The Sumo Logic Enterprise Audit Apps are JSON based to provide for more meaningful audit messages. The Apps generate queries that are compatible with the new Sumo Logic Audit Event Index. The Enterprise Audit Apps do not support the previous version of the audit index.
Enterprise Audit Apps utilize predefined searches and Dashboards that provide visibility into your environment. The following Enterprise Audit Apps present information on account management activities, user activities, as well as management of library content (searches, dashboards/reports, and folders) for your Sumo Logic account:
- Enterprise Audit - Collector and Data Forwarding Management App presents information on Collector, Sources activities, and data forwarding trends by destination types.
- Enterprise Audit - Content Management App provides information on content activities, such as content that is created, updated, deleted, imported, exported, copied, moved, publicly accessed, made visible to the public, and application installed.
- Enterprise Audit - User & Role Management App provides visibility on user activities such as creating, deleting, and modifying user roles, email account, and password changes. You can also review various user session data.
- Enterprise Audit - Security Management App provides visibility into security posture, such as Access Key Activities, SAML Activities, Password Policy, Multi-Factor Authorization (MFA), and Service WhiteList activities within your Sumo Logic Environment.