2022 Gartner® Magic Quadrant™ SIEM
Get the reportMore
AWS offers more than 150 discrete services, spanning compute, storage, database, network, and identity management to name a few. Earlier this year we published our Continuous Intelligence Report in which we surveyed Sumo Logic customers on how broadly they used the various AWS services. We found that the median number of different services most orgs use was 15.
While these services are all part of AWS, troubleshooting across different services is not always easy. AWS encourages the use of separate AWS accounts to help manage costs and give teams independent administrative control. Additionally, different accounts often have different settings across availability zones or regions depending on the needs of a specific app. This often leaves vast data silos where it can be difficult to acquire a clear picture of overall application health.
When users are troubleshooting operational issues or security incidents, they might get a notification of an issue with a specific instance of a service like an EC2 machine, load balancer, or RDS cluster or be notified of a new threat or vulnerability. But this notification leaves a lot of questions unanswered.
Customers are unable to quickly get high-level insights for their applications that span multiple AWS services. When alerted, it is difficult to trace the alert to the underlying root cause. To address these challenges, we created an AWS specific solution.
Sumo Logic’s AWS solution pulls in data across all AWS services and accounts to give a unified view or your environment. Teams are able to navigate from overview dashboards into account, region, availability zone, or service views. The intuitive navigation ensures teams can quickly resolve issues, minimize downtime, and improve system availability.
Critical to this new visibility and is left side explorer. The explorer is completely dynamic and stays up to date when there are changes in your environment. When data is collected, Sumo Logic enriches the logs and metrics with valuable metadata about what account, region, service the data originated. Enriched data enables the intuitive left-side navigation, as well as the easy correlation of metrics events to log data and vice versa. Below, I can get an overview of metrics across all my Lambda functions under a specific account and region:
I can navigate to a specific function, spot an interesting Lambda metric, right click, and explore all of the associated logs, or look specifically at error logs in just one click.
In addition to intelligently collecting and tagging your data, we have built dashboards specific to the data that is being collected. Click on the API gateway in the left side navigation, and get instant details about trends in API calls, or latency.
Drill into GuardDuty and get benchmarked data about your threat risk vs the global scale, along with high, medium, and low severity events and their trends.
Similarly, you can drill into CloudTrail events to monitor user activity and identify suspicious behavior.
All of this visibility is built on top of Sumo Logic’s best in class analytics engine. Given the sea of data we are constantly faced with, we need an intelligent way to bubble up key performance indicators and, conversely, laser focus when an issue needs resolution. This is Sumo Logic’s bread and butter, making it easy to reduce mounds of logs to just the important ones.
In this blog post, we show you examples of how the new Sumo Logic apps for AWS can be used for intuitive navigation across your AWS organizational hierarchies to get a unified view of the operational and security posture of your AWS environment, quickly resolve issues, minimize downtime, and improve system availability. Stay tuned to try these out in your own environment beginning the first quarter of next year.
We are excited to show off our new AWS apps at AWS Re:Invent 2019. Please stop at our booth (1001 at the Venetian) to get a demo and learn more.
If you don’t have a Sumo Logic account yet, you can sign up for a free trial today.
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.Start free trial