Configure the webhook in Sumo Logic

Configure webhook endpoints so that Sumo Logic can use the endpoint to communicate with Incident Response.

Before you begin

Role required: Responder, Manager, or Administrator

About this task

Note: While this integration with a third-party product is supported, the documentation here is based upon information provided by that third-party. More current information about the operation of that third-party’s system may be available from them directly.

Procedure

Log in to your Sumo Logic application console.
Navigate to Manage Data > Monitoring.
Select the Connections tab.
Click the Add button ( ) to add a new connection.
Select Webhook.

In the Create Webhook Connection page, fill the fields.


Field	Description
Name	Name for the webhook integration.
Description	Description for the webhook integration.
URL	Webhook URL copied from Incident Response.
Authorization Header	This field should be left empty.
Custom Headers	This field should be left empty.
Payload	Payload copied from Incident Response.

Optional: To test the webhook connection between Sumo Logic and Lightstep Incident Response, click Test Connection.
This sends a sample alert to Incident Response.
Click Save.

What to do next

There are two ways you can receive alerts using the webhook connection.

By adding the webhook to your monitors

When creating the monitors for which you want to send alerts to Lightstep Incident Response, in the Notifications field, add the webhook you created.

For detailed information about monitors in Sumo Logic, see Monitors
By using a saved log search
1. Create a search that you would be reusing. For steps to save a search, see Save a Search.
2. Schedule the search to run regularly. For steps to schedule, see Schedule Searches for Webhook Connections.
  - While scheduling, from the Alert Type list, select Webhook.
  - From the Connection list, select the webhook you created for the integration.