Get what you need for monitoring, troubleshooting and security
Essentials
Enterprise Suite
New Customers
Flex
Configurations
Tiered data analytics Defines the Sumo Logic data tiers available for each package subscription.
Log capacity Defines the upper limit of logs volume that can be ingested daily
Metrics capacity Defines the upper limit of metrics volume that can be ingested daily
Tracing capacity Defines the upper limit of trace volume that can be ingested daily
Log data retention Defines the duration of time logs are retained on Sumo Logic
Real-time alerting (monitors logs/metrics) Defines the upper limit of Logs/Metrics Monitors that are configurable based on your package subscription
PCI, SOC2 Type 2, CSA, ISO, HIPAA certifications Get peace of mind with top-grade compliance attestations and certifications.
Support Includes access to certified support engineers to prioritize, analyze, and assist in resolution of issues
Premium support Includes access to a named Technical Account Manager for recurring status calls, customer success plans, onsite training and more
Platform
AI-driven Alerting AutoML-powered anomaly detection to reduce false positives
Alert Response Alert Response provides contextual insights about triggered alerts to minimize the time needed to investigate and resolve application failures
Alerting Integrations (Slack, PagerDuty, ServiceNow, etc.) Alerting integrations enable users to route contextualized alerts to 3rd party tools to streamline investigations and resolve failures quickly
Compliance and Audit Logging Monitor and audit Sumo Logic usage to meet regulatory and compliance requirements
CrowdStrike Threat Intelligence Identify indicators of compromise (IOCs) in your log data by comparing it against CrowdStrike’s IOC feed
Customizable Dashboards Tailor, extend, or create dashboards from the ground up to align with your specific monitoring, analytics, and reporting needs
Enterprise Audit and Logging Dashboards Out-of-the-box dashboards that visualize Sumo Logic audit logs to give teams quick insight into user activities and events
Geo IP Lookups Automatically visualize IP addresses in dashboards by geolocation
Global Intelligence Service apps A collection of apps leveraging machine learning to create advanced operational and security insights benchmarked against the population of Sumo Logic customers
Historical and Live Streaming Dashboards Visualize historical and real-time data in Sumo Logic dashboards to derive contextualized, actionable analytics
Ingest Budgets Control the daily volume of log data sent to Sumo Logic by assigning ingest budgets that define daily log capacity limits
Live Tail for Streaming Logs View a real-time feed of log events associated with a Source or Collector. These live feeds can help you with development and troubleshooting
Log Search API Integrate Sumo Logic’s Log Search capabilities into your workflows and 3rd party tools via API to solve more complex use cases
Log Search and Visualizations Use Sumo Logic’s Query Language and Dashboarding Framework used to quickly parse, aggregate and visualize insights entirely based off of raw log data
LogReduce©, LogCompare, and LogExplain A collection of patented and patent-pending operators designed to quickly assess activity patterns and surface behavioral insights to accelerate troubleshooting
Lookup Tables Enrich log data ingested by Sumo Logic in real time with in-memory lookup tables
Management APIs Administor Sumo Logic and manage users via API and/or with IaC tooling like Terraform
Mo Copilot Natural language log search and visualization for faster investigation and analysis
PCI Compliance Apps and Dashboards for Audit Readiness Simplify audits and maintain compliance with apps designed to help teams meet evolving PCI requirements
Predictive Analytics and Outlier Detection Forecast trends and identify anomalous activity in real time with advanced query operators.
