This repo contains an AWS Lambda function in the Node runtime which you can use to poll PagerDuty's REST API every hour for audit records and send them to a Sumo Logic HTTP collector. You can modify these steps to work with other clouds or to change the polling frequency.
For convinience, we've included a zip archive you can upload directly to AWS Lambda. Steps may vary depending on how your AWS account is structured.
- In the Function Code section, go to the Actions menu and select Upload a .zip file.
- Create an S3 bucket
- Create an environenment variable on your Lambda function called
state_bucketand put in the name of your bucket as the value - Give your Lambda execution role access to your S3 bucket
- If you're comfortable, you can add the existing
AmazonS3FullAccessto your execution role - Alternatively, create a custom policy with read/write access to your bucket and assign it to the exection role.
- Create an environment variable called
pagerduty_global_api_tokenand put in a read-only PagerDuty Global API key (only an admin can generate this key. - Create an HTTP collector in Sumo Logic
- Create an environment variable called
sumologic_endpointand paste in the HTTP Source Address from the Sumo Logic connector. - Create a Cloud Watch trigger for the AWS Lambda function which runs every hour.