This guide covers API authentication and Sumo Logic endpoints for API clients.
The Sumo Logic API follows the Representational State Transfer (REST) pattern and is optimized for ease of use and consistency. Our interactive API documentation is linked toOpen API Specification, Unless otherwise stated. The API documentation on this website is used as additional information.
To view our main documentation, click the link below that applies to your implementation. If you are not sure, seehow to determine your endpoint。
|apply||API Documentation URL|
|the federal reserve||https://api.fed.sumologic.com/docs/|
Sumo Logic supports the following API authentication options:
- access ID and access key
- Base64-encoded access ID and access key
Lookaccess keyLearn how to generate access keys. Be sure to copy the key you created as it will only appear once.
access ID and access key
when you are a
access key, you can make a request like this:
:-x get<API endpoint> "
is the URL of the Sumo Logic API to which you want to send the request. For more information, seeLogical end point of sumo。
Basic access (Base64 encoded)
If you prefer to useBasic Access Authentication, you can Base64 encode your content
to verify your HTTPS request. Below is a sample request. replace placeholder
Use your encrypted access ID and access key sequences:
"-x get<API endpoint>
distance in itauthorizedThe field is required.
On most Linux distributions, you can
base de 64 bitsOrder. For example, if your access ID
AladdinYour access code is
Open Sesame, then the command is as follows:
eco-NORTE"Aladdin: Open Sesame" |base64 --line break0
-NORTEMake sure you don't encode extra new lines.
This returns a Base64 encoded string.
QWxhZGRpbjpPcGVuU2VzYW1lUse as follows:
"Authorization: Base QWxhZGRpbjpPcGVuU2VzYW1l"
Sumo Logic Endpoints by Implementation and Firewall Protection
Sumo Logic has multiple implementations that are distributed based on geographic location and account creation date.
Sumo Logic redirects your browser to the correct login URL and the collector to the correct endpoint. However, if you use the API, you must manually point the API client to the correct Sumo Logic API URL.
|apply||Service Endpoint (Login URL)||API endpoint||collection end point||Cloud Syslog Endpoint|
|the federal reserve||https://service.fed.sumologic.com||https://api.fed.sumologic.com/api/||https://collectors.fed.sumologic.com||syslog.collection.fed.sumologic.com|
What endpoint should I use?
To determine which endpoint to use, find your account's deployment module at the Sumo Logic URL you used. when you see it
us 2, which means that you are working on the US2 pod. when you see it
african union, you are in one of the capsules. The only exception is the US1 module, which uses
Exact payout endpoints vary for each account. The general format is:
You can also determine which deployment container your account uses by creating aHTTP-bronand view the specified URL.
Secure access to Sumo Logic infrastructure via DNS name or IP address
to seeStatic IP addresses for cloud-to-cloud integration resources。
For the collection to work properly, your firewall must allow outbound traffic to Sumo Logic. referring toTest Sumo Logic Collector ConnectivityInstructions to allow outgoing traffic on port 443.
- If your firewall allows DNS entries, add the following to your firewall's whitelist to allow outbound traffic to sumologic.com:
- Standard collective contacts
coleccionista.sumologic.combefore being redirected to a specific endpoint of the deployment, e.g.
- Standard collective contacts
- If your firewall does not allow DNS entries, you must whitelist all IP addresses in the deployment zone. The whitelisted addresses depend on your Sumo Logic implementation.
- To determine which IP addresses to whitelist, download the Amazon Web Services (AWS) JSON object. Amazon recommends changing this file several times a week. For more information on how the file is updated, see how to use it, syntax, and how to download the JSON file.AWS IP address range。
Sumo Logic's FedRAMP implementation is similar to our other implementations, such as US2, except that FedRAMP is certified as compliant with the US Federal Information and Information Systems Security Classification Standard (FIPS-199). In this implementation we comply with the specific security requirements necessary to process, store and transmit data classified as "Medium" impact level.
