My main use cases with Sumo Logic Security are the same as Splunk; it is not log management, but rather security events and information, a security information system like SIEM.
Logs for Security (AWS Built-In)
Sumo Logic Inc.External reviews
359 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Has improved implementation speed and coverage but lacks contextual accuracy in alerts
What is our primary use case?
What is most valuable?
The features I find most useful in Sumo Logic Security are the ease of implementation and connectors; they have a very easy connection and many connectors to important systems, making it very easy to implement and fast to start running in production.
Sumo Logic's diverse log sources support very much for my digital transformation, and this is a strong side of the system. They have wide support for connectors, enabling me to implement almost any system with webhooks and connect whatever I want, so this aspect is definitely a strong side of this product.
What needs improvement?
One major improvement I would suggest for Sumo Logic Security is in its risk-based alerting system; while it initially sounds clever and modern, it works as a point-based system where an IP address or entity gets points for bad actions, raising alerts when enough points are collected. This can lead to alerts that are collections of disjointed signals that sometimes make no sense and lack real context; this simplistic approach makes it hard to find coherent stories during investigations.
To improve in the support area, I recommend enhancing the technical part because, while the process is good, the actual quality may depend on the personnel involved.
For how long have I used the solution?
I have been working with Sumo Logic Security for fourteen months.
What do I think about the stability of the solution?
I have used Sumo Logic Security's threat detection feature, and I think it is very easy to use. The query language is pretty straightforward and easy, and it is very powerful for building different searches and dashboards that will serve for later exploration of the same interests I have.
I have used the anomaly detection capabilities in Sumo Logic Security, and it works pretty well out of the box. We did not verify the effectiveness, but it identifies a lot of anomalies and functions as a risk-based system mainly, where each log can become a signal. Each one gets several points, and if an entity or user and IP gets enough bad points, then an alert is raised. Each person or IP in a company has a bucket, and for each bad signal, you put a point in this bucket, and when you reach a certain point, an alert is created. However, while it is very easy and automated, it is also a negative side because it provides less context for things I am interested in finding in the alerting system.
What do I think about the scalability of the solution?
I did not face any significant issues with Sumo Logic Security, but the pricing may be a concern as they try to upsell and raise the prices very quickly.
How are customer service and support?
I would rate the support from Sumo Logic Security as about a seven. It depends on the person providing support, but in general, they usually provide continuous support post-implementation, being in touch and trying to help, which makes their after-sale process better than Splunk.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup for Sumo Logic Security is pretty easy and straightforward.
What about the implementation team?
For Sumo Logic Security, I believe the deployment was internal, while for Splunk, it involved some hours from a reseller and Splunk themselves, making it a hybrid approach.
What was our ROI?
My company has not calculated ROI for Sumo Logic Security.
Which other solutions did I evaluate?
When comparing Sumo Logic Security with other tools such as Splunk, I see advantages such as its easier implementation, especially for companies that lack cybersecurity know-how; Sumo Logic Security can be beneficial for quick setup. However, while it is good for average tasks without needing three engineers, Splunk allows for more configuration to meet specific organizational needs, although it requires more expertise and time.
What other advice do I have?
The compliance reporting tool in Sumo Logic Security is pretty acceptable; nothing special, but it is okay in helping meet regulatory requirements for my organization.
Overall, I think Sumo Logic Security is acceptable; it is a pretty slick, nice product, with no significant additional features that I feel need to be added or improved.
For those considering using Sumo Logic Security, I would recommend checking it out.
I do not rate it a ten because I find some aspects of how the system works overall to be strange. My review rating for Sumo Logic Security is seven.
Review of sumo logic
What do you like best about the product?
ability to look up logs by trace across multiple services
What do you dislike about the product?
There are sometimes delays between the log generation and its visibility on sumo. and sometime sumo misses logs.
What problems is the product solving and how is that benefiting you?
Sumo is used to help analyze logs for errors for root cause analysis for issues.
SumoLogic review
What do you like best about the product?
For simple queries, usage feels relatively intuitive and easy to pick up
What do you dislike about the product?
Query language has a learning curve - can take some time to pick up and get used to for complex queries
What problems is the product solving and how is that benefiting you?
