Skip to main content

Sumo Logic Keys

Description#

General#

  • Documentation: https://help.sumologic.com/APIs
  • Summary: Sumo Logic is a cloud-based data analytics company. It exposes an API to interact with the Sumo Logic platform. This detector aims at catching Sumo Logic keys in the form of an accessId and an accessKey.
  • IPs allowlist: The use of Sumo Logic credentials can be restricted to some IP addresses. This specific documentation gives more information on how to create a whitelist for IP.
  • Scopes: To the best of our knowledge, this feature is currently not supported.

Revoke the secret#

API credentials can be revoked and regenerated from the administration tab of the user's dashboard. Credentials can also be temporarily deactivated from this page.

Check for suspicious activity#

To the best of our knowledge, this feature is currently not supported.

Details for Sumologic keys#

  • Category: Monitoring

  • Company: Sumo Logic

  • High recall: False

  • Validity check available: True

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.12

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - lock  - storyboard  - xib  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - secret  - token  - key- type: ContentWhitelistPreValidator  patterns:  - su[a-z0-9]{12}

Examples#

- text: >    sumologic.accessId = "suzAlcKzTi3hAO"    sumologic.accessKey = "XPU8IIaT6arXZkVMX3wVvOMHeqpkNM0N4s8dIh6IQVV0H8tFphZxMTy5TBhnpCBB"  client_id: suzAlcKzTi3hAO  client_secret: XPU8IIaT6arXZkVMX3wVvOMHeqpkNM0N4s8dIh6IQVV0H8tFphZxMTy5TBhnpCBB