Skip to main content

We're excited to announce the release of the new Cisco Meraki - C2C app for Sumo Logic. This app uses the Sumo Logic Cloud-to-Cloud Cisco Meraki source and helps you to effectively manage and optimize your network performance, enhance security, and proactively respond to potential threats. Here are some of the key features that this app offers:

  • Comprehensive Organization Insights. Gain valuable insights into your organizational configuration and operations, including API adoption, configuration template usage, and product distribution.
  • Event Analysis and Trend Identification. Analyze your network events based on type, client associations, and SSIDs. You can identify event patterns and trends to understand network activity and potential security risks.
  • Client and SSID Monitoring. Monitor your client activity and their association with specific SSIDs to keep track of your client's behaviour and network usage for effective management.
  • Air Marshal Security Overview. Provides wireless intrusion detection and prevention by monitoring your security status and identifying potential vulnerabilities in the network.
  • Enhanced Security Measures. Prioritize your security efforts by identifying top clients and destinations based on security events and take proactive steps to protect the network and mitigate potential threats.

Check out our technical documentation here to learn how you can set up and use the Cisco Meraki - C2C app for Sumo Logic.

We're excited to announce the release of the new Mimecast app for Sumo Logic. This app leverages Sumo Logic Cloud-to-Cloud Mimecast source to leverage advanced security monitoring and analytics capabilities for Mimecast data. Here are some of the key features that this app offers:

  • Email Traffic Monitoring. Monitor message traffic for both delivered and received emails with a detailed overview of each stage.
  • Threat Detection Monitoring. Monitor logs regarding messages with malicious attachments, user activity, and threat detection within the orgaization users.
  • Data Loss Monitoring. Monitor data loss resulting from breaches and malicious attacks.

Check out our technical documentation here to learn how you can set up and use the Mimecast app for Sumo Logic.

We're excited to announce the release of the new Proofpoint TAP app for Sumo Logic. This app helps you to strengthen your security posture by providing comprehensive visibility and analysis of messages and clicks on malicious URLs. Here are some of the key features that this app offers:

  • Message Protection. Provides sophisticated email analysis techniques and helps you to identify malicious emails, such as those containing malware, ransomware, or phishing attempts.
  • URL Defense. Analyzes URLs in real-time and helps you identify malicious websites or links used for phishing or spreading malware.
  • Attachment Defense. Examines your email attachments for potential threats, including infected files or documents containing macros that can execute malicious code.

Check out our technical documentation here to learn how you can set up and use the Proofpoint TAP app for Sumo Logic.

Our new Data Access Level feature enables you to control the data that your users see in the shared dashboard, which is governed by the user's role search filter. Based on how you configure the data access level, the role search filter affects the data that users can see.

Here are some of the key features that this feature offers:

  • Newly created dashboards run with the Viewer's role search filter with whom the dashboard is shared.
  • Template variable substitutions will be quoted if they contain any non-alphanumeric characters to prevent the viewer from performing subqueries or widening the scope of a query.

Check out our technical documentation here to learn more about data access level.

We're excited to announce the release of the new Cato Networks app for Sumo Logic. This app leverages Sumo Logic Cloud-to-Cloud Cato Networks source to provide real-time insights into the events and helps you to identify potential security threats with admin activities. Here are some of the key features that this app offers:

  • Security event analysis. This app provides a holistic view of event-related metrics and insights, which helps you to detect and respond to security threats in the Cato Networks environment.
  • Threat analysis. This app offers a comprehensive overview of threat-related information that allows you to understand and address potential risks effectively, thereby supporting risk management and response strategies.
  • Audit summary. This app includes pre-built reports and visualizations of audit logs which facilitates effective monitoring, analysis, and identification of any unusual or suspicious activities within the system.
  • Customization and Integration. Customize and tailor your dashboards, reports, and alerts to align specific monitoring and security needs. It also supports integration with other security tools and platforms, enabling a centralized view of the overall security landscape.

Check out our technical documentation here to learn how you can set up and use the Cato Networks app for Sumo Logic.

