Question:
We have a user account that was used to register a number of Collectors using an Access ID and Key. If we delete the user account or the keys associated with this user will the Collectors stop operating? Do we need to update the Collector with new keys?
Answer:
An existing running Collector will not stop functioning If you delete the user or the Access ID and Key used to register that Collector.
The specified user credentials are only used at the time of installation as part of the initial connection and registration of the Collector with the service. Once a Collector is registered with the service a unique ID key is created by the service and sent back to the Collector. This unique key is then passed with each request from the Collector to the service in order to authenticate. The unique key is also used to tell the service which Collector the data is coming from and which Sumo Logic account the incoming data belongs to.
You cannot use the deleted user's Access ID and key to register newer collectors since registering a new collector or re-registering an existing collector with expired credentials will fail.
Comments
1 comment
is it best practice to create a service account to register an Access Keys to prevent this problem of users leaving the organization? we are trying to build our keys into an AMI that can be used to create new instances and autoconnect them to sumo
Please sign in to leave a comment.