Skip to main content
Sumo Logic

CrowdStrike Falcon Host (Falcon Platform)

CrowdStrike Falcon Host (Falcon Platform)
The Sumo Logic App for CrowdStrike Falcon Host (Falcon Platform) allows you to analyze CrowdStrike security events by type, status, and detection method. You can use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console.

Preview App Support in the Sumo Logic Community

CrowdStrike Falcon Platform provides endpoint security and threat intelligence services through the cloud. It consolidates multiple security functions into a single lightweight agent, and provides visibility to the service through integrations with a central security analytics platform like Sumo Logic.

The Sumo Logic App for CrowdStrike Falcon Platform lets you analyze CrowdStrike security events by type, status, and detection method. Use the App to investigate CrowdStrike-specific events and provide operational visibility to team members from pre-configured searches and Dashboards, without logging into the CrowdStrike console.

Log Types

The Sumo Logic App for CrowdStrike Falcon Host analyzes two log types:

  1. Detection Summary Events
  2. Authentication Events

For details on the format and definitions, refer to CrowdStrike documentation at https://www.crowdstrike.com/resource...lcon-connector.