Kubernetes Observability ebook
Monitoring, troubleshooting and securing Kubernetes with Sumo Logic.
2월 24, 2021
The Kubernetes App has been updated to have more entity driven views, and a cleaner, easier to understand set of dashboards. In addition to the dashboards, this release includes OOTB alerts you can use to get going on your Kubernetes monitoring journey.
2월 23, 2021
The Sumo Logic app for Microsoft Teams provides your IT Operations, security and compliance teams out-of-the-box dashboards to ensure that your organization’s security policies are being followed by monitoring user sessions, login activity, administrative activity, client browsers used and bots installed. In addition, these dashboards detect incoming threats via Sumo Logic Threat Intel and minimize/prevent breaches by analyzing user activity patterns.
2월 23, 2021
With this new connection, you can now start getting alert notifications within MS Teams with minimal setup. Sumo Logic provides a pre-built template so you just have to provide the channel name to start getting notifications. Furthermore, you can also get notified in MS Teams, when alerts are automatically resolved within Sumo Logic.
2월 5, 2021
Root Cause Explorer has now been enhanced with support for AWS SNS and SQS namespaces. This allows users to correlate Events of Interest related to SNS and SQS with other parts of an AWS stack to diagnose incidents. In addition, the Top Contributing Entities panel is redesigned for better readability. The Events of Interest detail panel is now redesigned to show time series data in the first tab avoiding an additional click to view time series data in a separate tab. The entity inspector also replaces the Related tab to access logs and dashboards related to the entity in focus. Lastly, Root Cause Explorer now supports cause-impact analysis driven by AWS X-ray traces augmented by an inferred service map.
2월 5, 2021
We are excited to announce support for ECS, ElastiCache and Network Load Balancers as well as 30+ out-of-the-box alerts for all supported services. As part of this release we have documented changes included in each version of our CloudFormation installation template, which will help you understand when to upgrade.
1월 16, 2021
Dashboard (New) now supports a dark style theme for dashboards. Dark Theme makes dashboards pop by putting light colored visualizations and text on top of a darker background. This enables you to build gorgeous dashboards with eye catching contrast. Dark Theme is now GA for all dashboards, and can be opted into at any time by switching the theme setting on any Dashboard (New) dashboard.
11월 17, 2020
The Sumo Logic app for AWS Network Firewall provides security professionals real-time visibility into network traffic and automated correlation of threats surfaced by AWS Network Firewall. This reduces the time to detect, investigate, and remediate security issues. Use this app to correlate threats and events from AWS Network Firewall with events across your infrastructure, application, and security vendors to quickly identify potential threats and indicators of compromise–regardless of the data source or location.
11월 17, 2020
The Sumo Logic app for Auth0 takes advantage of the latest Log Streaming functionality from the Auth0 platform to allow users to visualize key insights like logins, accounts creations and security anomalies at the click of a button. Proactive insights into security threats enable users in Sumo Logic to easily identify suspicious activity and act on it before it turns into a major incident. The categorization of different types of events from signups, logins, MFAs, or recovery enables operational teams to quickly extend the app with custom alerts in Sumo Logic to tailor security response workflows as needed. With Auth0’s contextual depth such as device details or location information, it has never been easier to analyze identity metrics and drive better business decisions such as focusing on segments or prioritizing features based on observed trends.
11월 12, 2020
AWS Lambda extensions (in preview) enable you to more easily integrate directly into the Lambda execution environment to control and participate in the AWS Lambda lifecycle. The Sumo Logic AWS Lambda extension enables you to get instant visibility into the health and performance of your mission-critical applications using AWS Lambda by analyzing function, platform, and extension logs to quickly identify and remediate errors and exceptions.
11월 5, 2020
The Cloud-to-Cloud Integration framework is an extensible system for running fully hosted, pull, and pub-sub based sources. Traditionally, Sumo Logic collection has been push-based, where we expose an endpoint to which data sources or collector agents push data to us. However, many SaaS applications and Cloud Providers expose event data that describe user, system/application activity which is critical for operations monitoring, security, and compliance use cases. The Cloud-to-Cloud Integration Framework is the system by which we provide integrations to these sources and SaaS applications. This release comes with two new Sources, Okta and Netskope. Our existing apps are updated to work with these two new Sources. The Cloud-to-Cloud Integration Framework is an extensible architecture, in which new Sources can be easily added in the future. Check out the Sources we have available in beta.
10월 27, 2020
The Code42 Incydr integration with Sumo Logic allows security teams to monitor file movement and sharing across computers, cloud and email providing an accurate picture of insider threat vulnerabilities. Teams can configure Incydr’s file exposure and exfiltration events into existing Sumo Logic dashboards, or create custom dashboards within Sumo Logic to easily visualize:
10월 12, 2020
The Sumo Logic app for ZeroFOX combines omnichannel protection with Sumo Logic’s operational and business intelligence tools delivers a winning formula for managing and securing the complex technology stack and external exposures that modern organizations face. This dashboard shows ZeroFOX alerting activity by date, network, entity, and rule, as well as total alerting, escalation and takedown activity. Users can also get a quick visualization of total alerts, escalation metrics and takedown activity. Aggregating and visualizing this data in Sumo Logic provides ZeroFOX users a single place to quickly review and respond to threat trends and activity on public-facing networks such as Facebook, GitHub, YouTube, Reddit, Slack, twitter and the dark web.
