From 9cb756758f1786c338400f1cbe93e4d2513b4e8b Mon Sep 17 00:00:00 2001 From: Jagadisha V Date: Thu, 12 Jun 2025 13:09:35 +0530 Subject: [PATCH 01/10] Snyk app doc --- blog-service/2025-06-13-apps.md | 12 + cid-redirects.json | 1 + .../product-list/product-list-m-z.md | 2 +- docs/integrations/saas-cloud/index.md | 6 + docs/integrations/saas-cloud/snyk.md | 377 ++++++++++++++++++ sidebars.ts | 1 + 6 files changed, 398 insertions(+), 1 deletion(-) create mode 100644 blog-service/2025-06-13-apps.md create mode 100644 docs/integrations/saas-cloud/snyk.md diff --git a/blog-service/2025-06-13-apps.md b/blog-service/2025-06-13-apps.md new file mode 100644 index 0000000000..269cdf08d0 --- /dev/null +++ b/blog-service/2025-06-13-apps.md @@ -0,0 +1,12 @@ +--- +title: Snyk (Apps) +image: https://help.sumologic.com/img/sumo-square.png +keywords: + - apps + - snyk +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/saas-cloud/snyk). \ No newline at end of file diff --git a/cid-redirects.json b/cid-redirects.json index 79f0aa3561..d041afccc3 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1620,6 +1620,7 @@ "/cid/10209": "/docs/integrations/security-threat-detection/cisco-meraki", "/cid/10210": "/docs/integrations/saas-cloud/proofpoint-tap", "/cid/10202": "/docs/integrations/saas-cloud/mimecast", + "/cid/12222": "/docs/integrations/saas-cloud/synk", "/cid/1119": "/docs/integrations/saas-cloud/druva", "/cid/10191": "/docs/integrations/saas-cloud/akamai-datastream", "/cid/10194": "/docs/integrations/saas-cloud/proofpoint-on-demand", diff --git a/docs/integrations/product-list/product-list-m-z.md b/docs/integrations/product-list/product-list-m-z.md index 63f5ac08fe..51efb8f2fe 100644 --- a/docs/integrations/product-list/product-list-m-z.md +++ b/docs/integrations/product-list/product-list-m-z.md @@ -144,7 +144,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Smartsheet](https://www.smartsheet.com/) | Collector: [Smartsheet Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source) | | Thumbnail icon | [Snare](https://www.snaresolutions.com/) | Cloud SIEM integration: [Intersect Alliance](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/005c835d-f067-4147-9da9-fe4d2691247e.md) | | Thumbnail icon | [Snowflake](https://www.snowflake.com/en/) | Cloud SIEM integration: [Snowflake](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/5541f59d-e27d-48e6-a35c-34fb75e9cf13.md)
Collector:
- [Snowflake Logs](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source)
- [Snowflake SQL API Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api-source) | -| Thumbnail icon | [Snyk](https://snyk.io/) | Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) | +| Thumbnail icon | [Snyk](https://snyk.io/) | App: [Snyk](/docs/integrations/saas-cloud/synk)
Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) | | Thumbnail icon | [SOCRadar](https://socradar.io/) | Automation integration: [SOCRadar](/docs/platform-services/automation-service/app-central/integrations/socradar/) | | Thumbnail icon | [SonicWall](https://www.sonicwall.com/) | Automation integration: [SonicWall](/docs/platform-services/automation-service/app-central/integrations/sonicwall/) | | Thumbnail icon | [Sophos](https://www.sophos.com/en-us) | Automation integrations:
- [Sophos Central](/docs/platform-services/automation-service/app-central/integrations/sophos-central/)
- [Sophos Central V3](/docs/platform-services/automation-service/app-central/integrations/sophos-central-v3/)
Apps:
- [Sophos](/docs/integrations/saas-cloud/sophos/)
Cloud SIEM integration: [Sophos](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/dc8564e3-6c44-463a-8bad-36618a688d57.md)
Collector: [Sophos Central Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sophos-central-source/)
Community app: [Sumo Logic for Sophos Central](https://github.com/SumoLogic/sumologic-content/tree/master/Sophos/Sophos-Central) | diff --git a/docs/integrations/saas-cloud/index.md b/docs/integrations/saas-cloud/index.md index ca98b2a7f0..aaf1fcedc7 100644 --- a/docs/integrations/saas-cloud/index.md +++ b/docs/integrations/saas-cloud/index.md @@ -351,6 +351,12 @@ Learn about the Sumo Logic apps for SaaS and Cloud applications.

Monitor analytics for your Slack users, channels, and access logs for workspaces.

+
+
+ icon

Synk

 +

Gain real-time visibility into security vulnerabilities across your software projects and dependencies.

