Requirements (Global)
- Python 3.8+
- pipenv - https://pypi.org/project/pipenv/
Configuration Explained
- There is a sample environment variables file called .env_sample under the root folder of this project
- You will clone this file and create one called .env where you actually input all of your secrets (API Keys + Access Key Pairs)
Parameters - explainations of what you see in .env_sample
- CSE_API_KEY - Sumo Logic Cloud SIEM Enterprise API Key
- CSE_TENANT_NAME - Sumo Logic Cloud SIEM Enterprise Tenant Name (https://{YOUR_TENANT_NAME}.jask.portal.ai)
- CIP_ACCESS_ID - Sumo Logic Continuous Intelligence Platform Access ID
- CIP_ACCESS_KEY - Sumo Logic Continuous Intelligence Platform Access Key
- VT_API_KEY - VirusTotal API Key. Enterprise is recommended since these scripts DO NOT monitor for API call limitations with the persomal key.
- Clone this repository
git clone https://github.com/tdiderich/sumologic.git
- Clone .env_sample to .env under the same directory
cp .env_sample .env
- Update all of the secrets needed based on the script you'd like to run (NOTE: you need to rerun pipenv shell anytime you update these values to reload them)
# SUMO CONFIG PARAMETERS
cse_api_key = 'ADD_ME'
cse_tenant_name = 'ADD_ME'
cip_access_id 'ADD_ME'
cip_access_key = 'ADD_ME'
# THIRD PARTY CONFIG PARAMETERS
vt_api_key = 'ADD_ME'
- Create pip environment
pipenv --three
- Install dependancies
pipenv install
- Enter pipenv
pipenv shell
- Run scripts
python3 foo/bar.py