10월 7, 2020
Sumo Logic’s new & improved alerting provides you with more actionable alerts with rich contextual information that allow you to go from incident notification to resolution more quickly. Our new alerting engine allows for quicker & more accurate detection of issues by analyzing your data streams (Logs or Metrics) in real time. The new engine also ensures that alert noise is kept to the minimum, by deduplicating and auto resolving incidents. The engine also brings improvements to notifications. It allows for better configurability of where, how, and when you want to get notified about issues. It provides rich contextual information as part of notifications, and allows users to customize it to their hearts content which allows them to drill down to issues more quickly. All of these improvements are wrapped inside a unified experience of creating and managing logs & metrics based alerts.
10월 7, 2020Monitoring & Troubleshooting Modern Application Stacks are a challenge with traditional siloed tools. Sumo Logic’s Observability solution provides end to end observability into these application stacks by leveraging Logs, Metrics & Traces, in a seamless & connected way to help DevOps and SRE engineering Monitor, Diagnose and Troubleshoot Issues quickly & effectively.
10월 7, 2020
Monitoring & Troubleshooting Modern Application Stacks are a challenge with traditional siloed tools. Sumo Logic’s Observability solution provides end to end observability into these application stacks by leveraging Logs, Metrics & Traces, in a seamless & connected way to help DevOps and SRE engineering Monitor, Diagnose and Troubleshoot Issues quickly & effectively.
10월 7, 2020Sumo Logic’s new & improved alerting provides you with more actionable alerts with rich contextual information that allow you to go from incident notification to resolution more quickly. Our new alerting engine allows for quicker & more accurate detection of issues by analyzing your data streams (Logs or Metrics) in real time. The new engine also ensures that alert noise is kept to the minimum, by deduplicating and auto resolving incidents. The engine also brings improvements to notifications. It allows for better configurability of where, how, and when you want to get notified about issues. It provides rich contextual information as part of notifications, and allows users to customize it to their hearts content which allows them to drill down to issues more quickly. All of these improvements are wrapped inside a unified experience of creating and managing logs & metrics based alerts.
10월 7, 2020
Sumo Logic Tracing, provides customers best in class cloud-native transactional intelligence for distributed business workflows, by combining telemetry from traces, logs, and metrics in the context of real-time automatically tracked application topology. The solution provides end-to-end visibility into user transactions across services, as well as intuitive integration into performance metrics and logs to accelerate issue resolution and root-cause analysis. All telemetry signals are fully integrated to provide a seamless end-to-end experience during the process of managing and responding to production incidents and to reduce downtime by streamlining root cause analysis. Sumo Logic Tracing supports the OpenTelemetry standard as well as other legacy open standards for tracing and leverages open source componentry from the Cloud Native Computing Foundation (CNCF) to collect distributed tracing data.
10월 7, 2020
Sumo Logic’s updated metrics explorer interface enables faster discovery and visualization of your metrics data. Powered with an upgraded autocomplete and structured query builder, the updated metrics explorer experience decreases the barrier to entry to querying and retrieving your metrics data. Mimicking the Dashboard (New) experience, the updated metrics explorer has extended visualization support to enable you to slice and dice metrics data in many more ways than you could before.
10월 7, 2020
Oftentimes when we receive an alert at 3 AM in the morning, we have our trusty playbooks and pre-built content to help us navigate and start triaging the alert. We use the signal spikes in the playbook to help guide and narrow our search space. With Sumo’s entity driven workflows and embedded entity inspector, you have the ability to follow that spike to the source application or infrastructure component and get an inline peek at the health of that entity and related infrastructure the entity sits on. Once you’ve identified the entity you want to dive into, you can jump right back into the raw logs, metrics, and traces for that component with a click of a button to continue your investigation.
10월 7, 2020
Organizations use a different set of technologies, application stacks and tools for building and running their modern applications. In order to ensure Observability into those systems, it is important to first collect data from these diverse set of sources. To that front, we have expanded our collection to support Open Source collection using telegraf to increase the breadth of technologies we collect metrics from. You can leverage our new Telegraf support to collect data for sources such as Redis, Nginx, JMX and many more (works both inside and outside of kubernetes). Our existing Redis and NGINX apps are now enhanced to leverage logs and metrics. We have also added new apps for JMX and NGINX Ingress Controller, a common component in Kubernetes stacks.
10월 6, 2020Sumo Logic’s Software Development Optimization solution provides DevOps and engineering organizations the ability to benchmark and optimize their software development and delivery performance in real time by automatically enriching, normalizing and correlating data across the entire DevOps lifecycle. The solution can be setup in minutes via Terraform and provides out-of-the-box dashboards and reports of benchmark data based on research from DevOps Research and Assessment (DORA), the observability needed to monitor and quickly remediate issues in CI/CD pipelines and out of the box integrations to collect and analyze data across multiple software development tools such as Jira, GitHub, Jenkins, Bitbucket, PagerDuty and OpsGenie.
