Cloud siem icon white

Automate your SOC with Cloud SIEM Get started

Get started

What’s New

See what we’ve been up to at Sumo Logic

Behavior Insights for SecOps, DevOps and Business Users

August 3, 2020

Behavior Insights encompasses three new log search operators to accelerate insights, troubleshooting and action plans using structured logs. About 23% of the daily log ingest volume pertains to JSON data and accounts for a growing share of total log volume. This growth is driven by modern applications and underlying cloud (AWS, GCP, Azure) and orchestrator logs. Behavior Insights helps answer the following questions for SecOps, DevOps and business users:
  • What activity patterns are evident from structured logs? What patterns are trending?
  • Which groups of users, apps, services or resources are responsible for activity in logs?
  • Which groups of users, apps, services or resources are responsible for unusual activity in logs?
Behavior Insights for SecOps, DevOps and Business Users

Dashboards: Our new dashboard framework

July 23, 2020

Dashboard (New) is optimized to create data dense, interactive, and connected visualizations that enable you to troubleshoot through your data efficiently. With the new dashboards, you can easily visualize data across logs and metrics, subset your data with flexible template variables for finer insights, and get deep visual control over the presentation with series overrides and JSON level style controls. In addition, you’ll have access to additional visualizations like honeycomb charts, scatter plots, and bubble charts to fill out your data visualization needs.

Dashboards:  Our new dashboard framework

Search Audit Index and the Enterprise Search Audit App

June 15, 2020

The Search Audit Index provides event logs on search usage and other activities for your account. The index allows you to monitor and audit the search queries being run within your account, the types of queries, the users running them, and more. The Enterprise Search Audit App provides pre-built dashboards and reports of the data from the Search Audit Index to help you analyze your current search use and identify areas for improvement.

Search Audit Index and the Enterprise Search Audit App

Global Intelligence for AWS CloudTrail DevOps

June 5, 2020

Global Intelligence for AWS CloudTrail DevOps guides infrastructure engineers, on-call staff and DevOps users to accelerate root cause analysis for incidents through error rate and configuration insights benchmarked from Sumo Logic’s AWS customers for nine AWS services: EC2, Lambda, Auto Scaling, S3, ELB, RDS, DynamoDB, ElastiCache and Redshift. The benchmarks rely on 15 million data points per week from AWS CloudTrail logs and baseline service availability, throttling, account quota and insufficient capacity/out-of-stock errors in 27 AWS regions by AWS service, API,account and instance type. The app recommends configuration improvements to key AWS services based on baseline usage such as memory and concurrency settings for AWS Lambda, provisioned IOPS for DynamoDB and min/max sizes of EC2 Auto Scaling groups.

Global Intelligence for AWS CloudTrail DevOps

The Sumo Logic App for Infrequent Data Tiers

May 1, 2020

The Sumo Logic App for Infrequent Data Tiers provides visibility into on-demand search usage and costs associated with Infrequent Data Tier by providing intuitive pre-configured dashboard and searches.Infrequent Data Tiers are an economical, fully managed log analytics solution for high volume, infrequently accessed data. With Infrequent Data Tiers, organizations have a solution that can aggregate, store and analyze verbose sources such as App Debug, CDN, Load Balancer, and other infrequently accessed logs at a dramatically lower price point.

The Sumo Logic App for Infrequent Data Tiers

Sumo Logic App for Zoom

April 13, 2020

The Sumo Logic App for Zoom provides visibility into how Zoom is being used across your organization, displaying analytics on performance, availability, security, and user activity. The app aggregates and reports on data so you can correlate and investigate trends and respond to incidents across all of your IT tools in a consistent and timely manner.

Sumo Logic App for Zoom

Sumo Logic App for Jira Cloud

April 1, 2020

The Sumo Logic App for Jira Cloud provides insights into how your Jira projects and issues are being managed so as to enable you to be more effective and manage work across multiple teams.

Sumo Logic App for Jira Cloud

Sumo Logic App for Bitbucket Cloud

April 1, 2020

The Sumo Logic App for Bitbucket Cloud provides insights to development teams into how their software delivery pipeline components are performing. The pre-configured dashboards organize issues, builds, and deployments that require the most attention.

