-
Notifications
You must be signed in to change notification settings - Fork 1
Function List
These are the functions currently available, along with their descriptions and examples. Each of these functions have detailed help information within the PowerShell Module that you can call upon with the Get-Help cmdlet.
Get-SumoCollector queries the Collector Management API for Collector information. The returned JSON information is converted into happy PowerShell objects.
Examples:
Get-SumoCollector -Name SUMOCOLLECT01*
Returns all Collectors with SUMOCOLLECT01* at the beginning of the Collector name.
Get-SumoCollector -OSType Linux -Active
Returns all active Linux Collectors
Get-SumoCollector -Name SUMOCOLLECT01 | Get-SumoCollectorSource
Retrieve all sources for the Collector with the name 'SUMOCOLLECT01'
Get-SumoCollectorSource queries the Collector Management API for Collector Source information. The returned JSON information is converted into happy PowerShell objects.
Examples:
Get-SumoCollectorSource -Name SUMOCOLLECT01
Returns all sources for the collector named "SUMOCOLLECT01"
Get-SumoCollector -Inactive | Get-SumoCollectorSource
Returns a list of all sources tied to inactive collectors.
Get-SumoCollectorSource -Name SUMOCOLLECT01 | where {$_.Name -like "*IIS*"}
Retrieve all sources from the collector, SUMOCOLLECT01, with "IIS" being found in the source name.
Uses the Sumo Logic Collector Management API to add a new Source to a Collector. The returned JSON information is converted into happy PowerShell objects.
Examples:
Get-SumoCollector -Name SUMOCOLLECT01 | New-SumoCollectorSource -JSONFile C:\sumo\sources.json
Creates a new Sumo Collector Source on the Sumo Collector, SUMOCOLLECT01, using the contents of the c:\sumo\source.json file.
$sshpass = Read-Host "Enter SSH Key Pass" -AsSecureString
$newsources = Import-Csv newsources.csv
$newsources | New-SumoCollectorSource -RemoteFileV2 -KeyPassword $sshpass -MultilineProcessingEnabled $false -Verbose
Using the contents of newsources.csv to fulfill all other mandatory (and otherwise) parameters for RemoteFileV2 sources, New-SumoCollectorSource adds new Sumo Collector Sources. In this case, all of them have the same KeyPassword, and have MultilineProcessing disabled. The verbose flag is being used here, for possible troubleshooting assistance.
$sshpass = Read-Host "Enter SSH Key Password" -AsSecureString
New-SumoCollectorSource -RemoteFileV2 -RemoteHosts "SSHSOURCE01" -RemotePort 22 -RemoteUser "sumo.serv.account" -KeyPassword $sshpass -KeyPath "c:\sumokeys\sumo.srv.account" -PathExpression "/var/log/messages" -MultilineProcessingEnabled $false -TimeZone "America/Chicago" -Category "SSH_VARLOG_MESSAGES" -Name "SSHSOURCE01_LINUX_MESSAGES" -Verbose
Creating a new Sumo Collector Remote File Source, using a Secure.String that has been stored in $sshpass for the KeyPassword parameter. Verbose flag is on.
$sshpass = Read-Host "Enter SSH Key Password" -AsSecureString
$Splat = @{"RemoteHosts"="SSHSOURCE01" "RemotePort"=22 "RemoteUser"="sumo.serv.account" "KeyPassword"=$sshpass "KeyPath"="c:\sumokeys\sumo.srv.account" "PathExpression"="/var/log/messages" "MultilineProcessingEnabled"=$false "TimeZone"="America/Chicago" "Category"="SSH_VARLOG_MESSAGES" "Name"="SSHSOURCE01_LINUX_MESSAGES"}
New-SumoCollectorSource -RemoteFileV2 -Verbose @Splat
Creating a new Sumo Collector Remote File Source with splatting. This is nicer in scripts, and also in help documentation. This essentially does the same thing as the previous example.
PENDING
PENDING
PENDING
PENDING
PENDING