Skip to main content

We're happy to announce two new monitoring features that allow you to generate alerts that notify you of suspicious behavior and automatically run playbooks to address it.

Anomaly detection

You can now use the Anomaly detection method when you create a monitor. This method applies machine learning techniques to detect anomalies and identify suspicious patterns. It establishes baselines for normal behavior so you receive alerts when deviations or unusual activities are encountered.

Learn more.

Automated playbooks

An automated playbook is a predefined set of actions and conditional statements that run in an automated workflow to respond to an event. For example, suppose that a monitor detects suspicious behavior that could indicate a security problem. When the monitor sends the alert, it could also run an automated playbook to respond to the event.

Learn more.

New - We're happy to introduce you to new accounts page enhancements such as Dynamic Forecasts, Credit Baseline, Total Credits Usage Breakdown, Time Series View, and Usage % Change. Learn more.

We're excited to announce the availability of the Closed Beta version of our updated Sumo Logic User Interface (UI). This release brings several enhancements aimed at improving your overall experience:

  • Unified Navigation. Seamlessly access all Observability features (e.g., Alerts, Log Search, APM, Metrics) alongside Security features (e.g., Cloud SIEM, Cloud SOAR) from a single, unified left-navigation menu. This is a significant improvement over our legacy Classic UI, where users had to navigate away from Sumo Logic when using Cloud SIEM or SOAR.
  • Streamlined Administration. Administrative functions, Data Configuration, Help, and User Preferences have been relocated to the top toolbar menu for simplified access.
  • Enhanced Browsing Experience. Now, instead of in-app tabs, you can utilize native browser tabs for a more familiar browsing experience, complete with session history, the back button, favorites, and other native browser capabilities.
  • Improved Performance. With a simplified UI, you'll experience accelerated performance, enhanced usability, and a consistently smooth browsing experience, empowering you to troubleshoot incidents faster. We've achieved significant improvements in two primary metrics:
    • First Contentful Paint (FCP). ~90% improvement (synthetic), 75% improvement (RUM).
    • Time to Interactivity (TTI). ~27% improvement (synthetic), 50% improvement (RUM).
  • Stateful URLs. URLs now reflect real-time changes. Any modifications you make within the UI are instantly reflected in the URL parameters, ensuring effortless sharing of the most up-to-date content with collaborators.
demo-new-ui-beta.gif

To explore these improvements, reach out to your Sumo Logic sales representative for access to the Closed Beta. We look forward to your feedback as we continue to refine our UI.

More information:

We're happy to announce an update of the Azure metric collection framework. Here are some of the key features that this update offers:

  • Aligns all the components to the latest version of Azure Functions runtime and libraries.
  • Replaces the soon-to-be deprecated classic Application insights resource with new workspace-based Application insights.
  • Provides necessary security updates.

Refer here for details on upgrade instructions and changelog. Also, for more information on metrics collection from Azure Monitor, see our documentation.

Update - Previously, for Sumo Logic customers on POV Trial plans, their accounts would be downgraded automatically to our Free plan at the end of their 45-day trial period. Effective today, these customers will be notified about their trial period expiration date in two different places in the UI: View details for the selected organizations and Child org table. Learn more.

We're excited to announce that we've introduced optimization improving the performance of Metrics queries that use aggregations (avg, min, max, sum or count) and which time range is within the last 24 hours.

Such queries are now faster, additionally allowing to aggregate data from a larger amount of time series.

Learn more.

We’re excited to announce the general availability of Cloud Infrastructure Security for AWS. This solution unifies views of active threats, security control failures, and suspicious activity across your AWS environment to give you security posture visibility at a glance.

This feature was previously only available in a preview form. It is now available for general use.

Here are some of the key features the new solution offers:

  • Risk overview. See a summary of all resources that pose risks in a single dashboard that rolls up the findings from other dashboards. Get an action plan for addressing the most important areas of concern.
  • Active threats. See active threats in APIs, resources, and storage.
  • Misconfigurations. See areas in your environment that need to be addressed because they fail best practice security controls.
  • Suspicious activity assessment. See suspicious activity across users, web interactions, networks, and Identity Access Management (IAM).

To learn how you can set up and use Cloud Infrastructure Security for AWS, check out our technical documentation.

Action Required

To use the solution, you are required to sign up and activate Amazon GuardDuty and AWS Security Hub.

We're excited to announce the new visualizations for Log Search queries with which you can customize each chart by modifying the available settings and obtain a unified experience with charts across the Sumo Logic platforms. Learn more.

We're excited to announce an update for the Active Directory JSON - OpenTelemetry application to enhance efficiency and data collection. We are updating the sumo.datasource value from Active Directory to Windows. This change addresses the double data ingestion issue that occurs for customers who have installed both Active Directory and Windows apps and set up separate OpenTelemetry collections for each.

note

Data collected before the upgrade will not be visible in the Active Directory application.

If you have only the Active Directory JSON - OpenTelemetry app installed and decided to upgrade it, you will need to update your collection configuration according to the instructions below.

  1. Open the configuration file located in C:\ProgramData\Sumo Logic\OpenTelemetry Collector\config\conf.d.
  2. Update the following attributes:
    • key: sumo.datasource
    • value: windows
    • action: insert
  3. Restart the collector by using the following Powershell command Restart-Service -Name OtelcolSumo.

If you have both the Windows - OpenTelemetry and Active Directory JSON - OpenTelemetry apps installed, you should remove the Active Directory OTEL YAML configuration from your machine to prevent double data ingestion. When upgrading the Active Directory app, there's no need to set up a new collection.

No changes are required if you only have Windows - OpenTelemetry installed.

We're happy to announce that our Account Overview page is updated and now you can get a detailed view of child org usages. Here are some of the key features that this update offers:

  • Monitor child org usage data seamlessly through the new centralized view for child orgs usages.
  • Gain a comprehensive picture of child org credit consumption and usage trends in one place.
  • Navigate to individual child org accounts pages directly from the centralized UI for deeper insights.

For more information, see our documentation on how to monitor credits allocation and usage.

We're excited to include the Index field as metadata at the bottom of every message row, along with other metadata. This allows you to modify the search query by clicking the index name or view surrounding messages by clicking on the dropdown. Learn more.
index-filter

Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.