This guide walks you through creating a Sumo Logic HTTP Source, and gathering the configuration needed to create a Sumo Logic Sink (write-only) integration.
The account used must have at least the 'Manage Collectors' role to accomplish these instructions.
Follow the Sumo Logic documentation for configuring a new HTTP Logs and Metrics Source.
Choose HTTP Logs & Metrics as your source type.
Make sure the Forward to SIEM checkbox is checked.
Leave the Fields/Metadata empty
In the Advanced options for Logs make sure both the 'Extract timestamp information from log file entries' and 'Multiline Processing' options are checked with automatic detection.
Leave the Processing Rules at their defaults.
Copy down the 'HTTP Source Address' after saving your new Source. This is your Sumo Logic Collection URL.
Collection URL Secret This is the HTTP Source Address gathered in step 2