+
+
icon

Sophos

 diff --git a/docs/integrations/saas-cloud/snyk.md b/docs/integrations/saas-cloud/snyk.md new file mode 100644 index 0000000000..d1b6fe4cf8 --- /dev/null +++ b/docs/integrations/saas-cloud/snyk.md @@ -0,0 +1,377 @@ +--- +id: snyk +title: Snyk +sidebar_label: Snyk +description: The Snyk app for Sumo Logic delivers real-time visibility into security vulnerabilities across your software projects and dependencies. +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +thumbnail icon + +The Snyk vulnerability monitoring app for Sumo Logic delivers real-time visibility into security vulnerabilities across your software projects and dependencies. By ingesting detailed vulnerability data from Snyk, the app helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. The Snyk app provides insights into critical, high, and other severity vulnerabilities, enabling faster detection and response without including license or unrelated data. + +Key features of Snyk app include: + +- Keep track of vulnerability counts and severity levels across your projects and packages in real time. +- Analyze vulnerability data to identify critical risks and prioritize remediation based on severity and priority scores. +- Monitor recent vulnerability fixes and newly detected issues to maintain an up-to-date security overview. +- Identify top vulnerable packages and projects to focus efforts where they matter most. +- Visualize vulnerability trends over time to detect emerging risks and assess the effectiveness of mitigation strategies. + +:::info +This app includes [built-in monitors](#snyk-alerts). For details on creating custom monitors, refer to the [Create monitors for Snyk app](#create-monitors-for-the-snyk-app). +::: + +## Sample log message + +
+Sample Log Message +```json +{ + "project": { + "id": "6f84372e-0808-43b4-ba1f-c343asd4", + "name": "devops:docker/hcvault/Dockerfile", + "created": "2024-11-20T09:35:51.878Z", + "origin": "github", + "type": "", + "readOnly": false, + "testFrequency": "daily", + "totalDependencies": 92, + "issueCountsBySeverity": { + "low": 0, + "high": 0, + "medium": 3, + "critical": 1 + }, + "imageTag": "latest", + "imagePlatform": "", + "imageBaseImage": "ubuntu:latest", + "lastTestedDate": "2024-11-20T09:35:51.878Z", + "browseUrl": "https://test_data.com/org/project/6f84372e-0808-43b4-ba1f-c4c7fec0e680", + "importingUser": null, + "isMonitored": true, + "owner": null, + "tags": [], + "attributes": { + "criticality": [], + "lifecycle": [], + "environment": [] + }, + "branch": "master" + }, + "org": { + "id": "245bda36-e8fd-455c-9f3f-56fedcf81dd4", + "name": "testdata", + "slug": "testdata", + "url": "https://test_data.com/org", + "group": null, + "created": "2024-11-20T09:35:51.878Z" + }, + "group": { + "id": "2dbf20ff-20d9-4efd-bf45-4e788561707b", + "name": "test", + "url": "https://test_data.com/group", + "created": "2024-11-20T09:35:51.878Z" + }, + "newIssues": [ + { + "id": "SNYK-UBUNTU2404-12345", + "issueType": "vuln", + "pkgName": "systemd/libsystemd0", + "pkgVersions": [ + "255.4-1ubuntu8.6", + "255.4-1ubuntu8.6" + ], + "issueData": { + "id": "SNYK-UBUNTU2404-12345", + "title": "Race Condition", + "severity": "critical", + "url": "https://test_data.com/vuln/SNYK-UBUNTU2404-12345", + "description": "## NVD Description\n_Note:_ _Versions mentioned in the description apply only to the upstream `systemd` package and not the `systemd` package as distributed by `Ubuntu`._\n_See `How to fix?` for `Ubuntu:24.04` relevant fixed versions and status._\n\", + "identifiers": { + "CVE": [ + "CVE-2025-4598" + ], + "CWE": [ + "CWE-364" + ], + "ALTERNATIVE": [] + }, + "credit": [ + "" + ], + "exploitMaturity": "no-known-exploit", + "semver": { + "vulnerable": [ + "*" + ] + }, + "publicationTime": "2024-11-20T09:35:51.878Z", + "disclosureTime": "2024-11-20T09:35:51.878Z", + "CVSSv3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "cvssScore": 8.2, + "cvssDetails": [ + { + "assigner": "Red Hat", + "severity": "info", + "cvssV3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "cvssV3BaseScore": 4.7, + "modificationTime": "2024-11-20T09:35:51.878Z" + } + ], + "severities": [ + { + "assigner": "NVD", + "cvssVersion": "3.1", + "severity": "medium", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.7, + "modificationTime": "2024-11-20T09:35:51.878Z" + } + ], + "exploitDetails": { + "sources": [], + "maturityLevels": [ + { + "level": "Not Defined", + "format": "CVSSv3" + } + ] + }, + "language": "linux", + "patches": [], + "nearestFixedInVersion": "", + "isMaliciousPackage": false + }, + "isPatched": false, + "isIgnored": false, + "fixInfo": { + "isUpgradable": false, + "isPinnable": false, + "isPatchable": false, + "isFixable": false, + "isPartiallyFixable": false, + "nearestFixedInVersion": "", + "fixedIn": [] + }, + "priorityScore": 50, + "priority": { + "score": 149, + "factors": [ + { + "name": "Package Popularity Score", + "description": "Package Popularity Score: 0" + } + ] + } + } + ], + "removedIssues": [ + { + "id": "SNYK-UBUNTU2-54782", + "issueType": "vuln", + "pkgName": "systemd/libsystemd0", + "pkgVersions": [ + "255.4-1ubuntu8.6", + ], + "issueData": { + "id": "SNYK-UBUNTU2-54782", + "title": "Race Condition", + "severity": "medium", + "url": "https://test_data.com/vuln/SNYK-UBUNTU2-54782", + "description": "## NVD Description\n_Note:_ _Versions mentioned in the description apply only to the upstream `systemd` package and not the `systemd` package as distributed by `Ubuntu`._\n_See `How to fix?` for `Ubuntu:24.04` relevant fixed versions and status._\n\nA vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n", + "identifiers": { + "CVE": [ + "CVE-2025-4598" + ], + "CWE": [ + "CWE-364" + ], + "ALTERNATIVE": [] + }, + "credit": [ + "" + ], + "exploitMaturity": "no-known-exploit", + "semver": { + "vulnerable": [ + "*" + ] + }, + "publicationTime": "2024-11-20T09:35:51.878Z", + "disclosureTime": "2024-11-20T09:35:51.878Z", + "CVSSv3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "cvssScore": 9.2, + "cvssDetails": [ + { + "assigner": "Red Hat", + "severity": "info", + "cvssV3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "cvssV3BaseScore": 4.7, + "modificationTime": "2024-11-20T09:35:51.878Z" + } + ], + "severities": [ + { + "assigner": "NVD", + "cvssVersion": "3.1", + "severity": "medium", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.7, + "modificationTime": "2024-11-20T09:35:51.878Z" + } + ], + "exploitDetails": { + "sources": [], + "maturityLevels": [ + { + "level": "Not Defined", + "format": "CVSSv3" + }, + { + "level": "Not Defined", + "format": "CVSSv4" + } + ] + }, + "language": "linux", + "patches": [], + "nearestFixedInVersion": "", + "isMaliciousPackage": false + }, + "isPatched": true, + "isIgnored": false, + "fixInfo": { + "isUpgradable": false, + "isPinnable": false, + "isPatchable": false, + "isFixable": false, + "isPartiallyFixable": false, + "nearestFixedInVersion": "", + "fixedIn": [] + }, + "priorityScore": 800, + "priority": { + "score": 149, + "factors": [ + { + "name": "Transitive dependency", + "description": "Transitive dependency: No" + } + ] + } + } + ] +} +``` +
+ +## Sample queries + +```sql title="Total Vulnerabilities" +_sourceCategory="Labs/Snyk" +| json "project.id", "project.name", "project.origin", "project.created", "project.type", "project.branch", "project.totalDependencies", "project.testFrequency", "project.browseUrl", "org.id", "org.name", "org.url", "org.created", "newIssues", "removedIssues" as project_id, project_name, project_origin, project_created, project_type, project_branch, project_dependencies, project_frequency, project_url, org_id, org_name, org_url, org_created, new_issues, removed_issues nodrop + +| parse regex field=new_issues "(?\{([^\{\}]|\{([^\{\}]|\{([^\{\}]|\{([^\{\}]|\{([^\{\}]|\{([^\{\}]|\{[^\{\}]*\})*\})*\})*\})*\})*\})*\})" multi + +| json field=vulnerability "id", "issueType", "pkgName", "issueData.severity","issueData.title", "issueData.description", "issueData.url", "issueData.publicationTime", "issueData.disclosureTime", "issueData.cvssScore", "issueData.language", "issueData.isMaliciousPackage", "isPatched", "priorityScore" as vuln_id, vuln_type, vuln_pkg, vuln_severity, vuln_title, vuln_description, vuln_url, vuln_publicationtime, vuln_disclosuretime, vuln_cvss, vuln_language, vuln_malicious, vuln_patched, vuln_priority nodrop + +// Global Filter +| where vuln_malicious matches "{{malicious_package}}" +| where vuln_severity matches "{{severity}}" +| where vuln_patched matches "{{is_patched}}" +| where project_name matches "{{project_name}}" +| where org_name matches "{{org_name}}" +| where vuln_pkg matches "{{pkg_name}}" +| where vuln_priority matches "{{priority_score}}" +| where isBlank(project_branch) OR project_branch matches "{{project_branch}}" +| where toLowerCase(vuln_type) matches "vuln" + +| count +``` + +## Setting up the collection + +Follow the below steps for setting up the webhook integration between Snyk and Sumo Logic for efficient event monitoring and data ingestion: + +### Step 1: Setting up the collection in Sumo Logic platform + +1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Collection > Collection**.
