# sumologic-cse-python-sdk
An api client similar to the official Sumologic python API client but for the CSE api: https://api.sumologic.com/docs/sec/#
This project only intends to cover off and provide useful scripts to solve some common use cases rather than create an entire comprehensive API client.
# install package
```
pip install sumologiccse
```
# Getting Started
see the scripts section for examples. In general either set env vars:
- SUMO_ACCESS_ID
- SUMO_ACCESS_KEY
or you must privide as arguments.
## endpoints
See: https://help.sumologic.com/docs/api/getting-started/#which-endpoint-should-i-should-use
The defeault endpoint is: https://api.sumologic.com/docs/sec
Using --endpoint 'prod' or 'us1' will also resolve to this value.
For endpoints other than prod/us1 use the endpoint short form name such as:
```
--endpoint 'us2'
--endpoint 'au'
--endpoint 'in'
```
## connection
To create connection:
```
from sumologiccse.sumologiccse import SumoLogicCSE
cse=SumoLogicCSE(endpoint='us2')
```
Then use any method such as:
```
q = '-status:"closed" created:>2022-11-17T00:00:00+00:00'
insights = cse.get_insights(q=q)
```
There are a lot of API endpoints you can also call them directly for example:
```
statuses = cse.get('/insight-status')
```
# Example Use Case Scripts
You can find these in ./scripts
- [Insights scripts readme](scripts/insights/readme.md)
# Docker
Build the dockerfile, you can then run build version of module for testing or build with package included by uncommenting the pypi package install
```
docker build -t sumocse-test .
```
Run and set relevant env vars e.g
```
docker run -it -e SUMO_ACCESS_ID="$SUMO_ACCESS_ID_DEMO" -e SUMO_ACCESS_KEY="$SUMO_ACCESS_KEY_DEMO" -e SUMO_ACCESS_ID_DEMO="$SUMO_ACCESS_ID_DEMO" -e SUMO_ACCESS_KEY_DEMO="$SUMO_ACCESS_KEY_DEMO" sumocse-test bash
```
# TODOs
- Add a decent selection of endpoints
- Write some more unit and integration tests
Raw data
{
"_id": null,
"home_page": null,
"name": "sumologiccse",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "sumologic, cse, api, sdk, python, Cloud SIEM, sumo",
"author": null,
"author_email": "Rick Jury <rjury@sumologic.com>",
"download_url": "https://files.pythonhosted.org/packages/86/57/b1beb612e3b7db00487b4358a2e06e4ac4b003005636864b81f0c609b04d/sumologiccse-0.0.5.tar.gz",
"platform": null,
"description": "# sumologic-cse-python-sdk\nAn api client similar to the official Sumologic python API client but for the CSE api: https://api.sumologic.com/docs/sec/#\n\nThis project only intends to cover off and provide useful scripts to solve some common use cases rather than create an entire comprehensive API client.\n\n\n# install package\n```\npip install sumologiccse\n```\n\n# Getting Started\nsee the scripts section for examples. In general either set env vars:\n- SUMO_ACCESS_ID\n- SUMO_ACCESS_KEY\nor you must privide as arguments.\n\n## endpoints \nSee: https://help.sumologic.com/docs/api/getting-started/#which-endpoint-should-i-should-use\n\nThe defeault endpoint is: https://api.sumologic.com/docs/sec\nUsing --endpoint 'prod' or 'us1' will also resolve to this value.\n\nFor endpoints other than prod/us1 use the endpoint short form name such as:\n```\n--endpoint 'us2'\n--endpoint 'au'\n--endpoint 'in'\n```\n\n## connection\nTo create connection:\n```\nfrom sumologiccse.sumologiccse import SumoLogicCSE\ncse=SumoLogicCSE(endpoint='us2')\n```\n\nThen use any method such as:\n```\nq = '-status:\"closed\" created:>2022-11-17T00:00:00+00:00'\ninsights = cse.get_insights(q=q)\n```\n\nThere are a lot of API endpoints you can also call them directly for example:\n```\nstatuses = cse.get('/insight-status')\n```\n\n# Example Use Case Scripts\nYou can find these in ./scripts\n- [Insights scripts readme](scripts/insights/readme.md)\n\n# Docker\n\nBuild the dockerfile, you can then run build version of module for testing or build with package included by uncommenting the pypi package install\n\n```\ndocker build -t sumocse-test .\n```\n\nRun and set relevant env vars e.g \n```\ndocker run -it -e SUMO_ACCESS_ID=\"$SUMO_ACCESS_ID_DEMO\" -e SUMO_ACCESS_KEY=\"$SUMO_ACCESS_KEY_DEMO\" -e SUMO_ACCESS_ID_DEMO=\"$SUMO_ACCESS_ID_DEMO\" -e SUMO_ACCESS_KEY_DEMO=\"$SUMO_ACCESS_KEY_DEMO\" sumocse-test bash\n```\n\n# TODOs\n- Add a decent selection of endpoints\n- Write some more unit and integration tests\n",
"bugtrack_url": null,
"license": null,
