+
\ No newline at end of file
diff --git a/docs/api/about-apis/intro-to-apis.md b/docs/api/about-apis/intro-to-apis.md
new file mode 100644
index 0000000000..2d9a247c4f
--- /dev/null
+++ b/docs/api/about-apis/intro-to-apis.md
@@ -0,0 +1,356 @@
+---
+id: intro-to-apis
+title: Introduction to Sumo Logic APIs
+sidebar_label: Intro to APIs
+description: Learn how to get started with the Sumo Logic APIs
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+
+
+
+ })
+Introduction to Sumo Logic APIs
+Learn how to get started with the Sumo Logic APIs.
+
+
+
+ })
+Authentication and Endpoints
+Get your API credentials and endpoint URL to start using the Sumo Logic APIs.
+
+
+
+ })
+Use Terraform with Sumo Logic
+Learn how to use Terraform with Sumo Logic.
+
+
+
+ })
+Troubleshooting
+Troubleshoot errors you may find when using the Sumo APIs.
+
+
+Sumo Logic has a host of useful APIs across all products that can add valuable functionality to any organization by providing access to data and activities without going through the website. API calls can be used for data gathering, automation of processes, and custom reports.
+
+This article presumes that you have a solid understanding of Sumo Logic functionality: collectors, queries, security offerings, etc. While APIs are typically for "power users" looking for additional customization and access to web service resources, you also don't need a computer science degree to understand and make use of API calls. This article helps walk you through the basics and get you going with important data queries through the API.
+
+In this article, you'll learn about:
+* How to create a Sumo Logic access ID/key.
+* How to access Sumo Logic APIs.
+* How to use APIs with Sumo Logic's Cloud SIEM.
+
+## Create an access key
+
+To use the Sumo Logic APIs you need a [Sumo Logic access ID and access key](/docs/manage/security/access-keys/). To do this, you need to log in to the main Sumo Logic web interface with a Sumo Logic user account that has the [Create Access Keys role capability](/docs/manage/users-roles/roles/role-capabilities/#security).
+
+In this section, we'll walk you through creating a personal access key that you can use to access the API in the subsequent sections.
+
+1. In the main Sumo Logic menu, select your user name and then **Preferences > Personal Access Keys**.
+1. On the **Personal Access Keys** tab, click **+Add Access Key** in the upper right.})
+1. Fill in a name for the **Access Key** on the following window.})
Note that the access key has the same privileges as the user creating the key. In other words, if your user account is not able to access certain products or areas of functionality in the Sumo Logic web site, you are not be able to access those functions through the API either.
You can reduce the privileges available to the access key by using the **Scopes** section to select a subset of the user account privileges to grant to the access key for API use. To do so, click **Custom** and select the desired set of **View** and **Manage** privileges from the list of user permissions given. +1. Click **Save** when finished. +1. On the following popup screen after clicking **Save**, your access ID and access key are displayed. These will not be available again once this screen is closed, so make sure you copy both the ID and key to another text file for reference before closing the popup. If you miss copying either the access values, find your access key in the list, delete it, and then recreate it.
})
+
+A user with the [Manage Access Keys role capability](/docs/manage/users-roles/roles/role-capabilities/#security) can create and manage access keys for other users in your organization. As an administrator, you can use the general **Access Keys** page instead of the **Personal Access Keys** page.
+
+1. Navigate to the **Access Keys** page. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic/). From the left menu, click **Administration > Security**, then select the **Access Keys** tab. [**New UI**](/docs/get-started/sumo-logic-ui/). In the upper-right corner, click on **Administration > Access Keys**.
+1. Click **+Add Access Key** in the upper right and create it using the same steps as above.
+
+As with the personal access key popup, any displayed ID/key will not be available again once the display screen is closed, so make sure you copy both the ID and key to another location for reference before closing the popup. If you miss copying either of the access values, find your access key in the list, delete it, and then recreate it.
+
+## Making an API connection
+
+Once you have an access ID and key, we can start making API connections and see the type of data we can access. First you need to determine the proper API endpoint for your area of the world.
+
+Check [API Authentication, Endpoints, and Security](/docs/api/about-apis/getting-started) to find the proper endpoint URL to use. For instance, US users would use either `https://api.sumologic.com/api/` or `https://api.us2.sumologic.com/api/`.
+
+This article uses the standard US base URL for expediency, although if you are from a different area of the world, substitute your local base URL for `api.sumologic.com` in the example API calls throughout the following sections.
