Sumo Logic Integration


#1 A1 (Last updated )

Hello!

I am working on integrating NXLog with Sumo Logic. I followed the instructions on how to integrate with Sumo Logic in the setup documentation, but the logs are not being forwarded to Sumo Logic correctly, even though I receive the INFO successfully connected message. I believe it may be related to the token. My input is from an SSL connection (which is successfully connecting, I tested by diverting it to a file which I'm currently using as an intermediary until I figure this out). I have tried both options below.   

 

Module         om_ssl   

Host              syslog.collection.us1.sumologic.com   

Port               6514   

CAFile           %CERTDIR%\digicert_ca.crt   

Exec             to_syslog_ietf();    Exec             $raw_event =~ s/(\[.*])//g; \                        $raw_event = replace($raw_event, \                        '{', '[%SUMO_TOKEN%] {', 1);

 

Module           om_ssl   

Host                syslog.collection.us1.sumologic.com   

Port                 6514   

CAFile             %CERTDIR%\digicert_ca.crt   

Exec                to_syslog_ietf();    Exec                $raw_event =~ s/(\[NXLOG@14506.*?\])//g; \                           $raw_event = replace($raw_event, \                           '{', '[%SUMO_TOKEN%] {', 1);