Skip to content

CONN-3897 Enable universal connector source with CID 25633 #4800

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Dec 2, 2024
Merged

CONN-3897 Enable universal connector source with CID 25633 #4800

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
c5db550
CONN-3897 Enable universal connector source with CID 25633
yleiferman Nov 25, 2024
886c017
Add to index page and product list
jpipkin1 Nov 26, 2024
acf0e4a
Merge branch 'main' into CONN-3897-GA-Universal-connector
yleiferman Nov 26, 2024
08894e5
Update schema name
yleiferman Nov 26, 2024
82a04a0
Merge branch 'CONN-3897-GA-Universal-connector' of github.com:SumoLog…
yleiferman Nov 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions cid-redirects.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2019,6 +2019,7 @@
"/cid/10226": "/docs/integrations/containers-orchestration/opentelemetry/activemq-opentelemetry",
"/cid/25631": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/tenable-source",
"/cid/25632": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/workday-source",
"/cid/25633": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source",
"/cid/25634": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source",
"/cid/25635": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-azure-ad-reporting-source",
"/cid/25636": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-identity-protection-source",
Expand Down
2 changes: 1 addition & 1 deletion docs/integrations/product-list/product-list-m-z.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
| <img src={useBaseUrl('img/integrations/containers-orchestration/strimzi.png')} alt="Thumbnail icon" width="75"/> | [Strimzi](https://strimzi.io/) | App: [Strimzi Kafka](/docs/integrations/containers-orchestration/strimzi-kafka/) |
| <img src={useBaseUrl('img/integrations/webhooks/stripe-logo.png')} alt="Thumbnail icon" width="50"/> | [Stripe](https://stripe.com/) | Webhook: [Stripe](/docs/integrations/webhooks/stripe/) |
| <img src={useBaseUrl('img/integrations/misc/sucuri-logo.png')} alt="Thumbnail icon" width="75"/> | [Sucuri](https://sucuri.net/) | Cloud SIEM integration: [Sucuri](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/cdfd2ba0-77eb-4e11-b071-6f4d01fda607.md) |
| <img src={useBaseUrl('img/sumo-square.png')} alt="Thumbnail icon" width="50"/> | [Sumo Logic](https://www.sumologic.com/) | Apps: <br/>- [Enterprise Audit - Cloud SIEM](/docs/integrations/sumo-apps/cse/) <br/>- [Sumo Logic Audit App](/docs/integrations/sumo-apps/audit/) <br/>- [Sumo Logic Data Volume App](/docs/integrations/sumo-apps/data-volume/) <br/>- [Sumo Logic Enterprise Audit Apps](/docs/integrations/sumo-apps/enterprise-audit/) (multiple apps) <br/>- [Sumo Logic Enterprise Search Audit App](/docs/integrations/sumo-apps/enterprise-search-audit/) <br/>- [Sumo Logic Infrequent Data Tier App](/docs/integrations/sumo-apps/infrequent-data-tier/) <br/>- [Sumo Logic Log Analysis QuickStart App](/docs/integrations/sumo-apps/log-analysis-quickstart/) <br/>- [Sumo Logic Security Analytics App](/docs/integrations/sumo-apps/security-analytics/) <br/>Automation integrations: <br/>- [Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools/)<br/>- [Basic Tools](/docs/platform-services/automation-service/app-central/integrations/basic-tools/) <br/>- [ESMTP](/docs/platform-services/automation-service/app-central/integrations/esmtp/) <br/>- [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools/) <br/>- [Incident Tools](/docs/platform-services/automation-service/app-central/integrations/incident-tools/) <br/>- [IMAP](/docs/platform-services/automation-service/app-central/integrations/imap/) <br/>- [Mail Tools](/docs/platform-services/automation-service/app-central/integrations/mail-tools/) <br/>- [POP3](/docs/platform-services/automation-service/app-central/integrations/pop3/) <br/>- [SMTP V3](/docs/platform-services/automation-service/app-central/integrations/smtp-v3/) <br/>- [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem/) <br/>- [Sumo Logic Cloud SIEM Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem-internal/) <br/>- [Sumo Logic Log Analytics](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics/) <br/>- [Sumo Logic Log Analytics Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics-internal/) <br/>- [Sumo Logic Notifications](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications/) <br/>- [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail/)<br/>- [Triage Tools](/docs/platform-services/automation-service/app-central/integrations/triage-tools/) <br/>- [ZIP Tools](/docs/platform-services/automation-service/app-central/integrations/zip-tools/) <br/>Cloud SIEM integration: [Sumo Logic](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/34A5019C-7BEC-4BF8-A3B7-C38D567126C6.md) <br/>Community app: [Cloud Security Posture Management (CSPM) for Sumo Logic](https://github.com/SumoLogic/sumologic-content/tree/master/CSPM) |
