PCI Compliance For Palo Alto Networks
The Sumo Logic App for Payment Card Industry (PCI) Compliance for Palo Alto Networks offers dashboards to monitor firewall traffic activity for compliance with PCI requirements 01, 02, and 04.
Sumo Logic App for Palo Alto Networks 8
Palo Alto Networks (PAN) 8 provides a next generation firewall and the Traps Endpoint Security Manager. The Sumo Logic app for Palo Alto Networks 8 gives you visibility into firewall and traps activity, including information about firewall configuration changes, details about rejected and accepted firewall traffic, traffic events that match the Correlation Objects and Security Profiles you have configured in PAN, and events logged by the Traps Endpoint Security Manager.
Accelerate Data Analytics Logs-to-Metrics Solution
Sumo Logic’s Logs-to-Metrics solution makes it easy for you to turn logs into metrics that can be then used as valuable KPIs. And since we do the heavy lifting and work with you to create metrics from existing logs, you don’t have to worry about creating them from scratch. Turning some of your logs into metrics will give you several key benefits:
- High Performance Analytics: Storing data in a time-series database allows for lightning fast query times, since the data is optimized for speed and efficiency.
- Thirteen-Month Data Retention: For all metrics, Sumo Logic provides 13-month retention by default, enabling quick long-term trending of critical business and operational KPIs.
- Flexible and Low Latency Alerting: With metrics, you can leverage Sumo Logic’s real-time metrics alerting engine, which includes intuitive UI configuration, multiple threshold settings, missing data alerts, muting and more.
- Never Re-Instrument Code Again: Gain all of the benefits of metrics without digging into your code to configure a metrics output.
Introducing Sumo Notebooks for Data Scientists
Sumo Notebooks provide a way to seamlessly access data stored in Sumo Logic for the purpose of data exploration and statistical analysis. The notebooks provide an interactive way to gain and share insights of a dataset. Built on top of Apache Zeppelin and Jupyter, Sumo Notebooks provide a state-of-the-art user experience coupled with access to the most recent machine learning frameworks such as Apache Spark, TensorFlow and other tools to unlock the value of machine data
Sumo Logic App for AWS WAF
AWS Web Application Firewall (WAF) is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
The Sumo Logic App for AWS WAF analyzes traffic flowing through AWS WAF and automatically detects threats via Sumo Logic Threat Intel. The App provides pre-configured dashboards and searches that allow you to monitor threat and traffic details by client IP, allowed and blocked traffic, malicious IPs, threat actors, location, rules configured, trends and more.
Amazon S3 Event Notifications
S3 Event Notifications with AWS Sources is a new addition to Sumo’s S3 integration which combines scan-based discovery and event-based discovery into a unified integration that gives you the ability to maintain a low-latency while collecting logs from S3 and provides assurances that no data was missed or dropped. When you enable event-based notifications, S3 automatically notifies Sumo Logic that new files are added.
Correlate Security Events with Subquery
The new Subquery operator allows a user create complex filtering conditions within the same query. It’s also valuable when you don’t know the necessary data to restrict the scope of the query, but another query could return the right conditions. For example if CrowdStrike identifies a threat, you can correlate the time of that attack with your Windows Events from the time of that threat
Puppet Module for Installing the Sumo Logic Collector
The Sumo Puppet module downloads the sumo logic collector agent from the Internet and installs the Sumo Collector agent. The module also allows sources to be created during installation and updated afterwards. Currently, the module only supports the installation of latest collector version.
Sumo Logic App for Duo Security
Duo Security provides two-factor authentication, endpoint remediation, and secure single sign-on tools. The Sumo Logic App for Duo Security helps you monitor your Duo account’s authentication logs, administrator logs, and telephony logs. The dashboards provide insight into failed and successful authentications, events breakdown by applications, factors, and users, geo-location of events, admin activities, outliers, threat analysis of authentication, and administrator events.
Sumo Logic Terraform Provider For Collectors
The Sumo Logic Terraform provider enables better automation of Hosted Collector and Source creation.
Sumo Logic App for Jenkins
Jenkins is an open source automation server for automating tasks related to building, testing, and delivering software. The Sumo Logic App for Jenkins helps you monitor build successes, failures, and performance. The preconfigured dashboards provide insight into current current and recent build activity.
