Sumo Logic Security Reviews

The primary use is incident alerting.

We use it to do cash, voids, reports, and find any number of abnormal errors in our APIs.

• The search
• Email alerts

It took a bit of trial and error to get it set up correctly based on everything we had to do.  In the end, we had to send everything over HTTP, which was sort of a stop-gap. It was very hard to install the agents on AWS Elastic Beanstalk, which was disappointing. 

The product's interface is a bit slow and cumbersome to use.

I have no concerns about the stability of the product. I feel it handles the stress we put on it very well.

The only limit to the scalability of the product for us is how much we are willing to pay. It should handle any size of our environment that we want scale up to.

Technical support has been great. If I have any issues, I have somebody I can talk to.

We have seen ROI. The product saves time. Because of it, we don't have to provide credentials for everybody to look at individual systems to find their logs.

The price scaling comes in a bit expensive. 

We also evaluated Splunk. We chose Sumo Logic because we needed something to get logs off of individual sites.

The product integrates well with our websites.

We have been using only the on-premise versions of this product, so we have not used the AWS versions.

We use it for ingestion of VPC flow logs, CloudTrail logs, and config logs from AWS.

We also use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people.

The dashboards are great. We use them for monitoring certain events when they happen to see if we want to act upon them. The monitoring pages and the alerting pages are also very handy.

If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved. If they could do something about this, it would be nice.

It is very stable. I've never really seen it have bad performance issues. As long as you're using optimized queries, then it always performs very well.

I don't think I have ever had a performance problem with it. The scalability is good.

We have multiple different customers who ingest different amounts based on their workloads and environments. We have ten customers with our biggest customer ingesting around 18G a day. Across all our customers, we might be ingesting around 50G a day.

The support team at Sumo Logic is great. They have great people. They give good support when and if we need it.

The integration and configuration of Sumo Logic into our AWS environment was easy and great.

Purchasing the solution through the AWS Marketplace is very easy. We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges. Thus, it's convenient.

The AWS Marketplace pricing is fairly reasonable for what it does. Compared to the other tools that do it as well, it's reasonable. I wouldn't call it expensive, but I wouldn't call it cheap. It is pretty good.

We love the product and haven't had any bad experiences with it.

We integrated it with Windows Active Directory. With one of our customers, we integrated it with some security software. It was some antivirus platform. We worked with their security team to ingest some logs that they used at the time and queried the data that they ingested.

It integrates easily with other products. You just have to install the Collector. Then, as long as you know what the format of your logs are like, you can write your field extraction rules, and away you go. As long as you know what you're doing, and as long as you are familiar with the logs that you're ingesting, then it is easy.

We ultimately use it because we are a managed services partner of Amazon, and we need to do it for our ordering purposes. It's just something that we have to have to be able to look at our logs in a dated manner.

I would tell people to not get Sumo Logic if you are looking for a traditional monitoring software, because that was not the purpose it was written for. They should get it if they are looking for a log ingestion and aggregation system.

We use the AWS version of the product.

It is primarily for storing logs, then making reports out of the logs and also alert. If something goes up or down, or reaches a threshold, then we are on alert for that.

We push logs through Sumo Logic. The prime example is logs from our firewall. We have been pushing logs through Sumo Logic. Then, from there, we were able to generate reports which shows us security risks. In a way, it gives us a bird's eye view of what's happening from our connection's point of view.

We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues.

I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports.

Going forward, I would like more templates for reports, especially for common vendors, firewalls, and routers. That would be fantastic.

The stability is good. I have never had any issues with it.

The scalability is good. You can get as much as you want.

Our environment is very small. However, we are beginning to ramp up by pushing logs through Sumo Logic, as we progress with our cloud migration.

The technical support is fantastic.

The initial setup is the most stressful, like learning how to use it. Once you get hang of it, it should be all right.

I have had minimal experience of using Sumo Logic with the cloud. However, I think it's a matter of providing user credentials on your AWS account. I know they have different apps for AWS which you can easily use.

It satisfied what we required of it, but there's still room for improvement in terms of adding applications. Also, there is a little more improvement needed in terms of guiding users on the start up process.

Look at your functionalities, features, and how appropriate the solution is with what you need. Sumo Logic does give a lot of monitoring ability, even ingesting logs and integrating dashboard reports. You can do reports and alarms, which will aid whomever in the management of their infrastructure.

We use it to send our devices logs. It looks for application errors during the development, QA, and production. We also use it for troubleshooting in a production environment.

We use only the AWS version.

Before Sumo Logic, we had to login to every server and verify each error log to determine the problem. With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help.

The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems.

It is 100 percent stable. I have never had a problem.

We put a lot of stress on it, because all our servers (3000 to 4000) send information to Sumo from development to production environment.

They can store terabytes of data. We just need to create an agent to send information to them, and they take care of the rest of it.

Currently, we have a small environment. My biggest worry when using Sumo Logic is that we will pass 3000 to 4000 servers. That many servers isn't so impressive.

We have used the technical support twice and have received good answers from them.

The integration of AWS was really easy for us into the environment.

Purchasing Sumo Logic through the AWS Marketplace was a simple step. I think the company decided to purchase on the AWS Marketplace to consolidate the purchasing onto one bill. 

We did evaluate other products. We chose Sumo Logic for its simplicity of use and our developers could make error queries using it.

Sumo Logic provide a specific solution for logging. If you cannot handle every server or centralized system, it can provide specific access for your developers. This is helpful for an infrastructure or DevOps team.