Giter Club home page Giter Club logo

sumologic-gsuitealertcenter's Introduction

sumologic-gsuitealertcenter

Solution to pull alerts from G Suite Alert Center to Sumo Logic

Installation

This collector can be deployed both onprem and on cloud(google cloud functions). For installing the collector as a serverless solution refer these docs

Deploying the collector on a VM

  1. Setup the Alert Center API by referring to the following docs. Here while creating key in service account make a note of the location of Service Account JSON file that has been downloaded in your computer you will need it later.

  2. Add a Hosted Collector and HTTP Source

    • To create a new Sumo Logic Hosted Collector, perform the steps in Configure a Hosted Collector.
    • Add an HTTP Logs and Metrics Source. Under Advanced you'll see options regarding timestamps and time zones and when you select Timestamp parsing specify the custom time stamp format as shown below:
      • Format: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
      • Timestamp locator: \"createTime\": (.*),.

  3. Configuring the sumologic-gsuitealertcenter collector

    Below instructions assume pip is already installed if not then, see the pip docs on how to download and install pip. sumologic-gsuitealertcenter is compatible with python 3.7 and python 2.7. It has been tested on Ubuntu 18.04 LTS and Debian 4.9.130. Login to a Linux machine and download and follow the below steps:

    • Install the collector using below command pip install sumologic-gsuitealertcenter

    • Create a configuration file named gsuitealertcenter.yaml in home directory by copying the below snippet. Add the SUMO_ENDPOINT, CREDENTIALS_FILEPATH(downloaded in step 1) and DELEGATED_EMAIL parameters obtained from step 1 and step 2 and save it.

      SumoLogic:
  SUMO_ENDPOINT: <SUMO LOGIC HTTP URL>
  
GsuiteAlertCenter:
  DELEGATED_EMAIL: "<use the default email address>"
  CREDENTIALS_FILEPATH: "<path to json Service Accouont JSON file>"
  
Collection:
  ENVIRONMENT: onprem

    • Create a cron job for running the collector every 5 minutes by using the crontab -e and adding the below line */5 * * * * /usr/bin/python -m sumogsuitealertscollector.main > /dev/null 2>&1

sumologic-gsuitealertcenter's People

Contributors

himanshu219 avatar duchatran avatar carlosgilsaenz avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.