We're excited to announce the release of the new Palo Alto Cortex XDR app for Sumo Logic. This app leverages Sumo Logic Cloud-to-Cloud Palo Alto Cortex XDR source to provide visibility and analysis of alerts and incidents from the Palo Alto Networks Cortex XDR platform. Here are some of the key features that this app offers:

  • Real-Time Monitoring. Gain real-time visibility into security events and incidents across your organization's infrastructure. Monitor and analyze alerts, threats, and suspicious activities to detect and promptly respond to potential threats.
  • Interactive Dashboards. Explore interactive dashboards that provide a holistic view of alerts, incidents, and threat intelligence. Visualize data with pre-built charts, graphs, and tables to understand trends, patterns, and anomalies.
  • Incident Management. Streamline incident management processes by tracking security incidents. Monitor incident status, and collaborate with your security team for effective incident response.

Check out our technical documentation here to learn how you can set up and use the Palo Alto Cortex XDR app for Sumo Logic.

We've updated the legend statistics to improve your experience with chart legends and chart tooltips in Time Series visualizations. It lets you visualize aggregate data for your time series. You can simply navigate to the Legend section in the Settings panel on the right-hand side and choose the desired options from the Display values menu.

legend-stats.png

Enhancements & Updates

Added aggregation statistics options

When it comes to selecting the statistics you want to display, you have a variety of options to choose from. Here is the list of available aggregation statistics.

  1. Latest (default). Shows the most recent value.
  2. Average. Displays the average value.
  3. Min(default. Shows the minimum value.
  4. Max(default). Displays the maximum value.
  5. Sum. Shows the total sum of values.
  6. Count. Displays the count of data points.

By default, when you create a panel in the Metrics view, a default selection of statistics is applied. However, if you are creating a panel in the Dashboard view, no default selection will be applied.
aggregating-stats.png

Added display options and sorting functionality

Display Format

Now, you have two display formats to choose from: List and Table. Let's take a closer look at how they work.

  • List View. The statistics are displayed in bold text right after the time series name, giving you a clear and concise overview of your data.legend-stats.png
  • Table View. The statistics are displayed in separate columns for a structured representation. table-view.png

Default Format

  • When creating a panel in the Metrics view, the default format is Table.
  • For panels in the Dashboard view, the default format is List.

Rounding

  • To enhance readability, statistics values are rounded to 2 significant digits.
    rounding.png

  • If you need access to the exact unrounded values, you can find them in the tooltips.
    unrounded.png

Sorting

Sorting your data is now easier than ever.

  • In List View, time series are sorted based on their names.
  • In Table View, the default sorting is based on time series names.

Additionally, Table View allows sorting based on statistics. To sort, click on a statistic title in the table header.

  • One click to enable ascending order.
  • Two clicks to enable descending order.
  • Three clicks to disable sorting.

We're excited to announce the release of the new Microsoft Graph Security app for Sumo Logic. This app leverages Sumo Logic's Cloud-to-Cloud Microsoft Graph Security source identify security threats and helps you to improve web security posture, proactively detect and mitigate potential security risks, and improve compliance with security policies and regulations.

Check out our technical documentation here to learn how you can set up and use the Microsoft Graph Security app for Sumo Logic.

We're excited to announce the release of the new MS Graph Azure AD Reporting app for Sumo Logic. This app leverages Sumo Logic Cloud-to-Cloud MS Graph Azure AD Reporting source to provide insights into usage of Azure AD platform and identify potential security issues. Here are some of the key features that this app offers:

  • Analyze Audit Activities. Provides real-time user activity for every resource category and shows the distribution of audits by operations and services.
  • Monitor Sign-In activities. Monitor sign-in activities for your organization, including the number of successful and failed sign-ins, sign-ins by user location, sign-ins by application, and sign-ins from risky countries.
  • Identify Suspicious Activities. Identify suspicious activity, such as sign-ins from unfamiliar/risky locations or multiple sign-in attempts.
  • Analyze Provisioning Activities. Provides distribution of provisioning activities by status, actions, and initiators. It also shows the most frequent service principals used while provisioning.

Check out our technical documentation here to learn how you can set up and use the Asana App for Sumo Logic.

