The speed of queries could be improved. When using more advanced functions, especially with large datasets like the 90-day log retention we had, queries could be slow, sometimes taking up to five minutes. Additionally, the management of searches definitely needs improvement. I often had many Sumo Logic tabs open—not browser tabs, but tabs within their system. It could easily become overwhelming, with multiple pages of tabs to keep track of. There is also a lack of pre-built dashboards. So, those are the three main areas where I see room for improvement.
Documentation could be better. While it's generally good, sometimes finding what you need requires extensive searching. It's not always clear where to look for specific things. Sometimes, the information itself is well-written, but you have to dig through multiple sources before finding it. It's not the most user-friendly experience, so I think documentation needs improvement for user needs.
Software and Systems Engineer at Ben Abrams Consulting
Real User
Top 10
2024-01-11T22:06:00Z
Jan 11, 2024
We accumulate more systems, and they become more ephemeral. Consequently, this leads to an exponential increase in observability data. Therefore, it's crucial to continuously explore, employ, and refine techniques for efficiency in storage, querying, etc. These optimizations directly impact costs for both the vendor and the customer, particularly considering the exponential scale. Thus, cost management becomes paramount, with price per unit as a main factor. It's essential to strive for the lowest possible price per unit while maintaining the capabilities for innovative functionalities. One suggested improvement for Sumo Logic is implementing a more streamlined enrichment process, conceptualizing the observability data collection as an ETL pipeline. This would involve enhancing processing rules and FDR for a smoother experience, particularly when integrating with the SIEM product and performing further enrichments. Such enhancements would benefit security personnel and various other users, making enrichment a primary feature accessible to all.
Sumo Logic Observability is widely used for log aggregation, analysis, and SIEM capabilities. It assists in monitoring data, creating dashboards, and managing log storage.
Sumo Logic Observability helps teams with logging in production, debugging with trace IDs, and performing queries across large datasets. Developers leverage centralized logs for error detection and tracking metrics like successful transactions and data volume. Security teams integrate it with SOAR systems for...
The speed of queries could be improved. When using more advanced functions, especially with large datasets like the 90-day log retention we had, queries could be slow, sometimes taking up to five minutes. Additionally, the management of searches definitely needs improvement. I often had many Sumo Logic tabs open—not browser tabs, but tabs within their system. It could easily become overwhelming, with multiple pages of tabs to keep track of. There is also a lack of pre-built dashboards. So, those are the three main areas where I see room for improvement.
Documentation could be better. While it's generally good, sometimes finding what you need requires extensive searching. It's not always clear where to look for specific things. Sometimes, the information itself is well-written, but you have to dig through multiple sources before finding it. It's not the most user-friendly experience, so I think documentation needs improvement for user needs.
We accumulate more systems, and they become more ephemeral. Consequently, this leads to an exponential increase in observability data. Therefore, it's crucial to continuously explore, employ, and refine techniques for efficiency in storage, querying, etc. These optimizations directly impact costs for both the vendor and the customer, particularly considering the exponential scale. Thus, cost management becomes paramount, with price per unit as a main factor. It's essential to strive for the lowest possible price per unit while maintaining the capabilities for innovative functionalities. One suggested improvement for Sumo Logic is implementing a more streamlined enrichment process, conceptualizing the observability data collection as an ETL pipeline. This would involve enhancing processing rules and FDR for a smoother experience, particularly when integrating with the SIEM product and performing further enrichments. Such enhancements would benefit security personnel and various other users, making enrichment a primary feature accessible to all.
Fine-grained data can be quite frustrating to work with and should be made easier.