| <img src={useBaseUrl('img/sumo-square.png')} alt="Thumbnail icon" width="50"/> | [Sumo Logic](https://www.sumologic.com/) | Apps: <br/>- [Enterprise Audit - Cloud SIEM](/docs/integrations/sumo-apps/cse/) <br/>- [Sumo Logic Audit App](/docs/integrations/sumo-apps/audit/) <br/>- [Sumo Logic Data Volume App](/docs/integrations/sumo-apps/data-volume/) <br/>- [Sumo Logic Enterprise Audit Apps](/docs/integrations/sumo-apps/enterprise-audit/) (multiple apps) <br/>- [Sumo Logic Enterprise Search Audit App](/docs/integrations/sumo-apps/enterprise-search-audit/) <br/>- [Sumo Logic Infrequent Data Tier App](/docs/integrations/sumo-apps/infrequent-data-tier/) <br/>- [Sumo Logic Log Analysis QuickStart App](/docs/integrations/sumo-apps/log-analysis-quickstart/) <br/>- [Sumo Logic Security Analytics App](/docs/integrations/sumo-apps/security-analytics/) <br/>Automation integrations: <br/>- [Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools/)<br/>- [Basic Tools](/docs/platform-services/automation-service/app-central/integrations/basic-tools/) <br/>- [ESMTP](/docs/platform-services/automation-service/app-central/integrations/esmtp/) <br/>- [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools/) <br/>- [Incident Tools](/docs/platform-services/automation-service/app-central/integrations/incident-tools/) <br/>- [IMAP](/docs/platform-services/automation-service/app-central/integrations/imap/) <br/>- [Mail Tools](/docs/platform-services/automation-service/app-central/integrations/mail-tools/) <br/>- [POP3](/docs/platform-services/automation-service/app-central/integrations/pop3/) <br/>- [SMTP V3](/docs/platform-services/automation-service/app-central/integrations/smtp-v3/) <br/>- [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem/) <br/>- [Sumo Logic Cloud SIEM Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem-internal/) <br/>- [Sumo Logic Log Analytics](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics/) <br/>- [Sumo Logic Log Analytics Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics-internal/) <br/>- [Sumo Logic Notifications](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications/) <br/>- [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail/)<br/>- [Triage Tools](/docs/platform-services/automation-service/app-central/integrations/triage-tools/) <br/>- [ZIP Tools](/docs/platform-services/automation-service/app-central/integrations/zip-tools/) <br/>Cloud SIEM integration: [Sumo Logic](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/34A5019C-7BEC-4BF8-A3B7-C38D567126C6.md) <br/>Collector: [Universal Connector](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source)<br/>Community app: [Cloud Security Posture Management (CSPM) for Sumo Logic](https://github.com/SumoLogic/sumologic-content/tree/master/CSPM) |
| <img src={useBaseUrl('img/integrations/webhooks/superwise-logo.png')} alt="Thumbnail icon" width="50"/> | [Superwise](https://superwise.ai/) | Webhook: [Superwise](/docs/integrations/webhooks/superwise/) |
| <img src={useBaseUrl('/img/send-data/symantec-logo.svg')} alt="Thumbnail icon" width="75"/> | [Symantec](https://sep.securitycloud.symantec.com/v2/landing) | App: [Symantec Web Security Service](/docs/integrations/saas-cloud/symantec-web-security-service/) <br/>Automation integrations: <br/>- [Javelin AD Protect](/docs/platform-services/automation-service/app-central/integrations/javelin-ad-protect/) <br/>- [Symantec DeepSight](/docs/platform-services/automation-service/app-central/integrations/symantec-deepsight/) <br/>- [Symantec EDR](/docs/platform-services/automation-service/app-central/integrations/symantec-edr/) <br/>- [Symantec Endpoint Protection](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection/) <br/>- [Symantec Endpoint Protection Cloud](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection-cloud/) <br/>- [Symantec Secure Web Gateway (Bluecoat)](/docs/platform-services/automation-service/app-central/integrations/symantec-secure-web-gateway-bluecoat/) <br/>- [Symantec WebPulse](/docs/platform-services/automation-service/app-central/integrations/symantec-webpulse/) <br/>Collectors: <br/>- [Symantec Endpoint Security Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source/) <br/>- [Symantec Web Security Service Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-web-security-service-source/) <br/>- [Symantec Proxy Secure Gateway - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/symantec-proxy-secure-gateway/) <br/>- [Symantec Proxy Secure Gateway (Blue Coat Proxy) - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/symantec-proxy-secure-gateway-blue-coat-proxy/) <br/>Cloud SIEM integration: [Symantec](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/64c7f49c-f95a-4f4a-8540-56ec5fb1d96b.md) <br/>Community app: [Sumo Logic for Symantec WSS](https://github.com/SumoLogic/sumologic-content/tree/master/Symantec/WSS) |
| <img src={useBaseUrl('img/integrations/misc/sysdig-logo.png')} alt="Thumbnail icon" width="75"/> | [Sysdig](https://sysdig.com/) | Cloud SIEM integration: [Sysdig](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c4de0854-e718-45e1-a4c8-63623755aa43.md) |
Expand Down
6 changes: 6 additions & 0 deletions docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -492,6 +492,12 @@ In this section, we'll introduce the following concepts:
<a href="/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/trend-micro-source"><img src={useBaseUrl('img/send-data/trend-micro-logo.png')} alt="Thumbnail icon" width="150"/><h4>Trend Micro</h4></a>
<p>Learn how to collect alert details from Trend Micro platform.</p>
</div>
</div>
<div className="box smallbox card">
<div className="container">
<a href="/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source"><img src={useBaseUrl('img/sumo-square.png')} alt="Thumbnail icon" width="50"/><h4>Universal Connector Source</h4></a>
<p> Learn how to set up a Universal Connector to collect data into the Sumo Logic environment.</p>
</div>
</div>
<div className="box smallbox card">
<div className="container">
Expand Down
16 changes: 7 additions & 9 deletions ...egration-framework/config-based-source.md → ...n-framework/universal-connector-source.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
id: config-based-source
id: universal-connector-source
title: Universal Connector
sidebar_label: Universal Connector
description: Learn how to set up a Universal Connector to collect data into the Sumo Logic environment.
Expand All @@ -9,12 +9,6 @@ import CodeBlock from '@theme/CodeBlock';
import ForwardToSiem from '/docs/reuse/forward-to-siem.md';
import useBaseUrl from '@docusaurus/useBaseUrl';

