# sumologic-cse-python-sdk
An api client similar to the official Sumologic python API client but for the CSE api: https://api.sumologic.com/docs/sec/#
This project only intends to cover off and provide useful scripts to solve some common use cases rather than create an entire comprehensive API client.
# install package
```
pip install sumologiccse
```
# Getting Started
see the scripts section for examples. In general either set env vars:
- SUMO_ACCESS_ID
- SUMO_ACCESS_KEY
or you must privide as arguments.
## endpoints
See: https://help.sumologic.com/docs/api/getting-started/#which-endpoint-should-i-should-use
The defeault endpoint is: https://api.sumologic.com/docs/sec
Using --endpoint 'prod' or 'us1' will also resolve to this value.
For endpoints other than prod/us1 use the endpoint short form name such as:
```
--endpoint 'us2'
--endpoint 'au'
--endpoint 'in'
```
## connection
To create connection:
```
from sumologiccse.sumologiccse import SumoLogicCSE
cse=SumoLogicCSE(endpoint='us2')
```
Then use any method such as:
```
q = '-status:"closed" created:>2022-11-17T00:00:00+00:00'
insights = cse.get_insights(q=q)
```
There are a lot of API endpoints you can also call them directly for example:
```
statuses = cse.get('/insight-status')
```
# Example Use Case Scripts
You can find these in ./scripts for example:
- [Insights scripts readme](scripts/insights/readme.md)
# Docker
Build the dockerfile, you can then run build version of module for testing or build with package included by uncommenting the pypi package install
```
docker build -t sumocse-test .
```
Run and set relevant env vars e.g
```
docker run -it -e SUMO_ACCESS_ID="$SUMO_ACCESS_ID_DEMO" -e SUMO_ACCESS_KEY="$SUMO_ACCESS_KEY_DEMO" -e SUMO_ACCESS_ID_DEMO="$SUMO_ACCESS_ID_DEMO" -e SUMO_ACCESS_KEY_DEMO="$SUMO_ACCESS_KEY_DEMO" sumocse-test bash
```
# TODOs
- Add a decent selection of endpoints
- Write some more unit and integration tests
Raw data
{
"_id": null,
"home_page": null,
"name": "sumologiccse",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "sumologic, cse, api, sdk, python, Cloud SIEM, sumo",
"author": null,
"author_email": "Rick Jury <rjury@sumologic.com>",
"download_url": "https://files.pythonhosted.org/packages/f1/c8/3f8d18bb2fc03a3e9d4d727b813e158a2f2c53b80ccc04efd467bf1bc7b9/sumologiccse-0.0.6.tar.gz",
"platform": null,
"description": "# sumologic-cse-python-sdk\nAn api client similar to the official Sumologic python API client but for the CSE api: https://api.sumologic.com/docs/sec/#\n\nThis project only intends to cover off and provide useful scripts to solve some common use cases rather than create an entire comprehensive API client.\n\n\n# install package\n```\npip install sumologiccse\n```\n\n# Getting Started\nsee the scripts section for examples. In general either set env vars:\n- SUMO_ACCESS_ID\n- SUMO_ACCESS_KEY\nor you must privide as arguments.\n\n## endpoints \nSee: https://help.sumologic.com/docs/api/getting-started/#which-endpoint-should-i-should-use\n\nThe defeault endpoint is: https://api.sumologic.com/docs/sec\nUsing --endpoint 'prod' or 'us1' will also resolve to this value.\n\nFor endpoints other than prod/us1 use the endpoint short form name such as:\n```\n--endpoint 'us2'\n--endpoint 'au'\n--endpoint 'in'\n```\n\n## connection\nTo create connection:\n```\nfrom sumologiccse.sumologiccse import SumoLogicCSE\ncse=SumoLogicCSE(endpoint='us2')\n```\n\nThen use any method such as:\n```\nq = '-status:\"closed\" created:>2022-11-17T00:00:00+00:00'\ninsights = cse.get_insights(q=q)\n```\n\nThere are a lot of API endpoints you can also call them directly for example:\n```\nstatuses = cse.get('/insight-status')\n```\n\n# Example Use Case Scripts\nYou can find these in ./scripts for example:\n- [Insights scripts readme](scripts/insights/readme.md)\n\n\n# Docker\n\nBuild the dockerfile, you can then run build version of module for testing or build with package included by uncommenting the pypi package install\n\n```\ndocker build -t sumocse-test .\n```\n\nRun and set relevant env vars e.g \n```\ndocker run -it -e SUMO_ACCESS_ID=\"$SUMO_ACCESS_ID_DEMO\" -e SUMO_ACCESS_KEY=\"$SUMO_ACCESS_KEY_DEMO\" -e SUMO_ACCESS_ID_DEMO=\"$SUMO_ACCESS_ID_DEMO\" -e SUMO_ACCESS_KEY_DEMO=\"$SUMO_ACCESS_KEY_DEMO\" sumocse-test bash\n```\n\n# TODOs\n- Add a decent selection of endpoints\n- Write some more unit and integration tests\n",
"bugtrack_url": null,
"license": null,