9월 11, 2020
With vRealize Operations Manager (vRops) software, you can proactively identify and solve emerging issues with predictive analysis and smart alerts, ensuring optimal performance and availability of system resources - across physical, virtual, and cloud infrastructures. With the Sumo Logic integration for vRops, you can now collect key performance metrics to monitor and troubleshoot the health and performance of your virtual machines, vCenter and ESXi servers.
8월 6, 2020The AWS Observability solution also includes Root Cause Explorer, an AIOps breakthrough that helps on-call staff accelerate troubleshooting and root cause isolation for incidents in their apps and microservices running on AWS by correlating unusual spikes in AWS CloudWatch metrics by incident timeline, AWS account, region, resource type, entities, AWS tags, metric names and more.
8월 6, 2020Powered by 40+ dashboards with signals from AWS CloudWatch logs, AWS CloudTrail logs and AWS CloudWatch metrics, the Sumo Logic AWS Observability solution helps SRE, DevOps and Infrastructure engineers monitor their infrastructure on AWS in a comprehensive and intuitive manner across AWS accounts, regions and resource types down to individual entities.
8월 3, 2020Behavior Insights encompasses three new log search operators to accelerate insights, troubleshooting and action plans using structured logs. About 23% of the daily log ingest volume pertains to JSON data and accounts for a growing share of total log volume. This growth is driven by modern applications and underlying cloud (AWS, GCP, Azure) and orchestrator logs. Behavior Insights helps answer the following questions for SecOps, DevOps and business users:
7월 23, 2020
Dashboard (New) is optimized to create data dense, interactive, and connected visualizations that enable you to troubleshoot through your data efficiently. With the new dashboards, you can easily visualize data across logs and metrics, subset your data with flexible template variables for finer insights, and get deep visual control over the presentation with series overrides and JSON level style controls. In addition, you’ll have access to additional visualizations like honeycomb charts, scatter plots, and bubble charts to fill out your data visualization needs.
6월 15, 2020
The Search Audit Index provides event logs on search usage and other activities for your account. The index allows you to monitor and audit the search queries being run within your account, the types of queries, the users running them, and more. The Enterprise Search Audit App provides pre-built dashboards and reports of the data from the Search Audit Index to help you analyze your current search use and identify areas for improvement.
6월 5, 2020
Global Intelligence for AWS CloudTrail DevOps guides infrastructure engineers, on-call staff and DevOps users to accelerate root cause analysis for incidents through error rate and configuration insights benchmarked from Sumo Logic’s AWS customers for nine AWS services: EC2, Lambda, Auto Scaling, S3, ELB, RDS, DynamoDB, ElastiCache and Redshift. The benchmarks rely on 15 million data points per week from AWS CloudTrail logs and baseline service availability, throttling, account quota and insufficient capacity/out-of-stock errors in 27 AWS regions by AWS service, API,account and instance type. The app recommends configuration improvements to key AWS services based on baseline usage such as memory and concurrency settings for AWS Lambda, provisioned IOPS for DynamoDB and min/max sizes of EC2 Auto Scaling groups.
5월 1, 2020
The Sumo Logic App for Infrequent Data Tiers provides visibility into on-demand search usage and costs associated with Infrequent Data Tier by providing intuitive pre-configured dashboard and searches.Infrequent Data Tiers are an economical, fully managed log analytics solution for high volume, infrequently accessed data. With Infrequent Data Tiers, organizations have a solution that can aggregate, store and analyze verbose sources such as App Debug, CDN, Load Balancer, and other infrequently accessed logs at a dramatically lower price point.
4월 13, 2020
The Sumo Logic App for Zoom provides visibility into how Zoom is being used across your organization, displaying analytics on performance, availability, security, and user activity. The app aggregates and reports on data so you can correlate and investigate trends and respond to incidents across all of your IT tools in a consistent and timely manner.
4월 1, 2020
The Sumo Logic App for Jira Cloud provides insights into how your Jira projects and issues are being managed so as to enable you to be more effective and manage work across multiple teams.
4월 1, 2020
The Sumo Logic App for Bitbucket Cloud provides insights to development teams into how their software delivery pipeline components are performing. The pre-configured dashboards organize issues, builds, and deployments that require the most attention.
4월 1, 2020
The Sumo Logic Atlassian solution leverages data from multiple Atlassian products including Jira Server, Jira Cloud, Opsgenie and Bitbucket Cloud to enable development teams with actionable insights to collaborate more effectively and release secure, high quality code faster.
3월 5, 2020
The Sumo Logic app for Barracuda CloudGen Firewall app provides a dashboard to monitor firewall actions, IP addresses, and rule and application usage.
2월 25, 2020
The Sumo Logic App for Alcide kAudit app helps detect Kubernetes abuse, misuse of Non-compliant Activity and provides enhanced visibility and observability into Kubernetes audit logs.