Observability, particularly in an incident resolution context. Being able to narrow down on affected entities and root causes
Good tool for observability
What do you like best about the product?
The unified platform integrates logging, metrics and traceability, provides for real time monitoring and is scalable.
What do you dislike about the product?
High costs for data ingestion and requires additional configuration for systems that are non-standard
What problems is the product solving and how is that benefiting you?
Providing a single platform for metrics collection, real time log management and distributed tracing.
Works Well, But the Cost and Flexibility Can Be Better
What do you like best about the product?
Sumo Logic is a decent choice for log management and monitoring, especially in cloud-native environments. It’s easy to set up, scales well, and has useful built-in dashboards. Real-time monitoring and anomaly detection work well, but query performance can sometimes be slow, and the learning curve is there.
What do you dislike about the product?
One of the downsides is cost—pricing can get steep as log volume grows.
What problems is the product solving and how is that benefiting you?
Log management, monitoring, and security analytics challenges.
Good monitoring and log management tool
What do you like best about the product?
Its an all in one place to view your logs in real time, create dashboards etc. I guess there is a lot more it can do, but this is what I've used so far
What do you dislike about the product?
The old UI was really clunky to use. Need to check the new UI properly.
What problems is the product solving and how is that benefiting you?
getting to view the logs from the containers.
Sumo for Devops usecase
What do you like best about the product?
We can check all logs from various regions and multiple account in one place, which makes us not to change AWS account to see logs in different account. And it also has longer retention period than Cloudwatch. Its really easy to setup as well like adding collectors or embedding Sumo into AWS lambda. This is written by me 100% based on my expereince and my usecases and not even partially written by AI
What do you dislike about the product?
I hope Sumo would have NLM based search like doing query with natural lanuges. Once you get used to do queries in Sumo then its quite easy, but there would be littel bit of learning curve at the beginning. And its almost real-time like Sumo still gets little bit of delays getting data from AWS lambda or so. This is written by me 100% based on my expereince and my usecases and not even partially written by AI
What problems is the product solving and how is that benefiting you?
1. CS/Dev team uses Sumo everyday to analysis data / find logs / debug errors
2. Ops created a dashboard to monitor all deployment pipeline deployed in Prod to see its status / versions,. etc
3. Sumo provides real time monitoring of logs such that we can get alerts from logs showing any potential issues and maintain system reliability
This is written by me 100% based on my expereince and my usecases and not even partially written by AI
2. Ops created a dashboard to monitor all deployment pipeline deployed in Prod to see its status / versions,. etc
3. Sumo provides real time monitoring of logs such that we can get alerts from logs showing any potential issues and maintain system reliability
This is written by me 100% based on my expereince and my usecases and not even partially written by AI
Great Product easy to use
What do you like best about the product?
Ease of use and abilty to scale is great. The reporting is great.
What do you dislike about the product?
no Dislikes nothing to say for negative features
What problems is the product solving and how is that benefiting you?
Agggregating logs
Effective with good log analytics but needs better rule correlation
What is our primary use case?
What is most valuable?
The Log Analytics platform is the most effective. If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic. That is the one best feature that I can suggest.
What needs improvement?
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk. Sometimes logs will not fetch, and there are issues if the log volume exceeds a threshold. Not every tool is integrated with Sumo Logic. The response time for their support could be better, and it is not very user-friendly.
For how long have I used the solution?
I've been using hte solution for two years.
What do I think about the stability of the solution?
There are stability issues. Sometimes logs will not fetch, and if there are many records, the system may stop or the UI may become unresponsive.
How are customer service and support?
The support team is not very good. They don't provide support on call and have a response time of forty-eight hours, which is not instant support.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
I'm not sure about the pricing.
What other advice do I have?
I don't recommend this product.
I'd rate the solution six out of ten.
I have used for comprehensive log management and analytics with powerful insights
What do you like best about the product?
Real-time monitoring and powerful analytics make it easy to gain deep insight from vast amounts of data.
What do you dislike about the product?
Prices are high for small teams and the learning curve is a bit high for new users.
What problems is the product solving and how is that benefiting you?
Sumo Logic helps streamline log management and real-time analytics, enabling faster issue detection and improved operational efficiency.
showing 1 - 10