API authentication, endpoints and security | Sumo Logic Documentation (2023)

API authentication, endpoints and security | Sumo Logic Documentation (1)

This guide covers API authentication and Sumo Logic endpoints for API clients.

The Sumo Logic API follows the Representational State Transfer (REST) ​​pattern and is optimized for ease of use and consistency. Our interactive API documentation is linked toOpen API Specification, Unless otherwise stated. The API documentation on this website is used as additional information.

To view our main documentation, click the link below that applies to your implementation. If you are not sure, seehow to determine your endpoint

applyAPI Documentation URL
african unionhttps://api.au.sumologic.com/docs/
European Unionhttps://api.eu.sumologic.com/docs/
the federal reservehttps://api.fed.sumologic.com/docs/
america 1https://api.sumologic.com/docs/
contra 2https://api.us2.sumologic.com/docs/

To check

Sumo Logic supports the following API authentication options:

  • access ID and access key
  • Base64-encoded access ID and access key

Lookaccess keyLearn how to generate access keys. Be sure to copy the key you created as it will only appear once.

access ID and access key

when you are aaccess identificationInaccess key, you can make a request like this:

wavy- you":"-x get<API endpoint>

Whereis the URL of the Sumo Logic API to which you want to send the request. For more information, seeLogical end point of sumo

Basic access (Base64 encoded)

If you prefer to useBasic Access Authentication, you can Base64 encode your content:to verify your HTTPS request. Below is a sample request. replace placeholderUse your encrypted access ID and access key sequences:

wavy-HAuthorization: Basic"-x get<API endpoint>

distance in itauthorizedThe field is required.

Base64 Example

On most Linux distributions, you canbase de 64 bitsOrder. For example, if your access IDAladdinYour access code isOpen Sesame, then the command is as follows:

eco-NORTE"Aladdin: Open Sesame" |base64 --line break0

he-NORTEMake sure you don't encode extra new lines.

This returns a Base64 encoded string.QWxhZGRpbjpPcGVuU2VzYW1lUse as follows:

"Authorization: Base QWxhZGRpbjpPcGVuU2VzYW1l"

Sumo Logic Endpoints by Implementation and Firewall Protection

API authentication, endpoints and security | Sumo Logic Documentation (2)

Sumo Logic has multiple implementations that are distributed based on geographic location and account creation date.

Sumo Logic redirects your browser to the correct login URL and the collector to the correct endpoint. However, if you use the API, you must manually point the API client to the correct Sumo Logic API URL.

applyService Endpoint (Login URL)API endpointcollection end pointCloud Syslog Endpoint
african unionhttps://service.au.sumologic.comhttps://api.au.sumologic.com/api/https://collectors.au.sumologic.comsyslog.collection.au.sumologic.com
European Unionhttps://service.eu.sumologic.comhttps://api.eu.sumologic.com/api/https://collectors.eu.sumologic.com
the federal reservehttps://service.fed.sumologic.comhttps://api.fed.sumologic.com/api/https://collectors.fed.sumologic.comsyslog.collection.fed.sumologic.com
america 1https://service.sumologic.com/https://api.sumologic.com/api/https://collectors.sumologic.com
contra 2https://service.us2.sumologic.comhttps://api.us2.sumologic.com/api/https://collectors.us2.sumologic.com

What endpoint should I use?

To determine which endpoint to use, find your account's deployment module at the Sumo Logic URL you used. when you see itus 2, which means that you are working on the US2 pod. when you see itEuropean Union,J.P.,van,exist,California, ofafrican union, you are in one of the capsules. The only exception is the US1 module, which usesservicios.sumologic.com

Exact payout endpoints vary for each account. The general format is:端点[N].collection.[deploymentID].sumologic.com

You can also determine which deployment container your account uses by creating aHTTP-bronand view the specified URL.

Secure access to Sumo Logic infrastructure via DNS name or IP address

to seeStatic IP addresses for cloud-to-cloud integration resources

For the collection to work properly, your firewall must allow outbound traffic to Sumo Logic. referring toTest Sumo Logic Collector ConnectivityInstructions to allow outgoing traffic on port 443.

  • If your firewall allows DNS entries, add the following to your firewall's whitelist to allow outbound traffic to sumologic.com:
    • Standard collective contactscoleccionista.sumologic.combefore being redirected to a specific endpoint of the deployment, e.g.coleccionista.us2.sumologic.comIn端点[N].collection.[implementatie-ID].[sumologic.com]
  • If your firewall does not allow DNS entries, you must whitelist all IP addresses in the deployment zone. The whitelisted addresses depend on your Sumo Logic implementation.
    • To determine which IP addresses to whitelist, download the Amazon Web Services (AWS) JSON object. Amazon recommends changing this file several times a week. For more information on how the file is updated, see how to use it, syntax, and how to download the JSON file.AWS IP address range

FedRAMP Implementation

Sumo Logic's FedRAMP implementation is similar to our other implementations, such as US2, except that FedRAMP is certified as compliant with the US Federal Information and Information Systems Security Classification Standard (FIPS-199). In this implementation we comply with the specific security requirements necessary to process, store and transmit data classified as "Medium" impact level.

