• Akamai CPC.We're excited to introduce the new Akamai CPC app for Sumo Logic. This app enables you to monitor threats and respond to them in real time, enforcing compliance for client-side web applications using rich dashboards and Akamai CPC data. Learn more.

• Snowflake Logs. We're excited to introduce the new Snowflake Logs app for Sumo Logic. This app enables you to gain real-time insights into key metrics, query performance, and overall health of the Snowflake environments to optimize operations, support informed decisions, and maximize Snowflake's potential. Learn more.

We're happy to introduce the deactivate and delink option to child orgs, this helps you to deactivate the child org when it is no longer needed and eventually delink it after the 48 hours cooling-off period.

Learn more.

We’re excited to introduce a new dashboard variable type: Scope-Based Variables. Scope-Based Variables act as log filters that can be automatically applied to all or selected panels within a dashboard. This helps you to easily filter data across multiple panels without needing to manually edit each panel’s query to accept the variable. Learn more.

We're excited to introduce the new Palo Alto Networks 11 app for Sumo Logic. This app enables you to analyze traffic and understand your Palo Alto Networks environments. In addition, you can dive deeper into the data, which is broken down by threat detection indicators, malware type, and so on. Learn more.

We're excited to introduce the new Snyk app for Sumo Logic. This app enables you to gain real-time visibility into security vulnerabilities across your software projects and dependencies. This app also helps security and DevOps teams track risk exposure, prioritize remediation, and maintain a strong security posture. Learn more.

AWS is streamlining CloudTrail events for IAM Identity Center to retain only the essential fields needed for audit and incident response workflows. These changes improve user identification and integration with directories like Okta and Microsoft Active Directory, and do not impact CloudTrail events from other AWS services.

• To support this AWS update, Sumo Logic has revised several AWS apps and Cloud SIEM parsers. You are requested to reinstall the affected apps.
• If you use CloudTrail data in the saved searches, dashboards, or detection rules, you are required to update your custom content before AWS enforces the changes on July 14, 2025.

To learn more, see Important changes to CloudTrail events for AWS IAM Identity Center.

Impact following the AWS CloudTrail updates​

AWS is updating CloudTrail events for IAM Identity Center, affecting how user identity data is structured. So, if you are using the updated fields in your Cloud SIEM content or across the Sumo Logic platform, you need to update any saved queries, dashboards, or detection rules to reflect these changes and ensure continued functionality.

Key actions required while updating the AWS CloudTrail include:

• Sumo Logic provided apps must be manually reinstalled to incorporate the updated event field mappings.
• Cloud SIEM parsers have auto-updated and require no customer intervention.

Action plan for Sumo Logic users​

Step 1: Reinstall the relevant Sumo Logic apps​

If you're using any of the following apps that consume CloudTrail data, you must reinstall them:

• Amazon CloudTrail – Cloud Security Monitoring and Analytics
• AWS CloudTrail
• CIS AWS Foundations Benchmark
• PCI Compliance for AWS CloudTrail
• Threat Intel for AWS
• Cloud Infrastructure Security for AWS

To reinstall any of the above apps, follow the steps below:

1. Navigate to the App Catalog.
2. Search for the relevant app.
3. Install to deploy updated content under a new folder.

Step 2: Update the custom saved searches and dashboards​

If you’ve created custom content based on CloudTrail fields, manual field updates as given below will be required to accommodate the new schema:

• Move the userName field from the userIdentity element to the additionalEventData element.
• Remove the principalId field from the schema.
• Move the userId, identityStoreArn, and credentialId fields to the userIdentity element.

For more information on field changes, see AWS Security Blog.

FAQ​

What happens if I don’t update my applications or searches?​

Failure to update your apps, saved searches, or dashboards will result in user-related fields not being parsed correctly. Consequently, visualizations and panels relying on those fields will appear empty or display inaccurate data.

We're excited to introduce the updated version of our partner app for Gigamon Application Metadata Intelligence. This update includes a new set of security-focused dashboards, such as HIPAA Network, PCI Compliance, DevOps API Inventory & Network Insights, DNS & Web Traffic Insights, URL Analysis for Threat Detection, and Rogue Activity, aimed at improving visibility into compliance, network behaviour, and suspicious activities. Learn more.

Previously, we announced that Root Cause Explorer was deprecated. As of 3 June 2025, Root Cause Explorer has reached its end of life and is no longer available.

