API Related

Follow

Iliya Fridman

• September 20, 2022 06:26

Is there any API that returns alerts from SumoLogic and if the search API returns any flag in the event saying it is an alert?

0

• Official comment

  

  Anna Truta

  • November 10, 2022 14:39
  • Edited

  Hello Iliya,

  We don't have a particular API that just returns alerts from SumoLogic. However, you can use Search Job APIs. Using this API you can query Sumo Audit Index (e.g.: _index=sumologic_audit _sourceCategory=scheduled_search) or Audit Event Index.

  The Audit Event Index contains event logs in JSON format on account activities, allowing you to monitor and audit changes. This index is improved and different from the Audit Index, and there is some overlap of audited events. The Audit Index provides event logs in plain text and audits when account limits are reached and operation failures, like throttling and scheduled search events.

  Keep in mind, that Search Job APIs are available to Enterprise accounts.

  Hope this helps!

  Comment actions Permalink

Please sign in to leave a comment.