We use Sumo Logic Security for logging purposes. We store and monitor application logs and VPC flow logs in the solution.
Logs for Security (AWS Built-In)
Sumo Logic Inc.External reviews
371 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Robust Monitoring Tool
What do you like best about the product?
In our organization We found the real-time monitoring resource to be very useful in tracking system performance. The customization page helps us quickly update our basic metrics and fix issues. The search function also allows us to efficiently identify the root cause of the problem.
What do you dislike about the product?
Although quite useful But it takes time to get familiar with some of the advanced features. A more user-friendly scope for these functions will make the data entry process easier for teams. More detailed documentation or instructions for first time users would also be helpful as it is tedious to navigate all functionalities for beginners.
What problems is the product solving and how is that benefiting you?
Sumo Logic helps us monitor and analyze logs in real time. This is so we can quickly detect and fix system problems before they escalate. It has streamlined our incident response process by providing a clear overview of compensation calculations. and helps us troubleshoot errors more efficiently. Customizable dashboards also make it easier to track important information.
Sumo is very responsive and has excellent integrations
What do you like best about the product?
Sumo is so fast and responsive with search queries! I also love the integrations with my other systems that has pre-built dashboards and reports.
What do you dislike about the product?
It took time to learn the query language. I was a long time Splunk admin so going from Splunk to Sumo took a bit of time to learn the language.
What problems is the product solving and how is that benefiting you?
I have all systems (cloud and on-prem) logging to Sumo. The integrations with Palo Alto, Cato Networks, Recorded Future, Microsoft M365/O365, Tenable and more is so helpful because the integration apps have pre-built dashboards and reports that are already intelligent out of the box but also easily customizable so that I can create custom playbooks based on queries across multiple indexes/data sets. My speed of identifying and responding to threats/events has saved my entire team about 20 hours per week that we can apply to other areas or projects.
A great monitoring tool that is easy to use and has great training resources
What do you like best about the product?
I like how simplified the search navigation is. It allows us the ability to have some great monitoring dashboards set up by people other than developers.
What do you dislike about the product?
Theres not really much that I don't dislike. Setting up the collectors is sometimes frustrating but with some playing around it all comes together. Also they seem to have avery short timeout on their site.
What problems is the product solving and how is that benefiting you?
We have recently moved all of our observability away from systems like New Relic and Grafana and moved them to Sumo Logic.
The capabilities are there for logging, alerting and dashboarding which is really relevant to us.
The capabilities are there for logging, alerting and dashboarding which is really relevant to us.
Facilitated visualization with the Dashboard.
What do you like best about the product?
The ease of access to the created reports and analysis of the risks we have on various devices.
What do you dislike about the product?
A lot of information on the screens, it could be more divided and with less information per page.
What problems is the product solving and how is that benefiting you?
Understand the difficulties of our structure by analyzing the logs and presenting them visually.
Great product at the price
What do you like best about the product?
It does all the jobs that competitors do.
Very simple to handle and implement.
Accepts almost any kind of data and allows preprocessing and flexible indexation.
Customer support is good.
Can handle data streams and frequent API calls for ingestion.
Very simple to handle and implement.
Accepts almost any kind of data and allows preprocessing and flexible indexation.
Customer support is good.
Can handle data streams and frequent API calls for ingestion.
What do you dislike about the product?
I think the documentation needs to be revisited in certain cases.
Preprocessing the data can be simpler on the UI.
Out of the box common preprocessing and structuring methods should be added.
Integration wth salesforce can be improved.
Preprocessing the data can be simpler on the UI.
Out of the box common preprocessing and structuring methods should be added.
Integration wth salesforce can be improved.
What problems is the product solving and how is that benefiting you?
The feature we use the most is the single-pane-of-glass kind of dashboard.
Extremely easy t customize.
Helps us in evaluating the data in much broader manner with an opportunity to drill down if needed.
Allows us the get to the core of issue and analyze and report RCAs faster than before.
Extremely easy t customize.
Helps us in evaluating the data in much broader manner with an opportunity to drill down if needed.
Allows us the get to the core of issue and analyze and report RCAs faster than before.