+
+Sumo Logic API calls take the following form:
+
+`})
+
+Each collector is listed in detail within the API return data, which is in [name/value JSON format](https://www.json.org/). All the collector info such as ID, name, type, and version is listed for collectors in your system. This info can be parsed and saved elsewhere, or used as a reference for future queries or reports.
+
+However, most API users do not use a traditional web browser for API calls, other than perhaps one-off queries for quick informational purposes. It would be tedious to have to manually enter the URL along with the user name and password each time if successive calls are to be made. More commonly, users make API calls through a command line interface (CLI), through an application designed for API testing, or through programming code or scripts.
+
+An open source application such as [Postman](https://www.postman.com/) can be a convenient tool for testing and developing with API calls. To use Postman, download and install the app. Then:
+1. Enter the URL for the API call.
+1. Click the **Authorization** tab.
+1. Fill in the username and password fields with your Sumo Logic access ID and access key respectively.
+1. Click **Send** when finished.
+1. You see the JSON output (or error messages if there is a problem) in the bottom panel.
+
+})
+
+Most programming and scripting languages provide modules and libraries for making web service and API calls in code. For instance, the following Python code can make the same "get collectors" call programmatically using the `requests` library:
+
+```
+import requests
+def get_collectors():
+ url = 'https://api.sumologic.com/api/v1/collectors'
+ try:
+ response = requests.get(url, auth=('})
+
+Note that the data retrieved can give us a lot of information about the collectors in our system: name, type, whether it is active (alive), etc. Taking note of the collector ID allows us to make targeted API calls to get only the info about specific collectors. We can do this by appending the ID to the URL as an additional parameter:
+
+`https://api.sumologic.com/api/v1/collectors/})
+
+Note that the collector data itself also contains a helpful follow-up link to analyze the sources currently configured for our chosen collector. Follow up by clicking on (or copying into the URL field) the given URL for sources: `https://api.sumologic.com/api/v1/collectors/})
+
+This set of API calls allows for configuration collection through code or scripting. For instance, you might:
+1. Get the list of collectors with an API call.
+1. Save the list for backup purposes and note the collector IDs listed in the JSON feed.
+1. Use the individual IDs to query some or all of the collectors for source information.
+1. Generate custom reports or answer configuration questions:
+ * Do I have any collectors or sources that aren't working (`alive = "false"`)?
+ * Which collectors or sources are using a particular auth type or account credentials?
+
+Using API calls for custom reports can save time (and thus money) by automating data queries without requiring operators to manually look up collector data or status through the web interface.
+
+## Sorting and filtering
+
+"GET" calls through the Sumo Logic API have the ability to do sorting and filtering through query parameters directly through the URL. Query parameters are extra values added to the end of an API call using the following syntax:
+
+`})
+
+In order to ensure it processes and returns in a timely manner, an API command has an internal limit to the number of data entries to return, in cases where the source data is very large. The specific limit differs depending on the API command. The limit is 100, for instance, when querying users, but 1000 for collector queries. If the total number of entries exceeds the limit for the API command, the response returns in "page" form, where the first N entries (up to the limit) are returned, with a special `"next"` token added to the JSON response at the end.
+
+})
+
+Add this token value to the following API call to get the next "page" of data, up to the limit again:
+
+`})
+
+If the number of entries returned per page is still too large and unwieldy for certain operations, you can change the page limit manually by adding a query parameter `limit`:
+
+`https://api.sumologic.com/api/v1/users?limit=20`
+
+With this command, the API response returns only 20 users per page.
+
+Return values can be sorted by adding a `sortBy` parameter with a field name. (Not all fields are supported for sorting. Check the [Sumo Logic API documentation](https://api.sumologic.com/docs/#section/Getting-Started/Sorting) for your specific command to see the sorting options).
+
+`https://api.sumologic.com/api/v1/users?sortBy=lastName`
+
+})
+
+You can search for entries that match specific values by including the field name and the value to search for as a query parameter. For instance, to search for the user entry for a specific email, you would use the URL:
+
+`https://api.sumologic.com/api/v1/users?email=})
+
+## Modifying an existing object
+
+While GET commands to retrieve data represent the most common use case for APIs, you may have need to change existing objects in your system. Modify operations can also be done through API commands, although the preparation and process is a little different.
+
+If you want to edit objects through the API, you need to have the proper privileges through the regular Sumo Logic website. If you don't have access or permission to change something in the main web interface, you won't be able to do it through the API either.
+
+### Modifying a collector
+
+For an example, let's suppose we want to change the name and description of an existing collector in our system. We've seen we can request the current configuration details of a collector through the following URL:
+
+`https://api.sumologic.com/api/v1/collectors/})
+
+When we are changing configuration details, we don't make individual requests for each field like name or description, but we provide the new (complete) configuration for that collector in its entirety. This means we can make multiple changes (if needed) to our collector at the same time without making multiple API calls. We will be providing the entire configuration which will overwrite any and all fields from the original configuration that are different.
