### Running Installer with -q and -console on Windows Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/installed-collectors/collector-installation-reference/parameters-command-line-installer.md On Windows, use 'start /wait' to enable the -console option when running the installer silently. ```bash start /wait installer.exe -q -console ``` -------------------------------- ### Install Collector as a Service Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/cloud-security-monitoring-analytics/linux.md Install the Sumo Logic Collector as a system service. This ensures the collector starts automatically when the machine boots. ```bash sudo ./collector install ``` -------------------------------- ### Start Docker Daemon Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/platform-services/automation-service/automation-service-bridge.md Start the Docker daemon after installation. This command ensures Docker is running. ```bash systemctl start docker ``` -------------------------------- ### Configure Collector with Installation Token (user.properties) Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/cloud-security-monitoring-analytics/linux.md Example configuration for the user.properties file to register a Collector using an installation token and URL. The token string must be base64 decoded first. ```properties name = url=https://collectors.sumologic.com token=SUMOXXXXXXXXXXXXXXXXXXXXXXXXXXXX ``` -------------------------------- ### Get Setup Job Pod Logs Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/kubernetes/troubleshoot-collection/installation.md Retrieve logs from the setup job pod to diagnose installation failures. Replace POD_NAME with the actual name of the setup pod. ```sh kubectl logs POD_NAME -f ``` -------------------------------- ### Start Local Development Server Source: https://github.com/sumologic/sumologic-documentation/blob/main/README.md Serve and preview the documentation site locally with hot reloads for immediate feedback on changes. ```bash yarn start ``` -------------------------------- ### Bridge Shutdown: 401 Error Log Example Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/platform-services/automation-service/automation-service-bridge.md This log snippet indicates a 401 Unauthorized error when the bridge attempts to get its configuration, often due to an invalid installation token name. ```text time="2026-01-19T12:29:23Z" level=error msg="Error response from request getBridgeConf" error=401 fields.time="2026-01-19 12:29:23.933671925 +0000 UTC m=+2.250123502" time="2026-01-19T12:29:23Z" level=error msg="Error getting initial conf from cloud" error="Error getting configuration at startup: 401" fields.time="2026-01-19 12:29:23.933849675 +0000 UTC m=+2.250301252" workerIdentifier=worker@95138086f341 ``` -------------------------------- ### Start Telegraf Service on Debian/Ubuntu Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/collect-from-other-data-sources/collect-metrics-telegraf/install-telegraf.md Installs Telegraf and starts the service. Remember to configure the telegraf.conf file with your specific settings before starting. ```bash sudo apt-get update && sudo apt-get install telegraf # update /etc/telegraf/telegraf.conf with your # specific config settings, then start the service sudo systemctl start telegraf ``` -------------------------------- ### Example Vendor Configuration Prerequisites (Dropbox) Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/contributing/templates/c2c-source.md This example outlines the steps to obtain API credentials for a Dropbox Cloud-to-Cloud source. It details how to create an app, set permissions, and generate necessary keys and tokens. ```markdown You'll need a Dropbox App Key, App Secret, and Access Code to provide to Sumo Logic. To generate these credentials follow the below steps: 1. Sign in to your [Dropbox Business Account](https://www.dropbox.com/login). 1. Create a new app in the [App Console](https://www.dropbox.com/developers/apps). 1. Open the new app and click **Permissions** and enable **events.read** in **Team Scopes** of the app and then click **Submit**. 