Probably the easiest system to capture logs and quickly sift through logs to identify what is needed
What do you like best about the product?
I really appreciate the fact that SumoLogic has a pretty performant query engine that allows me to drill down to the specific log entry that I need to resolve either application errors or performance issues. It does this is a relaitvely transparant way so we don't have change our exisitng logging practices.
What do you dislike about the product?
it doesn't default to always searching the latest logs, and you have to manuallly set it every time.
What problems is the product solving and how is that benefiting you?
It allows us to easily get to the logs for all the applications that we deploy and allows us to drill down to the relevant logs
Used to store and monitor application logs and VPC flow logs
What is our primary use case?
What is most valuable?
Sumo Logic Security is a good solution for searching the logs and identifying the issues. Sumo Logic Security searches the logs to identify issues easily. Suppose we got an issue related to the application 500 error. We store the application logs in Sumo Logic Security. We can easily search those logs to identify where exactly we are facing the application 500 error.
What needs improvement?
Sumo Logic Security is expensive, and its pricing could be improved.
What do I think about the stability of the solution?
I rate Sumo Logic Security a nine out of ten for stability.
What do I think about the scalability of the solution?
Around ten users are using the solution in our organization.
I rate the solution an eight to nine out of ten for scalability.
How are customer service and support?
We have two options for technical support. If we take the enterprise support, we get a reply within one or two hours. If you don't have enterprise support, you will get a reply in around one day or 12 hours, based on their availability.
How was the initial setup?
The implementation process of the solution was good and not very difficult. You can easily integrate Sumo Logic Security with AWS or Kubernetes. Even new users who are aware of AWS can follow the documentation and easily deploy the solution.
What about the implementation team?
The solution’s deployment doesn’t take more than 15 minutes for a knowledgeable person.
What's my experience with pricing, setup cost, and licensing?
Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products.
What other advice do I have?
We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it.
If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google.
We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users.
I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Helpful but sometimes complicated product
What do you like best about the product?
I have found Sumo Logic can be extremely useful when locating necessary files that may be difficult to locate originally. It is helpful to find necessary files and logs
What do you dislike about the product?
Sometimes it can be difficult trying to find the necessary information. It may take time trying to locate the necessary information.
What problems is the product solving and how is that benefiting you?
It helps with locating and finding necessary files that I may be unable to locate initially with our internal tools. It also helps to find any neccessary changes that are done with our internal systems.
Sumologic is the best in town for log processing
What do you like best about the product?
Very powerful analysis language. It allows not only querying but transformations to display the data exactly as needed. Also very good at finding the needle in the haystack.
Easy to start with from the instrumentation point of view, they cover a lot of tech stacks.
Easy to start with from the instrumentation point of view, they cover a lot of tech stacks.
What do you dislike about the product?
Its implementation of metrics, RUM, tracing is all disconnected.
It feels like multiple products put together with no thought of the whole.
No meaningful way to discover what data is available.
The root cause analysis, service diagram and others do not scale, for a big organization they are useless.
It feels like multiple products put together with no thought of the whole.
No meaningful way to discover what data is available.
The root cause analysis, service diagram and others do not scale, for a big organization they are useless.
What problems is the product solving and how is that benefiting you?
It is able to centralize all our telemetry data.
The main benefit is a simple way to find out what is happening with our services.
The main benefit is a simple way to find out what is happening with our services.
Centralized log management with insights
What do you like best about the product?
Sumo Logic allows you to create a central location to store all your logs in on place where these logs can be analyzed, reported on and alerted on. Its powerful search capabilities can help reduce troubleshooting times by letting you filter and get down to the information needed.
What do you dislike about the product?
There is a small initial learning curve to become an effective user at leveraging the features and functionality. Cost is another aspect that be become a pain point if one does not properly plan on what is being ingested. Using the infrequent data tier helps with this but it's something that needs to thought out so as not to reduce the usability.
What problems is the product solving and how is that benefiting you?
Biggest problem it solves is it standardizes log management and analysis. Sumo has become a one-stop shop for everything related to logs.
showing 41 - 50