We're releasing a new app called Rapid7 app that leverages Sumo Logic Cloud-to-Cloud Rapid7 source. It enables you to obtain a deeper understanding of asset and vulnerability management activities, prioritize remediation efforts, reduce attack surfaces, and make informed decisions to improve your overall security posture.

Check out our technical documentation here to learn how you can set up and use the Rapid7 app for Sumo Logic.

We've enhanced the Heatmap functionality with the addition of custom dimensions on the Y-Axis. This feature enables you to gain deeper insights into your data by visualizing the frequency of occurrences for specific categories within a selected time range.

Using the Dimensional Heatmap, you can now not only see the number of errors that occurred within a chosen time range (as with the regular Heatmap) but also effortlessly identify the specific categories, such as cluster/cpu/collector/sourceCategory, where these errors occurred most frequently.

Configure Dimension Heatmap

To enable the Dimensional Heatmap with Categories on the Y-Axis, follow these steps:

  1. Run a metrics query or logs query with the transpose operator.icon
  2. Change the Y-Axis Source to Dimension.
  3. A new field, Dimension will appear. Select the desired dimension from the list to be used as the source for the Y-Axis.icon

We're excited to announce the release of the new Symantec Web Security Service app for Sumo Logic. This app leverages Sumo Logic's Cloud-to-Cloud Symantec Web Security Service source to provide real-time insights into the web traffic and helps you to identify potential security threats. Here are some of the key features that this app offers:

  • Monitor for web-based threats. Monitor the web traffic for potential threats using access logs generated by the Symantec Web Security Service.
  • Detect and prevent malware infections. Search access logs for patterns of behavior that are indicative of malware infections.
  • Identify and block suspicious web activity. Monitor suspicious web activity, such as requests to known malicious sites.
  • Optimize web security policies. Identify areas where policies may be too restrictive or too permissive and make adjustments accordingly.

Check out our technical documentation here to learn how you can set up and use the Symantec Web Security Service App for Sumo Logic.

We're excited to announce the release of our new cloud-to-cloud source for Google BigQuery, this source collects the results of a query via BigQuery API. Learn more.

We're excited to announce the release of our new Zoom source for hosted collectors. This source provides an endpoint for receiving webhook events that help you to monitor:

  • Meeting events
  • Webinar events
  • Recording events
  • Zoom Room events
  • User events
  • Account events

For more information, check out our technical documentation here.

We're excited to announce the release of our new cloud-to-cloud source for Zero Networks Segment. This source ingests audit logs and network activities via Zero Networks Segment API to provide comprehensive network security by implementing zero-trust principles. Learn more.

We're excited to introduce an improved approach to calculating and aggregating percentiles on APM dashboards. This new mechanism significantly improves the accuracy of measurements for all APM percentile metrics and is now available in all dashboards.

What's New?

  • All APM metrics on dashboards now use the recently released Metrics Histograms.
  • The Service List panel replaces the existing timeseries table in the Application Details panel and is now included in out-of-the-box dashboards for APM views in the Explore tab. This change leverages the new and useful visualization for Services List released earlier.
  • The top bar selector for latency type has been renamed to latency_type, which now automatically drives all latency percentile metrics in all panels that support pct metrics.

Learn More

We've enhanced the Trace Query Visualizations screen by adding five new aggregation charts alongside the existing Trace duration breakdown chart. These charts provide more insights into the behavior and performance of your application. Aggregating traces allows you to quickly identify anomalies and unexpected behaviors, resulting in a shorter Time-to-Resolution (TTR) and a higher Return on Investment (ROI). The new aggregate charts are available as time-series or histogram and cover the following three metrics:

  • Trace duration
  • Error count
  • Span count

The new aggregate charts are:

  • Trace duration as timeseries
  • Trace duration as histogram
  • Error count as timeseries
  • Error count as histogram
  • Span count as timeseries
  • Span count as histogram

To access the new charts, simply navigate to the Traces screen and select a subset of comparable traces (such as the same transaction type). Then, click on Show Chart. You can use the dropdown menus to choose from the duration/errors/spans (per trace) and timeseries/histogram options. With these choices, you'll now have a total of six charts to help you better understand the profile of your traces.