Learn more here.

Enhancements​

• Classic Apps to Next-Gen Apps Migration. ActiveMQ, IIS 7/8, Kafka, RabbitMQ, Squid Proxy, Strimzi Kafka, and Varnish.

• Updated 13 Azure apps. Azure Application Gateway, Azure App Service Plan, Azure API Management, Azure Cache for Redis, Azure Container Instances, Azure Cosmos DB, Azure Database for MySQL, Azure Database for PostgreSQL, Azure Functions, Azure Kubernetes Service (AKS) - Control Plane, Azure Load Balancer, Azure Virtual Machine, and Azure WebApps.

• Updated 12 OpenTelemetry apps. ActiveMQ - OpenTelemetry, Apache Tomcat - OpenTelemetry, Cassandra - OpenTelemetry, Elasticsearch - OpenTelemetry, JMX - OpenTelemetry, MongoDB - OpenTelemetry, MySQL - OpenTelemetry, Oracle - OpenTelemetry, PostgreSQL - OpenTelemetry, RabbitMQ - OpenTelemetry, Redis - OpenTelemetry, and VMWare - OpenTelemetry.

• Updated AWS Lambda. New use cases added for CloudTrail logs and CloudWatch metrics.

• Source Template updates. Linux, Mac, and Windows.

• Source Template bug fix. Apache, Docker, Kafka, and Nginx.

We're happy to introduce a new way to rotate access keys, as well as a new access keys expiration policy. Together these help to make your account more secure by encouraging regular API key updates.

Learn more.

We're excited to introduce the new Kaltura app for Sumo Logic. This app enables you to gain valuable insights into the critical aspects of your platform operations, such as total entries, user activity trends, and event distributions, helping you monitor, secure, and optimize your content management strategies effectively. Learn more.

We're excited to announce the release of our new cloud-to-cloud source for Snowflake Logs. This source aims to collect the row data from the supported global tables (QUERY_HISTORY, LOGIN_HISTORY, SESSIONS, GRANTS_TO_USERS, DATA_TRANSFER_HISTORY, STAGES, and Custom Events) from the Snowflake platform and send them to Sumo Logic for streamlined analysis. Learn more.

We're excited to announce the release of our new cloud-to-cloud source for Akamai CPC. This source aims to collect CPC-Configs, CPC-Alerts, and CPC-Alert Details data from the Akamai platform and send them to Sumo Logic for streamlined analysis. Learn more.

We’ve launched a new Get Started onboarding page to help you hit the ground running in Sumo Logic. This personalized hub replaces the previous checklist and guides you through key actions such as:

• Ingesting cloud, SaaS, or on-prem log data with just a few clicks.
• Exploring Kickstart Data dashboards with simulated real-world insights—no setup needed.
• Installing curated apps from the App Catalog.
• Using LiveTail to view real-time logs.
• Inviting teammates to collaborate.
• Navigating to the in-app pricing page to upgrade your plan.

This redesigned experience simplifies setup, accelerates time to value, and provides clear next steps to help you make the most of your trial. Learn more.

We're excited to introduce the new Bitwarden app for Sumo Logic. This app enables threat detection and identification of high-risk events such as vault exports or SSO deactivation, supporting continuous monitoring and accelerating incident response for credential and secret management workflows. Learn more.

We're excited to introduce the new Sysdig Secure app for Sumo Logic. With this app, you can gain real-time insights into vulnerabilities, compliance, and threats, making it easier to understand risks, respond quickly, and maintain continuous security and compliance to protect your containerized environments. Learn more.

We're excited to announce provisioning for Sumo Logic using SCIM (System for Cross-domain Identity Management). Now you can automatically provision and deprovision users in Sumo Logic with an identity provider like Microsoft Entra ID, Okta, or OneLogin.

Learn more.

The previously announced automatic conversion of Real-Time Scheduled Searches to 15-minute scheduled searches will not take place.

• Existing Real-Time Scheduled Searches will continue to operate as-is.
• Creating new Real-Time Scheduled Searches remains disabled (since May 29, 2024).
• For new real-time alerting use cases, we recommend using Monitors.

Learn more.

We are happy to announce that you can now create service accounts in Sumo Logic. Service accounts are a special type of account designed for automating processes that use Sumo Logic APIs, such as scripts, integrations, and infrastructure as code. Unlike user accounts, service accounts are not associated with an individual and do not allow for interactive logins.

