Logs for Security (AWS Built-In)
Sumo Logic Inc.External reviews
380 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Sumologic: Easy to use SIEM Tool
What do you like best about the product?
They have included co pilot for ease of use, also now new mitre framework coverage is also there. Also dashboards we can download in PDF.
What do you dislike about the product?
New UI is difficult to manage now, old UI was better according to me.
What problems is the product solving and how is that benefiting you?
It is collecting all data source logs in one place so it is easy to monitor all security data sources effectively and without logging into different portals. Also, it is easy to create rules for custom use cases.
Recommendations to others considering the product:
It is really good SIEM tool who are also giving lots of prebuilt stuffs.
Great Experience with SOAR software
What do you like best about the product?
Easy to implement, customize and to integrate with other IT systems, The software is really very easy to implement and use. Has a lot of powerful functionalities that permit a complete management of security incidents and the automation of responses.
What do you dislike about the product?
We are very satisfied with the software and we have nothing to dislike.
What problems is the product solving and how is that benefiting you?
The Playbook section is well designed, powerful and totally customizable (as you can expect from a SOAR platform). Architectural options and openness provide a lot of flexibility.
Cloud based Intelligent SIEM
What do you like best about the product?
The best part of Sumo logic is that it's so user-friendly and so easy to manage and integrate the applications, solutions to get the consolidated logs. It gives the complete dashboard and reporting.
What do you dislike about the product?
I won't say i disliked it, but it should have a solution on-premises as well as few customers are not cloud-friendly and don't want their data to go to the Cloud.
What problems is the product solving and how is that benefiting you?
With Sumo Logic, we have a single pane of glass platform from where we can see the logs for our on-premises solutions and cloud/Saas-based solutions. It gives the complete visibility of the Threats in the Infra. We have Threat Intel feed integrated, and it correlates the traffic with Intel feeds to deliver the verdict.
Recommendations to others considering the product:
Sumo Logic is the Best Solution for all types of Organizations. Be it a small or large organization. It captures the logs from on-premises as well cloud solutions. Trust me, Integration is so easy and can be done within the minutes.
InMan SOAR from the perspective of an integrator.
What do you like best about the product?
The flexibility of DFLabs and its ability to adapt the product to the requirements of a specific user; high level of technical support; many innovative features (advance triage, deduplication of alerts and incidents, progressive automation, support for non cyber use cases as well, KPIs dashboards), Open Integration Framework, ease of integration with other cybersecurity tools, DFLabs Community for sharing knowledge & integrations.
What do you dislike about the product?
We have been working with DFLabs for several years, but so far I have not found any significant shortcomings in our cooperation and in IncMan SOAR.
What problems is the product solving and how is that benefiting you?
Better and faster detect and investigate cybersecurity alerts, reduce false positives, respond to cyber attacks in less time, measure by KPI success of SOCs, easy adjust the automation of SecOps and decide which time-consuming and repetitive tasks to be automated, enhance communication in SOC teams, better resource allocation in SOC.
Recommendations to others considering the product:
Choosing a SOAR solution is very much dependent on your specific security operations. Every SOAR solution has its own strengths and weaknesses, and what you need to do in order to ensure that you’re maximizing your ROI is to analyze which SOAR solution would be the right fit for your organization. And the best way to find that out is to look closely at your key performance indicators. Answer these questions and you’ll have a better perception of what the ideal SOAR solution looks like:
What does my security organization lack at the moment?
Which components of my security operations are critical for my organization?
Which SOAR solution provides the features that best align with my needs?
It doesn’t need to get more complicated than this. In the end, what you need to do is to make sure that the vendor you choose to collaborate with is indeed reputable, therefore you will steer clear from potential scams. After that, you need to find out if they provide a customizable SOAR solution, which is key if you want to create an impenetrable security system. And then, before you decide to invest, it’s a good idea to request a demo of their SOAR solution just so that you can determine that the SOAR solution perfectly responds to your needs.
The key to every good SOAR solution is to leave no space for any weaknesses, and IncMan SOAR is well aware of that.
What does my security organization lack at the moment?
Which components of my security operations are critical for my organization?
Which SOAR solution provides the features that best align with my needs?
It doesn’t need to get more complicated than this. In the end, what you need to do is to make sure that the vendor you choose to collaborate with is indeed reputable, therefore you will steer clear from potential scams. After that, you need to find out if they provide a customizable SOAR solution, which is key if you want to create an impenetrable security system. And then, before you decide to invest, it’s a good idea to request a demo of their SOAR solution just so that you can determine that the SOAR solution perfectly responds to your needs.
The key to every good SOAR solution is to leave no space for any weaknesses, and IncMan SOAR is well aware of that.
Log Management has never been easier
What do you like best about the product?
It is a log management software that can help you to understand your logs in a better way and conclude actionable results from them. We have started using the tool around 3-4 years back and from that time, we are enjoying the benefits of the same. It has helped us enormously to reduce our workload by merging logs from different servers into a single log stream which can be viewed in a dashboard on Sumo logic giving all the important details in a single screen view.
