Sumologic

Set up Sumologic for automated tests with TrustCloud!

Purpose

Once you set up your compliance program, TrustCloud TrustOps works to ensure that your systems remain compliant with your adopted controls. To do so, TrustCloud runs automated tests against systems in your product and business stack and verifies that they are properly configured.

This document outlines the steps you can take to grant TrustCloud access to retrieve a list of employees to use as evidence.

Instructions to grant TrustCloud limited access to Sumologic

1. Log in to your Sumo Logic instance as a user who has administrative privileges in your organization.
2. Navigate to Access Keys
   1. Go to your organization’s Administration page. Click on Access Keys.
      
3. Create Access Key
   1. Click on the “Add Access Key” button.
      
4. Configure Access Key
   Configure your Access Key with the following settings:
   1. Name: Enter a descriptive name for your Access Key (e.g., “TrustCloud Integration”)
   2. User: Select the user for this access key.
   3. Permissions: Configure the required permissions (see below)
5. Set Required Permissions
   In the Permissions section, you can choose either:

   

   1. Role-based: Select the Viewer role (recommended for read-only access)
   2. Custom Permissions: Select the following permissions with View access:
      1. User Management: Users And Roles (View)
      2. Data Management: Collectors (View) – includes access to sources
      3. Alerting: Monitors (View) – includes access to related content
         Note: TrustCloud requires read-only access to collect inventory data. The View Collectors permission automatically includes access to sources, and View Monitors includes access to related monitor content. There are no separate View Sources or View Content permissions in SumoLogic Access Keys.
6. Save Access Key
   1. Click on Save or Create to create the Access Key.
7. Copy Access Credentials
   1. Copy the Access ID and Access Key to the clipboard. Important: The Access Key is shown only once, so save it securely for later reference.
      
8. Determine Deployment
   1. Determine the deployment ID based on the Service endpoint/App URL. The deployment can be one of us1, us2, ca, au, in, jp, de, eu, or fed. Important: Enter the deployment value in lowercase.

      

9. Enter your Access ID
10. Enter your Access Key
11. Enter your deployment (lowercase)