Skip to main content

​
Generate SumoLogic Access Key and Access ID

Sumo Logic has two user interfaces (UIs):
  1. Classic UI – The older interface, which some legacy users may still be using.
  2. New UI (Cloud SIEM & Observability UI) – A modernized version with enhanced features and improved navigation.

​
To Generate Access Key and Access ID - SumoLogic Classic UI

1

Access SumoLogic Portal

  1. Login to the SumoLogic portal with your credentials.
  2. Provide the necessary credentials (Email and Password), and click Sign In. Sumo Logic11 Pn
2

Create a New Access Key and Access ID

  1. In the left navigation pane, select Administration β†’ Security. Sumo Logic5 Pn
  2. In the top menu, select the Access Keys tab.
  3. Click on the + Add Access Key icon. Sumo Logic6 Pn
  4. In the Add New Access Key window, enter a descriptive name for the key in the Name field.​ Sumo Logic7 Pn
  5. (Optional) In the Allowed CORS Domains field, specify any domains from which the access key can access Sumo Logic APIs.
  6. Choose the appropriate Scopes for the key:​
    • Default: Grants all permissions.
    • Custom: Select specific permissions by choosing the desired View and Manage permissions.
  7. Click Save to generate the Access ID and Access Key. Sumo Logic8 Pn
    This is the only time the Access ID and Access Key will be displayed.
    Copy and securely store both values before clicking Done.
    Administrators can only manage access keys for the organization by navigating to Administration β†’ Security β†’ Access Keys in the main menu.
    Email the Access ID and Access Key to AirMDR or self Configure Duo Security in the AirMDR Integrations Dashboard.

​
To Generate Access Key and Access ID - SumoLogic New UI

1

Access SumoLogic Portal

  1. Login to the SumoLogic portal with your credentials.
  2. Provide the necessary credentials (Email and Password), and click Sign In. Sumo Logic11 Pn
2

Create a New Access Key and Access ID

  1. In the main menu, click on your username.
  2. Select Preferences. Sumo Logic12 Pn
  3. Click on the Personal Access Keys tab.
  4. Click on the + Add Access Key icon. Sumo Logic13 Pn
  5. In the Add New Access Key window, enter a descriptive name for the key in the Name field.​ Sumo Logic7 Pn
  6. (Optional) In the Allowed CORS Domains field, specify any domains from which the access key can access Sumo Logic APIs.
  7. Choose the appropriate Scopes for the key:​
    • Default: Grants all permissions.
    • Custom: Select specific permissions by choosing the desired View and Manage permissions.
  8. Click Save to generate the Access ID and Access Key. Sumo Logic8 Pn
    This is the only time the Access ID and Access Key will be displayed.
    Copy and securely store both values before clicking Done.
    Administrators can only manage access keys for the organization by navigating to Administration β†’ Security β†’ Access Keys in the main menu.
    Email the Access ID and Access Key to AirMDR or self Configure Duo Security in the AirMDR Integrations Dashboard.

​
SumoLogic API Testing

Open cURL and run the following command to check if your API Key is working: 

curl --location --request POST 'https://api.sumologic.com/api/v1/search/jobs' \
  --header 'Content-Type: application/json' \
  --user '<access_id>:<access_key>' \
  --data-raw '{
    "query": "_sourceCategory=* | count by _sourceName",
    "from": "<FROM_TIME>",
    "to": "<TO_TIME>",
    "timeZone": "UTC"
}'
Response 
{"valid": true}

​
Configure SumoLogic in the AirMDR Integrations Dashboard

  1. Navigate to AirMDR, provide the credentials, and click Login
  2. Navigate to the AirMDR Integrations Dashboard in the left navigation pane and select Integrations
  3. Use the search option, enter the keyword β€œSumoLogic”, select the Connections tab, and click Create. Sumo Logic1 Pn
  4. Enter the generated Access ID and Access Key in the Authentication Details field params, and click Create. Sumo Logic2 Pn