1. Copy the provided **App Key** and **App Secret** values, you'll provide these to the Sumo Logic Dropbox Source and are needed in the next step. 1. Replace **APP_KEY** with your App Key in the following URL. `https://www.dropbox.com/oauth2/authorize?client_id=APP_KEY&token_access_type=offline&response_type=code` 1. Load the modified URL and you'll see the sign in page of Dropbox. Sign in with your Dropbox Business account credentials to obtain the access code. Then click the **Allow** button. Copy the Access Code to provide to the Sumo Logic Dropbox Source. ``` -------------------------------- ### Folder Subscription Example 1 Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/alerts/monitors/alert-response.md Demonstrates the initial state and the state after creating a subscription on a folder, showing inherited subscriptions. ```bash 📁 Folder A ("No") ├── Monitor B ("No") └── Monitor C ("No") ``` ```bash 📁 Folder A ("Yes") ├──Monitor B ("Yes (inherited from folder)") └── Monitor C ("Yes (inherited from folder)") ``` -------------------------------- ### Add Dedicated Sidebar for a Guide Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/contributing/style-guide.md Example of how to define a dedicated sidebar in `sidebars.ts` that can contain multiple guides and their sections. ```javascript module.exports = { sectionName: [ { type: 'category', label: 'Name of Guide', collapsible: true, collapsed: false, link: {type: 'doc', id: 'foldername/id-first-page'}, items: [ 'foldername/doc-id1', 'foldername/doc-id2', { type: 'category', label: 'Section in Guide', collapsible: true, collapsed: false, link: {type: 'doc', id: 'foldername/id-section'}, items: [ 'foldername/doc-id3', 'foldername/doc-id4', ] } ], }, { type: 'category', label: 'Name of Another Guide', collapsible: true, collapsed: false, link: {type: 'doc', id: 'otherfoldername/id-first-page'}, items: [ 'otherfoldername/doc-id1', 'otherfoldername/doc-id2', { type: 'category', label: 'Section in Another Guide', collapsible: true, collapsed: false, link: {type: 'doc', id: 'otherfoldername/id-section'}, items: [ 'otherfoldername/doc-id3', 'otherfoldername/doc-id4', ] } ], }, ] } ``` -------------------------------- ### Example URL for Specific Entities Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/dashboards/explore-view.md This example shows how to create a URL to view a specific cluster, namespace, and service. ```bash https://service.us2.sumologic.com/ui/#/explore/@cluster=primary-eks@namespace=kube-system@service=metrics-server ``` -------------------------------- ### Add Contribution Guide Page to Sidebars Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/contributing/style-guide.md Example of how to add a page and nested categories to the `sidebars.ts` file for the Contribution Guide. ```javascript //Contribution guide for documentation contributing: [ { type: 'category', label: 'Contribution Guide', collapsible: true, collapsed: false, link: {type: 'doc', id: 'contributing/index'}, items: [ 'contributing/create-edit-doc', 'contributing/build-deploy', 'contributing/translations', { type: 'category', label: 'Templates', collapsible: true, collapsed: false, items: [ 'contributing/templates/partner-app-doc' ] } ], }, ], ``` -------------------------------- ### Example Output Configuration for Multiple Modules Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/observability/aws/deploy-use-aws-observability/deploy-with-terraform.md Provides example output configurations for distinct AWS modules, demonstrating how to track resources across different regions and environments. ```bash output "production-us-east-1" { value = module.production-us-east-1 description = "All outputs related to collection and sources." } output "production-us-east-2" { value = module.production-us-east-2 description = "All outputs related to collection and sources." } output "development-us-west-1" { value = module.development-us-west-1 description = "All outputs related to collection and sources." } ``` -------------------------------- ### Get Collectors API Call Example Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/api/about-apis/intro-to-apis.md This example demonstrates how to retrieve a list of collectors in your Sumo Logic system using the v1 API endpoint. It uses the 'requests' library for making the HTTP GET request and handles potential errors. ```python import requests def get_collectors(): url = 'https://api.sumologic.com/api/v1/collectors' try: response = requests.get(url, auth=('', '')) if response.status_code == 200: collectors = response.json() return collectors else: print('Error:', response.status_code) return None except requests.exceptions.RequestException as e: print('Error:', e) return None def main(): collectors = get_collectors() print(collectors) if __name__ == '__main__': main() ``` -------------------------------- ### Example URL with Time Range and Specific Entities Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/dashboards/explore-view.md This example demonstrates constructing a URL with a specified time range and specific cluster, namespace, and service entities. ```bash https://service.us2.sumologic.com/ui/#/explore/@1601092800000,1601389990282@cluster=primary-eks@namespace=kube-system@service=metrics-server ``` -------------------------------- ### Install Oracle Instant Client on Linux Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/databases/oracle.md Install Oracle Instant Client packages and necessary dependencies like `libaio`. Test the client connection using `sqlplus`. ```bash $ dnf install oracle-instantclient-release-el8 -y $ dnf install oracle-instantclient-basic $ oracle-instantclient-devel oracle-instantclient-jdbc $ oracle-instantclient-odbc oracle-instantclient-sqlplus oracle-instantclient-tools -y ``` ```bash $ dnf install -y libaio libaio-devel ``` ```bash $ sqlplus username/password@//databasehost:1521/sidvalue SQL*Plus: Release 19.0.0.0.0 - Production on Thu Nov 25 12:42:35 2021 Version 19.3.0.0.0 Copyright (c) 1982, 2019, Oracle. All rights reserved. Connected to: Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production Version 19.3.0.0.0 ``` ```sql SQL> select BANNER from v$version; BANNER ---------------------------------------- Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production ``` -------------------------------- ### Example JSON Configuration Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/contributing/templates/c2c-source.md An example of a complete JSON configuration for a cloud-to-cloud source, ready for import. ```json component-name ``` -------------------------------- ### Install Collector with Installation Token Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/installed-collectors/macos.md Use the JavaApplicationStub binary to perform a quiet installation using an installation token. ```bash sudo ./JavaApplicationStub -q -Vsumo.token_and_url= ``` -------------------------------- ### Start Linux Collector Service Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/cloud-security-monitoring-analytics/linux.md Use this command to start the Sumo Logic Collector service after installation. This command requires sudo privileges. ```bash sudo service collector start ``` -------------------------------- ### Install OpenTelemetry Collector with Install Script (Downloaded) Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/opentelemetry-collector/install-collector/linux.md Download the installation script first to inspect its contents for security. Then, execute the downloaded script. This method also installs the latest version and configures basic tags, preserving the SUMOLOGIC_INSTALLATION_TOKEN environment variable. ```bash sudo curl -sL https://download-otel.sumologic.com/latest/download/install.sh sudo -E bash ./install-otelcol-sumo.sh ``` -------------------------------- ### Start SSH Service on Windows Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/installed-collectors/sources/remote-file-source/prerequisites-windows-remote-file-collection.md Use this command to start the OpenSSH service on a Windows machine. Ensure OpenSSH is installed prior to running this command. ```bash net start opensshd ``` -------------------------------- ### Install Collector with Access ID and Key Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/installed-collectors/macos.md Perform a quiet installation using the Collector's access ID and access key. ```bash sudo ./JavaApplicationStub -q -Vsumo.accessid= -Vsumo.accesskey= ``` -------------------------------- ### Apply Puppet Manifest for OpenTelemetry Collector Installation Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/reuse/apps/opentelemetry/puppet-without-env.md Example of a Puppet manifest that installs and configures the OpenTelemetry Collector. It includes class declaration with installation token and tags, service management, and file resource for configuration. ```puppet node 'default' { class { 'install_otel_collector' installation_token => '', collector_tags => { }, } service { 'otelcol-sumo': provider => 'systemd', ensure => running, enable => true, require => Class['install_otel_collector'], } file { '/etc/otelcol-sumo/conf.d/': ensure => present, source => 'puppet:///modules/install_otel_collector/', mode => '0644', notify => Service[otelcol-sumo], } } ``` -------------------------------- ### Example: events.py with specific time range Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/containers-orchestration/vmware.md Example of running the events.py script to collect events starting from a specific timestamp. Ensure the timestamp format is correct. ```bash python3 events.py -s 192.168.23.242 -t vcenterhost -to 1514 -bT '2012-10-08 00:17:00.000+0000' ``` -------------------------------- ### Install Collector with Access ID and Key (CLI) Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/cloud-security-monitoring-analytics/linux.md Install the Collector using the command-line script, authenticating with your Sumo Logic access ID and access key, and defining data sources. ```bash sudo ./SumoCollector.sh -q -Vsumo.accessid= -Vsumo.accesskey= -Vsources= ``` -------------------------------- ### Log Forwarding Configuration Example Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/security-threat-detection/palo-alto-networks-9.md This example