AWS | Resource Center

When migrating your digital assets to the cloud, you need to feel confident in the process and the end result. This paper covers eight best practices for capturing data to support a successful transition and ongoing optimization across cloud environments.

Legacy security monitoring and analytics solutions are not natively designed to understand the AWS Cloud environment well, and legacy approaches are complex, costly, and don’t scale to handle cloud data volumes. Sumo Logic alleviates these challenges.

Sumo Logic's AWS Observability solution leverages telemetry generated by AWS services to accelerate issue resolution, determine the root cause of failures, and help improve uptime and performance.

Secure your cloud infrastructure and modern applications with a Cloud SIEM. Discover how 5 enterprises leverage Sumo Logic and AWS to enhance their security posture.

Learn how the world’s top cloud savvy companies like Twitter, Airbnb, Adobe, and Salesforce build and manage their modern applications.

Learn what it takes to build and manage a modern application in the cloud Most customer-facing digital services are built on custom “modern applications” – an application stack with new tiers, new technologies and typically running on cloud platforms like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, etc. - which are designed with the goal of delivering fast time-to-value and incredible scale. The 2017 State of the Modern Apps in the Cloud report provides data-driven insights and best practices to help companies build, run and secure their modern applications more effectively. Based on active data from more than 1,500 customers using Sumo Logic’s machine data analytics platform, the report delivers rich analysis of technology adoption and year-over-year trends among industry leaders running modern applications in AWS, Azure, Google Cloud Platform, and more. Read this report to answer your questions about modern applications, including: What are my OS choices across cloud platforms? How many applications use Docker? Is AWS Lambda ready for prime-time? What are the common web servers and databases in AWS? What solutions are used to secure AWS applications? Download the 2017 State of Modern Apps in the Cloud Report now to get actionable insights.

To be competitive in today's digital economy, you have to hold yourself, and your team, to the highest standards. You moved your application to AWS because it was the right platform to support your drive to innovate and compete.

As organizations transition their infrastructures to AWS, they struggle to get visibility into their digital assets and infrastructures. Sumo Logic enhances customers’ abilities to simplify and accelerate movement to the cloud.

Many are quickly discovering that their legacy security monitoring and management tools are not adequate to provide them with the visibility and insights they need to manage their security, performance and compliance mandates in the AWS Cloud.

Today, every company seeks to become a digital business. Most customer-facing digital services are built on custom "modern applications" - an application stack with new tiers, new technologies and typically running on cloud platform like Amazon Web Services (AWS), to deliver fast time-to-value and incredible scale. The Sumo Logic State of the Modern App report is the first of its kind that provides data-driven insights and best practices to help companies build, run and secure their modern applications more effectively. Based on active data from more than 1,000 customers using Sumo Logic's machine data analytics platform, the report delivers rich analysis of technology adoption among industry leaders running modern applications in AWS. Read this data-driven report to get insights like: How many AWS apps are built using Docker? How many AWS customers use Lambda? What are the common databases in AWS? What solutions are used to secure AWS applications?

Purpose-Built Machine Data Analytics for AWS Environments Sumo Logic, the AWS-native service helps customers simplify their AWS migrations and operationalize the growing pool of machine data within those environments with critical performance, availability, configuration, capacity, and security insights.

