If you’re interested in using Sumo Logic with Aiven, it’s possible to send Aiven service logs to Sumo Logic. You’ll do it the same way as you would configure any remote syslog integration, using the rsyslog protocol - with just a few short steps. So what is Sumo Logic?
What is Sumo Logic?
Sumo Logic is a cloud-based data analytics engine, serving log management and analytics workloads.
Sumo Logic provides graphing and alerting functionality, an ability to build dashboards consisting of multiple graphs, and so forth.
Aiven + Sumo Logic
Configuring output from Aiven Services to Sumo Logic only requires only a few steps:
- In Sumo Logic, configure a hosted collector
- Also in Sumo Logic, configure a cloud Syslog source
- From Aiven CLI, configure remote syslog endpoint from which to send service logs to Sumo Logic and connect them.
Configure a hosted collector from Sumo Logic
1. In Sumo Logic select 'Manage Data > Collection > Collection'.
2. Click 'Add Collector'.
3. Click 'Hosted Collector'
4. In the 'Add Collector' dialog box, type a Name for the Collector as well as an optional Description, Category, and Time Zone.
5. When prompted, click 'OK' to confirm.
Configure a cloud Syslog source in Sumo Logic
1. Select 'Cloud Syslog' from available collectors.
2. Specify 'name' (mandatory), 'Description', and 'Source Host' for cloud syslog and click 'Save'.
3. On the Cloud Syslog Source Token page click 'Copy' and paste the result to a text file.
Your output will look something like:
Token: YfYg...fq@41123, Host: syslog.collection.us2.sumologic.com, TCP TLS Port: 6514
Configure Aiven's remote syslog integration to send service logs to Sumo Logic
1. In your text editor, format an Aiven client command line (integration endpoint) with this information, as follows:
avn service integration-endpoint-create --project your-project \
-d sumologic -t rsyslog \
-c server=syslog.collection.us2.sumologic.com -c port=6514 \
-c format=rfc5424 -c tls=true \
2. Now, run the command.
3. You'll need to run some additional commands. First, to get your endpoint ID:
avn service integration-endpoint-list
ENDPOINT_ID ENDPOINT_NAME ENDPOINT_TYPE
==================================== ============== =============
2b77e918-27f8-4437-b609-9553569a90f7 sumologic_3 rsyslog
4. Next, link it up to make your service use that endpoint:
avn service integration-create --project your-project \
-t rsyslog -s your-service \
5. Once the connection is up, you can now verify that the data is implemented by viewing the raw data in Sumo Logic, for example using a live tail, where '_collector=Aiven'