2월 24, 2020
The ARIA Packet Intelligence app provides visualization and profiling of all internal network traffic, within a Sumo environment, to detect possible threats and verify connectivity policies.
2월 17, 2020
Amazon GuardDuty is a threat detection service that monitors AWS accounts for 50+ threats representing unusual EC2 and IAM activity. Following up on version 2.0 announced at Illuminate 2019, Global Intelligence for Amazon GuardDuty 3.0 helps SecOps users pinpoint Amazon GuardDuty findings that are unusual compared to a population of Sumo Logic customers. Many customers, including Rakuten Rewards and Thoughtworks report that such global comparisons help them reduce noise and focus remediation efforts on the most important GuardDuty findings. In addition to a redesigned application user experience, in this release, Global Intelligence for Amazon GuardDuty has added support for a continuously updated threat score. The threat score is computed based on the count, severity and unusualness of GuardDuty findings and represents security posture in single number: 0 implying low risk, 100 high risk.
2월 17, 2020
Global Intelligence for AWS CloudTrail helps SecOps users pinpoint AWS activity and configuration changes evident in AWS CloudTrail logs that are unusual compared to a population of Sumo Logic customers. Such activity and configuration changes are curated from AWS penetration tests and reflect known breach tactics; remediating them will reduce breach risk for customers. In this release, the application covers 7 of the most used AWS Services (EC2, S3, IAM, RDS, Redshift, Lambda and CloudTrail), computes baselines for 40+ breach risk signals and prioritizes remedial actions based on how unusual a customer's CloudTrail activity is compared to their peer group.
12월 4, 2019
Sumo Logic now supports collection of Kafka metrics as part Amazon MSK’s Open Monitoring to help you monitor and troubleshoot managed Kafka clusters in AWS.
12월 4, 2019
AWS Lambda provides Provisioned Concurrency for greater control over the start-up time of your AWS Lambda functions. Sumo Logic now supports collection of Provisioned Concurrency metrics to monitor the performance of your pre-initialized Lambda functions
12월 3, 2019
The Sumo Logic AWS Security Quick Start solution helps you automate the collection of security events from AWS security services and the installation and configuration of several Sumo Logic apps designed for AWS Security.
11월 5, 2019
The Sumo Logic App for Acquia provides visibility into the key components of the Acquia platform with preconfigured dashboards for Apache, Varnish, PHP, FPM and Drupal to help you move to a proactive approach towards monitoring your websites as well as reduce the mean time to identify and resolve issues.
11월 1, 2019
Sumo Logic now supports collection of container logs from AWS ECS containers launched with either AWS Fargate or EC2 with AWS FireLens to help you troubleshoot and investigate application issues.
10월 15, 2019
The enhanced CrowdStrike Falcon App provides visibility into the security posture of your endpoints as analyzed by the CrowdStrike Falcon platform deployed in your network. The app supports JSON based event collection and allows you to analyze indicators of compromise (IOCs) by affected users, tactic, technique, and objective, and identify hosts on your network with the highest malware detections. The dashboards in this app also help identify malware, which you can drill down to investigate malicious behavior.
10월 14, 2019
The Sumo Logic App for Palo Alto Networks 9 has out-of-the-box dashboards that provide extensive security analytics to monitor, detect and investigate threats as well as monitor traffic patterns to detect anomalous behavior and identify configuration changes, system events, and user activities that violate your organization’s security policies.
9월 10, 2019
The Sumo Logic Kubernetes Apps provide visibility into Kubernetes worker nodes, application logs as well as visibility into the Kubernetes control plane including the API server, scheduler, and controller manager. The apps are a single-pane-of-glass through which you can monitor and troubleshoot container health, replication, load balancing, pod state, hardware resource allocation for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets. The apps also utilize Falco to monitor and detect anomalous container, application, host, and network activity as well as to monitor Kubernetes audit events.
9월 10, 2019
Metrics transformation rules allow you to aggregate metrics at collection time and specify a separate retention period for the aggregated metrics.
Metrics transformation rules are useful when:
9월 10, 2019
Data enrichment is the process of adding context to your data so you have more control and an easier time referencing data in your monitoring and troubleshooting workflows. Data enrichment for logs gives customers the ability to describe their log data in a natural and intuitive way by mapping their mental model of how they think about logs to simple key-value pairs. Sumo Logic has extended the already extensive metadata support of metrics to log data, including automatically capturing metadata from integrations - including the new Kubernetes solution. With this new capability customers can freely tag their logs with simple key-value pairs, helping them investigate and solve issues faster. Customers can set their own fields at the collector level, source level, or on a log-by-log basis using HTTP headers. Once the logs have been enriched with these tags, customers can use those tags in search queries, dashboards and alerts.
9월 10, 2019
Explore for Kubernetes provides a visual map of the hierarchy of your Kubernetes environment through which you can intuitively navigate. You can filter the display to focus on deployments, nodes, services, or namespaces. Explore accomplishes this by translating metadata fields into an easy to understand mental model so you can quickly check system states at various levels and proactively troubleshoot issues.