Sumo Logic App for Bitbucket Cloud

The Sumo Logic Atlassian Solution

April 1, 2020

The Sumo Logic Atlassian solution leverages data from multiple Atlassian products including Jira Server, Jira Cloud, Opsgenie and Bitbucket Cloud to enable development teams with actionable insights to collaborate more effectively and release secure, high quality code faster.

The Sumo Logic Atlassian Solution

Sumo Logic App for Barracuda CloudGen Firewall

March 5, 2020

The Sumo Logic app for Barracuda CloudGen Firewall app provides a dashboard to monitor firewall actions, IP addresses, and rule and application usage.

Sumo Logic App for Barracuda CloudGen Firewall

Sumo Logic App for Alcide kAudit

February 25, 2020

The Sumo Logic App for Alcide kAudit app helps detect Kubernetes abuse, misuse of Non-compliant Activity and provides enhanced visibility and observability into Kubernetes audit logs.

Sumo Logic App for Alcide kAudit

Sumo Logic App for ARIA Packet Intelligence

February 24, 2020

The ARIA Packet Intelligence app provides visualization and profiling of all internal network traffic, within a Sumo environment, to detect possible threats and verify connectivity policies.

Sumo Logic App for ARIA Packet Intelligence

Global Intelligence for Amazon GuardDuty

February 17, 2020

Amazon GuardDuty is a threat detection service that monitors AWS accounts for 50+ threats representing unusual EC2 and IAM activity. Following up on version 2.0 announced at Illuminate 2019, Global Intelligence for Amazon GuardDuty 3.0 helps SecOps users pinpoint Amazon GuardDuty findings that are unusual compared to a population of Sumo Logic customers. Many customers, including Rakuten Rewards and Thoughtworks report that such global comparisons help them reduce noise and focus remediation efforts on the most important GuardDuty findings. In addition to a redesigned application user experience, in this release, Global Intelligence for Amazon GuardDuty has added support for a continuously updated threat score. The threat score is computed based on the count, severity and unusualness of GuardDuty findings and represents security posture in single number: 0 implying low risk, 100 high risk.

Global Intelligence for Amazon GuardDuty

Global Intelligence for AWS CloudTrail

February 17, 2020

Global Intelligence for AWS CloudTrail helps SecOps users pinpoint AWS activity and configuration changes evident in AWS CloudTrail logs that are unusual compared to a population of Sumo Logic customers. Such activity and configuration changes are curated from AWS penetration tests and reflect known breach tactics; remediating them will reduce breach risk for customers. In this release, the application covers 7 of the most used AWS Services (EC2, S3, IAM, RDS, Redshift, Lambda and CloudTrail), computes baselines for 40+ breach risk signals and prioritizes remedial actions based on how unusual a customer's CloudTrail activity is compared to their peer group.

Global Intelligence for AWS CloudTrail

Collect Amazon MSK metrics

December 4, 2019

Sumo Logic now supports collection of Kafka metrics as part Amazon MSK’s Open Monitoring to help you monitor and troubleshoot managed Kafka clusters in AWS.

Collect Amazon MSK metrics

Analyze the performance of pre-initialized AWS Lambda functions

December 4, 2019

AWS Lambda provides Provisioned Concurrency for greater control over the start-up time of your AWS Lambda functions. Sumo Logic now supports collection of Provisioned Concurrency metrics to monitor the performance of your pre-initialized Lambda functions

Analyze the performance of pre-initialized AWS Lambda functions

AWS Security Quick Start

December 3, 2019

The Sumo Logic AWS Security Quick Start solution helps you automate the collection of security events from AWS security services and the installation and configuration of several Sumo Logic apps designed for AWS Security.

AWS Security Quick Start

Sumo Logic App for Acquia

November 5, 2019

The Sumo Logic App for Acquia provides visibility into the key components of the Acquia platform with preconfigured dashboards for Apache, Varnish, PHP, FPM and Drupal to help you move to a proactive approach towards monitoring your websites as well as reduce the mean time to identify and resolve issues.