Sumo Logic App for Azure Active Directory
Azure Active Directory is a cloud-based directory and identity management service that provides directory services, application access management, and identity protection. The Sumo Logic App for Azure helps you monitor activity in the Azure Active Directory. The dashboards provide insight into role management, user management, group management, successful and failed sign-in events, directory management, and application management data that helps you understand your users’ experience.
Sumo Logic App for Azure SQL
Azure SQL Database is a managed relational cloud database service. The Sumo Logic app for Azure SQL helps you monitor activity in Azure SQL. The preconfigured dashboards provide insight into resource utilization, blocking queries, database wait events, errors, runtime execution stats, and other database analytics.
Docker Stats Source Now Supports Time-Series Data
Our Docker Stats source collects metrics about the the Docker Containers. This provides visibility into resource consumption of Docker containers. Historically these have been ingested as logs however now we support ingesting this data in the Carbon 2.0 metric format
Sumo Logic App for Amazon EKS
The Sumo Logic App for AWS EKS allows you to monitor Kubernetes clusters that are powered by Amazon EKS. The preconfigured dashboards present resource-related metrics at the Kubernetes pod, cluster, namespace, and node level; and provide operational insight into the state of your Kubernetes cluster
Collection for Azure Blog Storage
Logs and metrics for most Azure services can be exported to Azure Storage Account as block blobs. This new Sumo integration provides an event-based pipeline for shipping monitoring data from Azure Blob Storage to an HTTP source on Sumo Logic. This solution is good for monitoring Azure services that do not support exporting logs to Azure Monitor, for example, Azure Web Apps and Azure Storage Accounts.
Amazon Redshift ULM App
Amazon Redshift is Amazon’s data warehousing service. The Sumo Logic App for Amazon Redshift ULM helps you monitor activity in Amazon Redshift. The app is a unified logs and metrics application with preconfigured dashboards provide insight into database connections, SQL command and statement execution, database user account events, CloudTrail events, and resource utilization by node and cluster.
Search Templates allows organizations to map their business process and playbooks to Sumo content much more quickly and efficiently in order to accelerate the information discovery and gain insights that help them make better business decisions.
Squid Proxy App for Sumo Logic
The Sumo Logic app for Squid helps you monitor activity in Squid Proxy. The preconfigured dashboards provide insight into served and denied requests; HTTP response codes; URLS experiencing redirects, client errors, and server errors; and quality of service data that helps you understand your users’ experience.
Content Sharing & Collaboration
We’ve updated the ability to share commonly used assets such as searches and dashboards in a secure, fine-grained and flexible role-based access control (RBAC) model. Content Sharing allows users to selectively share and collaborate on dashboards and searches with specific users or roles. Administrators can manage dashboard and searches created by other users and highlight key content to specific users and groups.
Sumo Logic App for AWS CloudTrail
The Sumo Logic App for AWS CloudTrail helps you monitor your AWS deployments, with predefined dashboards that present user and administrator activity, network and security information, CloudTrail console logins, and information about your S3 buckets and public objects.
Optimization in the queries and more add-on information to help users monitor effectively.
New use cases added to monitor S3 public objects/buckets
Sumo Logic Unifed Logs & Metric App for Lambda
The Sumo Logic App for AWS Lambda ULM is a unified logs and metrics (ULM) app that helps you monitor the operational and performance trends in the Lambda functions in your account.
New Geolocation Database for Precision Accuracy
Sumo Logic has partnered with Neustar, an industry-leading IP intelligence provider, to deliver a more accurate database for geolocating IP addresses in your log messages. This helps you more confidently detect suspicious logins, maintain regulatory compliance, analyze end-user behavior and more based on the locations of connecting devices.
Sumo Logic App for G Suite
The Sumo Logic App for G Suite allows you to monitor and analyze all of your G Suite apps activity in one place. The predefined dashboards present information about administrative and user activities, drive usage, and logins.
This update for Google Suite App provides following features: App supports new log format for G Suite events, new use cases, performance improvements.
