Updated Lambda App supports AWS Lambda data events
Amazon announced new AWS CloudTrail functionality called AWS Lambda data events. This functionality allows you to continuously monitor the execution activity of your Lambda functions and record details on when and by whom an Invoke API call was made. To support this new capability, we updated our Lambda App with new panels that help you gain insight and visualize your AWS Lambda function activity. It also helps you meet your IT auditing and security compliance needs by providing details on users and services that invoke Lambda functions.
Sumo Logic App for Amazon GuardDuty
Amazon GuardDuty is a continuous security monitoring service that analyzes and processes VPC Flow Logs and AWS CloudTrail event logs. The Sumo Logic App for Amazon GuardDuty provides insights into the activities in your AWS account based on the findings from Amazon GuardDuty. The App includes preconfigured dashboards that allow you to detect unexpected and potentially malicious activities in your AWS account by providing details on threats by severity, VPC, IP, account ID, region, and resource type.
The Sumo Logic App for Amazon Kinesis
This is a unified logs and metrics (ULM) App which provides information on the events and metrics of Kinesis Streams. The preconfigured dashboards help you monitor the events, API calls, errors, incoming and outgoing records, latencies, and throughput of Kinesis Streams
Sumo Logic App for Amazon DynamoDB
The Sumo Logic App for Amazon DynamoDB is a unified logs and metrics (ULM) App which provides operational insights into your DynamoDB solution. The App includes Dashboards that allow you to monitor key metrics and view the throttle events, errors, latency, and help you plan the capacity of your DynamoDB solution.
Certified Logging Plugin Driver for Docker
The certified Docker logging driver plugin from Sumo, extend Docker’s logging capabilities. You can use the Sumo logging driver plugin to send Docker container logs to the Sumo cloud-based service. Once your log data is in Sumo, you can search and analyze your log data with the Sumo Logic platform
Custom Labels for Metrics Charts
When you are creating charts to share with other people on your team, they may not understand the terminology of your systems. Now you create easy to understand labels for your metrics time series to make them more useful for your team.
Alerting for Joined Metrics Queries
You can now create alerts on metrics that are joined from multiple queries. For example, alert when CPU load is higher than the average experienced last week.
Dashboard sharing enhancements
You can now embed live Sumo Logic dashboards into external websites using iframe. These dashboards must be shared in “whitelist” or “world” mode.
Google Cloud Platform Logs Integration
You can now use Sumo Logic to monitor, troubleshoot, and secure all of your Google Cloud Platform Services and Apps. With one integration, you can stream all of the logs that are available in the Google Stackdriver platform to Sumo Logic in real time. The integration uses Google Cloud Pub/Sub to push log data from Google Stackdriver to one or more HTTP Sources configured in the Sumo Logic Service. If you are using GCP, follow the steps in the integration guide to begin exploring all of your log data in Sumo Logic. We will be following up this integration with a set of pre-built apps for GCP.
AWS CloudFront App Dashboards
The AWS CloudFront App has been extended to include dashboards for latency monitoring. The new dashboard includes panels for global latency times, average latency times by region, outliers and 90th 95th 99th Pct Time_taken Trends.
Integrated solution with Okta, Sumo Logic collects, monitors and analyzes Okta data and event information to monitor use activity and behavior as well as any administrative policy changes
Sumo Logic extends this integration through built-in integration with popular SaaS applications accessed via Okta such as Salesforce, Workday, Box, and many more. By combining identity with user activity and behavior, Sumo Logic is able to detect and alert on any unusual behavior patterns
Cloud Passage App
The Sumo Logic App for CloudPassage Halo helps you detect security violations and look for threats across your complex infrastructure, through the analysis of massive volumes of Halo event data. CloudPassage’s Halo platform records over eighty different types of security events about your Halo-managed infrastructure, whether you deploy into public cloud environments or your private data center. These events deliver information about your infrastructure and include critical security alerts for firewall changes, access changes, configuration changes, and file integrity changes, and more.
You can leverage the security visibility provided by CloudPassage’s Halo platform with Sumo Logic’s correlation and visualization capabilities to deliver a security reporting and analysis tool. This app enables security operators and administrators to correlate security events across their Halo-managed infrastructure.
The most important task with analytics is to remove the noise so that users can uncover the important patterns and data. The filter operator now provides a powerful way to reduce the noise by using a related search to filter the results of the primary search. Now you can find the top 10 log files generating errors over all, and then look at the top 10 servers where those occur. Or look at the overall average latency for a component, and then view those latencies over time.
