From 6eabb3421e448388213c3228c6dca3ee6ac69fa5 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 20:55:30 +0530 Subject: [PATCH 1/7] Snowflake authentication update --- blog-service/2025-10-13-collection.md | 35 +++++++++++++++++++ .../snowflake-logs-source.md | 3 ++ .../snowflake-sql-api.md | 3 ++ 3 files changed, 41 insertions(+) create mode 100644 blog-service/2025-10-13-collection.md diff --git a/blog-service/2025-10-13-collection.md b/blog-service/2025-10-13-collection.md new file mode 100644 index 0000000000..cb74f2c085 --- /dev/null +++ b/blog-service/2025-10-13-collection.md @@ -0,0 +1,35 @@ +--- +title: Snowflake Authentication Update (Collection) +image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082 +keywords: + - c2c + - snowflake +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +### What's changing? + +Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. + +Snowflake has signed the CISA **Secure by Design** pledge and is committed to adopting security best practices, including: +- Eliminating high-risk authentication methods (e.g., password-only access) +- Enforcing multi-factor authentication (MFA) +- Reducing the risk of credential theft and unauthorized access + +These changes are designed to strengthen Snowflake’s overall security posture and better protect your data. + +### Next steps + +As an interim measure, Sumo Logic recommends you to use the Programmatic Access Tokens (PATs) to authenticate your Sumo Logic integration with Snowflake before 1st November 2025. This ensures continued access and seamless data collection from the Snowflake platform. +Refer to [Using programmatic access tokens for authentication](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) for step-by-step instructions to authenticate the integration with Snowflake. + +:::note +- Programmatic Access Tokens (PATs) provide a short-term authentication solution, with each token expiring after approximately one year. So, you must generate a new token annually until a long-term multifactor authentication solution becomes available. +- Sumo Logic is actively developing a long-term authentication solution using OAuth 2.0, which will provide enhanced security and ease of use. More information and rollout timelines for OAuth 2.0 support will be shared in the upcoming release. +::: + +[Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source/#vendor-configuration). + +For more information, contact your Technical Account Engineer (TAE) or reach out to Sumo Logic Support. \ No newline at end of file diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md index 580b4411d3..f9e9d0b01d 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md @@ -37,6 +37,9 @@ The Snowflake Logs source requires you to provide the following data to setup th - **Account Identifier**. An account identifier uniquely identifies a Snowflake account within your organization, as well as throughout the global network of Snowflake-supported cloud platforms and cloud regions. For more information, see [Account identifiers](https://docs.snowflake.com/en/user-guide/admin-account-identifier). - **Username**. Snowflake account's login username. For example, `SUMOLOGIC`. - **Password**. Snowflake account's login password. For example, `yufncixxxxxxxxxp55hbdy7`. + :::note + Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Sumo Logic recommends you to update your integration to [Programmatic Access Tokens (PATs)](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) before 1st November 2025 to ensure continued access. + ::: Once you have all the required values, set up the source configuration to collect your desired log types available in the configuration section. diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md index 6233821326..8bdc68725e 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md @@ -27,6 +27,9 @@ To collect metric data from the Snowflake SQL API, you must have an authorized S 1. Collect your admin account identifier following the instructions in the [Snowflake documentation](https://docs.snowflake.com/en/user-guide/admin-account-identifier). The identifier should look something like this: `wp00000.us-east-2.aws`. 1. Take note of the database name you plan to query. 1. Collect your Snowflake Programmatic Access Token following the instructions in the [Snowflake documentation](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens). + :::note + Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Sumo Logic recommends you to update your integration to [Programmatic Access Tokens (PATs)](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) before 1st November 2025 to ensure continued access. + ::: 1. Optional additional information such as a role, warehouse, or schema name can also be configured with the source. ### Source configuration From 7c968ecc5e8824b77f6629f3f6638fb81d730b0a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 21:31:40 +0530 Subject: [PATCH 2/7] Update blog-service/2025-10-13-collection.md Co-authored-by: John Pipkin (Sumo Logic) --- blog-service/2025-10-13-collection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog-service/2025-10-13-collection.md b/blog-service/2025-10-13-collection.md index cb74f2c085..24c7ffbbda 100644 --- a/blog-service/2025-10-13-collection.md +++ b/blog-service/2025-10-13-collection.md @@ -13,7 +13,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. -Snowflake has signed the CISA **Secure by Design** pledge and is committed to adopting security best practices, including: +Snowflake has signed the CISA *Secure by Design* pledge and is committed to adopting security best practices, including: - Eliminating