Organizations building modern applications are adopting technologies like Docker as a way to build applications from small independently deployable microservices that communicate through lightweight RESTful APIs. In a DevOps context, containers allow agile teams to templatize application execution environments that developers can use and operations teams can “bless” for production deployment. DevOps teams are challenged with monitoring, tracking and troubleshooting issues in a context where each container emits its own logging data. There are numerous methods for gathering logs and events data from Docker containers, and services may not agree. If a logging method fails, even temporarily, that data is lost. Technical Challenges Microservice teams typically employ machine data analytics to log and monitor each individual service, utilizing dashboards to check up/down status, other operational metrics and performance-related KPIs. The challenges are: Each container emits its own logging data There are numerous methods for gathering logs, stats and events data from containers Containers may not agree on a common method If a logging method fails, even temporarily, that data is lost Once log data has been acquired, assembling meaningful metrics such as the condition of your host environment, the number of running containers, CPU usage, memory consumption and network performance can be arduous. The challenges are: Logs and events not stored in one uniform place; may be scattered in a variety of different isolated containers. Synchronizing with log platforms that have specific dependencies (e.g., requires Java or Node.js) Developers may have to parse and format different data depending on the log source. Container security Solutions Sumo Logic delivers a comprehensive strategy for monitoring Docker infrastructure with a native collection source for events, stats, configurations and logs. The Sumo Logic application for Docker utilizes Sumo Logic’s advanced machine-learning and analytics capabilities to enable DevOps teams to analyze, troubleshoot, and perform root cause analysis of issues surfacing from distributed container-based applications and Docker containers themselves. The Sumo Logic App for Docker provides out-of-the box dashboards, reports, saved searches, and field extraction rules for popular data sources. The app uses a container that includes a collector and a script source to gather statistics and events from the Docker Remote API on each host. Pre-built dashboards allow you to view statistics for your container environment, along with CPU, memory, and network performance. The app also provides visibility into container events such as start, stop, and other important commands. Why Sumo Logic? Sumo Logic is the only cloud native service to provide both log analytics and time-series based metrics to give you real-time, continuous intelligence across the entire application lifecycle and stack. Log analytics provides the forensic data you need, and time-series based metrics give you insights into the real-time changes taking place under the hood. To understand both the health of your deployment and the behavior/experience of your customers, you need to gather machine data from all of its sources, then apply both logs and metrics to give teams from engineering to marketing the insights they need. Collect and Centralize – Sumo Logic can effortlessly collect terabytes of data from any app, cloud, device, custom hardware, sensor, server and network sources. Lightweight collectors collect, compress, cache and encrypt the data for secure transfer. Centralized logging eliminates the need for additional archiving, backups and restores. Search and Analyze – Administrators can run searches and correlate events in real-time across the entire application stack using an easy-to-use search engine-like syntax. The patent-pending LogReduce™ technology reduces hundreds of thousands of Docker log events into groups of patterns significantly slashing MTTI. Transaction Analytics automates processes for collection and analysis of transactional context to decrease time associated with compiling and applying intelligence across your distributed systems. Detect and Predict – When rules are not enough, the Anomaly Detection technology powered by machine-learning algorithms detects deviations to uncover the unknowns in your data. Also powered by a unique algorithm, Outlier Detection analyzes thousands of data streams with a single query, determines baselines and identifies outliers in real-time giving DevOps and Security teams visibility into critical Key Performance Indicators (KPIs). The Predictive Analytics capability extends these capabilities by projecting future KPI violations and helps ward off impending issues. Monitor and Visualize – Custom dashboards and visualization help you easily monitor your data in real-time. The dashboards, available in light or dark themes, contain a collection of real-time monitors and unify all data streams so you can keep an eye on events that matter. Alert and Notify – Custom alerts proactively notify you when specific events are identified across the stack. The patent-pending Push Analytics technology leverages LogReduce to establish a baseline of application, system, and infrastructure activity. Proactive notifications are generated when your data deviates from calculated baselines or exceed thresholds to help you address potential issues promptly. Sumo Logic App for Docker In addition to easy collection of container and application log data, the Sumo Logic App for Docker includes dashboards providing critical information about your entire Docker container environment including overviews of the containers in your environment, and overviews for your CPU, memory, and network performance. Base Images for Running Containers in the last hour Docker Hosts - number of Docker hosts for the last hour Containers Created and Containers Detected Top Containers by CPU Consumption, Average Resident Memory Consumption, and Traffic Sent and Received Total Network Error Count for the last hour Container Actions for the last seven days CPU Performance In addition, Docker App allows you to drill down on CPU Performance, memory performance and network performance: Total CPU Consumption Over Time by Container User CPU Usage by Container Kernel CPU Usage by Container CPU Total Usage (Jiffy) per Minute by Container Throttled Time (Second) by Container Memory Performance Top Containers by RSS Memory (KB) Over Time. Page Fault Increment per Minute by Container Total Page Fault Increment Unevictable Memory Increment by Container Major Fault Total Count by Container Swap Size by Container Network Performance Sent/received Traffic by Container Sent/received Packets by Container Send/receive Errors by Container Total Network Error Count More than 1,200 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value and growth. Go to sumologic.com/application/docker to learn more.

