})
Cloud-to-Cloud Info
Learn the basics of setting up Cloud-to-Cloud Integration Framework sources.
1Password
Provides a secure endpoint to receive Sign-in Attempts and Item Usage from the 1Password Event API.
}){kind=logo}
Abnormal Security Source
Abnormal Security Source helps to collect abnormal threat log from the Abnormal Security platform.
}){kind=icon}
Airtable Source
Airtable Source helps to retrieve Airtable audit logs into the Sumo Logic environment.
})
Akamai CPC Source
Learn to fetch CPC-Configs, CPC-Alerts, and CPC-Alert Details from the Akamai platform.
Akamai SIEM API
Provides a secure endpoint to receive security events generated on the Akamai platform.
}){kind=icon}
Armis Source
Armis Source helps to fetch device and alert logs from the Armis platform and send it to Sumo Logic.
}){kind=icon}
Asana Source
Learn to retrieve Asana audit logs into the Sumo Logic environment.
}){kind=icon}
Atlassian Source
Learn how to retrieve Atlassian audit logs into the Sumo Logic environment.
}){kind=logo}
Automox Source
Learn how to retrieve all events objects, audit trail events, and device inventory details into the Sumo Logic environment.
}){kind=icon}
AWS Cost Explorer
Learn to collect cost and usage reports from AWS Cost Explorer Source.
}){kind=logo}
AWS IAM Users
Learn to collect the IAM User Inventory logs from the AWS SDK and send them to Sumo Logic for analysis.
}){kind=small}
Azure Event Hubs
Provides a secure endpoint to receive data from Azure Event Hubs.
})
Bitwarden
Learn how to collect event logs from the Bitwarden API.
}){kind=logo}
Box
The Box API integration ingests events from the GetEvents API.
})
Carbon Black Cloud (Tag)
Provides a secure endpoint to receive data from the Carbon Black Cloud, Enriched Event Search, and Alerts APIs.
Carbon Black Inventory
Provides a secure endpoint to receive data from the CB Devices API.
}){kind=logo}
Cato Networks
Cato Networks Source helps to retrieve Cato audit and security logs into the Sumo Logic environment.
})
ChatGPT Compliance
Securely collect and analyze ChatGPT Compliance platform conversation logs.
})
Cisco AMP
Provides a secure endpoint to receive data from the Cisco Amp System Log API.
})
Cisco Meraki
Provides a secure endpoint to receive data from the Cisco Meraki API.
Cisco Vulnerability Management
Provides a secure endpoint to receive assets data from Asset API and vulnerabilities data from Vulnerability API.
}){kind=icon}
Citrix Cloud Source
Provides a secure endpoint to receive System Log data from the Citrix Cloud System Log API.
})
Cloud SIEM AWS EC2 Inventory
Provides a secure endpoint to receive event data from the EC2 describe instances API.
}){kind=icon}
Cloud-to-Cloud Versions
Sources in the Cloud-to-Cloud Integration Framework need updates over time to maintain data collection.
}){kind=logo}
Code42 Incydr
Learn how to collect alerts, file events, and audit logs from Code42 Incydr.
})
Confluent Metrics
Learn how to collect metrics from the Confluent Metrics platform and send them to Sumo Logic.
})
Crowdstrike
Provides a secure endpoint to receive event data from the CrowdStrike Streams API.
CrowdStrike FDR
Provides a secure endpoint to ingest Falcon Data Replicator events using the S3 ingestion.
CrowdStrike FDR Host Inventory
Provides a secure endpoint to receive device data from the CrowdStrike Host and Host Group Management APIs.
CrowdStrike FileVantage
Learn how to collect file integrity monitoring logs from the CrowdStrike FileVantage platform.
CrowdStrike Spotlight
Learn how to collect combined endpoint vulnerabilities data from the CrowdStrike Spotlight platform.
CrowdStrike Threat Intel
Learn how to collect combined endpoint indicators data from the CrowdStrike Threat Intel platform.
})
CyberArk EPM
Before configuring an AWS Source give Sumo Logic access to your AWS product
CyberArk Audit
Learn to collect audits using the CyberArk SIEM integrations API.
}){kind=logo}
Cybereason
Provides a secure endpoint to receive authentication logs from the Cybereason Malops API.
}){kind=icon}
Databricks Audit
Track user and system activities to support governance and compliance using Databricks Audit logs.
}){kind=logo}
Digital Guardian ARC
Learn how to collect export data from the Digital Guardian ARC and send it to Sumo Logic.
}){kind=icon}
DocuSign
Learn how to collect customer event data from the DocuSign and send it to Sumo Logic.
}){kind=logo}
Dragos
Learn how to collect address, asset, vulnerability, notification, and zone details from the Dragos API and send them to Sumo Logic.
}){kind=icon}
Dropbox
Provides a secure endpoint to receive team events from the Get Events API.
}){kind=logo}
Druva
Learn how to configure the Druva C2C source setup in your Sumo Logic environment.
Druva Cyber Resilience
Learn how to configure the Druva Cyber Resilience C2C source setup in your Sumo Logic environment.
}){kind=small}
Duo
Provides a secure endpoint to receive authentication logs from the Duo Authentication Logs API.
}){kind=icon}
Gmail Trace Logs
Pulls Gmail log data using BigQuery Library APIs.
})
Github Copilot
Learn to collect the organization metrics and team metrics from GitHub Copilot platform.
Google BigQuery
Learn how to collect data using the BigQuery API.
})
Google Threat Intel
Learn how to collect data using the Google Threat Intel API.
}){kind=logo}
Google Workspace AlertCenter
Configure Google Workspace AlertCenter Cloud-to-Cloud connector.
Google Workspace
Collects a list of users from the Google Workspace Users API.
