Skip to main content
Sumo Logic

CrowdStrike Falcon Host

CrowdStrike Falcon Host
The Sumo Logic App for CrowdStrike Falcon Host allows you to analyze CrowdStrike security events by type, status, and detection method. You can use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console.

Preview App Support in the Sumo Logic Community

CrowdStrike Falcon Host provides endpoint security and threat intelligence services via the cloud. It consolidates multiple security functions into a single lightweight agent, and provides visibility to the service through integrations with a central security analytics platform like Sumo Logic.

The Sumo Logic App for CrowdStrike Falcon Host allows you to analyze CrowdStrike security events by type, status, and detection method. You can use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console.

Log Types

The Sumo Logic App for CrowdStrike Falcon Host analyzes two log types:

  1. Detection Summary Events
  2. Authentication Events

For details on the format and definitions, refer to CrowdStrike documentation at https://www.crowdstrike.com/resource...lcon-connector.