Send Cyral logs to Sumo Logic

Follow the steps below to configure Cyral to output repository activity logs to your Sumo Logic collector.

Prerequisites

• In Sumo Logic, configure an HTTP Logs and Metrics Source and associate a hosted collector with the source.
• Specify your logging preferences for each repository monitored by Cyral.

Procedure

Follow these steps to add your Sumo Logic integration to Cyral:

1. Navigate to the Integrations page in the sidebar.

2. Click Setup or Configure on the Logging card, and click the New Integration button.

3. Select Sumo Logic from the list of integration platforms.

4. Provide an Integration Name and specify the HTTP Collector Address of the Sumo Logic HTTP Source that will receive log data from Cyral. Note that this must be a valid Sumo Logic HTTP source URL, which includes the scheme (https), Sumo endpoint, and path containing the unique HTTP Collector code.

5. Click Create.

6. For each sidecar that will send logs to this destination, configure the sidecar's advanced logging settings and select this integration for Data Activity Logs and/or Diagnostic Logs. For more information, see "Manage Sidecars -> Logging".

Next steps

• For more about monitoring a data repository, see Monitor all data activity from users and services.
• To understand log contents, see the Log Specification.
• Learn more about logging preferences.