# Sumo Logic Follow the steps below to configure a service so as to extract its related alert data from Sumo Logic. Squadcast will then process this information to create incidents for this service as per your preferences. ### Using Sumo Logic as an Alert Source 1. Navigate to **Services** -> **Service Overview** -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click **Add**. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-4fbd74e7ca0b30173c47a1d58ed6a0804a0465aa%2FAlert_Sources.png?alt=media\&token=aaca6610-9d18-4dd4-9cf5-320042f326f1) 2\. Select **Sumo Logic.** Copy the displayed **Webhook URL** to [configure](#creating-squadcast-webhook-in-sumo-logic) it within **Sumo Logic.** Finish by clicking **Add Alert Source** -> **Done.** ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-61656a35e6c11621f59c97a35f6bd978573fbc1d%2FSumo%20Logic.png?alt=media) {% hint style="warning" %} **Important:** When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service. {% endhint %} ### Creating Squadcast Webhook in Sumo Logic With Sumo Logic, the user will have to configure what the payload JSON will be. So, for integrating with Squadcast, we have defined 2 different payload formats. * Log Alerts * Metric Alerts So, we'll create 2 Webhook connections with different payload formats. 1.Login to your sumo logic dashboard and go to the **Settings** tab in the **Manage Data** section. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-680f11fc9d38d351e155d5c7ce239164f8d72005%2Fsumo_logic_2.png?alt=media){: style="max-width: 70%" } 2.Select the **Connections** tab from the topbar. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-ef5e992d396e291cb54c960bbefaf651266f9d7f%2Fsumo_logic_3.png?alt=media) 3.Click on **+** button. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-c7ec6f9fb896fda1cb69fd6458a70cbd63fa740e%2Fsumo_logic_4.png?alt=media) 4.Select **Webhook** option. 5.Add the *Log Alerts* webhook connection. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-f125514196f8b9bab7c55faca6495d55b89c67b3%2Fsumo_logic_5.png?alt=media) * Paste the webhook URL copied from the Squadcast dashboard in the URL field. * In the payload field, past the following ```json { "type": "log", "searchName": "{{SearchName}}", "searchDescription": "{{SearchDescription}}", "searchQuery": "{{SearchQuery}}", "searchQueryURL": "{{SearchQueryUrl}}", "timeRange": "{{TimeRange}}", "fireTime": "{{FireTime}}", "aggregateResultsJson": "{{AggregateResultsJson}}", "rawresultsJson": "{{RawResultsJson}}", "numRawResults": "{{NumRawResults}}" } ``` 6. Similarly, add *Metric Alerts* webhook connection. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-49f26f62debe0bdb633457dca7738c9d4cebcd4f%2Fsumo_logic_6.png?alt=media) * Paste the same webhook URL copied from the Squadcast dashboard in the URL field. * In the payload field, past the following ```json { "type": "metric", "searchName": "{{SearchName}}", "searchDescription": "{{SearchDescription}}", "searchQuery": "{{SearchQuery}}", "searchQueryURL": "{{SearchQueryUrl}}", "timeRange": "{{TimeRange}}", "fireTime": "{{FireTime}}", "alertThreshold": "{{AlertThreshold}}", "alertSource": "{{AlertSource}}", "alertID": "{{AlertID}}", "alertStatus": "{{AlertStatus}}" } ``` ### Setting up Alerting for Logs * Follow the article: [Schedule Searches for Webhook Connections](https://help.sumologic.com/Manage/Connections-and-Integrations/Webhook-Connections/Schedule-Searches-for-Webhook-Connections) for configuring alerts for logs. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-6f57fb4388378c0fb495b3f1faf1276a740f3f2a%2Fsumo_logic_7.png?alt=media) * In the **Alert Type** drop-down, select **Webhook**. * In the **Connection** drop-down, select **Squadcast Log Alerts**. ### Setting up Alerting for Metrics * Refer the video: [Monitor your Metrics in Real-Time with Sumo Logic Alerts](https://www.youtube.com/watch?v=DfL7SetZ5dc) for configuring alerts for Metrics. ![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-221ad7d37be1cda2fef945cf2e0efe2b8cbc06b2%2Fsumo_logic_8.png?alt=media\&token=4c643626-4e20-46ac-bcb5-db6f0d68b8ae) * In the **Send Notification Via** dropdown, select **Squadcast Metric Alerts**. Now, whenever the webhook is triggered for either Log/Metric, an incident is autmatically created in Squadcast. But, the resolving of incident needs to be done manually by going to Squadcast dashboard. *Have any questions?* [*Ask the community*](https://community.squadcast.com/view/home)*.*