Sumo Logic

Jamf Protect Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

You can use Jamf Security Cloud data streams to send event data to Sumo Logic.

Requirements

  • Administrator access to your organization's Sumo Logic environment.

  • The Jamf Protect app for Sumo Logic.

    For instructions, see the Installing Apps and Integrations documentation from Sumo Logic.

  • An HTTP event source URL from Sumo Logic for collecting Jamf Security Cloud data.

    For more information, see the Generate a New URL for an HTTP Source documentation from Sumo Logic.

  1. In Jamf Security Cloud, navigate to Integrations > Data Streams.
  2. Click New configuration.
  3. Select a data stream type.

    For more information about data stream types, see Jamf Security Cloud Data Stream Types and Targets.

  4. Select Generic HTTP as your data stream target type, and then click Continue.
  5. Configure your HTTP data endpoint for Sumo Logic:
    1. Enter a configuration name.
    2. Set the Protocol to "https".
    3. Enter your Sumo Logic server URL (e.g., collectors.sumologic.com) in the Server hostname/IP field.
    4. Enter 443 in the Port field.
    5. Enter the collector endpoint (e.g., receiver/v1/http/<generated_url>) in the Endpoint field.
      Note:

      Replace <generated_url> with the HTTP source address generated in Sumo Logic.

  6. Click Test Configuration.
  7. Use the Enable configuration switch to turn on the data stream.
  8. Click Save.

Your data stream is now sending events to Sumo Logic.

To send different Jamf Security Cloud data stream types, create additional data streams.