Sumo Logic App for Oracle
The Sumo Logic App for Oracle provides insight into the health and activity of your Oracle database. The app consists of predefined dashboards that present information about errors, ORA messages, listener activity, connections, security monitoring, the syslog and XML audit trails and performance monitors from oracle system tables and views.
Sumo Logic App for Google BigQuery
The Sumo Logic app for Google BigQuery helps you monitor data and activity in your BigQuery data warehouse. The preconfigured dashboards provide insight into the projects, operations, queries, user management operations, user activities, and billed GBs in BigQuery.
Sumo Logic App for Google Kubernetes Engine
The Sumo Logic app for Google Kubernetes Engine helps you monitor activity in Google Kubernetes Engine, providing node-level and pod-level monitoring information. The preconfigured dashboards provide insight into Kubernetes events, errors and activity; pod scheduling; created and killed resources; and severity messages.
Sumo Logic App for Google Cloud Storage
The Sumo Logic app for Google Cloud Storage helps you monitor activity in Google Cloud Storage. The preconfigured dashboards provide insight into request locations, bucket and object operations, user activities, errors, and bucket statistics.
Sumo Logic App for Google Cloud SQL
The Sumo Logic app for Google Cloud SQL helps you monitor your usage of Google Cloud SQL. The preconfigured dashboards provide insight into created and deleted resources, messages, authorization failures, user activities, and error logs.
Sumo Logic App for Google Compute Engine
Google Compute Engine is the Infrastructure as a Service component of Google Cloud Platform that delivers virtual machines running in Google’s data centers and worldwide fiber network. The Sumo Logic App for Google Compute Engine helps you monitor your infrastructure by providing preconfigured dashboards that allow you to view the activities, users, message severity of your Google Compute Engine infrastructure.
Sumo Logic App for Google Cloud Functions
The Sumo Logic app for Google Cloud Functions helps you monitor your usage of Google Cloud Functions. The preconfigured dashboards provide insight into function executions, operations, latency, errors, and failures.
Dashboard Filter Autocomplete
Autocomplete for dashboard filters allows for your Sumo Logic metadata or parsed fields to be available as pick options from filter dropdowns. Autocomplete will suggest available options in an alphabetized list as you type and provide you the first set of values when you enter your cursor into the filter field. This will make it easier for users to utilize dashboards across teams and more easily filter and find information while troubleshooting or exploring information.
Sumo Logic App for Google Cloud VPC
The Sumo Logic App for Google Cloud VPC provides visibility into the activities, traffic, metrics, and VPC flow in your GCP. The preconfigured dashboards provide you details on the VPC flows, latency, traffic, source and destination IP addresses, ports, protocols, and messages.
Sumo Logic App for Google App Engine
The Sumo Logic App for Google App Engine helps you monitor the activities in your App Engine. The preconfigured dashboards provide insight into the requests, applications, HTTP status codes, latency, and response time in your App Engine.
Sumo Logic App for Google Cloud IAM
The Sumo Logic App for Google Cloud IAM gives you visibility into the activities in your Cloud IAM. The preconfigured dashboards allow you to monitor the IAM project activities, operations, role activities, and policy changes.
Sumo Logic App for Kubernetes
The Sumo Logic App for Kubernetes allows you to monitor Kubernetes deployments that are self-managed by open source tools such as Kops. The preconfigured dashboards present resource-related metrics at the Kubernetes pod, cluster, and namespace level; and provide operational insight into Kubernetes components, including nodes, the API Server, the Controller Manager, the Kube System, and the Scheduler.
Sumo Logic App for Amazon Simple Email Service (Amazon SES)
Amazon Simple Email Service (Amazon SES) is a cloud-based email sending and receiving service. The Sumo Logic App for Amazon SES helps you monitor the email platform activities. The app uses CloudTrail events and SES notifications, and provides pre-configured dashboards that provide insights on the status of the email delivery including bounced notifications, delivered notifications, and various SES CloudTrail events
Imperva – Incapsula Web Application Firewall App
Imperva Incapsula is a cloud-based application delivery service that includes web security, DDoS protection, CDN, and load balancing.
The Sumo Logic app for Imperva Incapsula – Web Application Firewall (WAF) helps you monitor your web application protection service. The preconfigured dashboards provide insights on the threat alerts events.
