Skip to Content
Configure vendor and storage connectionsConfigure Sumo Logic integrations

Configure connections to Sumo Logic with Grepr integrations

The Grepr platform includes two integrations for connecting to Sumo Logic. This page documents the Sumo Logic integration, but the integration to use depends on the source type that you are sending logs to:

  • If you use the OTLP/HTTP source in Sumo Logic, you must use the Grepr OpenTelemetry integration to connect Grepr and Sumo Logic.
  • If you use the HTTP source, you must use the Sumo Logic integration.

To send logs to a Grepr pipeline before forwarding them to Sumo Logic, update your collector configuration to send the logs to a Grepr endpoint URL instead of the endpoint for a Sumo Logic source. To learn how to create a Sumo Logic integration in the Grepr UI and configure collectors to send logs to Grepr, see Use a Sumo Logic integration in a Grepr pipeline.

You can also use the Grepr REST API to create and use a Sumo Logic integration. See the API specification.

Although this page describes using an integration to create a pipeline for sourcing and sending data with a single observability platform, your pipelines can use multiple integrations to source and sink data for different platforms. For example, you can create a pipeline with a Datadog integration that’s used to source data from Datadog agents, and a Splunk integration and sink that sends the pipeline output to Splunk.

Requirements

  • To create a Sumo Logic integration, you must have the endpoint URL from a configured HTTP Logs and Metrics Source. See Configure an HTTP Logs and Metrics Source .
  • The only log format supported by the Sumo Logic integration is JSON. To send logs to a Grepr source, you must set log_format:json in your collector configuration.

Use a Sumo Logic integration in a Grepr pipeline

Use the following steps to create a Sumo Logic integration in the Grepr UI and use it in a pipeline to source and sink logs.

Step 1: Create a Sumo Logic integration

To create a Sumo Logic integration in the Grepr UI:

  1. Go to the Integrations page in the Grepr UI and click Add new next to Observability Vendors.
  2. In the Add Observability Vendor dialog:
    • In the Type menu, select Sumo Logic.
    • In the Name field, enter a name for the integration. To facilitate working with logs in Sumo Logic, Grepr recommends naming the integration based on the collector that will send logs to Grepr.
    • In the HTTP collector URL field, enter the endpoint URL from your Sumo Logic HTTP Logs and Metrics Source.
  3. Click Create.

Step 2: Add a source to your pipeline

To add a source to your pipeline that uses the Sumo Logic integration:

  1. In the Grepr UI, go to the overview page for an existing pipeline or create a new pipeline from the homepage.
  2. In the left-hand navigation menu on the pipeline overview page, click Sources.
  3. In the Add source dialog, select the Sumo Logic integration in the Source menu.
  4. (Optional) In the Name field, to override the Grepr-generated name, enter a new name for the source.
  5. Click Submit.

Step 3: Configure log forwarding to Grepr

To send data to Grepr, you configure your collector or agent to send the data to the ingestion URL for your Grepr integration, rather than sending it to your observability vendor’s platform. To find the ingestion URL when using the Grepr UI to configure your pipeline, go to the details view for the pipeline, click Sources in the left pane, and copy the Ingest URL.


Accessing the Grepr ingestion URL in the UI.

When you use the API, you can construct the ingestion URL using the following format:


https://<integration-id>-<org-id>.ingest.grepr.ai

Replace <integration-id> with the identifier of the vendor integration used by your pipeline, and replace <org-id> with the identifier for your organization.

The Sumo Logic Distribution for OpenTelemetry Collector is supported for sending logs to Grepr. To configure the OpenTelemetry collector to send logs to Grepr, set the endpoint value in the exporters.sumologic section to the ingestion URL from your Grepr source:

exporters:
  sumologic/grepr:
    endpoint: <grepr-ingestion-url>
    log_format: json
 
  service:
    pipelines:
      logs:
        exporters: [sumologic/grepr]

Replace <grepr-ingestion-url> with the ingestion URL from your Grepr Sumo Logic source.

Your workflow might require sending unprocessed logs directly to Sumo Logic in addition to sending the logs to Grepr. To configure dual-shipping of logs, include an exporter configuration for both Grepr and Sumo Logic in your OpenTelemetry collector configuration:

exporters:
  sumologic/grepr:
    endpoint: <grepr-ingestion-url>
    log_format: json
 
  # Your existing Sumo Logic exporter
  sumologic:
    endpoint: <sumologic-http-source-url>
    log_format: json
 
service:
  pipelines:
    logs:
      exporters: [sumologic/grepr, sumologic]

Replace:

  • <grepr-ingestion-url> with the ingestion URL from your Grepr Sumo Logic source.
  • <sumologic-http-source-url> with the endpoint URL from your Sumo Logic HTTP source.

Limitations

The integration doesn’t support Sumo Logic Extended HTTP Metadata Collection . Grepr drops any custom headers forwarded by collectors before processing the messages included in the payload.

Last updated on
Configure Splunk connectionsConfigure Google Cloud observability