• Products
  • Get started
  • Documentation
  • Resources
Products
Get started
Documentation
Resources
Atlassian Support
/
Opsgenie
/
Resources
/
Integrate Opsgenie with your IT tools
/
Integrate Opsgenie with your tools

Integrate Opsgenie with Sumo Logic

Sumo Logic logo

What does Opsgenie offer Sumo Logic users?

Opsgenie provides a two-way integration with Sumo Logic. When an action happened at Opsgenie alerts, the webhook data will be forwarded to the Sumo Logic. Also, Sumo Logic sends webhook alerts to Opsgenie which acts as a dispatcher for these alerts and determines the right people to notify based on on-call schedules– notifies via email, text messages (SMS), phone calls, and iPhone & Android push notifications, and escalates alerts until the alert is acknowledged or closed.

Functionality of the integration

  • When an alert is created in Sumo Logic, an alert will be created automatically in Opsgenie.

  • When an alert action happened in Opsgenie, the webhook payload will be sent to Sumo Logic.

Add Sumo Logic integration in Opsgenie

You can add this integration from your team dashboard

If you're using Opsgenie's Free or Essentials plan, or if you’re using Opsgenie with Jira Service Management's Standard plan, you can only add this integration from your team dashboard as the Integrations page under Settings is not available in your plan.

Adding the integration from your team dashboard will make your team the owner of the integration. This means Opsgenie will assign the alerts received through this integration to your team only.

To do that,

  1. Go to your team’s dashboard from Teams,

  2. Select Integrations, and select Add integration.

Follow the rest of the steps to complete the integration.

  1. Go to Settings > Integrations. Search for Sumo Logic and select Add

  2. Specify who is notified of Sumo Logic alerts using the Responders field. Auto-complete suggestions are provided as you type.

  3. Copy the URL to use in Sumo Logic.

  4. To forward alert data to Sumo Logic activate Opsgenie to Sumo Logic field and fill the collector URL which is provided from Sumo Logic.

  5. Select Save Integration.

Configuration on Sumo Logic

In Sumo Logic, scheduled searches send alerts to other tools via Webhook connections. To send alerts from Sumo Logic to Opsgenie, create a Webhook first and use it in a scheduled search configuration.

Create Webhook

  1. In Sumo Logic, open Manage Data -> Settings -> Connections.

  2. Click + Add and choose Webhook as connection type.

  3. Populate the name as "Opsgenie" and give an optional description to the connection.

  4. Paste the URL copied previously into the "URL" field.

  5. Populate "Payload" field with the following content:

JSON

1 2 3 4 5 6 7 8 9 10 11 12 { "searchName": "{{SearchName}}", "searchDescription": "{{SearchDescription}}", "searchQuery": "{{SearchQuery}}", "searchQueryUrl": "{{SearchQueryUrl}}", "timeRange": "{{TimeRange}}", "fireTime": "{{FireTime}}", "rawResultsJson": "{{RawResultsJson}}", "numRawResults": "{{NumRawResults}}", "priority" : "P3", "aggregateResultsJson" : "{{AggregateResultsJson}}" }

6. Click Save.

Create Webhook Connection

Configure Scheduled Search

  1. In the desired search screen to schedule, click Save As under the query currently displayed in the search box.

  2. In the "Save Search As" dialog box, enter a name for the search and an optional description.

  3. Choose an option from the Time Range menu.

  4. Click Schedule this search.

  5. Choose an option from the "Run Frequency" menu.

  6. For Alert Type, choose "Webhook" to upload search results to your connection.

  7. Select "Opsgenie" connection from the Webhook connections list.

  8. Click Save.

Configure Scheduled Search

Sample payload sent from Sumo Logic

JSON

1 2 3 4 5 6 7 8 9 10 11 12 { "searchName": "Reporting Hosts", "searchDescription": "Cem", "searchQuery": "_sourceCategory=linux/system | parse regex \"\\d+\\s+\\d+:\\d+:\\d+\\s(?<dest_hostname>\\S+)\\s(?<process_name>\\w*)(?:\\[\\d+\\]|):\\s+\" | count_distinct(dest_hostname) as _hostCount", "searchQueryUrl": "https://service.eu.sumologic.com/ui/index.html#/search/1NJLAwKvQOkwHOyhfkd1wfuI1dXqUFhf0vrf7XnR2XvYWT6LOMeOO4nW1babPnhkAzfnETUgU5dlvJNU8ALz9UIv6SYhR6gvxHVX4UjUaUa8314H8ALCL2gXyoSt0Ivr", "timeRange": "2019-03-18 13:28:45 EET - 2019-03-18 13:33:45 EET", "fireTime": "2019-03-18 13:34:17 EET", "rawResultsJson": "", "numRawResults": "1", "priority": "P3", "aggregateResultsJson": "[{\"Hostcount\":1}]" }

Sample format for search results dynamic field

From a raw results json sent in Sumo Logic payload, in this format:

JSON

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 [ { "Category": "logfile", "Collector": "Tuba-MacBook-Pro.local", "Host": "Tuba-MacBook-Pro.local", "Message": "test log message1", "Name": "request.log", "Time": 1448545024149 }, { "Category": "logfile", "Collector": "Tuba-MacBook-Pro.local", "Host": "Tuba-MacBook-Pro.local", "Message": "test log message2", "Name": "request.log", "Time": 1448545028149 } ]

The result in this format is generated:

Text

1 2 3 4 5 6 7 8 9 10 11 12 Search Results: 1- Time: 11/26/2015 01:37:04 Message: test log message1 Host: Tuba-MacBook-Pro.local Name: request.log Category: logfile 2- Time: 11/26/2015 01:37:08 Message: test log message2 Host: Tuba-MacBook-Pro.local Name: request.log Category: logfile

 

Additional Help

On this pageWhat does Opsgenie offer Sumo Logic users?Functionality of the integrationAdd Sumo Logic integration in OpsgenieConfiguration on Sumo LogicSample payload sent from Sumo LogicSample format for search results dynamic field
CommunityQuestions, discussions, and articles