Sumo Logic Alerts

The built-in Sumo Logic Alerts trigger initiates flows when it receives a signal from a Sumo Logic alert.

Add the Sumo Logic Alerts trigger to the canvas

  1. Go to the Triggers tab in the palette, expand the App Triggers section, and drag the trigger onto the canvas.
  2. Double-click the trigger (or click the pencil icon).
  3. Set the authenticating user, and then copy the URL and Configuration Payload — you'll use these to set up a webhook in Sumo Logic. Alternatively, you can create an integration user to use as the authenticating user.

  4. Click the Flood Control tab to edit the trigger's default flood control settings. For more information about these settings, see Trigger Flood Control.
  5. Click Done.
  6. On the flow canvas, connect the steps you want to run when xMatters receives a request to that URL.

You're now ready to configure Sumo Logic to target the trigger.

Configure Sumo Logic to send requests to the trigger URL

To have Sumo Logic send alerts to the flow trigger, you need to configure a webhook and set it to use the trigger URL.

  1. In Sumo Logic navigate to the left-hand menu, expand Manage Data then select Alerts.

  2. Select the Connections tab then click on the + button in the tab to open the Select Connection Type page.

  3. On the Select Connection Type page, select Webhook.

  4. On the Create Webhook Connection page, fill in the following fields:
    • Name: Give your webhook a unique, descriptive name.
    • Description (optional): Describe the purpose of your webhook.
    • URL: Paste the trigger URL you copied from Flow Designer. Add the target names of any recipients you want to notify when the alert fires to the end of the URL.
      • For URL authentication, use an ampersand to attach recipients. For example, if you want to notify Emma Pearson and the on-call members in the group responsible for the Antares service, you'd add &recipients=epearson,antares to the URL.
      • For other authentication types, use a question mark to attach recipients. For example, if you want to notify Barry Gull and the on-call members in the group responsible for the Cassiopeia service, you'd add ?recipients=bgull,cassiopeia to the URL.
      • You must URL-encode any special characters or spaces in the target names.
    • Authorization Header (optional): If you want to use Basic Authentication, you must Base64 encode your username and password. See the Sumo Logic documentation for instructions on how to fill in the Authorization Header field.
    • Custom Headers (optional): You may enter up to five comma-separated key-value pairs, or leave this field blank.
    • Payload: Paste the following Configuration Payload you copied from the Sumo Logic Alerts trigger in Flow Designer:
      Copy
      {
      "description": "{{Description}}",
      "fire_time": "{{FireTime}}",
      "id": "{{Id}}",
      "name": "{{Name}}",
      "num_query_results": "{{NumQueryResults}}",
      "query_url": "{{QueryUrl}}",
      "trigger_condition": "{{TriggerCondition}}",
      "trigger_type": "{{TriggerType}}",
      "query": "{{Query}}"
      }

  5. To check that the webhook was created successfully and that alerts go to the right recipients, click Test Connection.
  6. Click Save to create the webhook.

You're ready to use the webhook to trigger automated flows, including steps such as sending alerts and initiating incidents, though we always recommend testing before putting things into use.

Outputs

The trigger has the following outputs you can use as inputs to steps further along the flow.

Label

 Description

Recipients

 List of targeted recipients. Recipients are set by adding a recipients query parameter to the trigger URL when you configure the webhook in Sumo Logic. See the instructions for configuring the webhook for details.
Signal Mode Determines the path the flow will take, based on the value of Trigger Type parameter.
Signal ID Key or identifier used to terminate or correlate signals.
Description Description of the alert.
Fired Time Time the alert was triggered.
ID Unique ID of the alert in Sumo Logic.
Name Name of the monitor in Sumo Logic.
Number of Query Results Number of results returned from the query in Sumo Logic.
Query URL Direct URL to the related query in Sumo Logic.
Trigger Condition Condition that triggered the alert.
Trigger Type Status of the alert in Sumo Logic.
Query Query used to run the alert.
Raw Request JSON representation of the request. You can parse the raw request if you need additional details beyond the standard outputs.