Stream Logs to Sumo Logic

You can create monitoring, alerting, and analysis dashboards in Sumo Logic for Auth0 tenants. Auth0 provides an Auth0 App for Sumo Logic which creates a dashboard that you can use to visualize the data from your Auth0 tenant. The dashboard allows you to monitor the health of the login traffic for a tenant. The app allows you to use recommended aggregations from Auth0, or to use them as a starting point to create your own custom visualizations. To learn more, read Use Auth0 App for Sumo Logic.

To send Auth0 events to Sumo Logic, you will need to:

  1. Obtain HTTP source address in Sumo Logic.

  2. Configure the Auth0 event stream.

  3. Test configuration.

Obtain HTTP source address from Sumo Logic

To send Auth0 events to Sumo Logic, you will need to know the HTTP source URL generated when you define a new HTTP source in Sumo Logic for collecting streaming data. To learn more, see Sumo Logic help.

  1. Go to the Sumo Logic Collection page (in the sidebar menu under Manage Data).

  2. Click Add Collector on the top right of the selection.

  3. Select Hosted Collector.

  4. Provide a name and category and click Save and click yes.

  5. Choose HTTP Logs and Metrics.

  6. Add details such as name, source host, and source category.

  7. Click Save and yes. Your unique HTTP source address will be displayed. Copy and save it.

Configure the Auth0 event stream

  1. Go to Dashboard > Monitoring > Streams and click Create Stream.

    Dashboard Monitoring Streams
  2. Select Sumo Logic and enter a unique name for your new stream.

    Dashboard Monitoring Streams Create Sumo Logic Stream
  3. Click Create.

  4. Configure the event source by providing the HTTP Source Address.

    Dashboard Monitoring Streams Sumo Logic Settings Tab
  5. Click Save.

Test configuration

When Auth0 writes the next log event, you'll receive a copy of that log event in Sumo Logic with the _sourceType, _collector, or _sourceCategory set to auth0-logs.

  1. Log in to your Sumo Logic instance.

  2. Navigate to the Sumo Logic Collection page.

  3. Enter _source=”auth0 logs” in a search query to find all Auth0 logs.

Delivery attempts and retries

Auth0 events are delivered to your server via a streaming mechanism that sends each event as it is triggered. If your server is unable to receive the event, Auth0 will try to redeliver it up to three times. If still unsuccessful, Auth0 will log the failure to deliver, and you will be able to see these failures in the Health tab for your log stream.

Learn more