9월 10, 2019
The Sumo Logic App for Amazon EKS - Control Plane App provides visibility into the EKS control plane with operational insights into the api server, scheduler, control manager, and worker nodes. The app’s preconfigured dashboards display resource-related metrics for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets.
9월 10, 2019
The Sumo Logic App for Azure Kubernetes Service (AKS) - Control Plane provides visibility into the AKS control plane with operational insights into the API server, scheduler, control manager, and worker nodes. The app's preconfigured dashboards display resource-related metrics for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets.
9월 10, 2019
The Sumo Logic App for Google Kubernetes Engine (GKE) - Control Plane allows you to monitor resource-related logs and metrics for Kubernetes deployments, clusters, namespaces, pods, containers, and daemonsets. The app provides visibility into the GKE control plane with operational insights into the api server, control manager, and worker nodes. This App works in conjunction with Sumo Logic Kubernetes app, that provides visibility into worker node metrics and application logs.
9월 10, 2019
The Sumo Logic App for StackRox helps customers detect, investigate, and remediate vulnerabilities, insecure configurations, compliance
violations, and runtime threats across all containers and Kubernetes environments.
9월 10, 2019
The Sumo Logic App for Twistlock provides a comprehensive monitoring and analysis solution for detecting vulnerabilities and potential threats within your Kubernetes and containerized environments.
9월 10, 2019
The Sumo Logic App for MongoDB Atlas allows you to monitor database operations, performance KPIs and provides visibility into the security posture of your clusters. with the following dashboard types:
9월 10, 2019
The Sumo Logic App for JFrog Xray provides visibility into the state of artifacts and components in your JFrog Artifactory repository.
9월 10, 2019
The Sumo Logic App for Istio provides visibility into the health and performance of Istio and its control plane components, including Mixer, Galley, Citadel, Pilot and Envoy. App dashboards also allow you to monitor how services and applications are performing in Istio Mesh, providing insights into service latency, errors, network traffic, and request workloads.
9월 10, 2019
The Sumo Logic App for CircleCI tracks and visualizes analytical data across all of your jobs.
9월 10, 2019
The Sumo Logic App for Spinnaker provides customers with the ability to monitor the health and productivity of their end-to-end software delivery process through live dashboards. Customers will gain at-a-glance visibility and longitudinal trends in usage and pipeline deployments across all dev, staging, and production environments.
9월 10, 2019
The Sumo Logic App for Aqua Security provides users with a holistic cyber-security monitoring and forensics solution for containerized and cloud native environments.
9월 10, 2019
The Sumo Logic App for Slack provides monitoring and data analytics for Slack users, channels, access logs for workspaces with free, standard, plus and enterprise plans.
9월 10, 2019
The Cisco Meraki app provides a single-pane-of-glass for monitoring and troubleshooting network security, end-to-end performance, switch port management, and device management of your Cisco Meraki wireless infrastructure management platform.
9월 1, 2019
We've broadened support for tag-based filters and queries for AWS CloudWatch metrics. This feature enables you to use AWS CloudWatch metadata for three important capabilities
8월 1, 2019
This new feature allows you to track and control how much data is ingested into Sumo Logic and avoid overages in your environments where data ingestion can spike unexpectedly. With Ingest Budgets, you can create budgets with thresholds that either cap ingestion to a daily limit or simply alert whenever the threshold is exceeded.
You can protect yourself against unexpected ingest spikes by creating an Ingest Budget with your preferred limit and assign a group of collectors to that budget. Each collector consumes the budget as a shared pool of capacity. Once a budget passes your specified threshold, you can get an alert. Once the budget is exceeded, collection will be stopped for each collector associated to the budget, if desired.
7월 12, 2019
The enhanced Jenkins App allows you to monitor multiple Jenkins master nodes, Jenkins config changes, jobs, builds and logins and helps you quickly troubleshoot the root cause of application test failures.
6월 26, 2019
The Sumo Logic Global Intelligence Service for Amazon GuardDuty analyzes globally active threats detected by the Amazon GuardDuty service to provide crucial insights and context into how an organization’s overall threat profile differs from industry peers and identifies rare or critical threats operating in the organization's environment.
What can security benchmark on AWS do for you?
6월 6, 2019
The new Enterprise Audit Event Index provides additional events and event information in JSON format. These messages provide more context on the interactions and events occurring within your account allowing administrators an easy way to reconstruct the series of user interactions that led to an object’s current state. Additionally, the new Enterprise Audit Apps present information on account management activities, user activities, as well as management of library content (searches, dashboards/reports, and folders) for your Sumo Logic account. This new Audit Event Index and the associated Apps are available to any Customer on a Sumo Logic Enterprise Plan.
5월 13, 2019
Docker Enterprise Edition (Docker EE) is an industry standard container platform, running modern container orchestration engines such as Kubernetes behind the scenes. Docker EE is designed for enterprise development and IT teams who build, ship, and run applications in production scale environments. The Docker EE App facilitates monitoring and troubleshooting distributed microservice based applications running in Docker containers. The app enables you to correlate events across the Docker platform and application containers and detects anomalous patterns for faster root cause analysis.
