The previously announced automatic conversion of Real-Time Scheduled Searches to 15-minute scheduled searches will not take place.
We are happy to announce that you can now create service accounts in Sumo Logic. Service accounts are a special type of account designed for automating processes that use Sumo Logic APIs, such as scripts, integrations, and infrastructure as code. Unlike user accounts, service accounts are not associated with an individual and do not allow for interactive logins.
We’re excited to announce the release of the following apps for Sumo Logic:
Enhancements:
Node.js v20.x to Node.js v22.x.Node.js v22.x in the CloudFormation template for AWS CloudWatch Logs with Dead Letter Queue Support.Python v3.11 to Python v3.13.Python v3.13 in the CloudFormation template for Kinesis Metric Collection.v3.x.Deprecations:
We are happy to announce that authorized users can now control the visibility of installed app content. This update allows content administrators and the installing user to configure the roles and users who should be allowed to view the dashboards and log searches that are installed with an app.
For more information about sharing apps, see Content Sharing in Sumo Logic.
We're excited to introduce the new Sumo Collection app for Sumo Logic. By leveraging this app, you can get insights into the health and status of Sumo Logic collectors and sources, allowing you to effectively manage and monitor collectors and sources within Sumo Logic. Learn more.
We’re excited to announce the general availability of Kickstart Data, a streamlined onboarding experience that includes sample data and prebuilt dashboards. Whether you're starting a free trial or simply spinning up a new account, Kickstart Data makes it easy to understand Sumo Logic's capabilities without needing to ingest your own data first.
We’re excited to announce a new SumoLogic_ThreatIntel source incorporating Indicators of Compromise (IoC) from Intel 471. Analysts can use this out-of-the-box default source of threat indicators to aid in security analysis.
We're excited to introduce the new Cisco Vulnerability Management app for Sumo Logic. By leveraging this app, security analysts can collect the detected open vulnerabilities and active assets to enable a secure infrastructure. Learn more.
We’re excited to announce the release of the new Azure Key Vault and AWS Auto scaling apps for Sumo Logic.
Node.js v18 to Node.js v20. Learn more.Bugs for the following apps have been fixed:
We're excited to introduce the new CyberArk Audit app for Sumo Logic. By leveraging this app, security analysts can monitor, analyze, and visualize audit trails of user activities, security events, and anomalies to enhance security. Learn more.
A new preference setting allows you to open links from the left navigation menu in a new browser tab by default. This feature is available only in the New UI. Learn more.
We're excited to introduce the new Azure Security - Advisor app for Sumo Logic. By leveraging this app, security analysts can quickly assess Azure Advisor’s recommendations, track remediation progress over time, and take action to enhance the security and efficiency of their Azure infrastructure. Learn more.
We're excited to announce the release of our new cloud-to-cloud source for Confluent Cloud Metrics. This source aims to collect metric data from the Confluent Cloud Metrics platform and send them to Sumo Logic for streamlined analysis. Learn more.
We're excited to introduce the new Netskope WebTx app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Netskope WebTx source to collect the web transaction logs from the Netskope WebTx platform. It provides security and IT teams the visibility and insights into web transactions, helping organizations monitor, analyze, and secure their web traffic. Learn more.
We're excited to announce the release of our new cloud-to-cloud source for Sumo Collection. This source aims to collect the list of collectors and their sources using Sumo Logic Collector API and Source API and send them to Sumo Logic for streamlined analysis. Learn more.
We are excited to announce a new Content Management tab that allows MSSP administrators the ability to conveniently push updates to multiple child organizations at once. Learn more.
This feature is in Beta. To participate, contact your Sumo Logic account executive or our Support Team.
We’re excited to announce the next milestone in our transition to the New UI. Starting today, the New UI will become the default experience when you sign in to Sumo Logic.
The Classic UI will be retired in 2025. The exact date will be communicated closer to the transition. To ensure you have access to the latest features, performance improvements, and innovations, we encourage you to start using the New UI as soon as possible.
Here's what's changed since the last rollout.
We've introduced three new features to improve your Copilot experience:
Copilot now automatically updates conversation titles based on your query, making it easier to track and revisit past investigations. You can also customize it by clicking the pencil icon next to the title.
We've added an Open in Copilot button to the Alert Response page, allowing you to troubleshoot alerts directly in Copilot. This preserves the alert context, making it seamless to investigate and resolve issues.
Now you can pin Copilot suggestions for easy reference. Just hover over a suggestion and click the pin icon to save it within your conversation.
We’re excited to introduce Sumo Logic Threat Intelligence, a powerful feature set that enables Cloud SIEM administrators to seamlessly import indicators of Compromise (IoC) files and feeds directly into Sumo Logic to aid in security analysis. IoCs are individual data points about threats that are gathered from external sources about various entities such as host names, file hashes, IP addresses, and other known targets for compromise.
Once indicators are ingested and appear on the Threat Intelligence tab, Cloud SIEM analysts can use the hasThreatMatch function in Cloud SIEM rules to analyze incoming records for matches to the threat intelligence indicators.
Sumo Logic Threat Intelligence will help you stay ahead of emerging threats and enhance your security posture.
Only Cloud SIEM administrators can add threat intelligence indicators to the datastore.
We’re excited to announce the release of the new Azure Container Instance app and three OpenTelemetry Remote Management source templates for Sumo Logic.