Learn more.

New release​

We’re excited to announce the release of the following apps for Sumo Logic:

• Amazon Elastic Block Store. Amazon Elastic Block Store (EBS) offers block-level storage for EC2 instances, acting like unformatted hard drives that can be mounted, configured, and persist independently of the instance's lifecycle. It's ideal for applications needing fast, long-term storage such as file systems, databases, and workloads with frequent or large-scale data access. Learn more.
• Azure Kubernetes Service (AKS) - Control Plane. The AKS - Control Plane app collects logs from Azure Kubernetes Service to monitor and manage Kubernetes API activity, gain operational insights, support troubleshooting, and conduct security auditing. Learn more.
• Azure Virtual Machine. The Azure Virtual Machine app collects VM instance metrics and presents them in predefined dashboards, offering insights into CPU, disk, network, cache, and memory performance, as well as audit events related to changes, errors, and user activities. Learn more.
• Google Cloud VPC. The Google Cloud VPC app offers visibility into VPC activities and traffic, with dashboards detailing flow data, IP addresses, ports, protocols, threat intelligence, traffic direction, and related messages. Learn more.
• Google Cloud Storage. The Google Cloud Storage app uses the Google Cloud Audit Logs and Cloud Storage metrics for comprehensive monitoring of logs and metrics, offering dashboards that provide insights into storage usage, request operations, data transfer, authentication, performance, and optimization. Learn more.

AWS Observability Solution v2.12.0​

Enhancements:

• Updated the SAM Lambda runtime from Node.js v20.x to Node.js v22.x.
• Updated the Lambda runtime to Node.js v22.x in the CloudFormation template for AWS CloudWatch Logs with Dead Letter Queue Support.
• Updated the SecurityHub SAM Lambda runtime from Python v3.11 to Python v3.13.
• Updated the Lambda runtime to Python v3.13 in the CloudFormation template for Kinesis Metric Collection.
• Updated the Sumo Logic terraform provider to v3.x.
• Updated the AWS EC2 app - Events (CloudTrail) dashboard.
• Updated 9 apps and 4 monitors to accommodate new Threat Intel feed. AWS Application Load Balancer, AWS API Gateway, AWS Classic Load Balancer, AWS DynamoDB, AWS EC2, AWS Lambda, Amazon RDS, Amazon SNS, and Amazon SQS.

Deprecations:

• Deprecated support for Sumo Logic Mumbai deployment.
• Deprecated the Sumo Logic Root Cause Explorer Sources section, which facilitates the installation of AWS X-Ray Source and AWS Inventory Source via CloudFormation and Terraform solutions.

Enhancements​

• Updated the OpenTelemetry app queries to accommodate the new i471 Threat Intel feed. Apache - OpenTelemetry, Apache Tomcat - OpenTelemetry, HAProxy - OpenTelemetry, IIS 10 - OpenTelemetry, Nginx - OpenTelemetry, PostgreSQL - OpenTelemetry, and Varnish - OpenTelemetry.
• Updated the app queries to accommodate the new i471 Threat Intel feed. AWS API Gateway, AWS Application Load Balancer, AWS Classic Load Balancer, AWS DynamoDB, AWS EC2, AWS Lambda, Amazon RDS, Amazon SNS, and Amazon SQS.
• Classic Apps to Next-Gen Apps Migration. BitBucket, GitHub, Gitlab, Jira Cloud, Opsgenie, PagerDuty V2, PagerDuty V3, Apache, Apache Tomcat, HAProxy, IIS 10, Nginx, Nginx Ingress, Nginx Plus, Nginx Plus Ingress, Application Components Solution, Cassandra, Couchbase, Elasticsearch, MariaDB, Memcached, MongoDB, MySQL, Oracle, PostgreSQL, Redis, SQL Server, and CircleCI apps are migrated from Classic Apps (Legacy) to Next-Gen Apps.
• Released FAQ section with 14 OTRM Source Templates. Windows Source Template, Apache Source Template, Linux Source Template, Mac Source Template, Local File Source Template, Syslog Source Template, Redis Source Template, RabbitMQ Source Template, Docker Source Template, Nginx Source Template, Kafka Source Template, PostgreSQL Source Template, MySQL Source Template, and Elasticsearch Source Template.

We are happy to announce that authorized users can now control the visibility of installed app content. This update allows content administrators and the installing user to configure the roles and users who should be allowed to view the dashboards and log searches that are installed with an app.