Sumo Logic App for Acquia

Collect AWS ECS Fargate and EC2 Container Logs

November 1, 2019

Sumo Logic now supports collection of container logs from AWS ECS containers launched with either AWS Fargate or EC2 with AWS FireLens to help you troubleshoot and investigate application issues.

Collect AWS ECS Fargate and EC2 Container Logs

The Enhanced Sumo Logic App for CrowdStrike Falcon

October 15, 2019

The enhanced CrowdStrike Falcon App provides visibility into the security posture of your endpoints as analyzed by the CrowdStrike Falcon platform deployed in your network. The app supports JSON based event collection and allows you to analyze indicators of compromise (IOCs) by affected users, tactic, technique, and objective, and identify hosts on your network with the highest malware detections. The dashboards in this app also help identify malware, which you can drill down to investigate malicious behavior.

The Enhanced Sumo Logic App for CrowdStrike Falcon

Sumo Logic App for Palo Alto Networks 9

October 14, 2019

The Sumo Logic App for Palo Alto Networks 9 has out-of-the-box dashboards that provide extensive security analytics to monitor, detect and investigate threats as well as monitor traffic patterns to detect anomalous behavior and identify configuration changes, system events, and user activities that violate your organization’s security policies.

Sumo Logic App for Palo Alto Networks 9

Sumo Logic Apps for Kubernetes

September 10, 2019

The Sumo Logic Kubernetes Apps provide visibility into Kubernetes worker nodes, application logs as well as visibility into the Kubernetes control plane including the API server, scheduler, and controller manager. The apps are a single-pane-of-glass through which you can monitor and troubleshoot container health, replication, load balancing, pod state, hardware resource allocation for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets. The apps also utilize Falco to monitor and detect anomalous container, application, host, and network activity as well as to monitor Kubernetes audit events.

Sumo Logic Apps for Kubernetes

Metrics Transformation Rules

September 10, 2019

Metrics transformation rules allow you to aggregate metrics at collection time and specify a separate retention period for the aggregated metrics.

Metrics transformation rules are useful when:

  • You want to store highly ephemeral, high cardinality data for only 8 days only, and to aggregate the metrics into business-level KPIs for long term storage and trending.
  • You want to store metrics from development and test environments for 8 days only, because after that you have no interest in them.
  • You want to pre-aggregate raw metrics to improve query performance and not retain raw metrics at all.
Metrics Transformation Rules

Data Enrichment with Log Metadata

September 10, 2019

Data enrichment is the process of adding context to your data so you have more control and an easier time referencing data in your monitoring and troubleshooting workflows. Data enrichment for logs gives customers the ability to describe their log data in a natural and intuitive way by mapping their mental model of how they think about logs to simple key-value pairs. Sumo Logic has extended the already extensive metadata support of metrics to log data, including automatically capturing metadata from integrations - including the new Kubernetes solution. With this new capability customers can freely tag their logs with simple key-value pairs, helping them investigate and solve issues faster. Customers can set their own fields at the collector level, source level, or on a log-by-log basis using HTTP headers. Once the logs have been enriched with these tags, customers can use those tags in search queries, dashboards and alerts.

Data Enrichment with Log Metadata

Explore

September 10, 2019

Explore for Kubernetes provides a visual map of the hierarchy of your Kubernetes environment through which you can intuitively navigate. You can filter the display to focus on deployments, nodes, services, or namespaces. Explore accomplishes this by translating metadata fields into an easy to understand mental model so you can quickly check system states at various levels and proactively troubleshoot issues.

Explore

Sumo Logic App for Amazon EKS

September 10, 2019

The Sumo Logic App for Amazon EKS - Control Plane App provides visibility into the EKS control plane with operational insights into the api server, scheduler, control manager, and worker nodes. The app’s preconfigured dashboards display resource-related metrics for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets.

Sumo Logic App for Amazon EKS

Sumo Logic App for Azure AKS

September 10, 2019

The Sumo Logic App for Azure Kubernetes Service (AKS) - Control Plane provides visibility into the AKS control plane with operational insights into the API server, scheduler, control manager, and worker nodes. The app's preconfigured dashboards display resource-related metrics for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets.

