Skip to main content

Manage Organizations for MSSPs - Source Template (Manage)

We're excited to announce the ability to manage source templates for enterprises with multiple organizations such as MSSPs (which typically have a parent organization with multiple child organizations). These source templates provides efficient, scalable data collection management by applying consistent setups across multiple collectors. Learn moere.

Content Item Actions Available Directly From Navigation Menus (New UI)

We have reintroduced the ability to perform actions on content items directly from navigation menus in the new UI. You can now manage content more quickly without needing to open the Content Library first.

This enhancement reduces the number of clicks required to manage content, helping you work more efficiently and streamline everyday workflows. Learn more about our UI.

What’s new

  • Access actions from navigation menus. Perform actions directly from Recent, Library, and other navigation areas.
  • Edit content quickly. Open and modify items without additional navigation steps.
  • Delete without switching context. Remove content directly from where you are working.
  • Move items easily. Relocate content between folders without leaving the current view.
  • Share and export faster. Access common management options from the same menu.

Token-Based Authentication for Secure HTTP (Collection)

We're excited to introduce secure token-based authentication for HTTP sources. This new capability allows you to authenticate using a unique token in the request header, maintaining the existing HTTPS endpoint behavior while adding token validation per source.

Obtain the token to use in an auth header when you configure an HTTP source or regenerate the URL. To learn more, see:

note

Token-based authentication in the request header is supported for the following HTTP sources:

Token-based authentication in the request header is not supported for:

Searchable Time timestamp (Search)

We’re excited to introduce our new Searchable Time timestamp in Log Search, which indicates when ingested logs are fully processed and ready for search. Running queries using this timestamp helps you to eliminate errors caused by ingestion latency and non-linear indexing, ensuring non-overlapping time-range queries return complete results without gaps or duplication. Learn more.

Apps, Solutions, and Collection Integrations - January Release

Enhancements

  • Azure SQL Managed Instance app. Updated documentation for the Azure SQL Managed Instance app, including detailed steps for collecting logs, audit logs, and metrics.
  • Sumo Logic Audit app. Added monitor alerts for the Sumo Logic Audit app.
  • CrowdStrike - Falcon Endpoint Protection app. Updated the sample log messages, dashboards, and monitor alerts for CrowdStrike - Falcon Endpoint Protection app to coordinate it with EppDetectionSummaryEvent data type.
  • Azure Container Instances app. Updated the Azure Container Instances app to set the default value for resource_type to CONTAINERGROUPS and added the !category field in log query scope.
  • Windows Source Template. Released the Windows Source Template version 9.1.0, which tags the default _parser for logs forwarded to Cloud SIEM. For detailed version information, refer to the changelog file.
  • Updated OpenTelemetry apps. Redis and HAProxy.

Enabled Auto Parse Mode in Search (MSSPs)

We're excited to announce that Auto Parse Mode is now enabled for MSSPs customers. This feature automatically extracts fields from JSON log messages at search time, reducing manual parsing effort and accelerating analysis. Learn more.

Configure Webhook Connection (Collection)

We’re excited to announce that we’ve updated the Webhook Connections setup flow and all related subdirectories (such as Slack, Datadog, Jira, and others) in the Sumo Logic documentations to align with the new Connections page experience. Learn more.

Sign in with Google SSO (Manage)

We’re excited to announce that signing in to Sumo Logic is now even more convenient using your Google account credentials. If your email address is associated with a Google account, simply select Continue with Google on the sign-in page to access Sumo Logic with no additional setup required.

You can also use Google SSO when signing up for a new Sumo Logic account. Organizations that use SAML or other identity providers can continue to sign in using their existing authentication methods. Learn more.

Apps, Solutions, and Collection Integrations - December Release

New release

LiteLLM

We are excited to announce the addition of a native Sumo Logic HTTP Source webhook integration for collecting LiteLLM usage and proxy log data in Sumo Logic. Learn more.

Enhancements

  • VMware Tanzu Application Service. Released Sumo Logic Nozzle for VMware Tanzu versions 1.0.7 and 1.0.8, which add support for Tanzu v10.2. For detailed version information, refer to the changelog file.
  • AWS Serverless Application Models (SAM). Released the following two SAMs:
    • sumologic-aws-cloudtrail-benchmark 1.0.22
    • sumologic-guardduty-benchmark 1.0.19
Status
Legal
Privacy Statement
Terms of Use
CA Privacy Notice

Copyright © 2026 by Sumo Logic, Inc.