Send Cyral logs to Sumo Logic
Follow the steps below to configure Cyral to output repository activity logs to your Sumo Logic collector.
Prerequisites
- In Sumo Logic, configure an HTTP Logs and Metrics Source and associate a hosted collector with the source.
- Specify your logging preferences for each repository monitored by Cyral.
Procedure
Follow these steps to add your Sumo Logic integration to Cyral:
In the Cyral management console, click Integrations in the sidebar, find the the Sumo Logic card, and click Setup or Configure.
In the Sumo Logic configuration form, click New Integration.
Give this connection an Integration Name and specify the Address of the Sumo Logic HTTP Source that will receive log data from Cyral.
info
You can also add a Sumo Logic integration using the Cyral API,
/integrations/sumologic
.Click Save.
NOTE: Changes to this configuration will take effect immediately, and the sidecar does not need to be redeployed.
caution
Each sidecar that will send logs to this log destination will need to be deployed with its Log Integration set to the Integration Name you specified above.
When deploying new sidecars, make sure to choose the name of this Log Integration when you generate the template.
NOTE: Sidecars that are already deployed will need to be redeployed.
Next steps
- For more about monitoring a data repository, see Monitor all data activity from users and services.
- To understand log contents, see the Log Specification.
- Learn more about logging preferences.