The Search functionality is really helpful and also saves you a lot of time because you can write customized search queries based on the service name, error codes, and timestamp, etc. We don't monitor 5-6 servers independently for issues now, we just monitor the Sumo logic dashboard and we get all the information in a single place. The integration with alerting tools is also very neat and useful because you can set a particular message to be sent to the alerting tool consisting of the service name, error message and timestamp and server name where it occurred.
The Search functionality is really helpful and also saves you a lot of time because you can write customized search queries based on the service name, error codes, and timestamp, etc. We don't monitor 5-6 servers independently for issues now, we just monitor the Sumo logic dashboard and we get all the information in a single place. The integration with alerting tools is also very neat and useful because you can set a particular message to be sent to the alerting tool consisting of the service name, error message and timestamp and server name where it occurred.
What do you dislike about the product?
The problem I faced with Sumo Logic is query formation. Writing simple queries is not a problem but when they get more and more complex and include more filters, then it becomes cumbersome and we don't get the appropriate response which we were expecting for that query as well. The second problem that I faced was that retrieving the log files which were archived or very old was also an issue because it took a lot of time and even sometimes after loading for so much tie, it would just timeout and throw an error.
What problems is the product solving and how is that benefiting you?
It has been a blessing because we are not focussed more on resolving the issue rather than finding the issue where it occurred. With the help of the alerting tool sends an email to the concerned parties that the service has gone down with this error and on this server in this time frame, So, the concerned team can look into the issue and resolve it in the quickest time possible. You can slice and dice the logs and to the analysis at a very granular level if you want and it gives so many advanced features to you which helps with the same.
Recommendations to others considering the product:
You can slice and dice your logs and do the in-depth analysis and get real actionable results from the process and also the alerting mechanism is the best in case of any failures.
Best log analysis tool ever
What do you like best about the product?
Simple way of analysing logs with in built parsing logic, and able to find the RPM using timeslice and count queries
What do you dislike about the product?
It will be better if we are able to configure multiple conditions while scheduling the search, and it will be useful if we can configure the alert based the search result values instead of only considering row count alone.
What problems is the product solving and how is that benefiting you?
We just wanted to alert our team when there are more number of failures in a certain time. We have achieved this by configuring alert using schedule search.
Recommendations to others considering the product:
If you are looking for log analysis tool in which you wanted to check the application RPM and configuring alert for anamolies/failures, as per my experience with sumologic, it is best one to choose.
A great log management tool, powerful search engine for logs
What do you like best about the product?
Clear and easy querying language, very fast collation of data and results can be grouped or sorted with any key and in any order. Powerful reporting tools with many analytical options like graphs, charts etc. Hosted log collectors are an additional bonus.
What do you dislike about the product?
For now the only thing to dislike is the price, but the powerful feature set cancels it out.
What problems is the product solving and how is that benefiting you?
We obtain insights about requests to our application and how each request performed. This helps explore how the application is being used. We can also draw patterns out of this and use sumologic's alerting tool draw out anomalies.
Recommendations to others considering the product:
Optimise log writing of application to lower your log file sizes for cheaper and better log management with sumologic.
A key resource to improve performance
What do you like best about the product?
Sumo Logic presents a wide range of features aimed at improving performance and optimizing security in the cloud. It is a key resource for us, since continuous monitoring allows us to resolve failures efficiently.
What do you dislike about the product?
Nothing disgusts me about software performance, but I think it's expensive.
What problems is the product solving and how is that benefiting you?
It gives us precise metrics of the operation of our applications. The analytics provided by SumoLogic are important to improve the user experience.
Recommendations to others considering the product:
It is an intelligent solution to make more efficient the monitoring of infrastructures.
It is a smart system
What do you like best about the product?
It provides an integral service, I like its intuitive functions and adaptable to the user. It facilitates the reading of complex metrics in the dashboard, the intelligent system of Sumo Logic is effective for the early detection of failures. It fits our requirements to maintain online security.
What do you dislike about the product?
I think it is a suitable resource for developers, I am satisfied with its performance.
What problems is the product solving and how is that benefiting you?
It helps us protect the security of our applications and correct errors in a short time. Improves performance and is effective in identifying vulnerabilities. It is a tool that facilitates monitoring in the cloud.
Recommendations to others considering the product:
Sumo Logic is expensive, which is why I would recommend it to medium or large companies, which can also take full advantage of the powerful features it offers.
Powerful and Easy To Use
What do you like best about the product?
Powerful query engine, log ingest and metric analytics enable easy dashboarding of my application
What do you dislike about the product?
Price, data ingest costs are quite high and on demand billing costs when you exceed your ingest allowance are absolutely unreasonable
What problems is the product solving and how is that benefiting you?
Consume application logs and dashboard to our support teams
showing 41 - 50