How to Monitor Azure Services with Sumo Logic

New Azure apps and integrations released

This week at the Microsoft Ignite, we unveiled two new Sumo Logic applications for Microsoft Azure services — Azure SQL Database and Azure Active Directory — and two new native integrations with Azure Monitor and Blob Storage.

As a cloud-native company, our goal at Sumo Logic is to give our customers the flexibility to create digital IT and DevOps initiatives that leverage multi-cloud deployments in Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure.

That’s why these latest apps and integrations are key for giving our customers deeper visibility, improved troubleshooting and enhanced security and compliance across their modern applications and cloud infrastructures.

Monitor your Azure stack

Sumo Logic provides a scalable, easily deployable, serverless solution to monitor Azure Services connected with Azure Monitor that supports both logs and metrics data from Azure.

Use a Sumo Logic serverless solution to monitor your Azure Services, which are connected with Azure Monitor/Event Hub. This Azure-Sumo Logic pipeline helps you integrate the following types of data from your Azure Services with Sumo Logic.

• Activity Logs — Activity Logs are subscription-level logs that provide insight into the operations performed on resources in your subscription, for example, creating a virtual machine or deleting a logic app.
• Diagnostics Logs — Diagnostics Logs are resource-level logs that provide insight into operations that were performed within a resource itself, for example, getting a secret from a Key Vault.
• Metrics — Metrics provide performance statistics for different resources and the operating system in a virtual machine.

Azure-Sumo Logic pipeline

Pipeline components

Azure Monitor — Collects logs and metrics from most Microsoft Azure services, and serves as pipeline for accessing to monitoring data from an Azure environment.

Azure Event Hubs — Azure Monitor streams monitoring data to an event hub which triggers a Sumo Logic provided Azure function.

Sumo Logic Azure Functions — Small pieces of code that are triggered by an Event Hub to send monitoring data to a Sumo HTTP source.

Sumo Logic HTTP source — Receives and ingests the monitoring data from the Azure function.

How it works

With a few simple clicks, you can deploy a Sumo Logic template, which creates resources for you in your Azure Subscription and starts sending log and metrics data to Sumo Logic.

Benefits of a Sumo Logic serverless solution

1. Auto scalable
2. Low maintenance
3. Easily deployable
4. High availability
5. Less operational complexity

Sumo Logic apps for Azure

Sumo Logic also provides an Azure Apps Catalog, which gives you visibility into your full Azure stack without having to parse individual logs and write complex query.

These apps provide out-of-box dashboards to monitor your Azure Stack and helps you run your applications into Azure smoothly.

Currently, Sumo Logic supports Azure Audit, Azure Active Directory, Azure Network Watcher, Azure SQL Database, Azure Web Apps and Microsoft Office 365.

Azure Audit

The Sumo Logic App for Azure Audit allows you to collect data from the Azure Activity Log (formerly known as Azure Audit logs) and monitor the health of your Azure environment. The App provides preconfigured Dashboards that allow you to monitor resource usage, service health, and user activity.

Azure Active Directory

Azure Active Directory is a cloud-based directory, and identity management service that allows for directory services, application access management and identity protection. The Sumo Logic app for Azure helps you monitor activity in the Azure Active Directory. The dashboards provide insight into role management, user management, group management, successful and failure sign-in events, directory management and application management data that helps you understand your users’ experiences.

Azure Network Watcher

The Sumo Logic App for Azure Network Watcher leverages Network Security Group (NSG) flow logs to provide real-time visibility and analysis of allowed and denied network traffic patterns in your Azure Network that enable you to troubleshoot traffic and improve your overall security posture. This App provides preconfigured dashboards that allow you to monitor inbound traffic, outliers in traffic flow, and denied traffic flows.

Azure SQL Database

Azure SQL Database is a managed relational cloud database service. The Sumo Logic app for Azure SQL detects anomalies, reduces MTTR and helps you improve performance via preconfigured dashboards that provide insight into resource utilization, blocking queries, database wait events, errors, runtime execution stats, and other database analytics.

Azure Web Apps

The Sumo Logic App for Azure Web Apps allows you to collect Azure web server and application diagnostics logs and monitor the health and performance of your Azure Web Apps environment. The App provides preconfigured Dashboards that allow you to monitor server operations and web traffic trends by response times, errors, and client types and locations.

Microsoft Office 365

Microsoft Office 365 is a versatile suite of business-oriented applications that is commonly used by many organizations to easily share and collaborate on spreadsheets, documents and other content. The Sumo Logic App for Microsoft Office 365 simplifies and improves O365 audits, helps you improve the security of your O365 integration and accelerates troubleshooting of your O365 environment by collecting and monitoring data across Azure Active Directory, Azure Exchange and Azure Sharepoint.

What’s Next?

If you already have a Sumo Logic account, then all these integrations and apps are available to you and free to use. If you are new to Sumo Logic, start by signing up for a free account here.

To learn more about Sumo Logic Azure services and support, or to see a demo, stop by our booth (1444) at Microsoft Ignite this week in Orlando, Fla., from Sept. 24-28, or visit our Azure solutions page.