Tip

This article was accurate at the time of writing, but changes happen. If you find the instructions are outdated, leave a description in the comment field below and let us know!

Step 1: Enable console access

  1. Sign in to the Sumo Logic CIP console to create a new user.

  2. Navigate to Administration > Users and Roles > Users and click the Add User button at the top right of the page.

    users_and_roles.png
  3. FIll in the below information.

    create_new_user.png
    • For First Name type Expel.

    • For Last Name type SOC analysts.

    • For Email type: soc+<your_company_name>@expel.io.

      Tip

      Yes, the "+" sign is part of the email address, and it's important. Click here to find out why.

    • For Roles select the analyst role.

    • Click Add New User.

  4. Verify that Expel SOC now appears on the Users page.

  5. Sign into Sumo Logic CSE console.

  6. Navigate to Accounts.

    accounts_cse.png
  7. Click Invite at the top right of the page.

    invite_cse.png
  8. Invite the Sumo Logic CIP user from step 1 with a role of Analyst.

    invite_users_cse.png

Step 2: Generate API credentials

  1. Edit the Sumo Logic CSE user created in step 1.

  2. Select API Key Enabled.

    api_key_enabled_Cse.png
  3. Select YES, REGENERATE API KEY.

    regenerate_api_key_cse.png
  4. Click UPDATE and log out.

  5. Log back into Sumo Logic CSE console with the new user created in step 1.

  6. Click the user profile at the top right of the page.

    profile_cse.png
  7. Copy API Key and make note of it.

    copy_api_key_cse.png

Step 3: Configure the technology in Workbench

  1. In a new browser tab, log into https://workbench.expel.io.

  2. On the console page, navigate to Settings and click Security Devices.

  3. At the top of the page, click Add Security Device.

    Button_WB_add_security_device.png
  4. Search for and select Sumo Logic Cloud.

  5. Type Name and Location. For example Sumo Logic CSE and Expel Lab.

    sumo_logic_cloud_device_template.png
    • For Server type the Sumo Logic CSE URL.

    • For API Key type the API Key copied and noted during step 2.

    • For Console Login type the information for user created in step 1.