Azure Container Instance app. Azure Container Instances is a fully managed serverless container service that enables you to deploy and manage containers in Azure without the need for virtual machines. This integration allows you to analyse logs and metrics pertaining to Azure Container Instances. Learn more.
OpenTelemetry Remote Management. Released MySQL, PostgreSQL, and ElasticSearch OpenTelemetry Remote Management source templates.
We're excited to introduce the new Automox app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Automox source to collect audit and event logs from the Automox platform. It provides security and IT teams with visibility into endpoint management and security. By using this app, teams can improve their security monitoring, streamline endpoint management, and strengthen operational resilience. Learn more.
We're excited to announce the release of our new cloud-to-cloud source for CyberArk Audit. This source aims to collect the audit events from the CyberArk platform using the CyberArk SIEM integrations API and send them to Sumo Logic for streamlined analysis. Learn more.
We've updated the onboarding experience to give you the option to bypass data collection setup and explore the App Catalog instead.
A new Go to App Catalog option now appears in the left-hand menu on the data setup page, allowing you to browse integrations and pre-built dashboards before configuring data ingestion. This change makes it easier to explore Sumo Logic’s capabilities without committing to a full setup.
To learn more, check out our quickstart and signup guides.
Enabling SSO for child organizations makes moving between organizations under your authority much more seamless and convenient. We are excited to announce that single sign-on (SSO) is now automatically enabled when you create child organizations, allowing you to sign in to child organizations without having to provide separate credentials. Learn more.
We're excited to introduce the new Dragos app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Dragos source that collects collect vulnerabilities, notifications, addresses, zones, and assets logs from the Dragos platform. This app helps security analysts to minimize cybersecurity risks, improve operational resilience, and safeguard critical infrastructure from evolving cyber threats. Learn more.
We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumo Logic for streamlined analysis. Learn more.
We're excited to introduce the new Trust Login app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Trust Login source that collects report logs from the Trust Login platform, enabling security analysts to monitor authentication events and user activities, and respond to potential security threats across your organization. Learn more.
We're excited to introduce the new Code42 Incydr app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Code42 Incydr source that collects audits, file events, and user sessions data from the Code42 Incydr platform. This app helps security analysts monitor, detect, and respond to potential data threats across an organization. Learn more.
We're excited to introduce the new JumpCloud Directory Insights app for Sumo Logic. This app provides a comprehensive visibility into authentication events, user activities, and security-related actions within your JumpCloud-managed environment. The pre-configured dashboards can help you to track failed login attempts, privileged access changes, and account lockouts in real-time to improve security and ensure organizational policy compliance. Learn more.
We’re excited to announce the release of the new Azure Virtual Network app and 11 new OpenTelemetry Remote Management source templates for Sumo Logic.
This section details the new features and updates in AWS Observability for upgrading your Terraform script or CloudFormation template to version v2.11.0.
To learn more, refer the AWS Observability changelog.
quantization_interval filter variable.We are excited to announce that we are now supporting Sumo Logic's Organizations ("Sumo Orgs") feature for Sumo Logic Flex customers. With this release, Flex customers can effectively group, provision, manage, and monitor the credit usage across multiple organizations, providing greater visibility and control over account structures. Learn more.
We're excited to introduce the new VMware Workspace ONE app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud VMware Workspace ONE source that collects audit logs data from the VMware Workspace ONE platform. This app helps security analysts monitor device compliance, encryption, and overall security status, offering a powerful solution for effective risk analysis, policy enforcement, and device security. Learn more.
We're excited to introduce the time-phased scan budgets for advanced usage management, which helps you to set Daily, Weekly, or Monthly budgets for individual user or a single shared budget for an entire group. Learn more.
We're excited to announce enhancements to how you create and manage access keys.
The My Access Keys section has been moved out of Preferences to its own tab and renamed Personal Access Keys.
To open the Personal Access Keys tab:
You can now create permission scopes for access keys. Scopes limit the API endpoints an access key can be used to call. This allows you to specify only the permissions the access key needs to accomplish a specific task, making the key more secure.
Symantec Endpoint Security Service. We're excited to introduce the new Symantec Endpoint Security Service app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Symantec Endpoint Security source that collects incident and event logs data from the Symantec Endpoint Security platform. This app provides real-time insights into the log data that allows you to monitor and manage endpoint security in real time, enhancing quick responses to threats. Learn more.
Jamf. We're excited to introduce the new Jamf app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Jamf source that collects inventory data from the Jamf platform. This app helps security analysts with critical insights into their organization's Jamf environment. Learn more.
The Sumo Logic Distribution for OpenTelemetry Collector now supports remote management, enabling you to configure and manage data collection directly from the Sumo Logic UI. With this feature, you can:
This release provides a faster, more efficient way to manage large-scale data collection, supporting scalable and automated operations. Learn more.
We're excited to introduce the new Trend Micro Vision One app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Trend Micro Vision One source that collects alert logs data from the Trend Micro Vision One platform. This app helps you can gain real-time visibility into security events and incidents within your organization's infrastructure, allowing them to detect and react to potential threats quickly. Learn more.
This is an archive of the 2024 Sumo Logic Service Release Notes.
This is an archive of the 2023 Sumo Logic Service Release Notes.
This is an archive of the 2022 Sumo Logic Service Release Notes.
This is an archive of the 2021 Sumo Logic Service Release Notes.
Release notes from 2016-2020 have been archived. If you need access to earlier versions, contact Support.