Insight Summary

The insight Summary pane provides a concise, actionable summary of threat incidents based on triggered signals. It consolidates key details to facilitate quick understanding and response by security teams. The summary is generated by Sumo Logic's Summary Agent, an agentic AI tool.

The summary is generated when an insight is created, and is regenerated whenever the insight is modified, keeping it current with added or removed signals. Summaries are not only generated for insights created by the system, but also custom insights created manually by users via the UI.

note

Help us refine the tool by using the thumbs-up or thumbs-down buttons to provide feedback on the effectiveness of the summary presented. Clicking the thumbs-down button gives you the opportunity to provide additional feedback.

Micro Lesson

Watch this micro lesson to learn more about Sumo Logic's Summary Agent.

FAQs about the insight summary

• How does the AI handle data privacy?
  • There is no data sharing across tenants.
  • No customer data or personally identifiable information (PII) is used to train models.
  • Processing is limited to schemas and sample fields, and is reviewed for compliance.
  • The AI is powered by Amazon Bedrock, with rolling expiration for temporary query history.
• Can insight summaries be accessed by the API?
  Yes. The summaries are included in output when you run the insight APIs in the Cloud SIEM APIs.
• Is there an additional cost?
  No. The insight summary is included as part of Cloud SIEM at no extra licensing fee.