[**New UI**](/docs/get-started/sumo-logic-ui). In the Sumo Logic top menu select **Configuration**, and then under **Data Collection** select **Collection**. You can also click the **Go To...** menu at the top of the screen and select **Collection**. +1. Create a new Hosted Collector. For instructions, refer to [Create a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). +1. On the Collectors page, click **Add Source** next to a Hosted Collector. +1. Search for and select **HTTP Logs & Metrics**. +1. Configure the HTTP Logs and Metrics source, refer to the [HTTP Logs and Metrics Source](/docs/send-data/hosted-collectors/http-source/logs-metrics/#configure-an-httplogs-and-metrics-source). + :::note + Set the **Source Category** to `webhook/snyk` for the Snyk webhook. + ::: +1. Once configured, save the endpoint URL for future reference. + +### Step 2: Register the Webhook with Snyk + +1. Create the Snyk Webhook using the [Create a webhook API](https://docs.snyk.io/snyk-api/reference/webhooks-v1#org-orgid-webhooks). The API requires that you provide the Snyk Organization ID, the Snyk authentication token, the public URL for your Lambda function, and the value of your Lambda secret environment variable. + - **SNYK-ORG-ID**. The Snyk organization ID is required to list projects. Ensure that the `API_KEY` has access to this organization. + - **SNYK-TOKEN**. Locate your personal API token in your SNYK account settings. Click on **Show** in the key field, then copy the API key. + - **TARGET-WEBHOOK-URL (URL)**. Use the endpoint URL of the Sumo Logic configured HTTP Source. + - **SECRET**. Generate a random, high-entropy string for the secret. This string should be exclusive to Snyk and your webhook transport-consuming code and should not be repurposed for any other use. +1. Execute the following `curl` command to register the webhook for Snyk with Sumo Logic: + ``` + curl --location 'https://api.snyk.io/v1/org//webhooks' \ + --header 'Authorization: token ' \ + --header 'Content-Type: application/json' \ + --data '{ + "url": "https://{TARGET-WEBHOOK-URL}", + "secret": "SECRET" + }' + ``` +1. Upon successful API call, the response will include a status code of 200 along with the webhookID and URL. + +### Step 3: Verification + +After completing the registration process, verify that Snyk events are being ingested into Sumo Logic by executing the following query in Sumo Logic's search panel: + ``` + _sourceCategory=webhook/snyk + ``` + +## Viewing the Snyk dashboard + +import ViewDashboards from '../../reuse/apps/view-dashboards.md'; + + + +### Overview + +The **Snyk Security - Overview** dashboard provides a clear, high-level picture of your organization’s vulnerabilities. It includes widgets showing key information like the total number of vulnerabilities by severity, recently fixed issues, and how vulnerabilities are prioritized. The dashboard highlights the most vulnerable packages and projects, so you can quickly see where the biggest risks are. It also shows vulnerabilities over time, helping you track security improvements or emerging threats. The Vulnerability Summary widget provides a quick snapshot of your overall security status. This dashboard helps security teams easily monitor vulnerabilities, understand risks, and focus on fixing the most important issues.