+
+To do this, we need to provide a correctly formed JSON configuration for the collector to modify. Because it can be easy to make a formatting mistake or typo when creating collector JSON, it is recommended to copy the original configuration JSON from our GET command to another text editor to make our changes:
+
+})
+
+In the text editor, we can make one or more changes to the configuration (even including adding fields that weren't present in the original configuration), while keeping the original JSON format and structure intact. In the above example, we've changed the name of the collector, added a description field, and added a cluster value to the `"fields"` property.
+
+### Understanding ETags and object integrity
+
+We're almost ready to change our collector configuration in the API. However, we are still missing one important piece of information.
+
+Many modern APIs (including Sumo Logic) provide protection against multiple sources changing object configurations at the same time. It is possible that during the brief period of time between when we executed our GET command to retrieve the current collector configuration and when we execute our PUT command to change the configuration, some other source has used the API or the website to change the collector configuration in other ways. The Sumo Logic API is configured so that you need to guarantee that the collector configuration has not changed in the interim before it will allow any new changes to be accepted.
+
+We do this through a unique `ETag` value that is provided whenever an individual data object is retrieved using a GET command. The data object's ETag will change whenever the object configuration changes, so matching ETags between the GET and PUT commands ensures that the object has not changed in the interim.
+
+The ETag for a GET command in Postman can be found in the **Headers** section of the HTTP response, as shown in the screenshot below. If you are using other methods to make API calls, you need to access the ETag in the response object through code or script statements, or if you are using CLI commands you need to execute your GET command with the proper flags (such as `-v`) according to your CLI documentation to provide and view the ETag.
+
+For reference, copy the given ETag (including the double-quotes) to a separate text editor to use momentarily.
+
+})
+
+### Creating a PUT command
+
+We are now ready to execute our modify command. Set the HTTP verb (in code, in your app, or in your CLI command) to "PUT". (Remember the URL is exactly the same as the GET command, just with a new HTTP verb.)
+
+We'll need to provide in our HTTP request the new configuration for this collector object. We'll do this by copying the JSON from our text editor with our desired changes into the body of our request.
+
+})
+
+As discussed earlier, we need to provide the ETag from our GET command to ensure that there are no interim changes that would cause our modifications to be rejected. Either through code or through the app, we will add an `IF-MATCH` header to our PUT command with the ETag value (remember to keep the double-quotes).
+
+})
+
+With these elements in place, we are now ready to execute the PUT command. If the command is successful, we will receive an "echo" of the new configuration as the response body. If something is not configured correctly (the new configuration is not properly formed, or the ETag doesn't match, for instance), you will see an error message as the body of the response instead. You can always check the changed configuration through another GET command (or through the website) to ensure that the changes were accepted.
+
+})
+
+## Creating a new object
+
+API users frequently want to create their own data objects through the API in addition to modifying the existing ones. Sumo Logic supports object creation through the API in the same way as viewing and modification. In this instance we will be using the "POST" HTTP verb. Sumo Logic conforms to general API standards across the software industry where POST is used for creation commands, while PUT is for modification commands. Note, however, that some commands don't fit nicely into one category or another so always check the [Sumo Logic API documentation](https://api.sumologic.com/docs/) for the official verb to use when sending a command.
+
+As an example let's look at creating a new user. We saw in an earlier section that we can retrieve the list of users in the system through the following URL:
+
+`[GET] https://api.sumologic.com/api/v1/users`
+
+})
+
+As we've learned, we can use the same URL for multiple commands just by changing the verb. In this case, we will use the same URL to create a user, just with the POST verb instead.
+
+When we edited an existing data object, it was easiest to do a GET query and copy the exact format and fields in order to make modifications (and in addition we needed the GET ETag in order to get the system to accept our changes).
+
+When creating a new object we don't need to worry about object integrity, so ETags aren't necessary. Also, many fields in the user object (such as the ID, `createdAt`, `lastLoginTimestamp`, etc.) are created and managed by the system, and are not required (nor available) to be set by the operator. Thus when creating a new object, there are usually only a limited number of fields that need to be provided, with the system generating and updating the rest.
+
+We can check the [Sumo Logic API documentation for the "Create a new user" command](https://api.sumologic.com/docs/#operation/createUser) for the exact details we need:
+
+})
+
+It can be helpful to copy the exact format from the documentation to a separate editor in order to fill in the proper fields, in this case, first name, last name, email, and any role IDs.
