Sumo Logic Python SDK

0.1.17 · active · verified Thu Apr 16

The Sumo Logic Python SDK (version 0.1.17) is a community-supported Python interface to the Sumo Logic REST API, designed to simplify interactions with the API in Python code. It provides functionality for various API operations, including content management, search, and collector interactions. The library maintains an active development status with periodic updates, with the latest release in June 2024.

Common errors

```
HTTP 401 Unauthorized: Credential could not be verified.
```
cause The provided Access ID or Access Key is incorrect, or the API endpoint used does not correspond to your Sumo Logic deployment region.

fix Double-check your `SUMO_ACCESS_ID` and `SUMO_ACCESS_KEY` for accuracy. Verify that `SUMO_ENDPOINT` points to the correct region-specific Sumo Logic API URL (e.g., `https://api.us2.sumologic.com/api`).
```
HTTP 500 Internal Server Error or 'Job ID is invalid' when retrieving search results.
```
cause For the Search Job API, subsequent calls to check status or retrieve results require a session cookie established by the initial search query. This cookie was likely not passed.

fix Ensure that the session cookie returned by the initial `/search/jobs` API call is included in the headers of all follow-up requests to the same search job.
```
HTTP 429 Too Many Requests: rate.limit.exceeded
```
cause Your application has exceeded the API rate limits (e.g., 4 requests/second or 10 concurrent requests per access key) imposed by Sumo Logic.

fix Implement robust retry logic with exponential backoff. Wait for a period, potentially indicated by a `Retry-After` header, before making further requests.
```
ConnectException for receiver url: 'collectors.sumologic.com:443'; on attempt: 'X'. org.apache.http.NoHttpResponseException: The target server failed to respond.
```
cause Intermittent or consistent network connectivity issues, DNS resolution problems, or firewall blocks preventing the client from reaching Sumo Logic servers.

fix Check network connectivity, DNS resolution (`nslookup collectors.sumologic.com`), and firewall rules from your environment to Sumo Logic's API endpoints.

Warnings

breaking Sumo Logic only accepts connections from clients using TLS version 1.2 or greater. Ensure your execution environment is configured for TLS 1.2+.
Fix: Verify your Python environment's TLS configuration. Update Python or OS if necessary.
gotcha Incorrect API endpoint for your Sumo Logic deployment can lead to authentication failures (401 Unauthorized) or other API errors.
Fix: Always use the correct region-specific API endpoint (e.g., `https://api.us2.sumologic.com/api`, `https://api.eu.sumologic.com/api`). Refer to the Sumo Logic documentation to find your account's deployment endpoint.
gotcha Sumo Logic APIs enforce rate limits (e.g., 4 requests/second, up to 10 concurrent requests per access key). Exceeding these limits will result in a `429 rate.limit.exceeded` error.
Fix: Implement exponential backoff and respect any `Retry-After` headers in API responses to avoid being throttled.
gotcha When using the Search Job API, the initial query creates a session cookie. This cookie must be stored and passed with all subsequent calls related to that specific search job to avoid `500 Internal Server Error` or `Job ID is invalid`.
Fix: Ensure your code handles and passes the session cookie returned by the initial Search Job API call for all follow-up requests to the same job.

Install

pip install sumologic-sdk Install latest version

Imports

SumoLogic
wrong:
```
import sumologic_sdk
```
correct:
```
from sumologic import SumoLogic
```
The primary client class is named SumoLogic and resides directly under the 'sumologic' package.

Quickstart

This quickstart initializes the `SumoLogic` client using credentials and an API endpoint, then fetches and prints the first few Sumo Logic collectors. Ensure you have your `SUMO_ACCESS_ID`, `SUMO_ACCESS_KEY`, and `SUMO_ENDPOINT` set as environment variables. The endpoint should match your Sumo Logic deployment (e.g., `https://api.us2.sumologic.com/api`).

import os
from sumologic import SumoLogic

# Set your Sumo Logic Access ID, Access Key, and API endpoint as environment variables
# e.g., export SUMO_ACCESS_ID='your_access_id'
#       export SUMO_ACCESS_KEY='your_access_key'
#       export SUMO_ENDPOINT='https://api.sumologic.com/api' (or your region-specific endpoint)

access_id = os.environ.get('SUMO_ACCESS_ID', '')
access_key = os.environ.get('SUMO_ACCESS_KEY', '')
endpoint = os.environ.get('SUMO_ENDPOINT', 'https://api.sumologic.com/api') # Default for US1

if not all([access_id, access_key, endpoint]):
    print("Error: SUMO_ACCESS_ID, SUMO_ACCESS_KEY, and SUMO_ENDPOINT environment variables must be set.")
else:
    try:
        # Initialize the Sumo Logic client
        sumo = SumoLogic(access_id, access_key, endpoint)

        # Example: Get a list of all collectors
        collectors = sumo.get_collectors_sync()

        print(f"Successfully connected to Sumo Logic. Found {len(collectors)} collectors.")
        for collector in collectors[:3]: # Print first 3 collectors for brevity
            print(f"  - ID: {collector['id']}, Name: {collector['name']}")

    except Exception as e:
        print(f"An error occurred: {e}")

view raw JSON →