SOC Analyst at a computer software company with 1,001-5,000 employees
Real User
Top 10
2024-11-08T18:52:35Z
Nov 8, 2024
We primarily use Sumo Logic as a SIEM, Security information and event management tool. It serves as a Cloud SIEM and is utilized for alert monitoring, insight monitoring, and as a continuous intelligence platform.
The product is a log aggregator of all the logs from all our environments, including AWS. Our infrastructure is deployed on AWS. We ship all logs to Sumo Logic. Based on the logs, we create alerts. These alerts are sent to an email ID, which creates tickets.
Our primary use case for this solution is logging and monitoring. We have dashboards for monitoring the performance and health of our applications and logins.
We've got it integrated into all of our production assets and our IT assets, like Okta and all the SaaS stuff that we need to manage our IT environment. It's plugged into pretty much everything. Primarily, we use it for security alerting. We plug it into Amazon and it lets us know when people log into different accounts, change privileges, log into production, etc. We also have it integrated on the IT side too — we have it integrated into our SSO provider. We want to know if someone logs in too many times or how frequently they try to log in, whether they get locked out or not. It generates alerts. We're starting to roll it out in terms of forensics on our audit logs. Company-wide, if it is part of our certification process, if we buy a SaaS service, it has to integrate with a SIM — it has to provide audit logs. There are a couple of other criteria that we have: it's got to have a split SSO, it has to have a supported SIM, and it's got to support audit logs. All the read-only audit logs get dumped into Sumo Logic as well, and the security team monitors all of that. Our DevSecOps team mainly uses this solution.
Associate Director - Database & DevOps at Medlife
Real User
2020-06-21T08:08:08Z
Jun 21, 2020
We mainly use the solution to take advantage of the debugging logs and application logs, which are the production systems that we have. All of these are running these Sumo Logic agents. They keep communicating with the logs and are pushing to the Sumo Logic servers. Basically, we use it for our application debugging. We also push the balance of our logs to Sumo Logic. That is for our workarounds. It helps us to get to know the health of our application from the load balancer point of view. We pull for certain error messages within the logs, let's say, for example, exceptions, or errors, etc. We use certain patterns that we want to be highlighted for notification purposes. These are running continuously and whenever certain text patterns are found and are beyond a certain threshold, we get notified so that we can take some corrective actions.
Infrastructure Engineer at a wholesaler/distributor with 1,001-5,000 employees
Real User
2018-12-11T08:30:00Z
Dec 11, 2018
It is primarily for storing logs, then making reports out of the logs and also alert. If something goes up or down, or reaches a threshold, then we are on alert for that.
Cloud Lead Engineer at a media company with 1,001-5,000 employees
Real User
2018-12-04T07:57:00Z
Dec 4, 2018
We use it to send our devices logs. It looks for application errors during the development, QA, and production. We also use it for troubleshooting in a production environment. We use only the AWS version.
Sumo Logic is for logging. You can use it as a centralized logging management system. You can send all your application logs to Sumo Logic, then you will receive a clear dashboard where you can see if there are any issues in you operations. It is pretty easy to troubleshoot any issues on your application using Sumo Logic.
Logging all operational and security events in our enterprise environment. We use Sumo Logic to monitor all the applications that we run in the Amazon AWS cloud; we use Sumo Logic to monitor the security posture of our AWS IaaS with CloudTrail, VPC flow, S3 audit, GuardDuty, and EKS services.
Sumo Logic
Sumo Logic is a cloud-based machine data analytics company focusing on security, operations, and BI use cases. It provides log management and analytics services that leverage machine-generated big data to deliver real-time IT insights.
Sumo Logic is developed as a SaaS solution, it processes and analyzes large quantities of IT infrastructure data, spotting patterns and anomalies that can indicate a potential threat or significant event.
The platform is designed to help IT,...
We primarily use Sumo Logic as a SIEM, Security information and event management tool. It serves as a Cloud SIEM and is utilized for alert monitoring, insight monitoring, and as a continuous intelligence platform.
We use Sumo Logic Security for logging purposes. We store and monitor application logs and VPC flow logs in the solution.
The product is a log aggregator of all the logs from all our environments, including AWS. Our infrastructure is deployed on AWS. We ship all logs to Sumo Logic. Based on the logs, we create alerts. These alerts are sent to an email ID, which creates tickets.
We are using Sumo Logic Security for security monitoring.
We primarily use the solution for security as well as application monitoring. We use it for security as well.
Our primary use case for this solution is logging and monitoring. We have dashboards for monitoring the performance and health of our applications and logins.
We've got it integrated into all of our production assets and our IT assets, like Okta and all the SaaS stuff that we need to manage our IT environment. It's plugged into pretty much everything. Primarily, we use it for security alerting. We plug it into Amazon and it lets us know when people log into different accounts, change privileges, log into production, etc. We also have it integrated on the IT side too — we have it integrated into our SSO provider. We want to know if someone logs in too many times or how frequently they try to log in, whether they get locked out or not. It generates alerts. We're starting to roll it out in terms of forensics on our audit logs. Company-wide, if it is part of our certification process, if we buy a SaaS service, it has to integrate with a SIM — it has to provide audit logs. There are a couple of other criteria that we have: it's got to have a split SSO, it has to have a supported SIM, and it's got to support audit logs. All the read-only audit logs get dumped into Sumo Logic as well, and the security team monitors all of that. Our DevSecOps team mainly uses this solution.
We mainly use the solution to take advantage of the debugging logs and application logs, which are the production systems that we have. All of these are running these Sumo Logic agents. They keep communicating with the logs and are pushing to the Sumo Logic servers. Basically, we use it for our application debugging. We also push the balance of our logs to Sumo Logic. That is for our workarounds. It helps us to get to know the health of our application from the load balancer point of view. We pull for certain error messages within the logs, let's say, for example, exceptions, or errors, etc. We use certain patterns that we want to be highlighted for notification purposes. These are running continuously and whenever certain text patterns are found and are beyond a certain threshold, we get notified so that we can take some corrective actions.
We use it to keep our information database.
We use it for monitoring and alerting on application logs.
Our primary use case is application log tracing and monitoring. It does a good job of meeting our needs, in terms of alert monitoring.
We use it for logging and alerting for cloud only applications. We are only use it from the cloud.
It is primarily for storing logs, then making reports out of the logs and also alert. If something goes up or down, or reaches a threshold, then we are on alert for that.
We use it for ingestion of VPC flow logs, CloudTrail logs, and config logs from AWS.
The primary use is incident alerting.
We use it to send our devices logs. It looks for application errors during the development, QA, and production. We also use it for troubleshooting in a production environment. We use only the AWS version.
Sumo Logic is for logging. You can use it as a centralized logging management system. You can send all your application logs to Sumo Logic, then you will receive a clear dashboard where you can see if there are any issues in you operations. It is pretty easy to troubleshoot any issues on your application using Sumo Logic.
Logging all operational and security events in our enterprise environment. We use Sumo Logic to monitor all the applications that we run in the Amazon AWS cloud; we use Sumo Logic to monitor the security posture of our AWS IaaS with CloudTrail, VPC flow, S3 audit, GuardDuty, and EKS services.