Learn More

We're excited to announce the release of the new Proofpoint on Demand app for Sumo Logic. This app leverages Sumo Logic's Cloud-to-Cloud Proofpoint on Demand source to provide an improved security posture by analyzing message logs. Here are some of the key features that this app offers:

  • Email security monitoring. Monitor message traffic to detect and prevent spam, phishing, and other email-borne threats.
  • Compliance monitoring. Monitor email communications for compliance with internal policies and external regulations such as Data Loss Prevention (DLP), Domain-based Message Authentication, Reporting and Conformance (DMARC), and other relevant regulations.
  • Incident investigation. Quickly investigate potential security incidents by searching and analyzing email security and compliance data. This includes identifying the source of a security threat and the extent of its impact.
  • User behavior monitoring. Monitor behavior related to email communication to identify potential insider threats or unauthorized access.

For more information, check out our technical documentation here.

We're excited to announce the release of the new Asana app for Sumo Logic. This app leverages Sumo Logic's Cloud-to-Cloud Asana source to provide real-time monitoring and security insight for your Asana account. Here are some of the key features that this app offers:

  • Customizable searches. Build custom searches to examine particular Asana data elements, allowing you to go deeper into the data and find insights that are pertinent to your company's needs.
  • Integration with other sources. Combine with other Sumo Logic apps to gain a more holistic view of the data.

Check out our technical documentation here to learn how you can set up and use the Asana App for Sumo Logic.

We're excited to announce the release of several new features in the Dashboards (New):

  • Sankey Chart. Our new Sankey diagram feature, which you can find under the Categorical panel type, is built using the fromstate and tostate fields in your query. The Sankey diagram helps you understand the flow of the log events within a distributed system. The width of an arrow or stripe in the Sankey diagram shows the proportion of a quantity.
  • Connection Map. Our new Connection Map feature, which you can find under the Map panel type, provides visibility into the geographic origins of threats and their target points. By hovering over each line, you can find the threat name, latitude/longitude details of threat origin, and latitude/longitude details of threat target point.
  • Box Plot Charts. Our new Box Plot Charts feature, which you can find under the Time Series and Categorical panel type, graphically depicts groups of data using quartiles and is built by including _min, _pct_25, _pct_50, _pct_75, and _max in your query.

We've added a new feature to this release that allows you to configure multiple burn rate trigger conditions within an SLO monitor. This enhancement provides the ability to receive alerts for both short-term and long-term issues. With the short window burn rate, you can quickly detect any problems affecting the SLO monitor, while the long window burn rate ensures that significant impacts over a longer time period are identified.

We're excited to announce the release of AWS Observability 2.6.0. Here are some of the features the new version offers:

  • Support for Amazon SQS. Added out-of-the-box dashboards and predefined monitors to provide important information about queue and message statistics, including 4 new dashboards.
  • AWS Lambda dashboards. Updated to include Lambda Telemetry API metrics for improved observability.
  • Entity Inspector KPIs. New KPIs were added to help users gain better visibility into their entities.
  • Out-of-the-box monitors. Added evaluation delay for improved accuracy and deviation detection.
  • AWS Observability Lambda functions. Updated to use the latest available Node.js runtime environment.

For more information on updating the AWS Observability to the latest version, see Update AWS Observability Stack.

We're excited to announce the release of the new Druva App for Sumo Logic. This app leverages Sumo Logic's Cloud-to-Cloud Druva source to provide real-time monitoring and security insight for your Druva account. Here are some of the key features that this app offers:

  • Critical event alerts. Get notified of potential security incidents with real-time alerts for user activities, device and app usage, and backup and restore events.
  • Granular visibility. Gain detailed insights into user activity, alerts, and backup status to help you quickly detect and respond to security threats.
  • Seamless integration. Easily integrate with your existing Druva account and Sumo Logic environment for a streamlined security operations workflow.

Check out our technical documentation here to learn how you can set up and use the Druva App for Sumo Logic.

We're happy to announce the availability of the Rapid7 Cloud-to-Cloud hosted collector source, which allows you to collect assets and vulnerabilities data from Rapid7 InsightVM. Learn more.