"summary": "An API client for common use cases for the Sumologic Cloud SIEM API https://api.sumologic.com/docs/sec/#",
"version": "0.0.5",
"project_urls": {
"Bug Tracker": "https://github.com/rjury-sumo/sumologic-cse-python-sdk/issues",
"Homepage": "https://github.com/rjury-sumo/sumologic-cse-python-sdk"
},
"split_keywords": [
"sumologic",
" cse",
" api",
" sdk",
" python",
" cloud siem",
" sumo"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "153f409c5e5af2f79138c92a2f6970e38943f932827f4898b1127404a55550b1",
"md5": "291c643de17bb7b8bb903d9b525f547c",
"sha256": "b55897d5174b72da162d8e14f9a8a278bb304ae34271eca395b782835d6a0ba9"
},
"downloads": -1,
"filename": "sumologiccse-0.0.5-py3-none-any.whl",
"has_sig": false,
"md5_digest": "291c643de17bb7b8bb903d9b525f547c",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 5530,
"upload_time": "2025-07-17T00:31:10",
"upload_time_iso_8601": "2025-07-17T00:31:10.930546Z",
"url": "https://files.pythonhosted.org/packages/15/3f/409c5e5af2f79138c92a2f6970e38943f932827f4898b1127404a55550b1/sumologiccse-0.0.5-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "8657b1beb612e3b7db00487b4358a2e06e4ac4b003005636864b81f0c609b04d",
"md5": "06dd39190433a86daf9f29b51ac70651",
"sha256": "8c59710e622473aecacdeddf11e73fd09f7c0a4164e2b31db684494e39f25367"
},
"downloads": -1,
"filename": "sumologiccse-0.0.5.tar.gz",
"has_sig": false,
"md5_digest": "06dd39190433a86daf9f29b51ac70651",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 6276,
"upload_time": "2025-07-17T00:31:11",
"upload_time_iso_8601": "2025-07-17T00:31:11.814306Z",
"url": "https://files.pythonhosted.org/packages/86/57/b1beb612e3b7db00487b4358a2e06e4ac4b003005636864b81f0c609b04d/sumologiccse-0.0.5.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-17 00:31:11",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "rjury-sumo",
"github_project": "sumologic-cse-python-sdk",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [
{
"name": "attrs",
"specs": [
[
"==",
"22.1.0"
]
]
},
{
"name": "autopep8",
"specs": [
[
"==",
"2.3.2"
]
]
},
{
"name": "backports.tarfile",
"specs": [
[
"==",
"1.2.0"
]
]
},
{
"name": "build",
"specs": [
[
"==",
"1.2.2.post1"
]
]
},
{
"name": "certifi",
"specs": [
[
"==",
"2022.9.24"
]
]
},
{
"name": "charset-normalizer",
"specs": [
[
"==",
"2.1.1"
]
]
},
{
"name": "click",
"specs": [
[
"==",
"8.1.8"
]
]
},
{
"name": "docutils",
"specs": [
[
"==",
"0.21.2"
]
]
},
{
"name": "exceptiongroup",
"specs": [
[
"==",
"1.0.4"
]
]
},
{
"name": "flake8",
"specs": [
[
"==",
"7.3.0"
]
]
},
{
"name": "id",
"specs": [
[
"==",
"1.5.0"
]
]
},
{
"name": "idna",
"specs": [
[
"==",
"3.4"
]
]
},
{
"name": "importlib_metadata",
"specs": [
[
"==",
"8.7.0"
]
]
},
{
"name": "iniconfig",
"specs": [
[
"==",
"1.1.1"
]
]
},
{
"name": "jaraco.classes",
"specs": [
[
"==",
"3.4.0"
]
]
},
{
"name": "jaraco.context",
"specs": [
[
"==",
"6.0.1"
]
]
},
{
"name": "jaraco.functools",
"specs": [
[
"==",
"4.2.1"
]
]
},
{
"name": "keyring",
"specs": [
[
"==",
"25.6.0"
]
]
},
{
"name": "markdown-it-py",
"specs": [
[
"==",
"3.0.0"
]
]
},
{
"name": "mccabe",
"specs": [
[
"==",
"0.7.0"
]
]
},
{
"name": "mdurl",
"specs": [
[
"==",
"0.1.2"
]
]
},
{
"name": "more-itertools",
"specs": [
[
"==",
"10.7.0"
]
]
},
{
"name": "nh3",
"specs": [
[
"==",
"0.2.22"
]
]
},
{
"name": "packaging",
"specs": [
[
"==",
"25.0"
]
]
},
{
"name": "pip-tools",
"specs": [
[
"==",
"7.4.1"
]
]
},
{
"name": "pluggy",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "pycodestyle",
"specs": [
[
"==",
"2.14.0"
]
]
},
{
"name": "pyflakes",
"specs": [
[
"==",
"3.4.0"
]
]
},
{
"name": "Pygments",
"specs": [
[
"==",
"2.19.2"
]
]
},
{
"name": "pyparsing",
"specs": [
[
"==",
"3.0.9"
]
]
},
{
"name": "pyproject_hooks",
"specs": [
[
"==",
"1.2.0"
]
]
},
{
"name": "pytest",
"specs": [
[
"==",
"7.4.4"
]
]
},
{
"name": "readme_renderer",
"specs": [
[
"==",
"44.0"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.28.1"
]
]
},
{
"name": "requests-toolbelt",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "rfc3986",
"specs": [
[
"==",
"2.0.0"
]
]
},
{
"name": "rich",
"specs": [
[
"==",
"14.0.0"
]
]
},
{
"name": "toml",
"specs": [
[
"==",
"0.10.2"
]
]
},
{
"name": "tomli",
"specs": [
[
"==",
"2.2.1"
]
]
},
{
"name": "twine",
"specs": [
[
"==",
"6.1.0"
]
]
},
{
"name": "typing_extensions",
"specs": [
[
"==",
"4.14.1"
]
]
},
{
"name": "urllib3",
"specs": [
[
"==",
"1.26.12"
]
]
},
{
"name": "zipp",
"specs": [
[
"==",
"3.23.0"
]
]
}
],
"lcname": "sumologiccse"
}
JSON