<head>
<meta name="robots" content="noindex" />
</head>

<p><a href="/docs/beta"><span className="beta">Beta</span></a></p>

With our Universal Connector cloud source, you can collect log data from vendor APIs with a modular configuration. The goal of this source is for Sumo Logic to expand the configuration modules over time giving greater compatibility with vendor APIs, but to acknowledge complex APIs will still require a specific cloud source and not be compatible with this source.

## Setup
Expand Down Expand Up @@ -313,8 +307,8 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma

| Parameter | Type | Value | Required | Description |
| :--------- | :---------- | :-------------------------------------------- | :------- | :------------------------------- |
| schemaRef | JSON Object | `{"type":"Config Based"}` | Yes | Define the specific schema type. |
| sourceType | String | `"Config Based"` | Yes | Type of source. |
| schemaRef | JSON Object | `{"type":"Universal Connector"}` | Yes | Define the specific schema type. |
| sourceType | String | `"Universal Connector"` | Yes | Type of source. |
| config | JSON Object | [Configuration object](#configuration-object) | Yes | Source type specific values. |

### Configuration Object
Expand Down Expand Up @@ -441,6 +435,8 @@ The syntax for this function requires a timestamp format as a single argument. R
| :------------------------------------------------------------- | :---------------------------------- |
| `{{ .WindowEndUTC "2006-01-02T15:04:05Z" }}` | `2024-03-07T20:15:56Z` |
| `{{ .WindowEndUTC "2006-01-02T15:04:05.999999Z07:00" }}` | `2024-03-07T20:15:56.905571Z` |
| `{{ .WindowEndUTC "epoch" }}` | `1709842556` |
| `{{ .WindowEndUTC "epochMilli" }}` | `1709842556000` |
| `lessThan:{{ .WindowEndUTC "2006-01-02T15:04:05.999Z07:00" }}` | `lessThan:2024-03-07T20:15:56.905Z` |

### WindowEndLocation
Expand Down Expand Up @@ -506,6 +502,8 @@ We recommend using [this code snippet](https://goplay.tools/snippet/WTFe5ZLU9PO)
| :-------------------- | :------------------------------- | :------------------------------------ |
| RFC 3339 | `2024-02-01T16:07:57Z` | `2006-01-02T15:04:05Z07:00` |
| RFC 3339 Nano Seconds | `2024-02-01T16:07:57.541468757Z` | `2006-01-02T15:04:05.999999999Z07:00` |
| Epoch | `1706803677` | `epoch` |
| Epoch in Milliseconds | `1706803677000` | `epochMilli` |

## FAQ

Expand Down
1 change: 1 addition & 0 deletions sidebars.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -467,6 +467,7 @@ module.exports = {
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/tenable-source',
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/trellix-mvisio-epo-source',
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/trend-micro-source',
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source',
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/webex-source',
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/workday-source',
'send-data/hosted-collectors/cloud-to-cloud-integration-framework/zendesk-source',
Expand Down