With a solid user base, including both paying and non-paying customers, Sumo Logic is at the point it can think about ways to best leverage those users. One way it is doing so is by positioning itself as a central IT operations data repository that users in a variety of enterprise roles can access using tools of their choice. Also, the company is just starting to seek value in mining data about customers, both so that it can serve as a thought leader by sharing trend data and also to offer targeted recommendations to users based on activities of other users. Sumo Logic is in a strong position to execute on these initiatives. The 451 Take We think Sumo Logic has smartly identified opportunities that it’s able to pursue given the size of its customer base and the nature of its technology platform – opportunities that some of its smaller competitors might not be able to similarly execute on. A planned capability that offers targeted recommendations to users based on the actions of other users could be particularly useful to customers. Sumo Logic’s centralized IT operations data-store concept is another opportunity to build on its current customer base since it’s an idea best pitched as an expansion to existing customers. The company has work to do here to educate users on the benefits of such a repository, as well as in terms of lining up integrations with third-party products to access the Sumo platform. A significant challenge it faces is around describing the differences between its technology and that of competitors’ and demonstrating why customers should care. Focusing on differentiated capabilities that are meaningful to customers, such as a forthcoming security-focused product, should help.

Today, every company seeks to become a digital business. Most customer-facing digital services are built on custom "modern applications" - an application stack with new tiers, new technologies and typically running on cloud platform like Amazon Web Services (AWS), to deliver fast time-to-value and incredible scale. The Sumo Logic State of the Modern App report is the first of its kind that provides data-driven insights and best practices to help companies build, run and secure their modern applications more effectively. Based on active data from more than 1,000 customers using Sumo Logic's machine data analytics platform, the report delivers rich analysis of technology adoption among industry leaders running modern applications in AWS. Read this data-driven report to get insights like: How many AWS apps are built using Docker? How many AWS customers use Lambda? What are the common databases in AWS? What solutions are used to secure AWS applications? Download the report to learn more.

