Preview App Support in the Sumo Logic Community
CrowdStrike Falcon Platform provides endpoint security and threat intelligence services through the cloud. It consolidates multiple security functions into a single lightweight agent, and provides visibility to the service through integrations with a central security analytics platform like Sumo Logic.
The Sumo Logic App for CrowdStrike Falcon Platform lets you analyze CrowdStrike security events by type, status, and detection method. Use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console.
The Sumo Logic App for CrowdStrike Falcon Host analyzes two log types:
- Detection Summary Events
- Authentication Events
For details on the format and definitions, refer to CrowdStrike documentation at https://www.crowdstrike.com/resource...lcon-connector.