For more information about sharing apps, see Content Sharing in Sumo Logic.

We're excited to introduce the new Sumo Collection app for Sumo Logic. By leveraging this app, you can get insights into the health and status of Sumo Logic collectors and sources, allowing you to effectively manage and monitor collectors and sources within Sumo Logic. Learn more.

We’ve made it even easier to access Sumo Logic: you can now sign in using your Google account credentials.

If your email address is linked to a Google account, just click Continue with Google on the sign-in page to authenticate. No setup required.

You can also use Google SSO when signing up for a new Sumo Logic account.

Organizations using SAML or other identity providers will continue to sign in as usual.

Learn more.

We’re excited to announce the general availability of Kickstart Data, a streamlined onboarding experience that includes sample data and prebuilt dashboards. Whether you're starting a free trial or simply spinning up a new account, Kickstart Data makes it easy to understand Sumo Logic's capabilities without needing to ingest your own data first.

• Instant insights. Preloaded data and dashboards show platform value right away.
• No setup required. Skip config steps like firewalls or security permissions.
• Easy handoff. Start using your own data anytime—Kickstart deactivates automatically.

Learn more.

We’re excited to announce a new SumoLogic_ThreatIntel source incorporating Indicators of Compromise (IoC) from Intel 471. Analysts can use this out-of-the-box default source of threat indicators to aid in security analysis.

Learn more.

We're excited to introduce the new Cisco Vulnerability Management app for Sumo Logic. By leveraging this app, security analysts can collect the detected open vulnerabilities and active assets to enable a secure infrastructure. Learn more.

New release​

We’re excited to announce the release of the new Azure Key Vault and AWS Auto scaling apps for Sumo Logic.

• Azure Key Vault. Azure Key Vault is a cloud service that helps you securely store and manage secrets, keys, and certificates. You can use it to protect data for cloud apps and services. This integration helps in comprehensive monitoring of your Key Vault operations, requests, failures, and latency. Learn more.
• AWS Auto scaling. Amazon EC2 Auto Scaling helps you maintain application availability and lets you automatically add or remove EC2 instances using scaling policies that you define. Dynamic or predictive scaling policies let you add or remove EC2 instance capacity to service established or real-time demand patterns. Learn more.

Enhancements​

• Added metrics collection capability for OpenTelemetry collectors. RabbitMQ and Redis.
• Added use cases to monitor EBS volume and snapshots in AWS EC2 apps. AWS EC2.
• Updated the metric collection and dashboard for Google apps. Google BigQuery and Google Cloud Load Balancing.
• Added new dashboards to the Sumo Logic Kickstart Data (Beta) app.
• Updated the queries to accommodate the new threat intel feed. Apache - OpenTelemetry, Apache Tomcat - OpenTelemetry, HAProxy - OpenTelemetry, IIS 10 - OpenTelemetry, Ngin - OpenTelemetry, PostgreSQL - OpenTelemetry, Varnish - OpenTelemetry, Acquia, Azure Web Apps, JFrog Xray, and MongoDB Atlas 6.
• Updated Azure integration from Node.js v18 to Node.js v20. Learn more.

Bug Fixes​

Bugs for the following apps have been fixed:

• Filtering the security groups dashboard in AWS VPC Flow Logs.
• AWS ECS.
• JFrog Artifactory 7 app.

We're excited to introduce the new CyberArk Audit app for Sumo Logic. By leveraging this app, security analysts can monitor, analyze, and visualize audit trails of user activities, security events, and anomalies to enhance security. Learn more.

A new preference setting allows you to open links from the left navigation menu in a new browser tab by default. This feature is available only in the New UI. Learn more.

We're excited to introduce the new Azure Security - Advisor app for Sumo Logic. By leveraging this app, security analysts can quickly assess Azure Advisor’s recommendations, track remediation progress over time, and take action to enhance the security and efficiency of their Azure infrastructure. Learn more.

We're excited to announce the release of our new cloud-to-cloud source for Confluent Cloud Metrics. This source aims to collect metric data from the Confluent Cloud Metrics platform and send them to Sumo Logic for streamlined analysis. Learn more.

We're excited to introduce the new Netskope WebTx app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Netskope WebTx source to collect the web transaction logs from the Netskope WebTx platform. It provides security and IT teams the visibility and insights into web transactions, helping organizations monitor, analyze, and secure their web traffic. Learn more.

