> For the complete documentation index, see [llms.txt](https://docs.fusion.vectra.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.fusion.vectra.ai/automate-responses/configuring-response-integrations/sumo-logic.md).
# Sumo Logic
## Usage
The Sumo Logic syslog-based integration with the Vectra product provides powerful log management and analytics capabilities tailored for modern applications.
This integration offers streamlined visibility into network behaviors, security incidents, and operational trends. It enhances the ability to detect anomalies, respond to threats, and optimize performance across the network. You can automate alerts and derive actionable insights, making it a vital tool for network management, compliance, and continuous improvement.
## Vectra portal steps
In **Settings > Response Integrations**, click **Add Integration**. Select **Sumo Logic**\`
## Configuration
The following fields are specific to the Sumo Logic integration.
| Field | Required | Description | Example |
| ------------ | -------- | -------------------------------------------------------------------------------------- | ----------------------- |
| `Host` | yes | The hostname or IP address of the Sumo Logic server | `sumologic.example.com` |
| `Facility` | no | The syslog facility level to be used (e.g., auth, cron, daemon, etc.) | `auth` |
| `Syslog Tag` | no | The tag to be appended to each syslog message, used for easier filtering and searching | `neto.event` |
| `Output` | no | Specifies the format in which the syslog messages are sent | `DEFAULT` |
{% hint style="info" %}
**📘After your configuration is submitted, the Sumo Logic integration will be treated as a standard syslog integration in the Fusion portal.**
{% endhint %}
### Additional post configuration
After the Sumo Logic configuration is setup, you will need to configure a Response Policy in the Fusion portal and a custom parser in Sumo Logic to receive events from Fusion.
#### Configure a Response Policy to Sent Events to Sumo Logic
You can configure response policies in the portal by navigating to **Response -> Response Policies -> Add Response Policy**.
#### Configure Sumo Logic Custom Parser
To configure the custom log parser from Sumo Logic, follow the [custom parser](https://help.sumologic.com/docs/cse/schema/parser-editor/#configure-and-test-a-custom-parser) guide in Sumo Logic.
{% hint style="warning" %}
**🚧Ingested events in Sumo Logic will default to JSON format**
{% endhint %}
To get logs from the Fusion Portal to use for Panther's custom parser, go to **Search -> Events**, select an event. view the **raw record** from the properties tray, select the **JSON** tab, and click the top level clipboard icon as shown below:
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.fusion.vectra.ai/automate-responses/configuring-response-integrations/sumo-logic.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.