Threat Intel for AWS App
The Threat Intel for AWS App correlates CrowdStrike threat intelligence data with your AWS log data, allowing for real-time security analytics to help detect threats in your environment and protect against cyber-attacks. The Threat Intel for AWS App scans your AWS CloudTrail, AWS ELB and AWS VPC Flow logs for threats based on IP address.
General Availability of the cloud-based syslog data API. When you want all of your app and security teams to benefit from Sumo Logic’s advanced machine data analytics it’s important that you are able to access all of your data. Sometimes, there may be situations where it is not possible to install a log collection agent onto a set of hosts. Sumo Logic fully embraces both agentless, and agent-based data collection. Our deployment of Cloud Syslog was built from the ground up to be a secure and scalable multi-tenant cloud service. Review the docs link below to see how you can start using this integration today.
PCI Compliance for Amazon VPC Flow Logs – App
The Sumo Logic App for Payment Card Industry (PCI) Compliance for Amazon VPC Flow Logs App offers dashboards to monitor systems, account and users activity to ensure that login activity and privileged users are within the expected ranges. The PCI Compliance for Amazon VPC Flow Logs App covers PCI requirements 01, 02, and 04
LogReduce with Filtering and Group-By
The Signatures that LogReduce produces are an incredibly powerful tool for understanding your logs. In the past, these were locked in a specialized interface. We have freed the signatures, and you can now use them in new ways, just like any other operator. For example, you can graph the behavior of the signatures over time. Or Create a Pie Chart. Or a custom table. And there is more! You can ask LogReduce to only show you the top signatures by anomalous behavior or total number of occurrences!
Integration with New Relic
With the New Relic webhook connection, you can now visualize events from Sumo Logic in your New Relic Insights account. This integrated context enables faster root-cause analysis by combining machine data analytics with application and infrastructure performance data in one single pane of glass.
Pivotal Cloud Foundry Integration
Are you currently using, or considering Cloud Foundry? We have partnered with Pivotal to make it easy for you to have a holistic view of your platform’s operations, and support your DevOps processing by enabling your application teams to be self sufficient. We have developed a Sumo Logic Nozzle for Cloud Foundry’s Loggregator that can stream all, or a part of, your CF logs and metrics to Sumo Logic. This integration can be download from Pivotal Network, and a companion app will be available this month.
Redesigned Sumo Logic Interface
The new Sumo UI is contextual and intuitive with the introduction of simpler navigation and workflows. Current users will appreciate the new types of content that can be opened in tabs – such as dashboards, log searches, metrics queries and live tail – and the fact that these tabs are persistent across login sessions. New users will have a smoother on-boarding experience with a personalized homepage.
Data Volume App Updated
The Sumo Logic App for Data Volume allows you to view at a glance your account’s data usage volume by category, Collector, Source name, and hosts. The app uses predefined searches and a Dashboard that provide visibility into your environment for real-time analysis of overall usage.
The overview dashboard has been updated to provide a more comprehensive view of your Logs and Metrics data use.
Threat Intel Quick Analysis App
This App correlates CrowdStrike’s threat intelligence data with your own log data, allowing for real-time security analytics to help you detect any threats in your environment, while protecting against sophisticated and persistent cyber-attacks. The Threat Intel Quick Analysis App scans your selected logs for threats based on IP, file name, URL, domain, Hash 256, and email.
Consolidate your OneLogin audit and usage events directly into Sumo Logic’s continuous intelligence service to monitor and visualize your findings over time and rapidly identify and resolve security risks.
OneLogin combined with Sumo Logic gives companies real-time control and visibility of cloud application access and user behavior analytics to resolve security threats faster.
You can now share Dashboards with just your organization (whitelist) or with everyone. The permission to share dashboards is now split into two groups:
- Share Dashboards with the Whitelist
- Share Dashboards with the World
Sharing dashboards allows you to choose who else sees the insights you gain from uploading data to Sumo Logic. You can share dashboards with other people in your organization or people outside your organization. (Sharing outside your organization is always view-only.)
PCI Compliance For AWS CloudTrail App
PCI Compliance for AWS CloudTrail App. The Sumo Logic App for Payment Card Industry (PCI) Compliance for AWS CloudTrail App offers dashboards to monitor systems, account and users activity to ensure that login activity and privileged users are within the expected ranges. The PCI Compliance for AWS CloudTrail App covers PCI requirements 02, 07, 08 and 10.
