Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Use Terraform to launch a Linux AMI with Sumo Logic built-in

This example Terraform repo shows how to automaticaly deploy a Sumo Logic collector on a Linux EC2 instance in a Security Group within your default VPC.

Using Local File Management, we will bootstrap the EC2 instance with a sources.json file and the Sumo Logic collector agent to collect local log files (System Logs, Cron logs, etc.) and system metrics (CPU, Memory, etc.)


  1. Terraform - If you have not used Terraform I recommend Terraform: Up and Running - GitHub Repo / Book
  2. A Sumo Logic account - sign up for free here
  • You'll need to download an Sumo Logic collector management key pair later
  1. Access to your AWS account
  • AmazonEC2FullAccess permissions
  1. AWS Authentication
  • Option 1: User key pair
  • You can export these in your shell session one time:

> export AWS_Access_Key_ID=(your_ID)

> export AWS_Secret_Access_key=(your_key)

  • Option 2: Set up the AWS CLI or SDKs in your local environment.
  • Terraform can use the credentials stored at $home/.aws/credentials which is created for you after running the configure command on the AWS CLI


  1. First, copy this repo (Example 1. Collector on Linux EC2) somewhere locally.
  • You'll need all 3 files: main.tf, vars.tf, and user_data.sh
  • main.tf will use user_data.sh to bootstrap your EC2, and will use vars.tf to perform lookups based on a Linux AMI map, a Sumo Logic collector endpoint map, and some other variables
  1. Then, test out Terraform by running: /path/to/terrafom plan
  • You can safely enter 'test' for the var.Sumo_Logic_Access_ID and var.Sumo_Logic_Access_Key inputs while you are testing with plan
  1. Run Terraform and create your EC2
  • There are some configurable variables built in. For example, the default AWS Region that this EC2 will be launched into is us-east-1, but you can pass in another region like this: path/to/terraform /terraform apply -var region=us-west-2
  • If your Sumo Logic Deployment is in another Region, like DUB or SYD, you can run the command like this: path/to/terraform /terraform apply -var Sumo_Logic_Region=SYD
  1. Terraform will interactively ask you for your Sumo Logic Access Key pair
  • Get your Sumo Logic Access Keys from your Sumo Logic account

  • In the Sumo Logic Web Application click your name in the left nav and open the Preferences page

  • Next to My Access Keys, click the + icon to Add

  • See the official Sumo Logic documentation here

  1. Done! After about 2-3 minutes, check under Manage Data > Collection in the Sumo Logic UI and you should see you new collector running and scanning the sources we specified in the sources.json (Linux OS logs, Cron log, and Host Metrics)