Skip to main content
Sumo Logic

Windows JSON

Windows JSON
The Windows JSON App provides insight into your Windows system's operation and events so that you can better manage and maintain your environment. The Windows JSON App consists of predefined searches and dashboards that provide visibility into your environment for real-time analysis of overall usage of Security Status, System Activity, Updates, User Activity, and Applications.

The Windows JSON App provides insight into your Windows system's operation and events so that you can better manage and maintain your environment. The Windows JSON App is based on the JSON Windows event log format and consists of predefined searches and dashboards that provide visibility into your environment for real-time analysis of overall usage of Security Status, System Activity, Updates, User Activity, and Applications.

Log Types

The Windows JSON App assumes events are coming from Windows Event Log Sources in JSON format. It does not work with third party logs.

Standard Windows event channels include:

  • Security
  • System
  • Application

Custom event channels, such as PowerShell or Internet Explorer are also supported.