We're excited to announce the release of our new cloud-to-cloud source for Sumo Collection. This source aims to collect the list of collectors and their sources using Sumo Logic Collector API and Source API and send them to Sumo Logic for streamlined analysis. Learn more.

We are excited to announce a new Content Management tab that allows MSSP administrators the ability to conveniently push updates to multiple child organizations at once. Learn more.

We’re excited to announce the next milestone in our transition to the New UI. Starting today, the New UI will become the default experience when you sign in to Sumo Logic.

The Classic UI will be retired in 2025. The exact date will be communicated closer to the transition. To ensure you have access to the latest features, performance improvements, and innovations, we encourage you to start using the New UI as soon as possible.

What’s changing?​

• New UI by default. You will automatically log into the New UI when signing in.
• Temporary opt-out. If your org was created before this change, you can switch back to the Classic UI, and future logins will remember your preference.
• New orgs use only the new UI. If your org was created after this change, the Classic UI will not be available.
• MSSP exception. If your org was created through a parent org, you can still switch to the Classic UI.

Improvements since initial release​

Here's what's changed since the last rollout.

• Faster navigation and performance. Improved menu loading, collapsible and resizable subnavigation, and persistent menu state across tabs.
• More intuitive workflows. Open/duplicate log searches, drill into Favorites folders, and set a preference to open menu items in new tabs.
• New features and enhancements. Improved keyboard navigation and UI refinements.
• Bug fixes. Improved org switcher, Library search fixes, and other minor UI updates.

Learn more.

We've introduced three new features to improve your Copilot experience:

Dynamic Conversation Titles​

Copilot now automatically updates conversation titles based on your query, making it easier to track and revisit past investigations. You can also customize it by clicking the pencil icon next to the title.

• Better organization. Conversations now have meaningful names for easy navigation.
• Faster troubleshooting. Quickly find and resume previous investigations.
• More control. Rename conversations to match your workflow.

"Open in Copilot" for Alerts​

We've added an Open in Copilot button to the Alert Response page, allowing you to troubleshoot alerts directly in Copilot. This preserves the alert context, making it seamless to investigate and resolve issues.

• Faster root cause analysis. Jump into Copilot instantly from an alert.
• Context-aware troubleshooting. Maintain alert details while searching logs.

Suggestion Pinning​

Now you can pin Copilot suggestions for easy reference. Just hover over a suggestion and click the pin icon to save it within your conversation.

• Quick access. Keep important suggestions handy for ongoing investigations.
• Improved workflow. No need to scroll back to find key recommendations.

Learn more.

We’re excited to introduce Sumo Logic Threat Intelligence, a powerful feature set that enables Cloud SIEM administrators to seamlessly import indicators of Compromise (IoC) files and feeds directly into Sumo Logic to aid in security analysis. IoCs are individual data points about threats that are gathered from external sources about various entities such as host names, file hashes, IP addresses, and other known targets for compromise.

Once indicators are ingested and appear on the Threat Intelligence tab, Cloud SIEM analysts can use the hasThreatMatch function in Cloud SIEM rules to analyze incoming records for matches to the threat intelligence indicators.

Sumo Logic Threat Intelligence will help you stay ahead of emerging threats and enhance your security posture.

Learn more.

New release​

We’re excited to announce the release of the new Azure Container Instance app and three OpenTelemetry Remote Management source templates for Sumo Logic.

• Azure Container Instance app. Azure Container Instances is a fully managed serverless container service that enables you to deploy and manage containers in Azure without the need for virtual machines. This integration allows you to analyse logs and metrics pertaining to Azure Container Instances. Learn more.

• OpenTelemetry Remote Management. Released MySQL, PostgreSQL, and ElasticSearch OpenTelemetry Remote Management source templates.