high-risk authentication methods (e.g., password-only access) - Enforcing multi-factor authentication (MFA) - Reducing the risk of credential theft and unauthorized access From c15a0ce79f0815ead8cf1ebf599c7c532e833e89 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 21:31:48 +0530 Subject: [PATCH 3/7] Update blog-service/2025-10-13-collection.md Co-authored-by: John Pipkin (Sumo Logic) --- blog-service/2025-10-13-collection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog-service/2025-10-13-collection.md b/blog-service/2025-10-13-collection.md index 24c7ffbbda..810690d072 100644 --- a/blog-service/2025-10-13-collection.md +++ b/blog-service/2025-10-13-collection.md @@ -14,7 +14,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Snowflake has signed the CISA *Secure by Design* pledge and is committed to adopting security best practices, including: -- Eliminating high-risk authentication methods (e.g., password-only access) +- Eliminating high-risk authentication methods (for example, password-only access) - Enforcing multi-factor authentication (MFA) - Reducing the risk of credential theft and unauthorized access From a26f62413737122553d76ed5fa5c68c44600ccd0 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 21:32:04 +0530 Subject: [PATCH 4/7] Update blog-service/2025-10-13-collection.md Co-authored-by: John Pipkin (Sumo Logic) --- blog-service/2025-10-13-collection.md | 1 + 1 file changed, 1 insertion(+) diff --git a/blog-service/2025-10-13-collection.md b/blog-service/2025-10-13-collection.md index 810690d072..dda24dfdd0 100644 --- a/blog-service/2025-10-13-collection.md +++ b/blog-service/2025-10-13-collection.md @@ -23,6 +23,7 @@ These changes are designed to strengthen Snowflake’s overall security posture ### Next steps As an interim measure, Sumo Logic recommends you to use the Programmatic Access Tokens (PATs) to authenticate your Sumo Logic integration with Snowflake before 1st November 2025. This ensures continued access and seamless data collection from the Snowflake platform. + Refer to [Using programmatic access tokens for authentication](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) for step-by-step instructions to authenticate the integration with Snowflake. :::note From ec6d0b71c1e0c8b3863a3a6d3f438157fbeef3df Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 21:32:14 +0530 Subject: [PATCH 5/7] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md Co-authored-by: John Pipkin (Sumo Logic) --- .../snowflake-logs-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md index f9e9d0b01d..e13c28d98a 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source.md @@ -38,7 +38,7 @@ The Snowflake Logs source requires you to provide the following data to setup th - **Username**. Snowflake account's login username. For example, `SUMOLOGIC`. - **Password**. Snowflake account's login password. For example, `yufncixxxxxxxxxp55hbdy7`. :::note - Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Sumo Logic recommends you to update your integration to [Programmatic Access Tokens (PATs)](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) before 1st November 2025 to ensure continued access. + Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Sumo Logic recommends that you update your integration to [Programmatic Access Tokens (PATs)](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) before 1st November 2025 to ensure continued access. ::: Once you have all the required values, set up the source configuration to collect your desired log types available in the configuration section. From 12827d4cfedcc1d08ef9b7e80ada483591846192 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 21:32:24 +0530 Subject: [PATCH 6/7] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md Co-authored-by: John Pipkin (Sumo Logic) --- .../cloud-to-cloud-integration-framework/snowflake-sql-api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md index 8bdc68725e..3228e90775 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api.md @@ -28,7 +28,7 @@ To collect metric data from the Snowflake SQL API, you must have an authorized S 1. Take note of the database name you plan to query. 1. Collect your Snowflake Programmatic Access Token following the instructions in the [Snowflake documentation](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens). :::note - Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Sumo Logic recommends you to update your integration to [Programmatic Access Tokens (PATs)](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) before 1st November 2025 to ensure continued access. + Starting November 2025, Snowflake will block single-factor authentication (password-only sign-ins) as part of their enhanced security protocols. Sumo Logic recommends that you update your integration to [Programmatic Access Tokens (PATs)](https://docs.snowflake.com/en/user-guide/programmatic-access-tokens) before 1st November 2025 to ensure continued access. ::: 1. Optional additional information such as a role, warehouse, or schema name can also be configured with the source. From 06b7da3d6ce90066a22351bfc39f97cc71cab081 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 13 Oct 2025 21:52:22 +0530 Subject: [PATCH 7/7] changed release date --- .../{2025-10-13-collection.md => 2025-10-15-collection.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename blog-service/{2025-10-13-collection.md => 2025-10-15-collection.md} (100%) diff --git a/blog-service/2025-10-13-collection.md b/blog-service/2025-10-15-collection.md similarity index 100% rename from blog-service/2025-10-13-collection.md rename to blog-service/2025-10-15-collection.md