+
+How do we determine the role IDs? The list of available roles in the system can be fetched through another API call:
+
+`[GET] https://api.sumologic.com/api/v1/roles`
+
+})
+
+With this query you can find the appropriate roles for the new user and copy the IDs. Alternately, you can find an existing user that has the same permissions as you want the new user to have and copy the same role IDs from their user record.
+
+Using this info, we can formulate the JSON with the new user details, and paste it into the body portion of our new request. (Remember to set the HTTP verb to "POST") If the command succeeds, you will see the new full user record in the body of the response, with the additional fields (including the new user's ID) filled in by the system.
+
+})
+
+A few important notes to keep in mind if you plan on creating and managing new users through the API:
+* New users will still require account activation, whether they are created through the API or through the website. Sumo Logic will send an activation email to the email address specified in the new user entry to activate the account. The email will be sent automatically if the "create user" POST command succeeds.
+* If for some reason you need to resend that activation email, you do not need to delete and recreate the user entry in the API. Sumo Logic supports a separate API command to resend confirmation emails, provided you know the user ID (which you can get through the API response to the POST command above):`[POST] https://api.sumologic.com/api/v1/users/{userID}/resendWelcomeEmail` +* Existing user details can be modified through the API through a PUT command sent to:
`[PUT] https://api.sumologic.com/api/v1/users/{userID}`
Note that only first name, last name, and role ID(s) can be changed through this command. If you need to change a user's email address, this is done through a separate API command:
`[POST] https://api.sumologic.com/api/v1/users/{userID}/email/requestChange`
Using this command triggers another activation email, sent to the new email address designated in the body. +* Password resets for users can be done through another separate API command:
`[POST] https://api.sumologic.com/api/v1/users/{userID}/password/reset` + +[Check the Sumo Logic API documentation for "Users"](https://api.sumologic.com/docs/#tag/userManagement) for the proper body format for each of the above POST and PUT commands, to ensure that the right fields are included and in the right JSON format. + +## Deleting objects + +API commands can be used to delete data objects from the system just like creating or modifying objects. Deleting data objects typically use the HTTP "DELETE" verb, using the same process (and often the same URLs) as the other HTTP verbs. + +For instance, removing a collector from the system uses the same API as the GET command, just with a DELETE verb instead: + +`[DELETE] https://api.sumologic.com/api/v1/collectors/[collectorID]` + +If the operation succeeds you won't see anything in the response body. Instead you can check for the standard HTTP 200 OK response code indicating that the command was completed. + +
})
+
+If the operation fails, you see a 400 or 500 level HTTP error code (depending on the specific error), along with a response body containing more detailed error information (such as an invalid collector ID).
+
+})
+
+:::note
+Deleting collectors or other data objects through the API cannot be undone. We recommend saving a backup copy of the collector configuration (through the API GET commands) so that in case of a mistake, the collector can be recreated through the API using the same original configuration.
+:::
+
+In a similar fashion, deleting users from the system can be done through the same URL structure:
+
+`[DELETE] https://api.sumologic.com/api/v1/users/[userID]`
+
+:::note
+[When users are deleted from the system](/docs/manage/users-roles/users/delete-user/), you need to decide whether to also delete any of their created content in the Sumo Logic system. The default setting is "no". Any created content by the deleted user remains in the system assigned now to the user who executed the API command.
+:::
+
+To delete all user created content in addition to the user record, use the `deleteContent` query parameter, set to `true`:
+
+`[DELETE] https://api.sumologic.com/api/v1/users/[userID]?deleteContent=true`
+
+Alternately, you can specify a different user to inherit the created content after the original user is removed; to do this, include a `transferTo` parameter:
+
+`[DELETE] https://api.sumologic.com/api/v1/users/[userID]?transferTo=[transferUserID]`
+
+## Using the Sumo Logic APIs with Cloud SIEM
+
+Sumo Logic's Cloud SIEM has a supported API that works similarly to the regular Sumo Logic service APIs. Users with an active access ID and key can send commands to Cloud SIEM with the same GET/PUT/POST/DELETE functionality.