Snyk-Security-Overview + +## Create monitors for the Snyk app + +import CreateMonitors from '../../reuse/apps/create-monitors.md'; + + + +### Snyk alerts + +| Name | Description | Trigger Type (Critical / Warning / MissingData) | Alert Condition | +|:--|:--|:--|:--| +| `Snyk - Critical Severity Vulnerability Detected` | This alert is triggered when one or more critical vulnerabilities are identified. This is used to monitor the detection of vulnerabilities classified as critical severity within your projects or packages. | Critical | Count > 0 | +| `Snyk - High Severity Vulnerability Detected` | This alert is triggered when more than 5 vulnerabilities classified as high severity within your projects or packages are detected. | Critical | Count > 5 | +| `Snyk - Malicious Package Detected` | This alert is triggered when when a malicious package is detected in the records. | Critical | Count > 0 | +| `Snyk - High Priority Vulnerability Detected` | This alert is triggered when one or more high-priority vulnerabilities are detected, indicating significant security risks that require immediate attention. | Critical | Count > 0 | + +## Upgrading/Downgrading the Snyk app (Optional) + +import AppUpdate from '../../reuse/apps/app-update.md'; + + + +## Uninstalling the Snyk app (Optional) + +import AppUninstall from '../../reuse/apps/app-uninstall.md'; + + + + + + + + diff --git a/sidebars.ts b/sidebars.ts index 0f47f31bbf..4b6ebefa39 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -2576,6 +2576,7 @@ integrations: [ 'integrations/saas-cloud/salesforce', 'integrations/saas-cloud/sentinelone', 'integrations/saas-cloud/slack', + 'integrations/saas-cloud/snyk', 'integrations/saas-cloud/sophos', 'integrations/saas-cloud/sumo-collection', 'integrations/saas-cloud/symantec-endpoint-security-service', From 22d757d8359ec4baff699f7ef92bebc049b64980 Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Thu, 12 Jun 2025 14:44:46 +0530 Subject: [PATCH 02/10] Update cid-redirects.json --- cid-redirects.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cid-redirects.json b/cid-redirects.json index d041afccc3..b06e28dc54 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1620,7 +1620,7 @@ "/cid/10209": "/docs/integrations/security-threat-detection/cisco-meraki", "/cid/10210": "/docs/integrations/saas-cloud/proofpoint-tap", "/cid/10202": "/docs/integrations/saas-cloud/mimecast", - "/cid/12222": "/docs/integrations/saas-cloud/synk", + "/cid/12222": "/docs/integrations/saas-cloud/snyk", "/cid/1119": "/docs/integrations/saas-cloud/druva", "/cid/10191": "/docs/integrations/saas-cloud/akamai-datastream", "/cid/10194": "/docs/integrations/saas-cloud/proofpoint-on-demand", From f8e010a337ba8f156ac00ce47c4f91298b4becc4 Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Thu, 12 Jun 2025 14:56:48 +0530 Subject: [PATCH 03/10] Update docs/integrations/product-list/product-list-m-z.md --- docs/integrations/product-list/product-list-m-z.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/product-list/product-list-m-z.md b/docs/integrations/product-list/product-list-m-z.md index 51efb8f2fe..9add2c050f 100644 --- a/docs/integrations/product-list/product-list-m-z.md +++ b/docs/integrations/product-list/product-list-m-z.md @@ -144,7 +144,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Smartsheet](https://www.smartsheet.com/) | Collector: [Smartsheet Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source) | | Thumbnail icon | [Snare](https://www.snaresolutions.com/) | Cloud SIEM integration: [Intersect Alliance](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/005c835d-f067-4147-9da9-fe4d2691247e.md) | | Thumbnail icon | [Snowflake](https://www.snowflake.com/en/) | Cloud SIEM integration: [Snowflake](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/5541f59d-e27d-48e6-a35c-34fb75e9cf13.md)
Collector:
- [Snowflake Logs](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source)
- [Snowflake SQL API Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api-source) | -| Thumbnail icon | [Snyk](https://snyk.io/) | App: [Snyk](/docs/integrations/saas-cloud/synk)
Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) | +| Thumbnail icon | [Snyk](https://snyk.io/) | App: [Snyk](/docs/integrations/saas-cloud/snyk)
Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) | | Thumbnail icon | [SOCRadar](https://socradar.io/) | Automation integration: [SOCRadar](/docs/platform-services/automation-service/app-central/integrations/socradar/) | | Thumbnail icon | [SonicWall](https://www.sonicwall.com/) | Automation integration: [SonicWall](/docs/platform-services/automation-service/app-central/integrations/sonicwall/) | | Thumbnail icon | [Sophos](https://www.sophos.com/en-us) | Automation integrations:
- [Sophos Central](/docs/platform-services/automation-service/app-central/integrations/sophos-central/)
- [Sophos Central V3](/docs/platform-services/automation-service/app-central/integrations/sophos-central-v3/)
Apps:
- [Sophos](/docs/integrations/saas-cloud/sophos/)
Cloud SIEM integration: [Sophos](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/dc8564e3-6c44-463a-8bad-36618a688d57.md)
Collector: [Sophos Central Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sophos-central-source/)
Community app: [Sumo Logic for Sophos Central](https://github.com/SumoLogic/sumologic-content/tree/master/Sophos/Sophos-Central) | From 189ca8d5093625cc1e54ead2fec5c046f87c0dd0 Mon Sep 17 00:00:00 2001 From: Jagadisha V Date: Thu, 12 Jun 2025 16:37:31 +0530 Subject: [PATCH 04/10] moved the docs from saas-cloud to webhooks folder --- blog-service/2025-06-13-apps.md | 2 +- docs/integrations/product-list/product-list-m-z.md | 2 +- docs/integrations/saas-cloud/index.md | 6 ------ docs/integrations/{saas-cloud => webhooks}/snyk.md | 11 ++++++----- sidebars.ts | 2 +- 5 files changed, 9 insertions(+), 14 deletions(-) rename docs/integrations/{saas-cloud => webhooks}/snyk.md (96%) diff --git a/blog-service/2025-06-13-apps.md b/blog-service/2025-06-13-apps.md index 269cdf08d0..7a3208cdf8 100644 --- a/blog-service/2025-06-13-apps.md +++ b/blog-service/2025-06-13-apps.md @@ -9,4 +9,4 @@ hide_table_of_contents: true import useBaseUrl from '@docusaurus/useBaseUrl'; -We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/saas-cloud/snyk). \ No newline at end of file +We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/webhooks/snyk). \ No newline at end of file diff --git a/docs/integrations/product-list/product-list-m-z.md b/docs/integrations/product-list/product-list-m-z.md index 9add2c050f..fb368bd091 100644 --- a/docs/integrations/product-list/product-list-m-z.md +++ b/docs/integrations/product-list/product-list-m-z.md @@ -144,7 +144,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Smartsheet](https://www.smartsheet.com/) | Collector: [Smartsheet Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source) | | Thumbnail icon | [Snare](https://www.snaresolutions.com/) | Cloud SIEM integration: [Intersect Alliance](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/005c835d-f067-4147-9da9-fe4d2691247e.md) | | Thumbnail icon | [Snowflake](https://www.snowflake.com/en/) | Cloud SIEM integration: [Snowflake](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/5541f59d-e27d-48e6-a35c-34fb75e9cf13.md)
Collector:
- [Snowflake Logs](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source)
- [Snowflake SQL API Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api-source) | -| Thumbnail icon | [Snyk](https://snyk.io/) | App: [Snyk](/docs/integrations/saas-cloud/snyk)
Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) | +| Thumbnail icon | [Snyk](https://snyk.io/) | App: [Snyk](/docs/integrations/webhooks/snyk)
Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) | | Thumbnail icon | [SOCRadar](https://socradar.io/) | Automation integration: [SOCRadar](/docs/platform-services/automation-service/app-central/integrations/socradar/) | | Thumbnail icon | [SonicWall](https://www.sonicwall.com/) | Automation integration: [SonicWall](/docs/platform-services/automation-service/app-central/integrations/sonicwall/) | | Thumbnail icon | [Sophos](https://www.sophos.com/en-us) | Automation integrations:
- [Sophos Central](/docs/platform-services/automation-service/app-central/integrations/sophos-central/)
- [Sophos Central V3](/docs/platform-services/automation-service/app-central/integrations/sophos-central-v3/)
Apps:
- [Sophos](/docs/integrations/saas-cloud/sophos/)
Cloud SIEM integration: [Sophos](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/dc8564e3-6c44-463a-8bad-36618a688d57.md)
Collector: [Sophos Central Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sophos-central-source/)
Community app: [Sumo Logic for Sophos Central](https://github.com/SumoLogic/sumologic-content/tree/master/Sophos/Sophos-Central) | diff --git a/docs/integrations/saas-cloud/index.md b/docs/integrations/saas-cloud/index.md index aaf1fcedc7..ca98b2a7f0 100644 --- a/docs/integrations/saas-cloud/index.md +++ b/docs/integrations/saas-cloud/index.md @@ -351,12 +351,6 @@ Learn about the Sumo Logic apps for SaaS and Cloud applications.

