Project description

sumologic-gsuitealertcenter

Solution to pull alerts from G Suite Alert Center to Sumo Logic

Installation

This collector can be deployed both onprem and on cloud(google cloud functions). For installing the collector as a serverless solution refer these docs

Deploying the collector on a VM

Setup the Alert Center API by referring to the following docs. Here while creating key in service account make a note of the location of Service Account JSON file that has been downloaded in your computer you will need it later.
Add a Hosted Collector and HTTP Source
- To create a new Sumo Logic Hosted Collector, perform the steps in Configure a Hosted Collector.
- Add an HTTP Logs and Metrics Source. Under Advanced you'll see options regarding timestamps and time zones and when you select Timestamp parsing specify the custom time stamp format as shown below:
  - Format: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
  - Timestamp locator: \"createTime\": (.*),.
Configuring the sumologic-gsuitealertcenter collector

Below instructions assume pip is already installed if not then, see the pip docs on how to download and install pip. sumologic-gsuitealertcenter is compatible with python 3.7 and python 2.7. It has been tested on Ubuntu 18.04 LTS and Debian 4.9.130. Login to a Linux machine and download and follow the below steps:
- Install the collector using below command pip install sumologic-gsuitealertcenter
- Create a configuration file named gsuitealertcenter.yaml in home directory by copying the below snippet. Add the SUMO_ENDPOINT, CREDENTIALS_FILEPATH(downloaded in step 1) and DELEGATED_EMAIL parameters obtained from step 1 and step 2 and save it.
```
SumoLogic:
  SUMO_ENDPOINT: <SUMO LOGIC HTTP URL>

GsuiteAlertCenter:
  DELEGATED_EMAIL: "<use the default email address>"
  CREDENTIALS_FILEPATH: "<path to json Service Accouont JSON file>"

Collection:
  ENVIRONMENT: onprem
```
- Create a cron job for running the collector every 5 minutes by using the crontab -e and adding the below line */5 * * * * /usr/bin/python -m sumogsuitealertscollector.main > /dev/null 2>&1

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

This version

1.0.6

Mar 23, 2021

1.0.5

Jun 28, 2019

1.0.4

Apr 18, 2019

1.0.3

Apr 5, 2019

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sumologic-gsuitealertcenter-1.0.6.tar.gz (21.1 kB view details)

Uploaded Mar 23, 2021 Source

Built Distribution

sumologic_gsuitealertcenter-1.0.6-py3-none-any.whl (27.9 kB view details)

Uploaded Mar 23, 2021 Python 3

File details

Details for the file sumologic-gsuitealertcenter-1.0.6.tar.gz.

File metadata

Download URL: sumologic-gsuitealertcenter-1.0.6.tar.gz
Upload date: Mar 23, 2021
Size: 21.1 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.25.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.54.1 CPython/3.8.0

File hashes

Hashes for sumologic-gsuitealertcenter-1.0.6.tar.gz
Algorithm	Hash digest
SHA256	`f282dce8c8f40dd8617e57af88dd21020c39cc4d6cb274524c2ae6855db4cb57`
MD5	`ce50538de6763aca9ebcfff7ba664f16`
BLAKE2b-256	`661b0b740223b85c4e34d9ecbc0ad3292d4c1eedc271c74825cc86cc454c9ecd`

See more details on using hashes here.

File details

Details for the file sumologic_gsuitealertcenter-1.0.6-py3-none-any.whl.

File metadata

Download URL: sumologic_gsuitealertcenter-1.0.6-py3-none-any.whl
Upload date: Mar 23, 2021
Size: 27.9 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.25.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.54.1 CPython/3.8.0

File hashes

Hashes for sumologic_gsuitealertcenter-1.0.6-py3-none-any.whl
Algorithm	Hash digest
SHA256	`0f7cf0b8de0e7106d3813ecdafbc6cdd72bfefe55d5d27d6443055e04c0db600`
MD5	`8935b9dae663c3ea872edfee2d8a3822`
BLAKE2b-256	`b04e47f6c5086400a6b1c1b7ebdca33020156a572c29385793477d83fe1b5720`