AWS Regions by Sumo Implementation

The following table describes the AWS Regions used by each Sumo Logic implementation. to seeAWS Regions and Endpoints Pageto know more information.

sumo implementationAWS RegionAWS Region
african unionAsia Pacific (Sydney)ap-southeast-2
CaliforniaCanada (center)ca-central-1
vanVS (Frankfurt)UE Central-1
European UnionUnited States (Ireland)EU-West-1
the federal reserveVS-Oost (Northern Virginia)US East 1
existAsia Pacific (Mumbai)ap-on-1
J.P.Asia Pacific (Tokyo)ap-northeast-1
america 1VS-Oost (Northern Virginia)US East 1
contra 2American West (Oregon)VS 2 Oeste

this linkProvides a complete and up-to-date list of AWS IP ranges, subnets, or prefixes. You can limit the number of entries into the firewall by using IP prefixes only for the AWS Regions used by your account's Sumo deployment, as shown in the following table.

The IP range list is a shared infrastructure. It is not limited to Sumo Logic nodes and may change over time.

You can run the following query on the downloaded files in Sumo Logic to determine the IP address of each deployment.

|parse regular expressions"\s+\"ip_prefix\":\s+\"(?.*?)\",\n\s+\"regio\":\s+\"(?.*?)\" ,\n\s+\"Service\":\s+\"(?.*?)\""a lot| Whereto meet="Amazonas" In (area="American West 2" ofarea="United States-East-1" ofarea="EU-West-1" ofarea="ap-southeast-2" | and (area="American West 2", "US2",area andarea| and (area="United States-East-1", "Product",area andarea| and (area="EU-West-1", "European Union",area andarea| and (area="ap-southeast-2", "au",area andarea|to countget onip_prefix,area,to meet| sheet -_to count|typeget onarea,ip_prefix

After configuring the firewall, collector, and source, confirm that the collector and source are working by verifying that it can receive a certain type of message (for example, a syslog message) at the specified location.

status code

General status codes for all our APIs. to seeRegister with HTTP status codesas a reference.

HTTP status codeError codeto describe
301movedThe requested resource must be accessible via the URI returned in the location header. Looksolving a problemLearn more.
401Not authorizedCannot verify credentials.
Chapter 403forbiddenYour account type does not allow this operation or the user does not have the role capabilities to perform this operation. Looksolving a problemLearn more.
404lostThe requested resource could not be found.
405method. Not supportedThe URL method is not supported.
Chapter 415Invalid content typeInvalid content type.
Chapter 429exceed the speed limitThe API request rate is greater than 4 requests per second, or the pending API requests are greater than 10 requests per second.
500internal errorInternal Server Error.
503Service not availableThe service is currently not available.

rate limit

  • All user API calls are subject to a rate limit of 4 API requests per second (240 requests per minute).
  • Access keys have a rate limit of 10 concurrent requests for each API endpoint.

If a certain ratio is exceeded,Rate limit exceeded 429Return status code.

Version control and conflict detection.

heCollector Management APIUse optimistic locking to handle version control and conflict detection. Each response that returns a single entity has an ETag header that identifies the version of that entity.

Upcoming updates (releaserequest) to the value that this entity should provideelectronic tagsheader in the If-Match header; If the header is missing or no longer matches the latest version of the entity, the request (with403 tabooof412 Condition failedrespectively).

Clients must be prepared to deal with such errors if they expect entities to update concurrently. Also, the valueelectronic tagsHeaders can be specified.if no matchfuture titleArriveCaching requests.

Sumo Logic alerts from static IP addresses

Sumo Logic provides notifications via a static IP address. You can whitelist these IP addresses to receive notifications directly from Sumo. For a list of our whitelisted addresses, please contactsupport

heTest the webhook connection functionalityInstead of using the same static IP address that notifications are sent from, use a different ephemeral IP address.


Top Articles
Latest Posts
Article information

Author: Fredrick Kertzmann

Last Updated: 22/10/2023

Views: 5789

Rating: 4.6 / 5 (66 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Fredrick Kertzmann

Birthday: 2000-04-29

Address: Apt. 203 613 Huels Gateway, Ralphtown, LA 40204

Phone: +2135150832870

Job: Regional Design Producer

Hobby: Nordic skating, Lacemaking, Mountain biking, Rowing, Gardening, Water sports, role-playing games

Introduction: My name is Fredrick Kertzmann, I am a gleaming, encouraging, inexpensive, thankful, tender, quaint, precious person who loves writing and wants to share my knowledge and understanding with you.