Monitor analytics for your Slack users, channels, and access logs for workspaces.

-
-
- icon

Synk

 -

Gain real-time visibility into security vulnerabilities across your software projects and dependencies.

-
-
icon

Sophos

 diff --git a/docs/integrations/saas-cloud/snyk.md b/docs/integrations/webhooks/snyk.md similarity index 96% rename from docs/integrations/saas-cloud/snyk.md rename to docs/integrations/webhooks/snyk.md index d1b6fe4cf8..7588a11768 100644 --- a/docs/integrations/saas-cloud/snyk.md +++ b/docs/integrations/webhooks/snyk.md @@ -301,15 +301,12 @@ Follow the below steps for setting up the webhook integration between Snyk and S 1. Create a new Hosted Collector. For instructions, refer to [Create a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). 1. On the Collectors page, click **Add Source** next to a Hosted Collector. 1. Search for and select **HTTP Logs & Metrics**. -1. Configure the HTTP Logs and Metrics source, refer to the [HTTP Logs and Metrics Source](/docs/send-data/hosted-collectors/http-source/logs-metrics/#configure-an-httplogs-and-metrics-source). - :::note - Set the **Source Category** to `webhook/snyk` for the Snyk webhook. - ::: +1. Configure the HTTP Logs and Metrics source, refer to the [HTTP Logs and Metrics Source](/docs/send-data/hosted-collectors/http-source/logs-metrics/#configure-an-httplogs-and-metrics-source). For example, set the **Source Category** to `webhook/snyk` for the Snyk webhook. 1. Once configured, save the endpoint URL for future reference. ### Step 2: Register the Webhook with Snyk -1. Create the Snyk Webhook using the [Create a webhook API](https://docs.snyk.io/snyk-api/reference/webhooks-v1#org-orgid-webhooks). The API requires that you provide the Snyk Organization ID, the Snyk authentication token, the public URL for your Lambda function, and the value of your Lambda secret environment variable. +1. [Create the Snyk Webhook](https://docs.snyk.io/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/set-up-the-snyk-webhook) using the [Create a webhook API](https://docs.snyk.io/snyk-api/reference/webhooks-v1#org-orgid-webhooks). The API requires that you provide the Snyk Organization ID, the Snyk authentication token, the public URL for your Lambda function, and the value of your Lambda secret environment variable. - **SNYK-ORG-ID**. The Snyk organization ID is required to list projects. Ensure that the `API_KEY` has access to this organization. - **SNYK-TOKEN**. Locate your personal API token in your SNYK account settings. Click on **Show** in the key field, then copy the API key. - **TARGET-WEBHOOK-URL (URL)**. Use the endpoint URL of the Sumo Logic configured HTTP Source. @@ -333,6 +330,10 @@ After completing the registration process, verify that Snyk events are being ing _sourceCategory=webhook/snyk ``` +:::note +Ensure you add the same source category as configured in Sumo Logic platform. +::: + ## Viewing the Snyk dashboard import ViewDashboards from '../../reuse/apps/view-dashboards.md'; diff --git a/sidebars.ts b/sidebars.ts index 4b6ebefa39..ccaf0de358 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -2576,7 +2576,6 @@ integrations: [ 'integrations/saas-cloud/salesforce', 'integrations/saas-cloud/sentinelone', 'integrations/saas-cloud/slack', - 'integrations/saas-cloud/snyk', 'integrations/saas-cloud/sophos', 'integrations/saas-cloud/sumo-collection', 'integrations/saas-cloud/symantec-endpoint-security-service', @@ -2687,6 +2686,7 @@ integrations: [ 'integrations/webhooks/sendgrid', 'integrations/webhooks/sentry', 'integrations/webhooks/signl4', + 'integrations/webhooks/snyk', 'integrations/webhooks/split', 'integrations/webhooks/squadcast', 'integrations/webhooks/stripe', From f73e8bd0676da11542d9cf2cb117492a2b1b7ded Mon Sep 17 00:00:00 2001 From: Jagadisha V Date: Thu, 12 Jun 2025 16:46:29 +0530 Subject: [PATCH 05/10] minor fix --- cid-redirects.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cid-redirects.json b/cid-redirects.json index d572cb0661..cdf0fb8c44 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1620,7 +1620,7 @@ "/cid/10209": "/docs/integrations/security-threat-detection/cisco-meraki", "/cid/10210": "/docs/integrations/saas-cloud/proofpoint-tap", "/cid/10202": "/docs/integrations/saas-cloud/mimecast", - "/cid/12222": "/docs/integrations/saas-cloud/snyk", + "/cid/12222": "/docs/integrations/webhooks/snyk", "/cid/1119": "/docs/integrations/saas-cloud/druva", "/cid/10191": "/docs/integrations/saas-cloud/akamai-datastream", "/cid/10194": "/docs/integrations/saas-cloud/proofpoint-on-demand", From 826f578cd85ed4e311dd9f9e93b6cf1da6cd2f00 Mon Sep 17 00:00:00 2001 From: Priyansh Patel <114739257+priyansh-sumo@users.noreply.github.com> Date: Mon, 16 Jun 2025 02:22:05 +0530 Subject: [PATCH 06/10] Update docs/integrations/webhooks/snyk.md Co-authored-by: John Pipkin (Sumo Logic) --- docs/integrations/webhooks/snyk.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/webhooks/snyk.md b/docs/integrations/webhooks/snyk.md index 7588a11768..d9be4b9993 100644 --- a/docs/integrations/webhooks/snyk.md +++ b/docs/integrations/webhooks/snyk.md @@ -301,7 +301,7 @@ Follow the below steps for setting up the webhook integration between Snyk and S 1. Create a new Hosted Collector. For instructions, refer to [Create a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). 