Skip to main content

Sumo Logic

Community-contributed integration

This integration is community-maintained. Reference: ory/integrates/siem-security-analytics/sumo-logic.

Sumo Logic provides cloud-native machine-data analytics and a Cloud SIEM. An HTTP Source on a Hosted Collector accepts authenticated POSTs to a tokenized URL, with no webhook handler needed.

How it works

An Ory Action POSTs the JSON body directly to the Sumo Logic Hosted Collector HTTP Source URL. The Source Category drives downstream search and partition rules, and Sumo parses the JSON automatically.

Notable

  • The HTTP Source URL is the auth, so treat it as a secret.
  • For Cloud SIEM, parse events into Sumo's normalized schema through Field Extraction Rules to unlock built-in detection rules.

Resources

Ory Network

The largest Identity and Access Management network in the world. So you can get back to building your business.

Sign up for free