This script is an example of using the Sumo Logic API to retrieve collector details. This particular script looks for Linux servers and validates that each collector has the desired log sources defined. Those that do not contain all desired sources are denoted for farther investigation. <\/p>\n\n\n
\nimport requests\nfrom requests.auth import HTTPBasicAuth\nimport pandas as pd\nfrom config import access_id, access_key # Import your credentials from config.py\n\n# Base URL for Sumo Logic API\nbase_url = 'https:\/\/api.sumologic.com\/api\/v1'\n\ndef get_all_collectors():\n """Retrieve all collectors with pagination support."""\n collectors = []\n limit = 1000 # Adjust as needed; check API docs for max limit\n offset = 0\n\n while True:\n url = f'{base_url}\/collectors?limit={limit}&offset={offset}'\n response = requests.get(url, auth=HTTPBasicAuth(access_id, access_key))\n if response.status_code == 200:\n result = response.json()\n collectors.extend(result.get('collectors', []))\n if len(result.get('collectors', [])) < limit:\n break # Exit the loop if we received fewer than the limit, meaning it's the last page\n offset += limit\n else:\n print('Error fetching collectors:', response.status_code, response.text)\n break\n\n return collectors\n\ndef get_sources(collector_id):\n """Retrieve sources for a specific collector."""\n url = f'{base_url}\/collectors\/{collector_id}\/sources'\n response = requests.get(url, auth=HTTPBasicAuth(access_id, access_key))\n if response.status_code == 200:\n sources = response.json().get('sources', [])\n # print(f"Log Sources for collector {collector_id}: {sources}")\n return sources\n else:\n print(f'Error fetching sources for collector {collector_id}:', response.status_code, response.text)\n return []\n\ndef check_required_logs(sources):\n """Check if the required logs are present in the sources."""\n required_logs = {\n '_security_events': False,\n '_linux_system_events': False,\n 'cron_logs': False,\n 'dnf_rpm_logs': False\n }\n\n for source in sources:\n if source['sourceType'] == 'LocalFile':\n name = source.get('name', '')\n for key in required_logs.keys():\n if name.endswith(key):\n required_logs[key] = True\n\n # Determine missing logs\n missing_logs = {log: "MISSING" if not present else "" for log, present in required_logs.items()}\n return missing_logs\n\n# Main execution\nif __name__ == "__main__":\n collectors = get_all_collectors()\n report_data = []\n\n for collector in collectors:\n # Check if the collector's osName is 'Linux'\n if collector.get('osName') == 'Linux':\n collector_id = collector['id']\n collector_name = collector['name']\n print(f"Checking Linux Collector: ID: {collector_id}, Name: {collector_name}")\n\n sources = get_sources(collector_id)\n missing_logs = check_required_logs(sources)\n if any(missing_logs.values()):\n report_entry = {\n "Collector Name": collector_name,\n "_security_events": missing_logs['_security_events'],\n "_linux_system_events": missing_logs['_linux_system_events'],\n "cron_logs": missing_logs['cron_logs'],\n "dnf_rpm_logs": missing_logs['dnf_rpm_logs']\n }\n # print(f"Missing logs for collector {collector_name}: {report_entry}")\n report_data.append(report_entry)\n\n # Create a DataFrame and write to Excel\n df = pd.DataFrame(report_data, columns=[\n "Collector Name", "_security_events", "_linux_system_events", "cron_logs", "dnf_rpm_logs"\n ])\n\n # Generate the filename with current date and time\n if not df.empty:\n timestamp = pd.Timestamp.now().strftime("%Y%m%d-%H%M")\n output_file = f"{timestamp}-missing_logs_report.xlsx"\n df.to_excel(output_file, index=False)\n print(f"\\nData written to {output_file}")\n else:\n print("\\nAll collectors have the required logs.")\n<\/pre><\/div>","protected":false},"excerpt":{"rendered":"This script is an example of using the Sumo Logic API to retrieve collector details. This particular script looks for Linux servers and validates that each collector has the desired log sources defined. Those that do not contain all desired sources are denoted for farther investigation.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2076],"tags":[664,2074,2075],"class_list":["post-11346","post","type-post","status-publish","format-standard","hentry","category-sumo-logic","tag-python","tag-sumo-logic","tag-sumo-logic-api"],"_links":{"self":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/11346","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11346"}],"version-history":[{"count":1,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/11346\/revisions"}],"predecessor-version":[{"id":11347,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/11346\/revisions\/11347"}],"wp:attachment":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11346"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11346"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11346"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}