1. On the Collectors page, click **Add Source** next to a Hosted Collector. 1. Search for and select **HTTP Logs & Metrics**. -1. Configure the HTTP Logs and Metrics source, refer to the [HTTP Logs and Metrics Source](/docs/send-data/hosted-collectors/http-source/logs-metrics/#configure-an-httplogs-and-metrics-source). For example, set the **Source Category** to `webhook/snyk` for the Snyk webhook. +1. Configure the HTTP Logs and Metrics source, refer to [Configure an HTTP Logs and Metrics Source](/docs/send-data/hosted-collectors/http-source/logs-metrics/#configure-an-httplogs-and-metrics-source). For example, set the **Source Category** to `webhook/snyk` for the Snyk webhook. 1. Once configured, save the endpoint URL for future reference. ### Step 2: Register the Webhook with Snyk From c11dee021e5486cecfb8939c4d64a1d30a56d458 Mon Sep 17 00:00:00 2001 From: Priyansh Patel <114739257+priyansh-sumo@users.noreply.github.com> Date: Mon, 16 Jun 2025 02:22:59 +0530 Subject: [PATCH 07/10] Update docs/integrations/webhooks/snyk.md Co-authored-by: John Pipkin (Sumo Logic) --- docs/integrations/webhooks/snyk.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/webhooks/snyk.md b/docs/integrations/webhooks/snyk.md index d9be4b9993..e9302fea70 100644 --- a/docs/integrations/webhooks/snyk.md +++ b/docs/integrations/webhooks/snyk.md @@ -298,7 +298,7 @@ Follow the below steps for setting up the webhook integration between Snyk and S ### Step 1: Setting up the collection in Sumo Logic platform 1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Collection > Collection**.
[**New UI**](/docs/get-started/sumo-logic-ui). In the Sumo Logic top menu select **Configuration**, and then under **Data Collection** select **Collection**. You can also click the **Go To...** menu at the top of the screen and select **Collection**. -1. Create a new Hosted Collector. For instructions, refer to [Create a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). +1. Create a new Hosted Collector. For instructions, refer to [Create a Hosted Collector and Source](/docs/send-data/hosted-collectors/configure-hosted-collector). 1. On the Collectors page, click **Add Source** next to a Hosted Collector. 1. Search for and select **HTTP Logs & Metrics**. 1. Configure the HTTP Logs and Metrics source, refer to [Configure an HTTP Logs and Metrics Source](/docs/send-data/hosted-collectors/http-source/logs-metrics/#configure-an-httplogs-and-metrics-source). For example, set the **Source Category** to `webhook/snyk` for the Snyk webhook. From 9ebd56ed8df95e8ffa8911ba1ad6258585dcc958 Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Mon, 16 Jun 2025 11:43:00 +0530 Subject: [PATCH 08/10] Rename 2025-06-13-apps.md to 2025-06-16-apps.md --- blog-service/{2025-06-13-apps.md => 2025-06-16-apps.md} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename blog-service/{2025-06-13-apps.md => 2025-06-16-apps.md} (91%) diff --git a/blog-service/2025-06-13-apps.md b/blog-service/2025-06-16-apps.md similarity index 91% rename from blog-service/2025-06-13-apps.md rename to blog-service/2025-06-16-apps.md index 7a3208cdf8..21e12dac0b 100644 --- a/blog-service/2025-06-13-apps.md +++ b/blog-service/2025-06-16-apps.md @@ -9,4 +9,4 @@ hide_table_of_contents: true import useBaseUrl from '@docusaurus/useBaseUrl'; -We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/webhooks/snyk). \ No newline at end of file +We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/webhooks/snyk). From f16857bce2608363c50943fd734e71fea373aa58 Mon Sep 17 00:00:00 2001 From: "John Pipkin (Sumo Logic)" Date: Mon, 16 Jun 2025 11:36:49 -0500 Subject: [PATCH 09/10] Update blog-service/2025-06-16-apps.md --- blog-service/2025-06-16-apps.md | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/blog-service/2025-06-16-apps.md b/blog-service/2025-06-16-apps.md index ea141bda61..80d0d1d07f 100644 --- a/blog-service/2025-06-16-apps.md +++ b/blog-service/2025-06-16-apps.md @@ -65,16 +65,3 @@ Sumo Logic apps are backward-compatible, allowing you to update the apps ahead o #### What happens if I don’t update my applications or searches? Failure to update your apps, saved searches, or dashboards will result in user-related fields not being parsed correctly. Consequently, visualizations and panels relying on those fields will appear empty or display inaccurate data. - ---- -title: Snyk (Apps) -image: https://help.sumologic.com/img/sumo-square.png -keywords: - - apps - - snyk -hide_table_of_contents: true ---- - -import useBaseUrl from '@docusaurus/useBaseUrl'; - -We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/webhooks/snyk). From 9bc2f42c57ae06342429d6a3d8b2928e4ed4f99e Mon Sep 17 00:00:00 2001 From: John Pipkin Date: Mon, 16 Jun 2025 11:38:49 -0500 Subject: [PATCH 10/10] Add Snyk release note --- blog-service/2025-06-16-apps-2.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 blog-service/2025-06-16-apps-2.md diff --git a/blog-service/2025-06-16-apps-2.md b/blog-service/2025-06-16-apps-2.md new file mode 100644 index 0000000000..7a3208cdf8 --- /dev/null +++ b/blog-service/2025-06-16-apps-2.md @@ -0,0 +1,12 @@ +--- +title: Snyk (Apps) +image: https://help.sumologic.com/img/sumo-square.png +keywords: + - apps + - snyk +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. [Learn more](/docs/integrations/webhooks/snyk). \ No newline at end of file