5월 2, 2019
The Barracuda WAF App analyzes traffic flowing through the Barracuda WAF and provides pre-configured dashboards that allow you to monitor WAF traffic as well to analyze various types of attacks detected both by Barracuda and Sumo Logic’s own Threat Intelligence database.
4월 2, 2019
The enhanced G Suite App allows you to monitor and analyze activities across all G Suite applications and G Suite Alert Center. Comprehensive dashboards display information about administrative and user activities, Google Drive usage, and logins. Dashboards also provide full visibility into alerts from G Suite Alert Center, allowing you to monitor, investigate and correlate alerts across all G Suite activity.
3월 21, 2019
The IIS App monitors the performance and reliability of your Microsoft Internet Information Services (IIS) infrastructure, identifying customer-facing and internal operational issues. This app also provides the ability to monitor customer paths and interactions, so you can analyze how customers are using your applications.
3월 6, 2019
The Sumo Logic App for Carbon Black provides visibility into key endpoint security data from Carbon Black Response and Defense with preconfigured dashboards for alerts, threats intelligence, feeds, sensors, alerts, users, hosts, processes, IOCs, devices, and network status.
3월 2, 2019
The Cylance App enables you to analyze Cylance security events by type, status, and detection method. You can use the App to investigate Cylance-specific events and provide operational visibility to team members without logging into Cylance.
3월 1, 2019
The Netskope App provides visibility into the security posture of your applications and helps you determine the overall usage of software and SaaS applications.Netskope is a Cloud Access Security Broker (CASB) hosted in the cloud. The Netskope product is primarily used for enforcing security policies for cloud-based resources, such as Box and Microsoft Office 365.
2월 28, 2019
The Cloudflare App provides a set of dashboards that make analyzing Cloudflare logs easy, helping you to understand events and trends from your websites and applications on the Cloudflare network. Logs are gathered from all 160+ Cloudflare data centers in near real-time and can be combined with other data sources, such as your origin data, to provide unique insights and help you improve the performance and security of your websites and applications.
2월 14, 2019
This new set of User and Role Management APIs allows customers to programmatically create and manage users and roles, thereby making it easy to integrate Sumo into existing company onboarding and offboarding workflows.
2월 7, 2019
The Sumo Logic App for VMware collects unified logs and metrics (ULM) from the VMware cloud computing virtualization platform, including vCenter Server, vSphere, ESX/ESXi, and individual virtual machines, for real-time display in predefined dashboards. The dashboards allow you to monitor your entire VMware cloud computing virtualization platform, with insight into key events and metrics such as VM CPU, memory, disk utilization, under-provisioned physical hosts, and idle VMs. This enables you to determine capacity constraints and troubleshoot operational issues related to over-provisioning, changes to configuration, and VM movement.
2월 1, 2019
The Sumo Logic App for F5 BIG-IP Local Traffic Manager (LTM) helps you optimize and secure network traffic patterns coming into your data center using the F5 BIG-IP platform. This App analyzes traffic flowing through the F5 Local Traffic Manager (LTM) and automatically detects threats using Sumo Logic Threat Intel. The App provides pre-configured dashboards that allow you to monitor traffic details by application, facility, pool, active and non-responding hosts, connections, and logins. It also reports LTM CPU, disk usage, and outliers in LTM activities and traffic patterns.
1월 30, 2019
Metrics now supports Single Value Charts. A single value metric chart is useful for summarizing a time series in a single value, and making that value stand out at a glance.
12월 12, 2018
The Sumo Logic App for PagerDuty V2 collects incident messages from your PagerDuty account via a webhook, and displays incident data in pre-configured Dashboards that allow you to monitor and analyze the activity of your PagerDuty account and Services. The Sumo Logic App for PagerDuty V2 uses Webhooks V2, to provide enhanced context for alert object models.
12월 4, 2018
Azure Active Directory is a cloud-based directory and identity management service that provides directory services, application access management, and identity protection. The Sumo Logic App for Azure helps you monitor activity in the Azure Active Directory. The dashboards provide insight into role management, user management, group management, successful and failed sign-in events, directory management, and application management data that helps you understand your users’ experience.
12월 1, 2018
Aurora MySQL ULM is a unified logs and metrics (ULM) app for your Aurora MySQL database. The app allows you to monitor slow queries executing on the database, the number of connections made, identify users, client hosts, and client locations used to connect to database. The app also provides insights for queries executed per second, CPU utilization, free memory, network utilization, volume read and write IOPS, replica lags, latency, throughput, failed login / connection attempts, and other health and performance related data.
11월 28, 2018
The Sumo Logic App for AWS Security Hub leverages findings data from Security Hub and visually displays security state data in Dashboards. The dashboards provide a high-level view of findings, showing the type, when they occurred, the resources that were affected, their severity, and their distribution, showing the current security and compliance status of an aws account from all sources.
