7. Click UPDATE.

Sumo Logic fields that can be mapped to Oomnitza

Created At
Email
First Name
Is Active
Is Locked
Is MFA Enabled
Last Login Timestamp
Last Name
Modified At
User ID

Launching the integration

Your integration is in Draft mode until the required mandatory fields are added. When added, click Launch to activate your integration. 

small_blue_link.svg If you selected Cloud as the installation type when creating the integration, see Running an extended integration

small_blue_link.svg If you selected Local as the installation type when creating the integration, see Running an extended integration locally.

Viewing data ingested by Oomnitza

Viewing ingested asset data

For asset integrations, click Hardware. If the asset integration also ingests software data, click Software.

Viewing ingested user data

For user integrations, click People. If you chose the option to ingest User and SaaS user data, click Software > SaaS, click the SaaS app, and then click the Users tab. 

Related Links

Create workflows

Using the Saas User Role presets

Complete the following steps to configure the SaaS User Role block for Sumo Logic. Configuration of this SaaS User Role block will allow you to capture the Sumo Logic user role and last login date in Oomnitza.

Prerequisites

Before you create a SaaS user workflow, you should have already run your extended user integration and selected User plus SaaS User to populate the software entry in the Software > SaaS menu.

To create a Saas User workflow using the Sumo Logic User Role preset, complete the following steps:

  1. Click Configuration > Workflows > Saas Users from the menu.
  2. Click Add (+). The Begin and End blocks are automatically added to the sandbox.
  3. Enter the name and a description of the workflow. 
  4. Edit the Begin block by adding the rules that will trigger the workflow. For further information see SaaS User Roles.
  5. Click the Blocks tab, and drag and drop the SaaS User Role retrieval block onto the canvas.
  6. Click the Edit icon.
  7. Enter Sumo Logic in the search field and choose the Sumo Logic User Role block.
  8. Click the right arrow >.
  9. Enter your Credentials.
  10. Your deployment information should be derived from the global variable you created in Add deployment codes to global settings or can be entered manually.
  11. Select the Deactivate User checkbox to deactivate the SaaS user in SaaS > Sumo Logic > Users if they are not found in your Sumo Logic instance.
  12. Click SAVE.
  13. Connect the blocks.
  14. Save, validate, and activate your workflow.

To view active Sumo Logic users in the SaaS Users UI, complete the following steps:

  1. Click Software from the menu.
  2. Select the Saas tab, and select your software entry for Sumo Logic.
  3. Click Users in the side pane. 
  4. The Role and Last activity column will be populated with user information to confirm that this user has been found in your Sumo Logic SaaS.

Next steps

Create an offboarding workflow using an API block. Select the following presets:

  • Sumo Logic Deactivate User preset temporarily prevents a user from logging into the Sumo Logic service, see Sumo Logic API Docs: Update a user.
  • Sumo Logic Delete User preset permanently removes the user. To use this preset, you need to go to Advanced Mode > Params and input the following information:
    • Key: transferTo
    • Value: Identifier of the user who will receive the content of the deleted user.
    • Key:deleteContent
    • Value: Set to true to permanently delete all the user's content. This content cannot be recovered. For further information, see Sumo Logic API Docs: Delete a user.

Tip

To learn more about the Sumo Logic API utilized in your particular deployment location, please refer to the Documentation table within the Sumo Logic API Docs

sumologic_offboarding_workflow.PNG

Important
When creating the offboarding workflow, ensure that the Begin block criteria accurately identifies inactive users. For example, for SaaS user workflows you can set the To be Deleted in SaaS flag to Yes, or for People workflows, you can set the Offboarding Date to Current date.

Reference articles for creating workflows

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your assets, learn how to:

  • Configure dashboards for your assets and software
  • Configure custom reports about your assets and software
  • Configure workflows

blue_link.svg See Getting started

Related articles

Comments

0 comments

Please sign in to leave a comment.