The AWS Cloud is no longer the future of information technology infrastructure, but rather a present day reality. As data growth continues to expand, organizations around the world are avoiding building, and in some cases, actively closing down, on-premises datacenters as paying for the total cost of ownership for such environments is becoming an unwieldy, or at the very least inefficient, use of capital. This trend can be observed with the increasingly rapid adoption of cloud services over recent years. According to the new Worldwide Semiannual Public Cloud Services Spending Guide from International Data Corporation (IDC), worldwide spending on public cloud services will grow at a 19.4% compound annual growth rate (CAGR)--almost six times the rate of overall IT spending growth–from nearly $70 billion in 2015 to more than $141 billion in 2019. Some organizations worry about losing visibility into their workload when moving to the cloud. The reality is that when companies migrate to the AWS Cloud, they have the opportunity to leverage cloud-native services and tools that were designed specifically for the agility and scalability of the cloud, avoiding excessive cost, lengthy implementations, and the need to for additional internal IT resources to manage the platforms and the hardware. An example of this would be logging and monitoring services that were frequently considered too expensive or time consuming to utilize in an on-premises environment. Because the scalability of the AWS Cloud allows you to spin up new instances on-demand and leverage pay-as-you-go pricing, logging and monitoring has become not only more affordable, but more foundational than ever. Since logging and monitoring on AWS is less expensive and simpler to implement than on-premises, it is easier than ever to have complete coverage of your environment, meaning you don’t need to miss out on any data. Related to logging and monitoring, one area of opportunity is machine data analytics. Service that leverage AWS services: Amazon Simple Storage Service (Amazon S3) - A secure, durable, and highly-scalable cloud storage service Elastic Load Balancing (ELB) - An AWS service that automatically distributes incoming application traffic across multiple Amazon Elastic Cloud Compute (Amazon EC2) instances Amazon CloudFront - A global content delivery network (CDN) services that accelerates delivery of your websites, APIs, video content, and other web assets AWS CloudTrail - A web services that records AWS API calls for your account and delivers log files to you Amazon Virtual Private Cloud (Amazon VPC) Flow Logs - An AWS feature that enables you to capture information about the IP traffic to and from network interfaces in your VPC These, and other AWS services, generate machine data in the form of log files and time- series metrics that can be analyzed in real time to improve visibility and mitigate security risk. Amazon CloudWatch (a monitoring service for AWS Cloud resources and the applications on them) aggregates these logs for high-level monitoring and alerting in AWS workloads. AWS Partner Network (APN) Advanced Technology Partner and AWS Security Competency Partner Sumo Logic applies advanced analytics and machine learning to logs and time-series metrics allowing organizations to gain real-time, full-stack visibility into cloud and hybrid environments. Sumo Logic does not require instrumentation and easily captures machine data from AWS. It pulls log files from from a variety of AWS services, including AWS CloudTrail and Amazon VPC Flow Logs, and centralized metrics from Amazon CloudWatch to provide continuous intelligence. This continuous intelligence can help companies accelerate the building, running, and securing of modern applications and enables them to achieve greater visibility intotheir workloads compared to an on-premises environment. Sumo Logic also supports cross-functional collaboration by correlating data from multiple data sources, showing data in the context of time-series metrics, thereby providing a common source of truth for monitoring and troubleshooting. The Importance of Machine Data Analytics Machine data is data generated automatically by the activity of a computer, application, or device. This machine-generated data often come in the form of logs and can contain immensely valuable insights about the application/infrastructure and its health. The biggest problem with harnessing machine data is the sheer volume of data being generated. Raw machine data contains billions, if not trillions, of log and metric data points and is increasing in quantity at an exponential rate. The volume and velocity of this data growth can be difficult for single-tenant analytics solutions to handle. Additionally, machine data can come in a variety of formats and can be structured, unstructured, or semi-structured: Structured data refers to data that resides in a fixed field within a file, such as a field in a relational database or a time-series metric such as CPU utilization. Structured data can be easily stored, retrieved and analyzed. Unstructured data refers to all those things that cannot be easily classified such as streaming data, videos, images, blogs, and wikis. Semi-structured data is a cross between the two. It lacks the strict data model of structured data but has tags or other markers that help you identify certain elements. Log files are a good example of semi-structured data.With this in mind, it is important to use a data analytics platform optimized to handle all types of machine generated data, including custom metrics.

This white paper is intended to support stakeholders movement of applications to the cloud, and provide some fundamental approaches to adopt in order to better protect every layer of the AWS infrastructure.

Real-Time Resource Monitoring & Troubleshooting An AWS infrastructure is a complex, crucial component of an organization’s operational environment. But managing and monitoring this mission-critical infrastructure that runs the business presents a challenge. With hundreds of configuration options and resource dependencies, one small accidental change can impact an entire service, resulting in outages and customer satisfaction issues. The lack of visibility into AWS resources hinders an organization’s ability to innovate and keep ahead. IT administrators try to overcome the AWS visibility problem by utilizing the capabilities of the AWS Config managed service. AWS Config presents IT administrators with basic configuration update information, but lacks the detailed real-time interactive visualizations that provide full visibility. IT administrators need a service that delivers end-to-end resource monitoring, troubleshoots configuration changes, and enables audit and compliance reporting. Sumo Logic Cloud-Native Service Sumo Logic’s cloud-native service helps deliver visibility into the operations of an organization’s Amazon Web Service infrastructure. By ingesting the growing pool of machine data generated within an AWS environment, Sumo Logic easily delivers critical performance, availability, configuration, capacity, and security insights. The secure by design analytics service starts delivering value within minutes and operates at unprecedented scale, while helping customers further reduce cost and complexity. Proven machine learning analytics, cloud-to-cloud integrations, and purpose-built applications for AWS services ensure mission critical applications and services run smoothly in AWS. Read this solutions brief to see how the Sumo Logic app for AWS Config enables you to monitor your AWS infrastructure by ingesting data collected by AWS Config.

In this report from 451 Research, analyst Jason Stamper looks at how Sumo Logic has tightened its integration with AWS through Continuous Intelligence.