11월 27, 2018
An update to the Sumo Logic App Amazon VPC Flow Logs was released today. The updated app supports a new collection method. You can now Collect Amazon VPC Flow Logs using AWS S3 Source. The alternative Lambda-based collection method is enhanced: you can filter internal traffic logs, and customize your VPC flow logs with the following AWS attributes: vpc-id, subnet-id, aws-region, security-group-ids, and direction. The updated app also includes a new “Security Groups” dashboard.
11월 15, 2018
Aurora PostgreSQL ULM is a unified logs and metrics (ULM) app for your Aurora PostgreSQL database. The app allows you to monitor the number of connections made, CPU utilization, free memory, network utilization, volume read / write IOPS, disk queue depth, replica lags, latency, throughput and other resource utilization details. With Cloudtrail logs, the app allows you to identify user, client host and client locations being used to configure Aurora PostgreSQL infrastructure.
11월 6, 2018
Sumo’s HTTP source now supports the Prometheus format, so you can ingest Prometheus metrics directly into Sumo Logic. We’ve also released a handy open source tool for sending Prometheus-formatted metrics to Sumo Logic.
11월 6, 2018
Google Cloud Platform (GCP) firewall rules let you allow or deny traffic to and from VMs in a Google VPC network. The Sumo Logic app for Google Cloud Firewall helps you monitor request activity and the effect of your firewall rules. The preconfigured dashboards provide insight into ingress and egress request traffic, including the location of allowed and denied requests, allowed and denied requests over time, and the top networks, subnetworks, and VMs by allowed and denied ingress requests.
11월 2, 2018
The Sumo Logic App for PostgreSQL is a unified logs and metrics app for monitoring your PostgreSQL database. The app provides operational insights into the PostgreSQL database—installed on your local hardware—for real time analysis, helping you to troubleshoot issues before they become serious problems.
10월 1, 2018
The Sumo Logic App for Jira provides insight into Jira usage, request activity, issues, security, sprint events, and user events.
10월 1, 2018
The Sumo Logic App for Puppet helps you monitor Puppet metrics and events, which means that you can easily determine when Puppet runs occurred.Track service and applying times for each run.Find out how often resources have changed, skipped, failed to update, or are out-of-sync.Find out the root cause of issues by correlating puppet runs with metrics from other components in your infrastructure.
9월 26, 2018
The Sumo Logic App for Payment Card Industry (PCI) Compliance for Palo Alto Networks offers dashboards to monitor firewall traffic activity for compliance with PCI requirements 01, 02, and 04.
9월 22, 2018
Palo Alto Networks (PAN) 8 provides a next generation firewall and the Traps Endpoint Security Manager. The Sumo Logic app for Palo Alto Networks 8 gives you visibility into firewall and traps activity, including information about firewall configuration changes, details about rejected and accepted firewall traffic, traffic events that match the Correlation Objects and Security Profiles you have configured in PAN, and events logged by the Traps Endpoint Security Manager.
9월 16, 2018
9월 12, 2018
Sumo Notebooks provide a way to seamlessly access data stored in Sumo Logic for the purpose of data exploration and statistical analysis. The notebooks provide an interactive way to gain and share insights of a dataset. Built on top of Apache Zeppelin and Jupyter, Sumo Notebooks provide a state-of-the-art user experience coupled with access to the most recent machine learning frameworks such as Apache Spark, TensorFlow and other tools to unlock the value of machine data.
9월 3, 2018
AWS Web Application Firewall (WAF) is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
The Sumo Logic App for AWS WAF analyzes traffic flowing through AWS WAF and automatically detects threats via Sumo Logic Threat Intel. The App provides pre-configured dashboards and searches that allow you to monitor threat and traffic details by client IP, allowed and blocked traffic, malicious IPs, threat actors, location, rules configured, trends and more.
9월 2, 2018
S3 Event Notifications with AWS Sources is a new addition to Sumo’s S3 integration which combines scan-based discovery and event-based discovery into a unified integration that gives you the ability to maintain a low-latency while collecting logs from S3 and provides assurances that no data was missed or dropped. When you enable event-based notifications, S3 automatically notifies Sumo Logic that new files are added.
9월 1, 2018
The new Subquery operator allows a user create complex filtering conditions within the same query. It’s also valuable when you don’t know the necessary data to restrict the scope of the query, but another query could return the right conditions. For example if CrowdStrike identifies a threat, you can correlate the time of that attack with your Windows Events from the time of that threat.
8월 30, 2018
The Sumo Puppet module downloads the sumo logic collector agent from the Internet and installs the Sumo Collector agent. The module also allows sources to be created during installation and updated afterwards. Currently, the module only supports the installation of latest collector version.
8월 22, 2018
Duo Security provides two-factor authentication, endpoint remediation, and secure single sign-on tools. The Sumo Logic App for Duo Security helps you monitor your Duo account’s authentication logs, administrator logs, and telephony logs. The dashboards provide insight into failed and successful authentications, events breakdown by applications, factors, and users, geo-location of events, admin activities, outliers, threat analysis of authentication, and administrator events.