Sumo Logic App for Azure AKS

Sumo Logic App for Google GKE

September 10, 2019

The Sumo Logic App for Google Kubernetes Engine (GKE) - Control Plane allows you to monitor resource-related logs and metrics for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets. The app provides visibility into the GKE control plane with operational insights into the api server, control manager, and worker nodes. This App works in conjunction with Sumo Logic Kubernetes app, that provides visibility into worker node metrics and application logs.

Sumo Logic App for Google GKE

Sumo Logic App for StackRox

September 10, 2019

The Sumo Logic App for StackRox helps customers detect, investigate, and remediate vulnerabilities, insecure configurations, compliance
violations, and runtime threats across all containers and Kubernetes environments.

Sumo Logic App for StackRox

Sumo Logic App for Twistlock

September 10, 2019

The Sumo Logic App for Twistlock provides a comprehensive monitoring and analysis solution for detecting vulnerabilities and potential threats within your Kubernetes and containerized environments.

Sumo Logic App for Twistlock

Sumo Logic App for MongoDB Atlas

September 10, 2019

The Sumo Logic App for MongoDB Atlas allows you to monitor database operations, performance KPIs and provides visibility into the security posture of your clusters. with the following dashboard types:

  • Operations: For monitoring database operations and cluster health
  • Performance: For insights into slow queries, database and hardware metrics
  • Security: For visibility into user logins, audit events, project and organizational activity, incoming threats, and IOCs.
Sumo Logic App for MongoDB Atlas

Sumo Logic App for JFrog Xray

September 10, 2019

The Sumo Logic App for JFrog Xray provides visibility into the state of artifacts and components in your JFrog Artifactory repository.

Sumo Logic App for JFrog Xray

Sumo Logic App for Istio

September 10, 2019

The Sumo Logic App for Istio provides visibility into the health and performance of Istio and its control plane components, including Mixer, Galley, Citadel, Pilot and Envoy. App dashboards also allow you to monitor how services and applications are performing in Istio Mesh, providing insights into service latency, errors, network traffic, and request workloads.

Sumo Logic App for Istio

Sumo Logic App for CircleCI

September 10, 2019

The Sumo Logic App for CircleCI tracks and visualizes analytical data across all of your jobs.

Sumo Logic App for CircleCI

Sumo Logic App for Spinnaker

September 10, 2019

The Sumo Logic App for Spinnaker provides customers with the ability to monitor the health and productivity of their end-to-end software delivery process through live dashboards. Customers will gain at-a-glance visibility and longitudinal trends in usage and pipeline deployments across all dev, staging, and production environments.

Sumo Logic App for Spinnaker

Sumo Logic App for Aqua Security

September 10, 2019

The Sumo Logic App for Aqua Security provides users with a holistic cyber-security monitoring and forensics solution for containerized and cloud native environments.

Sumo Logic App for Aqua Security

Sumo Logic App for Slack

September 10, 2019

The Sumo Logic App for Slack provides monitoring and data analytics for Slack users, channels, access logs for workspaces with free, standard, plus and enterprise plans.

Sumo Logic App for Slack

Sumo Logic App for Cisco Meraki

September 10, 2019

The Cisco Meraki app provides a single-pane-of-glass for monitoring and troubleshooting network security, end-to-end performance, switch port management, and device management of your Cisco Meraki wireless infrastructure management platform.

Sumo Logic App for Cisco Meraki

AWS Tag Based Filters and Queries for CloudWatch Metrics

September 1, 2019

We've broadened support for tag-based filters and queries for AWS CloudWatch metrics. This feature enables you to use AWS CloudWatch metadata for three important capabilities

AWS Tag Based Filters and Queries for CloudWatch Metrics

Dig deeper into Sumo Logic

river lines K8s Tile Cover

Kubernetes Observability ebook

Monitoring, troubleshooting and securing Kubernetes with Sumo Logic.

river lines Ci report foreground 1

Continuous Intelligence Report

Get the first and only industry report that quantitatively defines the state of the modern application stack and its implication to the growing technology, process and culture shift amongst enterprises adopting Cloud and DevSecOps.