Single sign-on with SAML Support for federated identiy access management and single sign-on
Software Development Optimization Manage software delivery performance against industry-standard DORA metrics
Sumo Logic Apps Access to 400+ apps and integrations designed to turn data into insights
Observability
Application Observability Full-stack observability with MELT telemetry to ensure application reliability
Cloud Log Management Streamlined collection, storage, and analysis of logs as a single source of truth in a unified SaaS platform
Multi-Cloud Observability (AWS, Azure GCP) Deep observability for multi-cloud organizations across vendors-specific cloud services and infrastructure using pre-built integrations
Kubernetes Observability Out-of-the-box analytics visualize k8s hierarchical relationships to simplify troubleshooting across clusters, namespaces, and services
APM and Distributed Tracing Native support for collection of OpenTelemetry with pre-built analytics to monitor and respond to user-impacting performance issues of your instrumented applications
Advanced Span Analytics Aggregate your distributed trace data and dervie advanced analytics using Sumo Logic’s Query Language to monitor application performance
Service Maps Easily understand the relationships of complex service interactions across your applications to simplify troubleshooting
Real User Monitoring (RUM) Monitor real-user interactions across your applications with pre-built visualizations and alerts, all powered by OpenTelemetry
Automated Log-level Detection Quickly identify anomalies and drill down into high-severity logs in the log search histogram
Reliability Management (SLIs/SLOs) Simple setup and monitoring of critical user journeys, error budgets and more using pre-built SLO dashboards
Metrics-based SLOs Power your SLIs and SLOs using metrics
Scheduled Alert Muting Pause alert notifications from monitors according to a schedule that you define
Metrics Predict Operators Predict future time series metrics values using linear and auto-regressive models for resource and capacity planning
OTel Data Onboarding Easily set up and configure native OTel data ingest and install relevant content to quickly derive insights for troubleshooting
Automated Playbooks Build and execute automated playbooks tied to alerts with Sumo Logic’s Automation Service
OTel for K8s Logs and Events Enable k8s OTel collection with Sumo Logic’s Helm Chart
Security
Cloud Infrastructure Security
Anomaly Detection Leveraging AI models to detect suspicious and anomalous deviations from baseline behaviors.
Entity Normalization Ingested data fields organized into a schema for further queries and advanced analytics.
Risk Assessment Quantifying the possibility of major impacts on business-critical processes due to cybersecurity threats.
Automated Remediation Automatically take action to address security flaws using pre-defined workflows.
Cloud Security Posture Monitoring Continuously view the overall state of cybersecurity readiness of your cloud environment.
AWS CloudTrail and Amazon Guard Duty Threat Benchmarking Provides real-time dashboards and searches, evaluating your organization against a statistical baseline for both performance and risk indicators to optimize security configurations and threat detection.
Cloud SIEM
Insight Rules Engine (including 900+ out-of-the-box rules) Transparent rules engine applied to incoming logs to surface Signals and Insights.
Entity Timeline This view gives information about what else the Entity doing before, during, and after Signals and Insights involving the Entity were generated
Entity Relationship Graph This view gives information about an Entity in an Insight and all other connected (related) entities or systems.
Insight Global Confidence Scores Represents a level of confidence, predicted by Sumo Logic’s Global Intelligence machine learning model, that the Insight is actionable.
Automation Service (playbooks for Insight enrichment, notifications, and containment actions) Allows you to set up actions that run automatically when certain conditions are met in Sumo Logic
MITRE ATT&CK Coverage Explorer Shows the MITRE ATT&CK adversary tactics, techniques, and procedures (TTP) from the Enterprise Matrix that are covered by rules in your system
Insight Trainer A dashboard in the Enterprise Audit – Cloud SIEM app. Insight Trainer offers suggestions for making adjustments to rules, such as writing rule tuning expressions and changing severities
UEBA behavioral models A suite of UEBA-specifc rules specifically designed to detect various classifications of anomalous activities compared against existing normal baselines.
Cloud SOAR
Playbooks (including complete Sumo Logic playbook catalog) A playbook is a predefined set of actions and conditional statements that run in an automated workflow to respond to a certain event or incident type.
Progressive Automation Driven by machine learning, SOAR uses progressive automation to learn repeatable patterns, distinguish between real threats and false threats, and offer recommended courses of action
Case Manager Tools for managing and documenting security cases, including evidence collection, analysis, and reporting
Supervised Active Intelligence A combination of multiple Machine Learning capabilities, all working together to ensure a smooth and uninterrupted SecOps workflow
War Room
* Note: The price per GB is calculated assuming Customer purchases: (1) an annual commitment to Sumo Logic Essentials; (2) ingesting an average of 1GB of log ingest per day; and (3) election of a US Deployment Region. Pricing may vary based on Deployment Region selected by Customer.
** Note: Capacity varies and is limited by overall configuration of Logs, Metrics, and Tracing. Individual capacity references listed are only possible if other ingest configurations are not utilized.
*** Note: Feature activation subject to minimum volume and service requirements confirmed at time of transaction.
**** Note: Feature activation subject to minimum number of users, and service requirements confirmed at time of transaction.
Has your data outpaced your budget?
Get unlimited data ingest.