"summary": "An API client for common use cases for the Sumologic Cloud SIEM API https://api.sumologic.com/docs/sec/#",
"version": "0.0.6",
"project_urls": {
"Bug Tracker": "https://github.com/rjury-sumo/sumologic-cse-python-sdk/issues",
"Homepage": "https://github.com/rjury-sumo/sumologic-cse-python-sdk"
},
"split_keywords": [
"sumologic",
" cse",
" api",
" sdk",
" python",
" cloud siem",
" sumo"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "fdb83c224d25f51029893f7a8f281236e1550958dbcd9bb2b4b0a0dab453bb50",
"md5": "d26362d84a10c2302cbc8286940b2a03",
"sha256": "ed34e202db296498def8f90858706fbdbbcd77a6963d42532c7342da8e5ddd96"
},
"downloads": -1,
"filename": "sumologiccse-0.0.6-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d26362d84a10c2302cbc8286940b2a03",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 5805,
"upload_time": "2025-07-20T23:50:27",
"upload_time_iso_8601": "2025-07-20T23:50:27.742517Z",
"url": "https://files.pythonhosted.org/packages/fd/b8/3c224d25f51029893f7a8f281236e1550958dbcd9bb2b4b0a0dab453bb50/sumologiccse-0.0.6-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "f1c83f8d18bb2fc03a3e9d4d727b813e158a2f2c53b80ccc04efd467bf1bc7b9",
"md5": "603f19a3aadc06e0091b09896319c6e6",
"sha256": "4b1d257151011d3b4ea706b1e64708572de402b1f14f7472fb87eaaa088d2e99"
},
"downloads": -1,
"filename": "sumologiccse-0.0.6.tar.gz",
"has_sig": false,
"md5_digest": "603f19a3aadc06e0091b09896319c6e6",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 6687,
"upload_time": "2025-07-20T23:50:28",
"upload_time_iso_8601": "2025-07-20T23:50:28.971185Z",
"url": "https://files.pythonhosted.org/packages/f1/c8/3f8d18bb2fc03a3e9d4d727b813e158a2f2c53b80ccc04efd467bf1bc7b9/sumologiccse-0.0.6.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-20 23:50:28",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "rjury-sumo",
"github_project": "sumologic-cse-python-sdk",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [
{
"name": "attrs",
"specs": [
[
"==",
"22.1.0"
]
]
},
{
"name": "autopep8",
"specs": [
[
"==",
"2.3.2"
]
]
},
{
"name": "backports.tarfile",
"specs": [
[
"==",
"1.2.0"
]
]
},
{
"name": "build",
"specs": [
[
"==",
"1.2.2.post1"
]
]
},
{
"name": "certifi",
"specs": [
[
"==",
"2022.9.24"
]
]
},
{
"name": "charset-normalizer",
"specs": [
[
"==",
"2.1.1"
]
]
},
{
"name": "click",
"specs": [
[
"==",
"8.1.8"
]
]
},
{
"name": "docutils",
"specs": [
[
"==",
"0.21.2"
]
]
},
{
"name": "exceptiongroup",
"specs": [
[
"==",
"1.0.4"
]
]
},
{
"name": "flake8",
"specs": [
[
"==",
"7.3.0"
]
]
},
{
"name": "id",
"specs": [
[
"==",
"1.5.0"
]
]
},
{
"name": "idna",
"specs": [
[
"==",
"3.4"
]
]
},
{
"name": "importlib_metadata",
"specs": [
[
"==",
"8.7.0"
]
]
},
{
"name": "iniconfig",
"specs": [
[
"==",
"1.1.1"
]
]
},
{
"name": "jaraco.classes",
"specs": [
[
"==",
"3.4.0"
]
]
},
{
"name": "jaraco.context",
"specs": [
[
"==",
"6.0.1"
]
]
},
{
"name": "jaraco.functools",
"specs": [
[
"==",
"4.2.1"
]
]
},
{
"name": "keyring",
"specs": [
[
"==",
"25.6.0"
]
]
},
{
"name": "markdown-it-py",
"specs": [
[
"==",
"3.0.0"
]
]
},
{
"name": "mccabe",
"specs": [
[
"==",
"0.7.0"
]
]
},
{
"name": "mdurl",
"specs": [
[
"==",
"0.1.2"
]
]
},
{
"name": "more-itertools",
"specs": [
[
"==",
"10.7.0"
]
]
},
{
"name": "nh3",
"specs": [
[
"==",
"0.2.22"
]
]
},
{
"name": "packaging",
"specs": [
[
"==",
"25.0"
]
]
},
{
"name": "pip-tools",
"specs": [
[
"==",
"7.4.1"
]
]
},
{
"name": "pluggy",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "pycodestyle",
"specs": [
[
"==",
"2.14.0"
]
]
},
{
"name": "pyflakes",
"specs": [
[
"==",
"3.4.0"
]
]
},
{
"name": "Pygments",
"specs": [
[
"==",
"2.19.2"
]
]
},
{
"name": "pyparsing",
"specs": [
[
"==",
"3.0.9"
]
]
},
{
"name": "pyproject_hooks",
"specs": [
[
"==",
"1.2.0"
]
]
},
{
"name": "pytest",
"specs": [
[
"==",
"7.4.4"
]
]
},
{
"name": "readme_renderer",
"specs": [
[
"==",
"44.0"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.28.1"
]
]
},
{
"name": "requests-toolbelt",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "rfc3986",
"specs": [
[
"==",
"2.0.0"
]
]
},
{
"name": "rich",
"specs": [
[
"==",
"14.0.0"
]
]
},
{
"name": "toml",
"specs": [
[
"==",
"0.10.2"
]
]
},
{
"name": "tomli",
"specs": [
[
"==",
"2.2.1"
]
]
},
{
"name": "twine",
"specs": [
[
"==",
"6.1.0"
]
]
},
{
"name": "typing_extensions",
"specs": [
[
"==",
"4.14.1"
]
]
},
{
"name": "urllib3",
"specs": [
[
"==",
"1.26.12"
]
]
},
{
"name": "zipp",
"specs": [
[
"==",
"3.23.0"
]
]
}
],
"lcname": "sumologiccse"
}
JSON
