Sumo Logic Security Reviews

We use it for logging and alerting for cloud only applications.

We are only use it from the cloud.

We are able to diagnose problems before our customers.

• It's reliable.
• The Curry language is easy to use once you get used to it. 
• The user interface is pretty responsive. 

Therefore, it was a cost value proposition decision.

There are some API gaps that are missing.

It is usually reliable when we expect it to be. We haven't had too many outages. They announce outrages when they have them; more due to degradations when they have them. They have been more reliable than some other vendors that we are using.

We have had no issues with scaling.

We frequently reach out to tech support. We also have a technical account manager (TAM) and a customer success manager assigned to us. We have a fairly large account with them, so we generally get the responses that we need.

We have our own logging solution previously.

The integration and configuration in our AWS environment is automated. We automated it so every AMI comes ready with Sumo Logic and New Relic. Therefore, we have no issues.

We integrated with New Relic. Thus, we get alerts sometimes from Sumo Logic's logs as opposed to just native alerts when they are from CloudWatch or New Relic.

We look at ROI constantly. We put the amortized cost of Sumo Logic and New Relic right in the console that our service teams can look at. The ROI is good enough for us not to move away from Sumo Logic.

The AWS Marketplace pricing is borderline. Every annual renewal, we always contemplate if we are getting what we think we could out of it or could we do it cheaper with some other product.

I believe that we did look at another cloud-based solution, but I wasn't at the company during the evaluation process.

I would recommend to look at Sumo Logic, but also look at Datadog and Loggly. Look at some of the competitors who are also in this space.

Sumo Logic is for logging. You can use it as a centralized logging management system. You can send all your application logs to Sumo Logic, then you will receive a clear dashboard where you can see if there are any issues in you operations. It is pretty easy to troubleshoot any issues on your application using Sumo Logic.

It helps a lot because we can troubleshoot issues pretty easily. 

We can easily search for what is wrong in our application through the logs. We don't need to go through all of the logs. We just make a search on the basis on some keyword, then we will see the actual problem in Sumo Logic.

With the alerting dashboards, you can set up some patterns. Then, on these patterns, you will automatically get alerts.

Currently, it has predefined patterns that we need to set up manually. We would like to have some type of predefined setup for the logs, making the setup easier by default, such as:

• What are the total number of error logs? 
• What are the total number of hits? 
• What are the total number of misses? 
  

The stability is pretty good. I haven't seen more than two or three times when the dashboard has not been working, the logs are not available on the dashboard, or there is some latency in the logs. I always get the real-time logs on the dashboard.

The scalability is good. We have scaled from two servers to 50 servers, and it works well.

If you are enterprise level and your server size is more than ten or 15, then I would recommend to use Sumo Logic.

Initially, we used technical support because when we were new to Sumo Logic. So, we had some issues setting up dashboards. However, after a couple of hands on experiences, the product was pretty easy to use. 

The technical team is good and helped us out.

The integration and configuration of Sumo Logic in our AWS environment was easy. If you can read the documentation, then you can easily set it up.

The troubleshooting part of Sumo Logic has solved a lot, e.g., if there is any downtime on the website. So, we have reduce our downtime by a lot with Sumo Logic because we can easily troubleshoot issues.

The pricing is a little high, but for the features that we receive from Sumo Logic, it suits the price. For some small organizations, the price might be a little high.

We have used other products, like Loggly and ELK Stack.

Our log sites are huge, and Sumo Logic was a good option for the large volumes. ELK and the other options were not working well with the large volumes.

If you want to do a PoC with Sumo Logic, their documentation is very good.

The product is only on AWS. We using it on our production environment.

We use it for monitoring and alerting on application logs.

We have used it many times to find a root cause of a live issue, then fix the problem in the applications.

• The tools that they have for searching through logs.
• Doing log comparisons.
• Time shifting the logs.
• The dashboards are good.

We would like the ability to drill down into a dashboard and get into deeper levels.

Some of the operations and security team members don't think Sumo Logic does as well as Splunk in their field. Sumo Logic could possibly do more work with security teams and the operations side to bring in some additional features that Splunk has which Sumo Logic doesn't.

We put a good amount of strain on the product, and it has held up very well.

It scales very well. Our environment has several hundred applications running on it with about a 1000 hosts.

Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support.

The integration and configuration in the AWS environment was very easy. They published some sample code for integrating with Lambda and other technologies, and it is pretty easy to get there.

We also looked at Splunk. However, Sumo Logic was better liked by the developers. It had a more intuitive interface and a better set of tools for analyzing logs to do root cause analysis and caching. We chose the product based on the input from the developers who did the analysis.

I would recommend Sumo Logic. It is easy to use. The culture at Sumo Logic seems to be developer focused. The product is good. The developers are able to use it to get their job done quickly and easily. It fits into the developer's workload. The support is excellent.

We use it in both AWS and on-premise. It tends to work the same in both cases.

We have integrated it with Beanstalk, Lambda, and EC2, and it integrates very well. Though, they have some work to do on the containment side, at least with EC2.

We use it to keep our information database.

It provides easy visibility. I also like the shareable queries because we share a lot across groups.

Being able to join logs together across many services and servers.

There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries.

We haven't had issues with it since I have been working with it.

The scalability fits our needs. It seems very fast and works well.

We just reach out via email if we need assistance.

I don't pay the bill. I've heard the AWS Marketplace pricing is high, but I like the value.

It was already in place when I joined the company, and we are not currently looking at any alternatives.

Reach out, see if you can get a demo on your data, and see how it fits your needs.

It works with all our main applications, so the integration with those products is pretty seamless from my standpoint.

We use the AWS version.