- Ad-hoc research and troubleshooting analytics
- Compliance and audit readiness
- Accelerating distributed DevOps teams
- Cloud-wide analytics for application reliability
- Realtime security and infrastructure monitoring
- Empowering technical and security teams
- Enterprise-wide analytics and troubleshooting across business-critical applications and infrastructure
- AI-driven diagnostics, remediation and automation
- 100% visibility at cloud scale
- Enabling collaboration and success for DevSecOps teams
- $0 ingest
- Unlimited users
- Cloud-scale
- Unthrottled performance
- 100% indexed readily available
- DevSecOps single source of truth
Contact Sumo Logic for full terms and conditions.
Other tools can’t compete
Stop paying a premium for weak insights, scaling challenges and exorbitant costs
Ineffective troubleshooting
- Can’t handle unstructured data
- Must rehydrate non-indexed data in S3 buckets for analysis
- Only data samples used for anomaly and outlier detection
On-prem, single tenant scalability
- Searches are slowest when needed most due to concurrent user limits
- Data latency caused by inability to scale for seasonality or spikes
- High infrastructure and maintenance costs
Unreasonable pricing models
- CPU/core pricing may trade performance for cost savings
- Long-term data retention means hefty storage expenses
- Hidden fees can apply to customization or user-based pricing
FAQ
Still have questions?
Data scanning occurs when a Sumo Logic query is executed across log data (e.g. Log Search, Dashboards, Monitors). A data scan facilitates the query and retrieval process of a log search by traversing table items from beginning to end and assessing each item against specified values derived from the query. Scan volume is the total storage volume that is scanned on the platform. Data scanning offers a more efficient way to search for and access data and it can be used to quickly locate, access, and analyze data stored.
A credit is a unit of measure that is used to flexibly pay against use of any products (Monitoring and troubleshooting, SIEM, Logs for Security, etc.) within a service agreement plan. As product variables are processed in the platform, credits are recorded in the account management console.
Credits reflect the platform utilization by product variable on a daily, weekly, or monthly basis, and are updated in the system in real time. Each product variable tracks to a pre-defined number of credits per event.
Credits are licensed as part of the agreement in annual buckets, and you can choose how best to configure the platform to maximize your ROI by optimizing ingest and use case patterns.
With Flex Licensing, log data ingested into the platform does not consume credits, storing and scan volumes consume credits.
Tracking is real time. The Sumo Logic platform constantly tracks credit utilization as it happens. You immediately see the impact of your product usage and immediately see any significant spikes. There is no artificial 24-hour delay that impacts your ability to manage your account. You see it as it happens so there are no surprises.
For billing and reporting purposes, data volume for metrics is measured in Data Points per Minute (DPM). DPM is defined as the average number of metric data points ingested per minute in one thousand increments. The per minute ingest is then averaged for a calendar day to get the average data points per minute for that day. The daily DPM average in one thousand increments is the unit of measure used to track metric ingestion for reporting and licensing within the Sumo Logic SaaS Log Analytics Platform.
No. You do not need to trade off price for performance. The model provides economics allowing you to optimize data analytics as you see fit with no dependency on hardware. Sumo Logic’s SaaS Log Analytics Platform can easily scale based on your analytics requirements in order to maximize performance for ingest and query response.
No. With Flex credits, Sumo Logic does not charge after the fact for any ingest spike or increased usage at penalty rates. Unlike other market options, you do not need to pay or provision for peaks. You will never get surprised with on-demand/overage bills. Your credit utilization simply reflects the product used for that specific time.
Yes. There is a nominal charge component to keeping data stored and secure within the Sumo platform. Typical customers retain data to cover the most common post-event analytic needs and those needs vary. With Sumo Logic, you only get charged on actual retention, which is configured directly by you for each data source configured in the platform.
Yes. Flex pricing includes 24×7, Priority 1 Technical Support.
Yes. Self-serve checkout lets Sumo Logic customers seeking small credit bundles to purchase directly within the trial experience and upgrade their Flex account once it’s created. Start your free trial today!
At Sumo Logic, we meet you where you are in your business. You can purchase credits directly with a credit card (up to $25,000) from our self-serve checkout in trial, we have sales team members available to support your larger goals, as well as an extensive partner network—including resellers, MSSPs, and technology partners—to help you integrate, optimize, and scale your observability and security solutions seamlessly. Ready to start exploring? Start your free 30-day trial.
Yes! In addition to the plans shown on this page, we offer flexible self-service options for users looking to get started quickly. If you’re on a free trial, you can explore these plans in your Account Settings under Manage Plan and purchase directly via credit card.