Skip to main content

Records, Signals, Entities, and Insights

Learn about Insight generation, working with Entities, and how to query Cloud SIEM Records. 

In this section, we'll introduce the following concepts:

Icon of a shield on a flow diagram

Insight Generation Settings

Learn how to configure the detection window and the threshold Activity Score for Insight generation.

Icon of a shield on a flow diagram

Global Intelligence for Security Insights

Learn how to triage and prioritize Insights.

Icon of a shield on a flow diagram

Custom Insights

Learn how to set up Custom Insight configurations.

Icon of a shield on a flow diagram

View and Manage Entities

Learn about all the Entities in Cloud SIEM and their Activity Scores.

Icon of a shield on a flow diagram

Entity Criticality

Learn how to adjust the severity of Signals for specific Entities.

Icon of a shield on a flow diagram

Custom Entity Types

Learn how to create custom Entity types in Cloud SIEM.

Icon of a shield on a flow diagram

Entity Groups

Learn how to automatically group entities in terms of criteria like name or IP Address.

Icon of a shield on a flow diagram

Entity Lookup Tables

Learn how to normalize the names of users and hosts (machines) in your environment.

Icon of a shield on a flow diagram

View Records for a Signal

Learn how to view Records associated with a Signal in Cloud SIEM.

Icon of a shield on a flow diagram

Signal Suppression

Learn about ways to suppress and exclude Cloud SIEM Signals from the Insight generation process.

Icon of a shield on a flow diagram

Search Sumo Logic for Cloud SIEM Records

Learn to search the Sumo Logic platform for Records and Signals that have been forwarded from Cloud SIEM.

Icon of a shield on a flow diagram

Using Tags

Learn how to add context to Cloud SIEM items, and search and filter items by tag.

Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.