Skip to main content

Sumo Logic Keys

Description#

General#

  • Documentation: https://help.sumologic.com/APIs
  • Summary: Sumo Logic is a cloud-based data analytics company. It exposes an API to interact with the Sumo Logic platform. This detector aims at catching Sumo Logic keys in the form of an accessId and an accessKey.
  • IPs allowlist: The use of Sumo Logic credentials can be restricted to some IP addresses. This specific documentation gives more information on how to create a whitelist for IP.
  • Scopes: This feature is currently not supported.

Revoke the secret#

API credentials can be revoked and regenerated from the administration tab of the user's dashboard. Credentials can also be temporarily deactivated from this page.

Check for suspicious activity#

This feature is currently not supported.

Details for Sumologic keys#

  • Family: Api

  • Category: Monitoring

  • Company: Sumo Logic

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.12

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^lock$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: false  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - secret  - token  - key- type: ContentWhitelistPreValidator  patterns:  - su[a-z0-9]{12}

Examples#

- text: |    sumologic.accessId = "suzAlcKzTi3hAO"    sumologic.accessKey = "XPU8IIaT6arXZkVMX3wVvOMHeqpkNM0N4s8dIh6IQVV0H8tFphZxMTy5TBhnpCBB"  client_id: suzAlcKzTi3hAO  client_secret: XPU8IIaT6arXZkVMX3wVvOMHeqpkNM0N4s8dIh6IQVV0H8tFphZxMTy5TBhnpCBB