+
+The [Cloud SIEM API](/docs/api/cloud-siem-enterprise/) documentation can be found [here](https://api.sumologic.com/docs/sec). The biggest difference to remember is that the base API URL has an `sec` included before the version for all Cloud SIEM API commands:
+
+`https://api.sumologic.com/api/sec/[version]/[commandName]`
+
+For instance, you can query the list of current Cloud SIEM insights using the following URL:
+
+`[GET] https://api.sumologic.com/api/sec/v1/insights/all`
+
+})
+
+Note that the `all` command for insights only retrieves a subset of info and configuration details about each insight, as shown in the query above. For full details on the insight, including the complete list of composite signals in the insight, query the insight details directly using the insight ID:
+
+`[GET] https://api.sumologic.com/api/sec/v1/insights/[insightID]`
+
+})
+
+You can also use the insight ID to access other configuration tools, such as changing the status of an insight:
+
+`[PUT] https://api.sumologic.com/api/sec/v1/insights/[insightID]/status?status=[newStatus]`
+
+Or add a new comment to an existing insight by creating comment text in the request body:
+
+`[POST] https://api.sumologic.com/api/sec/v1/insights/[insightID]/comments/`
+
+})
+
+All elements of Cloud SIEM functionality are available through the API, including rules, match lists, automations, tags, and custom actions. Users can even use the API to generate their own insights based on a custom selection of signals.
\ No newline at end of file
diff --git a/docs/api/about-apis/terraform-with-sumo-logic.md b/docs/api/about-apis/terraform-with-sumo-logic.md
new file mode 100644
index 0000000000..5964b4aef7
--- /dev/null
+++ b/docs/api/about-apis/terraform-with-sumo-logic.md
@@ -0,0 +1,245 @@
+---
+id: terraform-with-sumo-logic
+title: Use Terraform with Sumo Logic
+sidebar_label: Terraform with Sumo Logic
+description: Learn how to use Terraform with Sumo Logic.
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+
+
+## What is Terraform?
+
+[Terraform](https://developer.hashicorp.com/terraform) is an "infrastructure as code" tool developed by Hashicorp. Terraform scripts are used to define both cloud and on-prem resources in human-readable configuration files. Using Terraform scripts makes it easier for system administrators to provision and manage infrastructure and system resources consistently and reliably. The Terraform community, including Sumo Logic, supports Terraform through providers and APIs allowing applications to install and manage different types of resources and services from different vendors in one workflow. See the [Terraform Sumo Logic provider](https://registry.terraform.io/namespaces/SumoLogic).
+
+## Sumo Logic use cases
+
+You can use Terraform to manage all sorts of Sumo Logic resources. Here are some use cases:
+* [Manage monitors](https://www.sumologic.com/blog/terraform-sumo-logic)
+* [Manage collectors, users, and roles](https://www.sumologic.com/blog/terraform-provider-hosted)
+* [Deploy solutions (like AWS Observability)](/docs/observability/aws/deploy-use-aws-observability/deploy-with-terraform/)
+
+## Prerequisites
+
+To use Terraform with Sumo Logic, you need the following:
+* A Sumo Logic [account](/docs/get-started/sign-up/)
+* A Sumo Logic [access key](/docs/manage/security/access-keys/)
+* [Terraform](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli)
+
+## Using Sumo Logic's AWS Terraform template
+
+To illustrate how to use Terraform with Sumo Logic, we'll walk you through [how to deploy the Sumo Logic AWS Observability Solution with a Terraform template](/docs/observability/aws/deploy-use-aws-observability/deploy-with-terraform/). Sumo Logic has already established a Terraform template containing the basic script items needed to setup an AWS installation with the proper AWS and Sumo Logic resources and components.
+
+To use this solution template, you should already have:
+* A Sumo Logic account.
+* An AWS account.
+* A [Sumo Logic access ID and access key](/docs/manage/security/access-keys/).
+
+Perform the following steps to use the template:
+
+1. The solution template files can be found [here](https://github.com/SumoLogic/sumologic-solution-templates/tree/master/aws-observability-terraform), in the Sumo Logic solution templates Github repository. To implement this solution, copy or clone the files in the repository to your server or local machine. For instance, from the command line, you can use the following command to clone the repository:`git clone https://github.com/SumoLogic/sumologic-solution-templates` +1. In preparation, you will want to complete the following steps on your server or local machine: + 1. [Install Terraform](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli) (version 1.6 or later). + 1. [Install Python](https://www.python.org/downloads/) (version 3.11 or later). + 1. [Install the latest version of the "jq" JSON parser](https://github.com/jqlang/jq/wiki/Installation), necessary to run the `.sh` batch files in the template. + 1. [Install the Sumo Logic Python SDK](https://pypi.org/project/sumologic-sdk/). + 1. [Install the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html). +1. Next, navigate to the `sumologic-solution-templates` folder where you cloned the repository, and go to the `aws-observability-terraform` subdirectory. Set this directory to be the Terraform working directory by executing the following command: `terraform init` +1. Using the solution template starts with [the main.auto.tfvars file](https://github.com/SumoLogic/sumologic-solution-templates/blob/master/aws-observability-terraform/main.auto.tfvars) which contains variable settings for your Sumo Logic organization, access ID and key, and other configuration information that will be referenced by the other template files. Open this file and fill in each field with the requested information.