Our primary use case is application log tracing and monitoring. It does a good job of meeting our needs, in terms of alert monitoring.

For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly.

The key features that we have been using:

• The ability to troubleshoot production issues.
• Set up monitoring for errors. 

I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial.

It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement.

We are still looking for some functionality to make the alerting and monitoring set up easier and more user-friendly.

We are sending out real-time streaming of logs from multiple applications, and we haven't had any issues with the application.

Scalability has been good for our needs. 

We have applications across the company which are using Sumo Logic. We haven't run into any scaling issues in regards to size so far.

We haven't reached out to technical support yet.

The integration was set up by us. What we did was use our deployment automation tools to send logs over to Sumo Logic. Most of this was done on our side. It would have been nice to have some out-of-the-box plugins which could have been used for this purpose.

We integrate with a lot of custom applications, mostly running on a Linux environment. What we do is we send logs from the Linux file systems over to Sumo Logic.

We have seen improvement in our operational processes.

Pricing has been cheaper than some of the competing tools, like Splunk. However, if we went to ELK Stack, which is open source, it would have been less costly, but it would have required more development from our side. It is a good balance between price and functionality.

We also looked at Kibana. 

We chose Sumo Logic because it had robust functionality. We also had a licensing agreement with the parent company.

It is a good tool for operational logging and monitoring of applications.

We are using the hosted version.

The primary use is incident alerting.

We use it to do cash, voids, reports, and find any number of abnormal errors in our APIs.

• The search
• Email alerts

It took a bit of trial and error to get it set up correctly based on everything we had to do.  In the end, we had to send everything over HTTP, which was sort of a stop-gap. It was very hard to install the agents on AWS Elastic Beanstalk, which was disappointing. 

The product's interface is a bit slow and cumbersome to use.

I have no concerns about the stability of the product. I feel it handles the stress we put on it very well.

The only limit to the scalability of the product for us is how much we are willing to pay. It should handle any size of our environment that we want scale up to.

Technical support has been great. If I have any issues, I have somebody I can talk to.

We have seen ROI. The product saves time. Because of it, we don't have to provide credentials for everybody to look at individual systems to find their logs.

The price scaling comes in a bit expensive. 

We also evaluated Splunk. We chose Sumo Logic because we needed something to get logs off of individual sites.

The product integrates well with our websites.

We have been using only the on-premise versions of this product, so we have not used the AWS versions.

We use it for ingestion of VPC flow logs, CloudTrail logs, and config logs from AWS.

We also use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people.

The dashboards are great. We use them for monitoring certain events when they happen to see if we want to act upon them. The monitoring pages and the alerting pages are also very handy.

If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved. If they could do something about this, it would be nice.

It is very stable. I've never really seen it have bad performance issues. As long as you're using optimized queries, then it always performs very well.

I don't think I have ever had a performance problem with it. The scalability is good.

We have multiple different customers who ingest different amounts based on their workloads and environments. We have ten customers with our biggest customer ingesting around 18G a day. Across all our customers, we might be ingesting around 50G a day.

The support team at Sumo Logic is great. They have great people. They give good support when and if we need it.

The integration and configuration of Sumo Logic into our AWS environment was easy and great.

Purchasing the solution through the AWS Marketplace is very easy. We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges. Thus, it's convenient.

The AWS Marketplace pricing is fairly reasonable for what it does. Compared to the other tools that do it as well, it's reasonable. I wouldn't call it expensive, but I wouldn't call it cheap. It is pretty good.

We love the product and haven't had any bad experiences with it.

We integrated it with Windows Active Directory. With one of our customers, we integrated it with some security software. It was some antivirus platform. We worked with their security team to ingest some logs that they used at the time and queried the data that they ingested.

It integrates easily with other products. You just have to install the Collector. Then, as long as you know what the format of your logs are like, you can write your field extraction rules, and away you go. As long as you know what you're doing, and as long as you are familiar with the logs that you're ingesting, then it is easy.

We ultimately use it because we are a managed services partner of Amazon, and we need to do it for our ordering purposes. It's just something that we have to have to be able to look at our logs in a dated manner.

I would tell people to not get Sumo Logic if you are looking for a traditional monitoring software, because that was not the purpose it was written for. They should get it if they are looking for a log ingestion and aggregation system.

We use the AWS version of the product.

It is primarily for storing logs, then making reports out of the logs and also alert. If something goes up or down, or reaches a threshold, then we are on alert for that.

We push logs through Sumo Logic. The prime example is logs from our firewall. We have been pushing logs through Sumo Logic. Then, from there, we were able to generate reports which shows us security risks. In a way, it gives us a bird's eye view of what's happening from our connection's point of view.

We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues.

I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports.

Going forward, I would like more templates for reports, especially for common vendors, firewalls, and routers. That would be fantastic.

The stability is good. I have never had any issues with it.

The scalability is good. You can get as much as you want.

Our environment is very small. However, we are beginning to ramp up by pushing logs through Sumo Logic, as we progress with our cloud migration.

The technical support is fantastic.

The initial setup is the most stressful, like learning how to use it. Once you get hang of it, it should be all right.

I have had minimal experience of using Sumo Logic with the cloud. However, I think it's a matter of providing user credentials on your AWS account. I know they have different apps for AWS which you can easily use.

It satisfied what we required of it, but there's still room for improvement in terms of adding applications. Also, there is a little more improvement needed in terms of guiding users on the start up process.

Look at your functionalities, features, and how appropriate the solution is with what you need. Sumo Logic does give a lot of monitoring ability, even ingesting logs and integrating dashboard reports. You can do reports and alarms, which will aid whomever in the management of their infrastructure.