Skip to main content
Sumo Logic

Service Release Notes

February 13, 2020

Collection

Beta - Collection Health Events allow you to keep track of the health of your Collectors and Sources. You can use them to find and investigate common errors and warnings that are known to cause collection issues. When used in combination with our Enterprise Audit Apps, Health Events provide a proactive monitoring framework, differentiated from our competitors’ reactive solutions, where you need to debug data collection after having suffered data loss or downtime. At present, Health Events provide observability for Collectors and Sources, however it will expand to other areas of our service as development continues. This is available as a closed Beta to Enterprise accounts. To participate contact your Sumo Logic account executive or sign up for an enterprise trial account.

February 7, 2020

Apps

New - Global Intelligence for Amazon GuardDuty 

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. The Sumo Logic App for Global Intelligence for Amazon GuardDuty analyzes GuardDuty threats from the Sumo Logic population to create baselines of threats. These baselines enable you to optimize security posture and remediation based on how unusual your GuardDuty findings are compared to Sumo Logic customers. The App includes pre-configured dashboards and searches with visual displays for global threat baselines and real-time threat detection across your AWS environment.

GI_GuardDuty_Global_Baseline.png

New - Global Intelligence for AWS CloudTrail

The Global Intelligence for AWS CloudTrail App enables you to detect potentially malicious configuration changes in your AWS account by comparing AWS CloudTrail events in your account against a cohort of AWS customers. CloudTrail events are curated from AWS penetration tests and operational best practices.

03Tactics_by_Resource_Type.png

January 13, 2020

Connections and Integrations 

New - You can now set up a ServiceNow Incident Webhook connection, and create scheduled searches for the connection. Webhook connections allow you to send Sumo Logic alerts to third-party applications that accept incoming Webhooks.