Enhancements​

• AWS Serverless Application Models and CloudFormation templates. Updated the following AWS Serverless Application Models (SAMs) and CloudFormation templates with the latest Lambda runtimes:
  • Node.js 22
    • sumologic-loggroup-connector - SAM SemanticVersion: 1.0.15.
    • sumologic-guardduty-events-processor - SAM SemanticVersion: 1.0.6.
    • sumologic-guardduty-benchmark - SAM SemanticVersion: 1.0.17.
    • AWS CloudWatch Logs With Dead Letter Queue
  • Python 3.13
    • sumologic-s3-logging-auto-enable - SAM SemanticVersion: 1.0.17.
    • sumologic-aws-cloudtrail-benchmark - SAM SemanticVersion: 1.0.20.
    • sumologic-app-utils - SAM SemanticVersion: 2.0.20.
    • sumologic-securityhub-collector - SAM SemanticVersion: 1.0.10.
    • sumologic-securityhub-forwarder - SAM SemanticVersion: 1.0.11.
    • Kinesis Metric Collection

We're excited to introduce the new Automox app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Automox source to collect audit and event logs from the Automox platform. It provides security and IT teams with visibility into endpoint management and security. By using this app, teams can improve their security monitoring, streamline endpoint management, and strengthen operational resilience. Learn more.

We're excited to announce the release of our new cloud-to-cloud source for CyberArk Audit. This source aims to collect the audit events from the CyberArk platform using the CyberArk SIEM integrations API and send them to Sumo Logic for streamlined analysis. Learn more.

We've updated the onboarding experience to give you the option to bypass data collection setup and explore the App Catalog instead.

A new Go to App Catalog option now appears in the left-hand menu on the data setup page, allowing you to browse integrations and pre-built dashboards before configuring data ingestion. This change makes it easier to explore Sumo Logic’s capabilities without committing to a full setup.

To learn more, check out our quickstart and signup guides.

Enabling SSO for child organizations makes moving between organizations under your authority much more seamless and convenient. We are excited to announce that single sign-on (SSO) is now automatically enabled when you create child organizations, allowing you to sign in to child organizations without having to provide separate credentials. Learn more.

We're excited to introduce the new Dragos app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Dragos source that collects collect vulnerabilities, notifications, addresses, zones, and assets logs from the Dragos platform. This app helps security analysts to minimize cybersecurity risks, improve operational resilience, and safeguard critical infrastructure from evolving cyber threats. Learn more.

We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumo Logic for streamlined analysis. Learn more.

We're excited to introduce the new Trust Login app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Trust Login source that collects report logs from the Trust Login platform, enabling security analysts to monitor authentication events and user activities, and respond to potential security threats across your organization. Learn more.

We're excited to introduce the new Code42 Incydr app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Code42 Incydr source that collects audits, file events, and user sessions data from the Code42 Incydr platform. This app helps security analysts monitor, detect, and respond to potential data threats across an organization. Learn more.

We're excited to introduce the new JumpCloud Directory Insights app for Sumo Logic. This app provides a comprehensive visibility into authentication events, user activities, and security-related actions within your JumpCloud-managed environment. The pre-configured dashboards can help you to track failed login attempts, privileged access changes, and account lockouts in real-time to improve security and ensure organizational policy compliance. Learn more.

New release​

We’re excited to announce the release of the new Azure Virtual Network app and 11 new OpenTelemetry Remote Management source templates for Sumo Logic.

• Azure Virtual Network. Azure Virtual Network is a service that provides the fundamental building block for your private network in Azure, enabling many types of Azure resources to securely communicate with one other, using the internet, and on-premises networks. This integration helps in monitoring the outgoing and incoming traffic flows, dropped packets, bandwidth consumption, verifying network isolation, and compliance. Learn more.
• OpenTelemetry Remote Management. Released Apache, Docker, Kafka, Linux, Local File, Mac, Nginx, RabbitMQ, Redis, Syslog, and Windows OpenTelemetry Remote Management source templates.

AWS Observability v2.11.0​

This section details the new features and updates in AWS Observability for upgrading your Terraform script or CloudFormation template to version v2.11.0.

• New Features:
  • Amazon RDS app. Added support to analyze and monitor RDS Oracle CloudWatch and CloudTrail logs.
  • Amazon Load Balancer apps. Added support to analyze and monitor Cloudtrail audit event logs for Application Load Balancer, Classic Load Balancer, and Network Load Balancer.
  • Added out-of-the-box monitors for RDS Oracle DB, Application Load Balancer, Classic Load Balancer, and Network Load Balancer. Solution now supports 78 out-of-box monitors.
  • Added support to collect custom metrics namespaces.
  • Added support to subscribe cloudWatch log groups based on AWS tags to Sumo Logic.
  • Added support to filter AWS CloudWatch metrics based on AWS tags.
• Updates:
  • Updated cloudformation helper function with Lambda Runtime to python v3.13.
  • Updated SAM Lambda runtime to python v3.13 with latest library updates.
  • Updated Telemetry Lambda Runtime to python v3.13 with latest library updates.