})
Check the [Sumo Logic API endpoints](/docs/api/about-apis/getting-started/#sumo-logic-endpoints-by-deployment-and-firewall-security) if you need help finding the proper deployment value to use. +1. As part of the AWS Observability solution, we'll want to create and use the proper fields and FERs in Sumo Logic (see [here](/docs/observability/aws/deploy-use-aws-observability/resources/) for more details). Make sure you are in the `aws-observability-terraform` sub-directory, and run the following CLI commands (with the appropriate information included): + ``` + export SUMOLOGIC_ENV="YOUR_SUMOLOGIC_DEPLOYMENT" + export SUMOLOGIC_ACCESSID="YOUR_SUMOLOGIC_ACCESS_ID" + export SUMOLOGIC_ACCESSKEY="YOUR_SUMOLOGIC_ACCESS_KEY" + ``` +1. Then run the `fields.sh` script with the following command: `sh fields.sh` +1. Next, let's look at the [providers.tf file](https://github.com/SumoLogic/sumologic-solution-templates/blob/master/aws-observability-terraform/providers.tf), which connects Terraform to the Sumo Logic and AWS provider plugins.
})
The Sumo Logic provider is already configured, as we can simply reference the environment and access key settings from the `tfvars` file configured earlier. For the AWS provider, change the region setting (if needed). Then, uncomment the `profile` and `alias` fields (lines 16 and 20, by deleting the `#`) and fill in the values using your AWS profile name (from the AWS CLI) and a custom alias to identify this provider. + :::note + This installation is assuming you are using a single AWS account in a single region. If you need to configure multiple AWS accounts and/or multiple regions, see [Option 2: Deploy to Multiple Regions within an AWS account](/docs/observability/aws/deploy-use-aws-observability/deploy-with-terraform/#option-2-deploy-to-multiple-regions-within-an-aws-account) for additional information on configuring the `providers.tf` file. + ::: +1. Lastly, let's look at the [main.tf](https://github.com/SumoLogic/sumologic-solution-templates/blob/master/aws-observability-terraform/main.tf) file.
})
The top `sumo-module` section can usually be left alone unless there are [settings that need to be overridden](/docs/observability/aws/deploy-use-aws-observability/deploy-with-terraform/#appendix) for your install.
The bottom `collection-module` section is given as a template, but you will usually want to comment out this section (add `#` in front of every line) and create your own module definition using the AWS alias(es) defined in the `provider.tf` file earlier.
An example: + ``` + module "
Once the above files are configured, you can run Terraform against your scripts by executing the following CLI commands in sequence: + ``` + terraform validate + terraform plan + terraform apply + ``` + Terraform will report back during these processes if there are any issues with the text of the terraform files that needs troubleshooting. + +## Understanding the Terraform format + +Terraform scripts are text files, typically with a `.tf` extension, that use names and values in a hierarchal format, defined by curly braces `{ }`. Terraform scripts can be edited with any text editor, and although they are intended to be run automatically by a computer system, the script elements are generally human-readable and not difficult to parse and understand. + +Let's look at some examples: +* [Terraform providers](#terraform-providers) +* [Terraform resources](#terraform-resources) +* [Terraform state files](#terraform-state-files) + +### Terraform providers + +A *provider* is a Terraform module or plugin developed by a vendor that defines which vendor resources are available for Terraform to create and manage. Sumo Logic has an established Terraform provider plugin, as does AWS and other major cloud vendors. The Terraform script section defining the provider for resources defined by other parts of the script might look like this: + +``` +provider "aws" { + profile = "default" + region = "us-west-2" +} +``` + +This script represents the general Terraform syntax: a keyword defining the block section (`provider` in this case), the name of the provider (`aws`) and a series of one or more name/value pairs (or named sub-blocks) one per line with a equal sign, demarcated by curly braces. + +Terraform scripts can define a block at the beginning of a script that outlines which providers are required for a particular script to function. For instance, to require the Sumo Logic provider (and set the necessary version), you can use the following: + +``` +terraform { + required_providers { + sumologic = { + source = "sumologic/sumologic" + version = ">= 0.13" + } + } +} +``` + +### Terraform resources + +A *resource* is an infrastructure element that can be defined and created from the available resources produced by the provider. A resource definition will look similar in form to the provider definition: + +``` +resource "aws_s3_bucket" "training" { + bucket = "sumo-training-2025" + acl = "private" +} +``` + +Resources will have a resource type (defined by the provider, `aws_s3_bucket` in this case), our name for the resource in Terraform (`training`), then a block of name/value pairs or sub-blocks, with available property values defined by the provider for that resource. You will need to check the documentation for each individual provider to see the resource types and configuration values available to reference in Terraform scripts. + +Resource definitions can refer to other resources using a variable "dot" syntax. For instance, here's an associated website configuration resource that is tied to our AWS S3 bucket from the previous example: + +``` +resource "aws_s3_bucket_website_configuration" "training" { + bucket = aws_s3_bucket.training.bucket + index_document { + suffix = "index.html" + } +} +``` + +Note that instead of needing to repeat the same bucket name, we can reference the bucket name from the earlier resource by using `
})
+
+## Additional resources
+
+* Blogs:
+ * [How to Use the New Sumo Logic Terraform Provider for Hosted Collectors](https://www.sumologic.com/blog/terraform-provider-hosted)
+ * [Terraform and Sumo Logic – Build Monitoring into your Cloud Infrastructure](https://www.sumologic.com/blog/terraform-sumo-logic)
+* Terraform resource: [Sumo Logic Provider](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs)
+* GitHub: [terraform-provider-sumologic](https://github.com/SumoLogic/terraform-provider-sumologic)
\ No newline at end of file
diff --git a/docs/api/troubleshooting.md b/docs/api/about-apis/troubleshooting.md
similarity index 99%
rename from docs/api/troubleshooting.md
rename to docs/api/about-apis/troubleshooting.md
index 97f60c9921..e070b0e9d9 100644
--- a/docs/api/troubleshooting.md
+++ b/docs/api/about-apis/troubleshooting.md
@@ -6,7 +6,7 @@ description: This guide provides information to help you troubleshoot errors you
---
import useBaseUrl from '@docusaurus/useBaseUrl';
-import ApiEndpoints from '../reuse/api-endpoints.md';
+import ApiEndpoints from '../../reuse/api-endpoints.md';
diff --git a/docs/api/collector-management/collector-api-methods-examples.md b/docs/api/collector-management/collector-api-methods-examples.md
index 98073a214b..67df8fa1ef 100644
--- a/docs/api/collector-management/collector-api-methods-examples.md
+++ b/docs/api/collector-management/collector-api-methods-examples.md
@@ -19,11 +19,11 @@ You need the [Manage or View Collectors role capability](/docs/manage/users-role
See the following topics for additional information:
-* [API Authentication](/docs/api/getting-started#authentication) for information on API authentication options.
-* [Sumo Logic Endpoints](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for a list of API endpoints to use to connect your API client to the Sumo Logic API.
+* [API Authentication](/docs/api/about-apis/getting-started#authentication) for information on API authentication options.
+* [Sumo Logic Endpoints](/docs/api/about-apis/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for a list of API endpoints to use to connect your API client to the Sumo Logic API.
* [Use JSON to Configure Sources](/docs/send-data/use-json-configure-sources) for a description of Source parameters.
* [View or Download Collector or Source JSON Configuration](/docs/send-data/use-json-configure-sources/local-configuration-file-management/view-download-source-json-configuration) for instructions on viewing or downloading the current JSON configuration file for a collector or source from the web application.
-* [Troubleshooting APIs](/docs/api/troubleshooting) for information on troubleshooting Sumo Logic API errors.
+* [Troubleshooting APIs](/docs/api/about-apis/troubleshooting) for information on troubleshooting Sumo Logic API errors.
There is a community-supported script available on GitHub that allows you to conduct bulk actions to Collectors. See [Collector Management Script](https://github.com/SumoLogic/collector-management-client).
diff --git a/docs/api/index.md b/docs/api/index.md
index 1e4666ce00..0dd4a23692 100644
--- a/docs/api/index.md
+++ b/docs/api/index.md
@@ -11,8 +11,8 @@ Use the Sumo Logic Application Programming Interfaces (APIs) to interact with ou
-
Authentication and Endpoints
-Get your API credentials and endpoint URL to start using the Sumo Logic APIs.
+About Sumo Logic APIs
+Learn about Sumo Logic APIs, including endpoints and how to use them.
}){kind=icon}
Users
-
-
:::sumo Get Help
diff --git a/docs/api/metrics.md b/docs/api/metrics.md
index f8cf13f2be..2c406abc96 100644
--- a/docs/api/metrics.md
+++ b/docs/api/metrics.md
@@ -27,7 +27,7 @@ You will need:
Sumo Logic has deployments that are assigned depending on the geographic location and the date an account is created. For API access, you must manually direct your API client to the correct Sumo Logic API URL.