New - We're happy to announce the new Sumo Logic App for Akamai DataStream, which allows you to monitor and analyze your Akamai Edge server performance and request-handling pipeline.

This app helps to identify issues that may be impacting your users' experience. This app is tailored to work with Akamai DataStream 2 generated logs, which include valuable information about each request, such as the request path, status code, and response time. Learn more.

We've released several new SaaS apps for Sumo Logic:

New - Airtable monitors and analyzes your organization's Airtable audit logs.

New - Armis provides visibility into Armis alerts and device data, making it easier to monitor and manage your device security.

New - Cisco Umbrella provides analytics and insights into your Cisco Umbrella DNS, Proxy, and Admin activity.

New - Citrix Cloud monitors and analyzes configuration changes and actions that may have impacted your environment and account administrators.

New - DocuSign monitors and secures your DocuSign account by providing real-time insights into critical events, alerts, and user activity.

New - Dropbox monitors and analyzes Dropbox usage data for your organization, offering insight into user activity, file access, sharing, and collaboration.

New - KnowBe4 monitors and analyzes KnowBe4 Phishing Security logs.

New - Microsoft Graph Identity Protection provides organizations with advanced security monitors and analytics capabilities for their Microsoft Graph Identity Protection data.

New - Miro provides visibility into Miro audit logs to ensure the security and compliance of your Miro environment.

New - SentinelOne monitors and analyzes data from your SentinelOne Threats and Agents logs.

We've released several new Cloud-to-Cloud hosted collector sources.

New - Cato Networks source ingests security and audit events from Cato API.

New - Citrix Cloud source securely fetches System Log data from the Citrix Cloud System Log API.

New - Druva source analyzes and fetches event logs from the Druva inSync API.

New - DocuSign source collects event data from the DocuSign Monitor.

New - We're excited to announce automatic log level detection for Log Search queries, helping you to quickly identify anomalies without having to search through large volume of logs to find high severity issues.

With this update, you can now visualize and filter log-level distribution in both your Histogram results and Messages table. This allows you to view messages of specific log level(s) in the same view. Learn more.

NOTE: This feature is in Beta. To participate, contact your Sumo Logic account executive or our Support Team.

Hide log levels

Update - We've improved our logic for detecting remote application services.

Even in the most demanding conditions - incomplete or broken traces, intermittent traffic gaps, and other challenges - remote services are detected correctly.

This functionality prevents the creation of remote services for missing spans if there are intermittent instrumentation or collection issues.

New - Our new Scheduled Report feature enables you to receive an email copy of a dashboard periodically in either PDF or PNG format, allowing you to get insight into the dashboard without logging into the Sumo Logic platform.

New - We’re happy to announce a release that saves you configuration time. Our new and improved OpenTelemetry collector data onboarding workflow that gets you up and running with infrastructure monitoring in minutes. With this update, you can start monitoring host and process data, web servers (like IIS, Nginx), databases (like MySQL, Redis, Cassandra), and other sources out of the box - no manual configuration required. Learn more.

The Sumo Logic Distribution for OpenTelemetry, a single unified agent to send Logs, Metrics, Traces, and Metadata, helps simplify and streamline Observability and debugging to improve overall system reliability and efficiency. Learn more.

Note: The new onboarding workflows are only available for new Trial customers at this time.

OpenTelemetry collector onboarding flow

Beta - To prepare for Dashboards (Classic) deprecation in late 2023, we've released a tool to assist you with migrating from Dashboards (Classic) to Dashboards (New). You can access this tool directly from a Classic dashboard page by clicking on the Migrate to new dashboards link at the top of the page.

For more information, including the current limitations of the tool, see Migrate Dashboards. Start planning and migrating your Classic dashboards now. You can learn more from our Community page.

Update - We've enhanced the query editor so that it's now more customizable, making it easier for you to work with long queries and larger results. With this update, you can now adjust the size of the search query editor, allowing for better visibility into long queries. This will be especially helpful for those of you who have found it difficult to review long queries in their entirety due to the fixed editor size. Additionally, you can reduce the size of the editor while examining larger results, making it easier to navigate through your data.