})
Intel 471 Threat Intel
Learn to collect threat indicators from the Intel 471 platform.
})
Jamf
Collect inventory data from the Jamf platform.
})
JFrog Xray
Collect violation events from JFrog Xray.
}){kind=logo}
JumpCloud Directory Insights
Collect events data from the JumpCloud Directory Insight.
}){kind=logo}
Kaltura Source
Learn how to collect Audit Trail and Base Entry events from Kaltura platform.
}){kind=logo}
Kandji Source
Learn how to collect threat details, devices list, device activities, and device details from the Kandji platform.
})
KnowBe4 KMSAT Source
Collects user events data into Sumo Logic for storage, analysis, and alerting.
})
LastPass Source
Collects audit reporting events from the LastPass platform.
}){kind=small}
Microsoft Azure AD Inventory (Tag)
Collects user and device data from the Microsoft Graph API Security endpoint.
}){kind=logo}
Mandiant Threat Intel
Learn to collect threat indicators from the Mandiant platform.
}){kind=logo}
Microsoft Exchange Trace Logs
Collects email trace logs from the Office 365 reporting web service.
})
Microsoft Graph Azure AD Reporting
Collects Directory Audit, Sign-in, and Provisioning data from MS Graph API Azure AD activity reports.
Microsoft Graph Identity Protection
Collects Risk Detection and Risky User data from the Microsoft Graph Identity Protection API.
Microsoft Graph Security API
Provides a secure endpoint to receive alerts from the Microsoft Graph Security API endpoint.
}){kind=icon}
Mimecast
Supports collecting SIEM, DLP, Audit, and Hold Message List data from the Mimecast API.
}){kind=logo}
Miro
Ingests audit logs obtained from the Audit log API.
})
Netskope
Provides a secure endpoint to receive event data from the Netskope API.
Netskope WebTx
The Netskope WebTx API integration ingests Web Transaction logs from Netskope Event Stream.
})
Okta
Provides a secure endpoint to receive event data from the Okta System Log API and Users API.
})
OneLogin
Provides a secure and centralized access to user lists from the OneLogin API.
})
Palo Alto Cortex XDR
Allows you to ingest incidents from your Cortex XDR application.
}){kind=logo}
Proofpoint On Demand
Collects data and uses the secure WebSocket protocol to stream logs.
Proofpoint TAP
Provides a secure endpoint to receive data from the Proofpoint TAP SIEM API.
Proofpoint TRAP
Learn to ingest message logs via the API to deliver enhanced email threat visibility and actionable insights for faster detection and response to attacks.
}){kind=icon}
Qualys VMDR
The Qualys VMDR Source tracks errors, reports its health, and start-up progress.
}){kind=logo}
Rapid7
Collects asset and vulnerabilities data from Rapid7 InsightVM.
}){kind=logo}
SailPoint
Provides a secure endpoint to receive Events and User Inventory data from the IdentityNow V3 API.
}){kind=logo}
Salesforce
Provides a secure endpoint to receive event data from the Salesforce through its Rest API.
}){kind=icon}
SentinelOne Mgmt API
Collects data from the SentinelOne Management Console.
})
Slack
Learn about the Slack Source, part of Sumo Logic's Cloud-to-Cloud Integration Framework.
})
Smartsheet
Learn how to collect events from Smartsheet platform.
})
Snowflake Logs
Learn how to collect logs from Snowflake platform.
})
Sophos Central
Learn to receive authentication logs from the Sophos Central APIs.
}){kind=logo}
STIX/TAXII 1 Client
Learn how to set up a STIX/TAXII 1.x client to collect threat intelligence indicators into the Sumo Logic environment.
STIX/TAXII 2 Client
Learn how to set up a STIX/TAXII 2.x client to collect threat intelligence indicators into the Sumo Logic environment.
}){kind=logo}
Sumo Collection
Learn how to collect the list of collectors and their sources using the Sumo Logic Collector API and Sources API.
})
Sumo Logic Kickstart Data
Learn how to collect audit reporting events using Sumo Logic sample data.
}){kind=logo}
Symantec Endpoint Security Source
Learn to collect incidents and incident events from the Symantec Endpoint Security platform.
Symantec Web Security Service
Learn to receive WSS Access logs from the Symantec WSS API.
}){kind=logo}
Sysdig Secure
Collect the scan results from the scanner using the Sysdig API.
}){kind=logo}
Tenable
Learn to ingest audit-log events, vulnerability, and asset data from the Tenable.io APIs.
}){kind=logo}
Trellix
Learn how to collect event logs using the Trellix.
}){kind=logo}
Trend Micro
Learn how to collect alert details from Trend Micro platform.
}){kind=icon}
Trust Login
Learn how to collect report logs from Trust Login platform.
})
Universal Connector Source
Learn how to set up a Universal Connector to collect data into the Sumo Logic environment.
}){kind=logo}
Varonis Alerts
Learn to collect alerts from the Varonis platform and send them to Sumo Logic.
})
Vectra
Learn to collect the list of threats detected in the Vectra platform.
})
VMware Workspace One
Learn how to collect the device details and corresponding list of applications for the devices from the VMware Workspace One platform.
}){kind=logo}
Webex
Learn to collect admin audit events using Webex API.
})
Workday
Learn to create a Workday Source.
}){kind=icon}
Zendesk
Learn to collect audit logs from the Zendesk platform.
}){kind=logo}
ZeroFox
Learn to collect threat indicators using the ZeroFox API and send them to Sumo Logic for analysis.
}){kind=icon}
Zero Networks Segment
Learn to collect audit logs and network activity data from Zero Networks Segment.
}){kind=small}
Zimperium MTD Source
Learn to collect the device logs from the Zimperium API and send it to Sumo Logic.