Updated Lambda App supports AWS Lambda data events
Amazon announced new AWS CloudTrail functionality called AWS Lambda data events. This functionality allows you to continuously monitor the execution activity of your Lambda functions and record details on when and by whom an Invoke API call was made. To support this new capability, we updated our Lambda App with new panels that help you gain insight and visualize your AWS Lambda function activity. It also helps you meet your IT auditing and security compliance needs by providing details on users and services that invoke Lambda functions.
Sumo Logic App for Amazon GuardDuty
Amazon GuardDuty is a continuous security monitoring service that analyzes and processes VPC Flow Logs and AWS CloudTrail event logs. The Sumo Logic App for Amazon GuardDuty provides insights into the activities in your AWS account based on the findings from Amazon GuardDuty. The App includes preconfigured dashboards that allow you to detect unexpected and potentially malicious activities in your AWS account by providing details on threats by severity, VPC, IP, account ID, region, and resource type.
The Sumo Logic App for Amazon Kinesis
This is a unified logs and metrics (ULM) App which provides information on the events and metrics of Kinesis Streams. The preconfigured dashboards help you monitor the events, API calls, errors, incoming and outgoing records, latencies, and throughput of Kinesis Streams
Sumo Logic App for Amazon DynamoDB
The Sumo Logic App for Amazon DynamoDB is a unified logs and metrics (ULM) App which provides operational insights into your DynamoDB solution. The App includes Dashboards that allow you to monitor key metrics and view the throttle events, errors, latency, and help you plan the capacity of your DynamoDB solution.
Certified Logging Plugin Driver for Docker
The certified Docker logging driver plugin from Sumo, extend Docker’s logging capabilities. You can use the Sumo logging driver plugin to send Docker container logs to the Sumo cloud-based service. Once your log data is in Sumo, you can search and analyze your log data with the Sumo Logic platform
Custom Labels for Metrics Charts
When you are creating charts to share with other people on your team, they may not understand the terminology of your systems. Now you create easy to understand labels for your metrics time series to make them more useful for your team.
Alerting for Joined Metrics Queries
You can now create alerts on metrics that are joined from multiple queries. For example, alert when CPU load is higher than the average experienced last week.
Dashboard sharing enhancements
You can now embed live Sumo Logic dashboards into external websites using iframe. These dashboards must be shared in “whitelist” or “world” mode.
Google Cloud Platform Logs Integration
You can now use Sumo Logic to monitor, troubleshoot, and secure all of your Google Cloud Platform Services and Apps. With one integration, you can stream all of the logs that are available in the Google Stackdriver platform to Sumo Logic in real time. The integration uses Google Cloud Pub/Sub to push log data from Google Stackdriver to one or more HTTP Sources configured in the Sumo Logic Service. If you are using GCP, follow the steps in the integration guide to begin exploring all of your log data in Sumo Logic. We will be following up this integration with a set of pre-built apps for GCP.
AWS CloudFront App Dashboards
The AWS CloudFront App has been extended to include dashboards for latency monitoring. The new dashboard includes panels for global latency times, average latency times by region, outliers and 90th 95th 99th Pct Time_taken Trends.
Integrated solution with Okta, Sumo Logic collects, monitors and analyzes Okta data and event information to monitor use activity and behavior as well as any administrative policy changes
Sumo Logic extends this integration through built-in integration with popular SaaS applications accessed via Okta such as Salesforce, Workday, Box, and many more. By combining identity with user activity and behavior, Sumo Logic is able to detect and alert on any unusual behavior patterns
Cloud Passage App
The Sumo Logic App for CloudPassage Halo helps you detect security violations and look for threats across your complex infrastructure, through the analysis of massive volumes of Halo event data. CloudPassage’s Halo platform records over eighty different types of security events about your Halo-managed infrastructure, whether you deploy into public cloud environments or your private data center. These events deliver information about your infrastructure and include critical security alerts for firewall changes, access changes, configuration changes, and file integrity changes, and more.
You can leverage the security visibility provided by CloudPassage’s Halo platform with Sumo Logic’s correlation and visualization capabilities to deliver a security reporting and analysis tool. This app enables security operators and administrators to correlate security events across their Halo-managed infrastructure.