Fastly App. Fastly is a content delivery network (CDN) that provides you control over how and where you serve content, access to real-time performance analytics, and the ability to cache unpredictably changing content at the edge. With the Sumo Logic Fastly App, you can examine performance by origin, quality of service, and monitor your visitor traffic for important patterns using pre-defined searches and Dashboards for real-time visibility into your environment.
Add an extra layer of security to your Sumo Logic account. Set up Two Factor Authentication today. Compromised data is a thing of the past. Keep your account safe by combining your password with a single-use code sent to your phone. Learn how to setup 2-Step Verification for your own user account. You’re the Administrator? Learn how to setup 2-Step Verification for your Organization.
Metrics – Log Overlay
Metrics visualizations give you a clear picture of WHAT is happening in your environment. By adding log overlays to your metrics visualizations, you can investigate WHY behavior is occurring and what corrective action might be called for. Log overlays help you correlate the performance shown in your metrics visualizations with logged events that could be responsible for changes in behavior.
Trigger AWS Lambda Functions from Sumo
You can now trigger AWS Lambda functions directly from a Sumo Logic alert using the new AWS Lambda Webhook connection for Scheduled Searches and Metrics Monitors. This deeper integration allows you to set smart thresholds and take automated corrective actions directly in your application and infrastructure.
Real Time Alerting for Metrics
With the pressures of performance management for the modern application, real time visibility is essential. With real-time alerts for metrics, you can set up performance thresholds and receive notifications via email, slack, pagerduty, webhook, etc. when a time series crosses a threshold.
Outlier Detection for Metrics
You can now take advantage of our powerful analytics engine to better understand anomalies in your performance metrics data. With a simple interface you can adjust the sensitivity of the outlier detection algorithm and how many outliers you want to focus on.
Sumo Logic Application for Docker
The Sumo Logic Application for Docker provides a native collection source for your entire Docker infrastructure. Real-time dashboards help monitor the Docker infrastructure including stats, events and container logs.DevOps teams can visualize key metrics and KPIs, including image usage, container actions and faults, as well as CPU/Memory/Network statistics and troubleshoot critical issues.
Sumo Logic on Heroku Marketplace
Sumo Logic is now available as an add-on in the Heroku marketplace under the logging category. This integration means that developers using Heroku as their cloud platform (PaaS) to build, deliver, and scale apps can leverage Sumo Logic for logging and analytics. Users can directly access the Sumo Logic service from their app. In this beta integration, Heroku users can leverage the Enterprise version of Sumo Logic service for 30 days, after which time users can use the free version.
When attempting to predict future behavior of key performance indicators, it is essential to accomodate for cyclical patterns in your data rather than a straigh line projection. Our prediction capability now can predict cyclical patterns ahead using auto-regression.
Unified Logs and Metrics
With your integrated teams managed performance for your modern application, end-to-end visibility is essential. Sumo Logic is the first Enterprise class solution for viewing, analyzing, and correlating your Logs and Time Series Metrics in the same tool.
It is hard to judge what is normal for your application if you can’t compare current performance to the past. With TimeCompare you can now easily overlay current time series over similar time periods at one or more points in the past. There is a simple button to help you get started, or you can leverage the query language directly.
It is impossible to know what has changed if you don’t know what is normal. Time Compare allows you to compare current activity to historical behavior with a simple click of a button
Sumo Logic Live Tail
Sumo Logic Live Tail is now generally available! Now users have access to a new feature that allows you to tail log files in real time. You can also perform additional actions like pausing (and resuming), tailing multiple sessions and filtering your log lines as they come in. Live tial is immediately available in browser mode (with the Sumo Logic application) and will be soon available in the command line interface mode (CLI).
The Predictive Analytics capability extends and complements Outlier Detection by predicting future KPI violations and abnormal behaviors through a linear projection model. The ability to observe violations that may occur in the future, such as declining transaction volumes, rise in latency, and decrease in available application resources, helps DevOps, IT Ops, and Security teams address issues before they impact their business.
Outlier Detection is powered by a unique algorithm that can analyze thousands of data streams with a single query, determine dynamic baselines and identify outliers in real-time. Purpose-built visualization highlights abnormal behaviors giving teams visibility into critical Key Performance Indicators (KPIs). Real-time alerts help teams react to and remediate critical issues as they are detected, such as a sudden rise in response time, unusual spike in network traffic or drop in request volume. Users can customize simple input parameters to manage sensitivity, baselines, direction and duration of impact to their business.