Logs for Security (AWS Built-In)
Sumo Logic Inc.External reviews
380 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Good message granularity, but difficult to write queries.
What do you like best about the product?
I love how in depth the query results are. Being able to filter a certain log field is very useful, and something I had not seen before in older version of Kibana. Being able to drag a specific time range in the log visualization tool and have the logs for that time range pop up are very useful. The JSON field formatting is also extremely useful. We use this to trace through logs and have been able to determine the flow of any particular request in our services. This has saved significant amounts of time as opposed to having to trace through entire log entries.
What do you dislike about the product?
I find myself constantly having to relearn how to write more complex queries. For anything simple, things are usually straightforward, but I find myself having to rely on saved queries too often for anything even moderately complex.
What problems is the product solving and how is that benefiting you?
Being able to filter logs by type in production are very useful, seeing JSON fields formatted is a huge boon.
Recommendations to others considering the product:
Use saved queries lots, it is easy to forget how to write complete queries from scratch. And make sure to format logs correctly in order to take advantage of JSON field filtering that sumo offers. The system is daunting at first, especially when compared to simpler systems like Kibana, but honestly it is significantly more powerful and robust.
good option for managed log ingestion and analysis
What do you like best about the product?
I like their flexible approach to parse fields out of log entries, kind of like linux pipes, to allow you concatenate multiple extraction rules, and aggregate options
What do you dislike about the product?
I've only scratched surface, but for our fairly low volume operation, the price tier is a little steep. I wish they could provide more tiers for light users, then ramp up when needs arise
What problems is the product solving and how is that benefiting you?
As we are a tiny team, we don't want to build and keep up with our own log ingestion and analysis platform. But our log structure is fairly diverse, so the analysis part has to be very flexible. Sumo Logic fits the bill and let us save precious dev time.
Power of sumo Logic
What do you like best about the product?
Best tool especially when we deal with unstructured data.
Great platform for auditing our applications.
easy to learn.
not much complications.
Great platform for auditing our applications.
easy to learn.
not much complications.
What do you dislike about the product?
It can have a client version instead of web browser.
Certain important usecases are hard to find in Google and sumo logic help page.
Certain important usecases are hard to find in Google and sumo logic help page.
What problems is the product solving and how is that benefiting you?
Our applications run on AWS now. I am trying to create dashboards for my support teams to ease their maintenance and higher management for their audit review.
Consolidated Logs simplify near real time monitoring
What do you like best about the product?
Sumo logic is a flexible product which simplifies log searches and lends itself to fast, scalable implementations. Making the most of Sumo takes time, but there's a lot to take advantage of.
What do you dislike about the product?
The command sets for advanced functionality are not always intuitive.
What problems is the product solving and how is that benefiting you?
Primarily we are using Sumologic to supplement our existing alerting methodologies by performing log scans simultaneously across all relevant products with a single, simple query, rather than implementing those log scans via application or cron. The simplicity and speed that their log consolidation offers is an enormous time saver.
Recommendations to others considering the product:
Direct collection is much better than using forwarders; web hooks can and should be configured, identify key logs and collect them to keep costs down rather than trying to collect everything under the sun.
Flexibility, rapid iteration
What do you like best about the product?
Sumologic provides flexibility to dump logs from our existing log modules and get the data directly to sumologic. We can have data in tags etc.
What do you dislike about the product?
Not much to say here. There are no bugs we report. Only issue is related to how large data you dump.
What problems is the product solving and how is that benefiting you?
debugging errors and alerts based on what we have
Data collection and analysis
What do you like best about the product?
The team behind the product. This support and engineering teams were very helpful and used there knowledge of product to build out some useful dashboards
What do you dislike about the product?
live mode reliability. Often live mode would not stay in continuous mode and i would have to refresh the page to get updated information. I also noticed that there were login issues a few times over the course of a 6 month trial 100% uptime is key to having a successful producct
What problems is the product solving and how is that benefiting you?
real time analysis of the cdn and component involved in our pipelines. We did have to rely on other systems at time due to delays but setting up and not having to admin the infrastructure was helpful.
Recommendations to others considering the product:
I would recommend working with vendors services as there is often issues related to search api and dashboard issues that could not be resolved on user side.
New Customer Experience
What do you like best about the product?
The flexibility to collect audit logs from any environment (on-premise or third-party cloud platforms)
What do you dislike about the product?
Some minor limitations in the geolocation maps that do not allow you to drill into the supoorting logs through direct interaction with the map. In other words, you cannot click on map icons to narrow your log search results.
What problems is the product solving and how is that benefiting you?
Low cost and ease of implimentation are high points. Non on-prem SIEM infrastructure to support.
Recommendations to others considering the product:
Consider the hidden costs of on-site hardware resources associated with on-site solutions.
Sumo logic is a multi dimensional tool that helps performance monitoring as well
What do you like best about the product?
Dashboards for one view monitoring of various app services
What do you dislike about the product?
Sometime loading the data takes times if the duration of the logs is longer
What problems is the product solving and how is that benefiting you?
Performance problems and production monitoring
Meets the expectations for logging and alert management
What do you like best about the product?
Ease of selecting the functions like parse and regular expressions and the online content is very informative although it can be improved
What do you dislike about the product?
compared to Splunk agility is less and query time is more.
What problems is the product solving and how is that benefiting you?
Everyday logging and scheduling alerts
Love the quer
What do you like best about the product?
I've found the query language pleasant to use and fairly powerful. Being able to save queries into dashboards, and get periodic email alerts is also really useful.
What do you dislike about the product?
Complex queries (like joins) are very slow. Learning curve is a little steep for query language, hard to find documentation for how to do something new.
What problems is the product solving and how is that benefiting you?
Having a central location for logs from our cloud distributed components, along with a powerful query language has been key in being able to quickly diagnose system issues and reach internal activity.
showing 181 - 190