Monitoring and analysis
/
Third-party integrations
Last updated

Third-party integrations

Requirement for streaming logged events to third-party integrations

Frontegg supports multiple third-party integrations for streaming logged events. The specific requirements for each integration are listed below.

Log streaming can only be used in your Production environment.


Logged Events Time Zone

The timestamp information in the exported log is represented in ISO 8601 datetime format in Coordinated Universal Time (UTC). By parsing this value using datetime libraries, you can display the timestamp in any desired timezone.


Third-Party-Providers-1

Datadog configuration

To configure Datadog for log streaming, add an API Key and Endpoint values through the path: [PRODUCTION] → Monitoring → Stream tab.

Third-Party-Providers-2

  • API Key: Obtain your API key by navigating to your Datadog organization settings and generating an API token. Learn more.

  • Endpoint: You’ll receive an HTTP Logs Collector endpoint unique to your Datadog environment upon registration. For example, if you register on US5, your endpoint will be https://http-intake.logs.us5.datadoghq.com.

AWS EventBridge configuration

To configure log streaming from Frontegg to AWS, provide the following parameters via the [PRODUCTION] → Monitoring → Stream tab:

  • Access key ID: awsAccessKeyId (string, required) – Obtain this key from your Amazon account administrator.

  • Secret access key: awsSecretAccessKey (string, required) – Your AWS secret access key. For help with locating AWS account identifiers, use this link.

  • Region: Choose the region hosting your Amazon EventBridge instance from the drop-down menu.

  • Event source: eventSource represents the Amazon EventBridge event data source (string). This defaults to com.frontegg.monitoring unless otherwise specified.

  • Event bus name: eventBusName (string, optional) – This is the name or ARN of the EventBridge instance. If skipped, Frontegg will use default. Learn more about Amazon EventBuses.

Third-Party-Providers-3

Enabling PutEvents for AWS

When creating an access key set for Frontegg integration, ensure that you can perform PutEvents and grant access to the EventBridge service. Since the default event bus only allows events from one account, attach a resource-based policy to allow PutEvents. Learn how to allow PutEvents.

Splunk configuration

Frontegg's Splunk integration allows log streaming to Splunk via Splunk's HTTP Event Collector (HEC). Logs are sent to your Splunk instance’s /services/collector endpoint over HTTPS. Below are configuration details for Splunk Cloud and Splunk Enterprise users.

Splunk Cloud platform users

To stream logs to Splunk’s Cloud platform, add the following fields via the [PRODUCTION] → Monitoring → Stream tab:

  • Token: The HEC token value.

  • Host: This is the URL of Splunk’s Cloud Platform instance running HEC, usually ending with splunkcloud.com.

  • Port: Frontegg uses port 443 by default, unless otherwise specified.

Third-Party-Providers-4

Verify SSL on the Cloud Platform

Splunk Cloud defaults to a self-signed certificate. It’s recommended to switch to a trusted certificate authority. If using the default, the toggle should be off.


Splunk Cloud Event Collector

Learn more about Splunk Cloud’s event collector.

Splunk enterprise platform users

To stream logs to Splunk’s Enterprise platform, configure the following fields:

  • Host: This is the URL of Splunk’s Enterprise platform instance running HEC.

  • Port: Frontegg uses port 443 by default, unless otherwise specified.

  • Token: The HEC token value.

Verify SSL on the Cloud Platform

Splunk Cloud uses a self-signed certificate by default. It is recommended to switch to a certificate from a trusted authority. If you continue with the default certificate, ensure that the SSL verification toggle is set to off.


Splunk Enterprise Event Collector

Learn more about Splunk Enterprise’s event collector.

Sumo Logic specifics

Frontegg's Sumo Logic integration allows you to stream logs to Sumo Logic via Sumo Logic's HTTP Logs and Metrics Source.

Logs will be sent to your Sumo Logic instance's over HTTPS using the token that is included in the URL that is generated during setup of HTTP collector on Sumo Logic.

Third-Party-Providers-4