Skip to main content
Sumo Logic

Install the UEBA App and View the Dashboards

The Sumo Logic UEBA (User and Entity Behavior Analytics) app monitors the baseline user and entity behavior and reports on any unusual anomalies detected.

Install the Sumo Logic App

Install the Sumo Logic App to use the preconfigured searches and dashboards.

To install the app, do the following:

  1. In the App Catalog, search for "UEBA" and select the UEBA app.
  2. Click Add to Library.
    ueba-install.png
     
  3. To save the app to a new folder in your personal folder, click + New Folder and select a name and location for your folder.
  4. Click Add to Library to install the app. A confirmation dialog will appear and then you can start viewing your  dashboards.

Dashboards

UEBA - User

The Users dashboard displays information about the behavior of users. It displays the devices they typically interact with and the times of day that they log into those devices. The dashboard can be focused onto a particular user or group of users by entering a match expression in the User field at the top of the dashboard. Matching users are shown in the Users panel.

UEBA - Users - dashboard.png

UEBA - Signals

The Signals dashboard displays a brief summary of the behavioral anomalies the app has detected. The Summary field shows the users or devices involved, the typical data range, and the observed data range. The Confidence field is expressed as a percentage and shows how strongly this finding is supported by evidence.

UEBA - Signals - dashboard.png