Auth0 Logs to Sumo Logic
The Auth0 Logs to Sumo Logic is a scheduled job that takes all of your Auth0 logs and exports them to Sumo Logic. This document will guide you through the process of setting up this integration.
Step 1: Create a Sumo Logic HTTP endpoint
- Login to Sumo Logic and from the top menu select Manage > Setup Wizard.
On the next screen click Set Up Streaming Data.
At the Select Data Type page, select Your Custom App.
- Select HTTP Source as the way to collect the logs.
Modify the Source Category and select a time zone for your log file. Click Continue.
You should now be provided with a URL. This is the HTTP Source that Sumo Logic configured for you. Copy the value and click Continue. Exit the setup wizard.
- Now head back to the Auth0 Dashboard to set the value you copied as the value for SUMOLOGIC_URL.
Step 2: Configure the Extension
To install and configure this extension, go to Dashboard > Extensions and click on the Auth0 Logs to Sumo Logic box.
The Install Extension window pops open.
At this point you should set the following configuration parameters:
- Schedule: The frequency with which logs should be exported. The schedule can be customized even further after creation.
- BATCH_SIZE: Logs are batched before sending. Multiple batches are sent each time the extension runs. Specify the number of logs per batch. Maximum is
- SUMOLOGIC_URL: Your Sumo Logic HTTP Collector Endpoint. Set the value you copied at the previous step.
- LOG_LEVEL: The minimal log level of events that you would like sent to Sumo Logic.
- LOG_TYPES: The events for which logs should be exported.
- START_FROM: The
log_idof the log you would like to start sending from. Default is to start with the oldest available log.
- SLACK_INCOMING_WEBHOOK_URL: Send reports from the extension to the specific Slack webhook.
- SLACK_SEND_SUCCESS: Send even more stuff to Slack. Useful for troubleshooting.
Once you have provided this information, click the Install button to finish installing the extension.
The integration between Auth0 and Sumo Logic is now in place!
How to view the results
The integration you just setup, created a scheduled job that will be responsible to export the logs.
To view this scheduled job:
- Go to Dashboard > Extensions
- Click on the Installed Extensions link
- Select the Auth0 Logs to Sumo Logic line.
There you can see the job you just created, modify its state by toggling the State switch, see when the next run is due and what was the result of the last execution.
You can view more details by clicking on the job you created. In this page you can view details for each execution, reschedule, access realtime logs, and more.
Use the Auth0 Dashboard
Here, at Auth0, we have been using the Auth0 to Sumo Logic extension ourselves since it was first released, and it's proven to be very useful for staying on top of what's happening with our own Auth0 accounts and our internal users. Sumo Logic makes it easy to see the latest failed logins, find and alert on error messages, create charts to visualize trends, or even do complex statistical analysis on your data.
To help us (and our customers) visualize these logs, we spent some time creating a dashboard. The Sumo Logic for Auth0 dashboard shows you the output of several saved searches all on one easy to read screen, and makes it easy to zoom in or drill down when something looks interesting.
If you're a Sumo Logic customer and are interested in trying out this dashboard, you can find details on installing the Auth0 App for the Sumo Logic extension here:
Once it's available through your account, you're free to customize it, add to it, create alerts based on the searches, or really anything else that you find useful.
Have fun analyzing and visualizing those logs!