To learn more, refer the AWS Observability changelog.

Enhancements​

• Added Monitors in OpenTelemetry apps. Jira - App Development, Linux - Cloud Security and Monitoring Analytics, PCI Compliance for Linux, PCI Compliance For Windows JSON, Puppet - App Development, and Windows - Cloud Security Monitoring and Analytics apps are updated with new monitors.
• Integrated Cloud-to-Cloud source creation and app installation. Armis, Asana, Digital Guardian ARC, DocuSign, Dropbox, Druva, Druva Cyber Resilience, Gmail Trace Logs, Microsoft Exchange Trace Logs, Microsoft Graph Identity Protection, Miro, SailPoint, and Zendesk apps are now updated to have integrated Cloud-to-Cloud source creation and app installation.
• Classic Apps to Next-Gen Apps Migration. CIS AWS Foundations Benchmark, Gmail Trace Logs, and Microsoft Exchange Trace Logs apps are migrated from Classic Apps (Legacy) to Next-Gen Apps.
• We have enhanced the following six Cloudtrail Logs based apps:
  • Amazon CloudTrail - Cloud Security Monitoring and Analytics
  • AWS CloudTrail
  • CIS AWS Foundations Benchmark
  • Cloud Infrastructure Security for AWS
  • PCI Compliance For AWS CloudTrail
  • Threat Intel for AWS
• Sumo Logic Kickstart Data. Updated the default time range of all the panels to six hours and added text panels in the dashboards.
• AWS Serverless Application Models. Added support for Sumo Logic Korea deployment by releasing the following SAM:
  • sumologic-aws-cloudtrail-benchmark - Semantic v1.0.19

Bug Fixes​

• Kubernetes Control Plane. Added the quantization_interval filter variable.

We are excited to announce that we are now supporting Sumo Logic's Organizations ("Sumo Orgs") feature for Sumo Logic Flex customers. With this release, Flex customers can effectively group, provision, manage, and monitor the credit usage across multiple organizations, providing greater visibility and control over account structures. Learn more.

We're excited to introduce the new VMware Workspace ONE app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud VMware Workspace ONE source that collects audit logs data from the VMware Workspace ONE platform. This app helps security analysts monitor device compliance, encryption, and overall security status, offering a powerful solution for effective risk analysis, policy enforcement, and device security. Learn more.

We're excited to introduce the time-phased scan budgets for advanced usage management, which helps you to set Daily, Weekly, or Monthly budgets for individual user or a single shared budget for an entire group. Learn more.

We're excited to announce enhancements to how you create and manage access keys.

Personal Access Keys​

The My Access Keys section has been moved out of Preferences to its own tab and renamed Personal Access Keys.

To open the Personal Access Keys tab:

• Classic UI. In the main Sumo Logic menu, select your username and then Preferences > Personal Access Keys.
• New UI. In the top menu select your username, and then under Preferences select Personal Access Keys. You can also click the Go To... menu at the top of the screen and select Personal Access Keys.

Scopes​

You can now create permission scopes for access keys. Scopes limit the API endpoints an access key can be used to call. This allows you to specify only the permissions the access key needs to accomplish a specific task, making the key more secure.

Learn more.

• Symantec Endpoint Security Service. We're excited to introduce the new Symantec Endpoint Security Service app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Symantec Endpoint Security source that collects incident and event logs data from the Symantec Endpoint Security platform. This app provides real-time insights into the log data that allows you to monitor and manage endpoint security in real time, enhancing quick responses to threats. Learn more.

• Jamf. We're excited to introduce the new Jamf app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Jamf source that collects inventory data from the Jamf platform. This app helps security analysts with critical insights into their organization's Jamf environment. Learn more.

We're excited to introduce the new Trend Micro Vision One app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Trend Micro Vision One source that collects alert logs data from the Trend Micro Vision One platform. This app helps you can gain real-time visibility into security events and incidents within your organization's infrastructure, allowing them to detect and react to potential threats quickly. Learn more.

This is an archive of the 2024 Sumo Logic Service Release Notes.

This is an archive of the 2023 Sumo Logic Service Release Notes.

This is an archive of the 2022 Sumo Logic Service Release Notes.

This is an archive of the 2021 Sumo Logic Service Release Notes.