New - We've released SLO Lookup Tables, which allow you to view all SLO metadata in your environment. Data is managed and refreshed automatically on our end. To use, you can enlist the contents of the lookup table, which reside under a fixed path (sumo://content/slos) or join the results of your SLO precomputed data (from _view = sumologic_slo_output) with metadata contained in the lookup table. Learn more.

New - You can now launch a Log Search session directly from an SLO dashboard panel, giving you the ability to drill down further into your SLO data. You can also add Log Search results to any other Sumo Logic dashboard, allowing you to correlate SLO performance data with other categories of data. Learn more.

SLO Open Log Search

New - We have added support for multiple metrics queries for the threshold-based definition for the Query field in the SLI definition. You can use it to generate derived time series using arithmetic operations with the help of joins.

Multiple metrics queries can be defined from scratch on the SLO editor and the metrics page and imported to the SLO editor via the Create an SLO menu option.

New - Real User Monitoring (RUM) dashboards now have additional explore level and capabilities that allow you to filter by deployment environment. To leverage this, you'll need to add the deployment.environment tag and value that corresponds to your development environment (like us-west-1, prod, dev) as a custom attribute to your RUM script.

Learn more:

Update - We've enhanced the alerting logic for Metrics Monitors to ensure more accurate alerts. For monitors that alert when all data points are above a given threshold at all times within, we've added a customizable parameter for the minimum number of required data points within an alerting window. And, for any existing monitor, the default setting is 2, which means that two data points are required within an alerting window to generate an alert. Learn more.

New - Critical Monitors that alert you to customer-critical service interruptions and other reliability measurements are great candidates to convert to Service-Level Objectives (SLOs). We've made this easy: you can now create SLOs directly from your Monitors in just a couple of clicks. The thresholds you set in your Monitor will carry over automatically to your new SLO definition, saving you time and effort. Learn more.

Update - We've fixed a bug that caused inconsistent results for queries run on the Frequent and Infrequent data tiers due to inconsistent handling of whitespace characters within quoted phrases. With the fix, query results are now consistent across all data tiers.

For more information, see Normalization of Phrase Queries.

Update - We have updated the Reuse Password After password policy. Previously, you could prevent Sumo Logic users from reusing up to 10 previously used passwords. Now, you can prevent users from reusing up to 12 previously used passwords. For more information, see Set the Password Policy.

New - Our new tracing Services List view provides a high-level summary of your service health insights and important KPIs in one compact table, allowing you to spot potential issues in your application infrastructure. Learn more.

New - We've rolled out the ability to customize your alert resolution notifications. So when setting up Sumo Logic webhook connections, you can now design and test both your alert and recovery JSON payloads.

This customizable alert recovery payload functionality is currently supported for Slack, Microsoft Teams, AWS Lambda, Azure Functions, generic webhook, PagerDuty, OpsGenie, and ServiceNow. Learn more.

note

We're doing a slow rollout for this feature. By Thursday, Jan 19, all customers will have access.

New - We’re released a new metrics operator: predict. The predict operator takes as input a single time series metric to predict future values. Predicting metrics such as CPU usage or memory consumption is useful for resource and capacity planning. For more information, see predict Metrics Operator.

We've released two metrics updates.

Update - Expanded support for thresholds in metrics charts. We've expanded support for setting Warning and Critical threshold values for metrics query results in charts. Now, you can define threshold metrics values in the Chart view for Time Series panels, and for these chart types for Categorical panels: Line, Area, Bar, Column, and Table. For more information, see Set Warning and Critical Thresholds.

Update - Unified where and filter metrics operators. We have merged the functionality of the filter metrics operator into the where operator. Previously you could use the filter operator to filter out time series, and the where operator to filter out data points within a time series. Now, the updated where operator supports filtering by time series and by data point. For more information, see where Metrics Operator.

note

The filter operator is still supported, but will be deprecated in the future.

Update - We have enhanced our Query Editor functionality to help you create a better search experience and reduce errors when writing queries. This feature matches any open quotes, open brackets (curly, square, or parenthesis brackets), and completes the quotes automatically.

Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.