8월 14, 2018
The Sumo Logic Terraform provider enables better automation of Hosted Collector and Source creation.
7월 25, 2018
Azure SQL Database is a managed relational cloud database service. The Sumo Logic app for Azure SQL helps you monitor activity in Azure SQL. The preconfigured dashboards provide insight into resource utilization, blocking queries, database wait events, errors, runtime execution stats, and other database analytics.
7월 3, 2018
Our Docker Stats source collects metrics about the the Docker Containers. This provides visibility into resource consumption of Docker containers. Historically these have been ingested as logs however now we support ingesting this data in the Carbon 2.0 metric format.
6월 9, 2018
Logs and metrics for most Azure services can be exported to Azure Storage Account as block blobs. This new Sumo integration provides an event-based pipeline for shipping monitoring data from Azure Blob Storage to an HTTP source on Sumo Logic. This solution is good for monitoring Azure services that do not support exporting logs to Azure Monitor, for example, Azure Web Apps and Azure Storage Accounts.
6월 1, 2018
Amazon Redshift is Amazon’s data warehousing service. The Sumo Logic App for Amazon Redshift ULM helps you monitor activity in Amazon Redshift. The app is a unified logs and metrics application with preconfigured dashboards provide insight into database connections, SQL command and statement execution, database user account events, CloudTrail events, and resource utilization by node and cluster.
5월 10, 2018
Search Templates allows organizations to map their business process and playbooks to Sumo content much more quickly and efficiently in order to accelerate the information discovery and gain insights that help them make better business decisions.
5월 10, 2018
The Sumo Logic app for Squid helps you monitor activity in Squid Proxy. The preconfigured dashboards provide insight into served and denied requests; HTTP response codes; URLS experiencing redirects, client errors, and server errors; and quality of service data that helps you understand your users’ experience.
5월 3, 2018
We’ve updated the ability to share commonly used assets such as searches and dashboards in a secure, fine-grained and flexible role-based access control (RBAC) model. Content Sharing allows users to selectively share and collaborate on dashboards and searches with specific users or roles. Administrators can manage dashboard and searches created by other users and highlight key content to specific users and groups.
5월 1, 2018
The Sumo Logic App for AWS CloudTrail helps you monitor your AWS deployments, with predefined dashboards that present user and administrator activity, network and security information, CloudTrail console logins, and information about your S3 buckets and public objects.
Optimization in the queries and more add-on information to help users monitor effectively.
New use cases added to monitor S3 public objects/buckets.
5월 1, 2018
The Sumo Logic App for AWS Lambda ULM is a unified logs and metrics (ULM) app that helps you monitor the operational and performance trends in the Lambda functions in your account.
5월 1, 2018
Sumo Logic has partnered with Neustar, an industry-leading IP intelligence provider, to deliver a more accurate database for geolocating IP addresses in your log messages. This helps you more confidently detect suspicious logins, maintain regulatory compliance, analyze end-user behavior and more based on the locations of connecting devices.
4월 6, 2018
The Sumo Logic App for Oracle provides insight into the health and activity of your Oracle database. The app consists of predefined dashboards that present information about errors, ORA messages, listener activity, connections, security monitoring, the syslog and XML audit trails and performance monitors from oracle system tables and views.
4월 5, 2018
The Sumo Logic app for Google BigQuery helps you monitor data and activity in your BigQuery data warehouse. The preconfigured dashboards provide insight into the projects, operations, queries, user management operations, user activities, and billed GBs in BigQuery.
4월 5, 2018
The Sumo Logic app for Google Kubernetes Engine helps you monitor activity in Google Kubernetes Engine, providing node-level and pod-level monitoring information. The preconfigured dashboards provide insight into Kubernetes events, errors and activity; pod scheduling; created and killed resources; and severity messages.
4월 5, 2018
The Sumo Logic app for Google Cloud Storage helps you monitor activity in Google Cloud Storage. The preconfigured dashboards provide insight into request locations, bucket and object operations, user activities, errors, and bucket statistics.
4월 5, 2018
The Sumo Logic app for Google Cloud SQL helps you monitor your usage of Google Cloud SQL. The preconfigured dashboards provide insight into created and deleted resources, messages, authorization failures, user activities, and error logs.
4월 5, 2018
Google Compute Engine is the Infrastructure as a Service component of Google Cloud Platform that delivers virtual machines running in Google’s data centers and worldwide fiber network. The Sumo Logic App for Google Compute Engine helps you monitor your infrastructure by providing preconfigured dashboards that allow you to view the activities, users, message severity of your Google Compute Engine infrastructure.
3월 28, 2018
The Sumo Logic App for Google Cloud VPC provides visibility into the activities, traffic, metrics, and VPC flow in your GCP. The preconfigured dashboards provide you details on the VPC flows, latency, traffic, source and destination IP addresses, ports, protocols, and messages.
Monitoring, troubleshooting and securing Kubernetes with Sumo Logic.
Get the first and only industry report that quantitatively defines the state of the modern application stack and its implication to the growing technology, process and culture shift amongst enterprises adopting Cloud and DevSecOps.