AWS Regions by Sumo Implementation
The following table describes the AWS Regions used by each Sumo Logic implementation. to seeAWS Regions and Endpoints Pageto know more information.
|sumo implementation||AWS Region||AWS Region|
|african union||Asia Pacific (Sydney)||ap-southeast-2|
|van||VS (Frankfurt)||UE Central-1|
|European Union||United States (Ireland)||EU-West-1|
|the federal reserve||VS-Oost (Northern Virginia)||US East 1|
|exist||Asia Pacific (Mumbai)||ap-on-1|
|J.P.||Asia Pacific (Tokyo)||ap-northeast-1|
|america 1||VS-Oost (Northern Virginia)||US East 1|
|contra 2||American West (Oregon)||VS 2 Oeste|
this linkProvides a complete and up-to-date list of AWS IP ranges, subnets, or prefixes. You can limit the number of entries into the firewall by using IP prefixes only for the AWS Regions used by your account's Sumo deployment, as shown in the following table.
The IP range list is a shared infrastructure. It is not limited to Sumo Logic nodes and may change over time.
You can run the following query on the downloaded files in Sumo Logic to determine the IP address of each deployment.
|parse regular expressions"\s+\"ip_prefix\":\s+\"(?
.*?)\",\n\s+\"regio\":\s+\"(?a lot| Whereto meet="Amazonas" In (area="American West 2" ofarea="United States-East-1" ofarea="EU-West-1" ofarea="ap-southeast-2"） | and (area="American West 2", "US2",area） andarea| and (area="United States-East-1", "Product",area） andarea| and (area="EU-West-1", "European Union",area） andarea| and (area="ap-southeast-2", "au",area） andarea|to countget onip_prefix,area,to meet| sheet -_to count|typeget onarea,ip_prefix .*?)\" ,\n\s+\"Service\":\s+\"(? .*?)\""
After configuring the firewall, collector, and source, confirm that the collector and source are working by verifying that it can receive a certain type of message (for example, a syslog message) at the specified location.
General status codes for all our APIs. to seeRegister with HTTP status codesas a reference.
|HTTP status code||Error code||to describe|
|301||moved||The requested resource must be accessible via the URI returned in the location header. Looksolving a problemLearn more.|
|401||Not authorized||Cannot verify credentials.|
|Chapter 403||forbidden||Your account type does not allow this operation or the user does not have the role capabilities to perform this operation. Looksolving a problemLearn more.|
|404||lost||The requested resource could not be found.|
|405||method. Not supported||The URL method is not supported.|
|Chapter 415||Invalid content type||Invalid content type.|
|Chapter 429||exceed the speed limit||The API request rate is greater than 4 requests per second, or the pending API requests are greater than 10 requests per second.|
|500||internal error||Internal Server Error.|
|503||Service not available||The service is currently not available.|
- All user API calls are subject to a rate limit of 4 API requests per second (240 requests per minute).
- Access keys have a rate limit of 10 concurrent requests for each API endpoint.
If a certain ratio is exceeded,
Rate limit exceeded 429Return status code.
Version control and conflict detection.
heCollector Management APIUse optimistic locking to handle version control and conflict detection. Each response that returns a single entity has an ETag header that identifies the version of that entity.
Upcoming updates (
releaserequest) to the value that this entity should provide
electronic tagsheader in the If-Match header; If the header is missing or no longer matches the latest version of the entity, the request (with
412 Condition failedrespectively).
Clients must be prepared to deal with such errors if they expect entities to update concurrently. Also, the value
electronic tagsHeaders can be specified.
if no matchfuture title
Sumo Logic alerts from static IP addresses
Sumo Logic provides notifications via a static IP address. You can whitelist these IP addresses to receive notifications directly from Sumo. For a list of our whitelisted addresses, please contactsupport。
heTest the webhook connection functionalityInstead of using the same static IP address that notifications are sent from, use a different ephemeral IP address.