# Sumo Logic

**Early Access**: This integration is provided as an Open Authorization API (OAA) connector package. Contact our support team for more information.

## Veza SumoLogic Connector

Python connector for SumoLogic to collect roles, permissions and users data for the Veza Open Authorization (OAA) API.

#### Veza Application Mapping

| SumoLogic   | OAA Application   | Notes |
| ----------- | ----------------- | ----- |
| Instance    | Application       |       |
| Roles       | Local Roles       |       |
| Users       | Local Users       |       |
| Permissions | Local Permissions |       |

#### Discovered Properties

| Entity      | Property             | Description                                      |
| ----------- | -------------------- | ------------------------------------------------ |
| Role        | `id`                 | Role's ID provided by SumoLogic                  |
| Role        | `name`               | Role's name                                      |
| Role        | `description`        | Role's Description                               |
| Role        | `systemDefined`      | Role defined by system or not                    |
| User        | `firstName`          | User's First name                                |
| User        | `lastName`           | User's Last name                                 |
| User        | `email`              | User's email address.                            |
| User        | `id`                 | User's ID provided by SumoLogic                  |
| User        | `isMfaEnabled`       | User's two factor authentication enabled or not. |
| User        | `isLocked`           | User account is locked or not.                   |
| User        | `isActive`           | User active or not                               |
| User        | `lastLoginTimestamp` | User's last active timestamp                     |
| User        | `createdAt`          | User's creation timestamp                        |
| Permissions | `name`               | Permission's name                                |

#### Limitations

* The Administrator role is a super user. It has all of the capabilities that can be assigned to a role. Hence, Administrator capabilities are considered as the OAA permissions. [Admin Permissions](https://help.sumologic.com/docs/manage/users-roles/roles/create-manage-roles/)
* Permissions in SumoLogic can be implicit. For example, a role explicitly granted the ManageFields capability will implicitly provide the ViewFields and ViewFieldExtractionRules capabilities for users with that role. Implicit permission calculations are not handled by the connector (only the explicitly granted capability is represented).

### Setup

#### SumoLogic

1. To generate Access ID and Access Key follow the steps [Create your access key](https://help.sumologic.com/docs/manage/security/access-keys/#create-your-access-key)

#### Veza

1. Generate an API key for your Veza user. API keys can be managed in the Veza interface under Administration -> API Keys. For detailed instructions consult the Veza User Guide.

### Running the Connector

#### Command Line

1. Install the requirements:

   ```
   pip3 install -r requirements.txt
   ```
2. Set the Secrets:

   ```
   export VEZA_API_KEY="XXXXXXX...XXXXXXXXXXXX"
   export SUMOLOGIC_ACCESS_ID="XXXXX...XX"
   export SUMOLOGIC_ACCESS_KEY="XXXXXXXXXXX"
   ```
3. Run the connector:

   ```
   ./veza_sumologic.py --sumologic-url <sumologic-url> --veza-url <URL to Veza instance>
   ```

#### Parameters

| CLI Parameter     | Environment Variable   | Description                                                       |
| ----------------- | ---------------------- | ----------------------------------------------------------------- |
| `--veza-url`      | `VEZA_URL`             | the URL of the Veza instance system                               |
| n/a               | `VEZA_API_KEY`         | API key for Veza connection                                       |
| `--sumologic-url` | `SUMOLOGIC_URL`        | the URL of the Sumo Logic to make API calls                       |
| n/a               | `SUMOLOGIC_ACCESS_ID`  | Access ID of SumoLogic User Account                               |
| n/a               | `SUMOLOGIC_ACCESS_KEY` | Access Key of SumoLogic User Account                              |
| `--debug`         | n/a                    | Set the log level to debug                                        |
| `--save-json`     | n/a                    | Save OAA JSON payload to file                                     |
| `--create-report` | n/a                    | Create/update a Veza Report. Defaults to true for first discovery |

#### Reports

On first discovery, connector will automatically populate Veza Insights Queries and Report associated with SumoLogic. Queries created include:

* All SumoLogic Users
* All SumoLogic Roles
* Active SumoLogic Users
* SumoLogic Users Not Used in Last 90 Days
* SumoLogic Users with Assigned Roles
* SumoLogic Administrators
* SumoLogic Users related to Okta Users
* SumoLogic Users not related to Okta Users
* SumoLogic Users related to Deactivated Okta Users


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/integrations/integrations/sumologic.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.