shows the format for defining log forwarding parameters, including various log fields and a placeholder for a token. Ensure all fields are correctly mapped for proper log ingestion. ```text ,$receive_time,$serial,$type,$subtype,,$time_generated,$vsys,$ip,$user,$datasourcename,$eventid,$repeatcnt,$timeout,$beginport,$endport,$datasource,$datasourcetype,$seqno,$actionflags,$dg_hier_level_1,$dg_hier_level_2,$dg_hier_level_3,$dg_hier_level_4,$vsys_name,$device_name,$vsys_id,$factortype,$factorcompletiontime,$factorno,,,$ugflags,$userbysource ``` -------------------------------- ### Salesforce Source Terraform Configuration Example Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/salesforce-source.md Example Terraform configuration for setting up a Salesforce Source. This demonstrates how to define the source within a Terraform infrastructure as code setup. ```sh resource "sumologic_collector" "salesforce" { name = "salesforce-collector" automatic_parsing_mode = "smart_mode" timezone = "America/Los_Angeles" } resource "sumologic_collector_ 2_0_source" "salesforce" { collector_id = sumologic_collector.salesforce.id name = "salesforce-source" description = "Salesforce source" category = "salesforce/source" // Use the following parameters to configure the source // name: Type a desired name of the source. The name must be unique per Collector. // description: Type a description of the source. // category: Type a category of the source. // fields: JSON map of key-value fields (metadata) to apply to the Collector or Source. // start_time: Type the collection start time. Available options are Now, 24 Hours ago, 2 Days ago, 3 Days ago, 4 Days ago, 5 Days ago. // client_id: Type in Consumer Key of the Connected App. // client_secret: Type in Consumer Secret of the Connected App. // inmemory_lookup: Set to true to enable inmemory lookup or to false to disable it. // collectAuditData: Set to true to collect the audit events data. // collectEventLogFileData: Set to true to collect the event log files data. // Example: // name = "mySource" // description = "Testing source" // category = "mySource/test" // fields = { // "_siemForward": false, // "fieldA": "valueA" // } // start_time = "24 Hours ago" // client_id = "YOUR_CONSUMER_KEY" // client_secret = "YOUR_CONSUMER_SECRET" // inmemory_lookup = true // collectAuditData = true // collectEventLogFileData = true } ``` -------------------------------- ### Add InfluxData Repository and Install Telegraf on Debian/Ubuntu Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/collect-from-other-data-sources/collect-metrics-telegraf/install-telegraf.md Adds the InfluxData repository and installs Telegraf using apt-get. Ensure you update the Telegraf configuration file before starting the service. ```bash # influxdata-archive_compat.key GPG fingerprint: # 9D53 9D90 D332 8DC7 D6C8 D3B9 D8FF 8E1F 7DF8 B07E wget -q https://repos.influxdata.com/influxdata-archive_compat.key echo '393e8779c89ac8d958f81f942f9ad7fb82a25e133faddaf92e15b16e6ac9ce4c influxdata-archive_compat.key' | sha256sum -c && cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list sudo apt-get update && sudo apt-get install telegraf ``` -------------------------------- ### Basic LogReduce Optimize Example Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/search/behavior-insights/logreduce/logreduce-operator.md An example demonstrating the basic usage of the 'optimize' option with the logreduce operator. ```sumo _sourceCategory=cloudtrail | logreduce optimize ``` -------------------------------- ### Install Collector with Installation Token (CLI) Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/cloud-security-monitoring-analytics/linux.md Use this command to install the Collector via the command-line installer, authenticating with an installation token and specifying data sources. ```bash sudo ./SumoCollector.sh -q -Vsumo.token_and_url= -Vsources= ``` -------------------------------- ### Example: Collect Historical Events with Timestamp Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/integrations/containers-orchestration/vmware.md An example of collecting all events starting from a specific date and time. Ensure the syslog host and port match your Sumo Logic collector configuration. ```python python3 events.py -s 192.168.23.242 \ -t vcenterhost -to 1514 -bT '2023-10-08 00:17:00.000+0000' ``` -------------------------------- ### WindowStartLocation Example with Timezone and Timestamp Format Source: https://github.com/sumologic/sumologic-documentation/blob/main/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source.md Illustrates using the WindowStartLocation variable, which allows specifying a timezone location in addition to the timestamp format. Note the recommendation to use WindowStartUTC instead. ```sh {{ .WindowStartLocation "