-See [Sumo Logic Endpoints](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
+See [Sumo Logic Endpoints](/docs/api/about-apis/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
An `HTTP 301 Moved` error suggests that the wrong endpoint was specified.
diff --git a/docs/api/search-job.md b/docs/api/search-job.md
index f15429d0d2..500548d94c 100644
--- a/docs/api/search-job.md
+++ b/docs/api/search-job.md
@@ -46,7 +46,7 @@ The Search Job API is available to Enterprise accounts.
Sumo Logic has deployments that are assigned depending on the geographic location and the date an account is created. For API access, you must manually direct your API client to the correct Sumo Logic API URL.
-See [Sumo Logic Endpoints](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
+See [Sumo Logic Endpoints](/docs/api/about-apis/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
An `HTTP 301 Moved error` suggests that the wrong endpoint was specified.
diff --git a/docs/api/service-map.md b/docs/api/service-map.md
index 3990293a6e..5317d09e4c 100644
--- a/docs/api/service-map.md
+++ b/docs/api/service-map.md
@@ -47,7 +47,7 @@ Tracing APIs give you the ability to browse and execute queries for traces and s
Sumo Logic has deployments that are assigned depending on the geographic location and the date an account is created. For API access, you must manually direct your API client to the correct Sumo Logic API URL.
-See [Sumo Logic Endpoints](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
+See [Sumo Logic Endpoints](/docs/api/about-apis/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
An `HTTP 301 Moved error` suggests that the wrong endpoint was specified.
diff --git a/docs/api/span-analytics.md b/docs/api/span-analytics.md
index abaf508021..0e0635d895 100644
--- a/docs/api/span-analytics.md
+++ b/docs/api/span-analytics.md
@@ -21,7 +21,7 @@ Tracing APIs give you the ability to browse and execute queries for traces and s
## Documentation
-Documentation for OpenAPI built APIs is hosted on each deployment. Sumo Logic has several deployments that are assigned depending on the geographic location and the date an account is created. See [how to determine which endpoint to use](/docs/api/getting-started#which-endpoint-should-i-should-use) if you are unsure.
+Documentation for OpenAPI built APIs is hosted on each deployment. Sumo Logic has several deployments that are assigned depending on the geographic location and the date an account is created. See [how to determine which endpoint to use](/docs/api/about-apis/getting-started#which-endpoint-should-i-should-use) if you are unsure.
Select the documentation link for your deployment:
@@ -49,7 +49,7 @@ Select the documentation link for your deployment:
Sumo Logic has deployments that are assigned depending on the geographic location and the date an account is created. For API access, you must manually direct your API client to the correct Sumo Logic API URL.
-See [Sumo Logic Endpoints](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
+See [Sumo Logic Endpoints](/docs/api/about-apis/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
An `HTTP 301 Moved error` suggests that the wrong endpoint was specified.
diff --git a/docs/api/tracing.md b/docs/api/tracing.md
index ed359b1b33..9caf7ec992 100644
--- a/docs/api/tracing.md
+++ b/docs/api/tracing.md
@@ -47,7 +47,7 @@ Tracing APIs give you the ability to browse and execute queries for traces and s
Sumo Logic has deployments that are assigned depending on the geographic location and the date an account is created. For API access, you must manually direct your API client to the correct Sumo Logic API URL.
-See [Sumo Logic Endpoints](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
+See [Sumo Logic Endpoints](/docs/api/about-apis/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) for the list of the URLs.
An `HTTP 301 Moved error` suggests that the wrong endpoint was specified.
diff --git a/docs/cloud-soar/automation.md b/docs/cloud-soar/automation.md
index 1360202766..4f407fb6fe 100644
--- a/docs/cloud-soar/automation.md
+++ b/docs/cloud-soar/automation.md
@@ -71,8 +71,8 @@ You can configure a [webhook connection](/docs/alerts/webhook-connections/cloud-
1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Monitoring > Connections**.
-
-Troubleshooting
-[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Monitoring** select **Connections**. You can also click the **Go To...** menu at the top of the screen and select **Connections**. 1. Click **+** and choose **Cloud SOAR** as the connection type. The **Create Cloud SOAR Connection** dialog is displayed.
})
1. Enter a **Name** and give an optional **Description** to the connection.
-1. The **URL** field shows your [Sumo Logic API endpoint](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security) followed by `/csoar/v3/incidents/`. For example, `https://api.us2.sumologic.com/api/csoar/v3/incidents/`
-1. In **Authorization Header**, enter your basic authentication access information for the header. For example, `Basic