Security and Threat Detection
Sumo provides a variety of apps for security products and platforms, from firewalls and endpoint protection to security automation and orchestration. This guide has documentation for those apps.
๐๏ธ Akamai Security Events
The Sumo Logic app for Akamai Security Events allows you to visualize security events generated on the Akamai platform.
๐๏ธ Barracuda WAF
The Barracuda WAF App analyzes traffic flowing through the Barracuda WAF and provides pre-configured dashboards that allow you to monitor WAF traffic as well to analyze various types of attacks detected both by Barracuda and the Sumo Logic Threat Intelligence database.
๐๏ธ Carbon Black Cloud
The Carbon Black Cloud App analyzes alert and event data from the Endpoint Standard and Enterprise EDR products. App dashboards provide visibility into threats, TTPs, devices, and more.
๐๏ธ Cisco ASA
The Cisco ASA App gives you insight into website visitor patterns, monitors infrastructure operations, and provides easy access to threat monitoring.
๐๏ธ Cisco Meraki
The Sumo Logic App for Cisco Meraki provides a single-pane-of-glass for monitoring and troubleshooting network security, end-to-end performance, switch port management, and device management in your environment.
๐๏ธ CloudPassage Halo
The CloudPassage Halo App enables security operators and administrators to correlate security events across their Halo-managed infrastructure.
๐๏ธ CrowdStrike Falcon Endpoint Protection
The CrowdStrike Falcon Endpoint Protection App provides visibility into the security posture of your endpoints as analyzed by the CrowdStrike Falcon Endpoint Protection platform.
๐๏ธ Cylance
The Cylance App enables you to analyze Cylance security events by type, status, and detection method.
๐๏ธ Duo Security
The Sumo Logic App for Duo Security helps you monitor your Duo accountโs authentication logs, administrator logs, and telephony logs.
๐๏ธ Evident.io ESP
The Evident.io ESP App provides pre-configured searches and Dashboards that allow you to investigate Evident-specific events and provide operational visibility to team members without logging into Evident.io.
๐๏ธ F5 - BIG-IP LTM
The F5 - BIG-IP Local Traffic Manager (LTM) App helps you optimize and secure network traffic patterns coming into your data center using the F5 BIG-IP platform.
๐๏ธ Imperva Incapsula
The Imperva Incapsula - Web Application Firewall (WAF) App helps you monitor your web application protection service. The preconfigured dashboards provide insights on the threat alerts events on the BOT access control, blocked countries, and user agents.
๐๏ธ Keeper Security
The Keeper Security App for Sumo Logic helps you monitor admin actions, user activities and security risks.
๐๏ธ Netskope
The Netskope App created by Sumo Logic provides visibility into security posture for your applications, as well as allowing you to determine the overall usage of software and SaaS applications in your environment.
๐๏ธ Observable Networks
The Observable Networks App allows you to monitor your Observable Networks deployment from Sumo Logic. The App Overview Dashboard provides insight to high-level data about your network.
๐๏ธ Palo Alto Networks 6
The Palo Alto Networks 6 App provides four dashboards, giving you several ways to discover threats, consumption, traffic patterns, and other security-driven issues, providing additional insight for investigations.
๐๏ธ Palo Alto Networks 8
The Palo Alto Networks 8 App gives you visibility into firewall and traps activity, including information about firewall configuration changes, details about rejected and accepted firewall traffic, traffic events that match the Correlation Objects and Security Profiles you have configured in PAN, and events logged by the Traps Endpoint Security Manager.
๐๏ธ Palo Alto Networks 9
The Sumo Logic App for Palo Alto Networks 9 utilizes PANOS 9 new features in predefined dashboards to provide extensive security analytics throughout your Palo Alto Networks environment.
๐๏ธ SailPoint
Install the Sumo Logic app for SailPoint.
๐๏ธ Threat Intel Quick Analysis
The Threat Intel Quick Analysis App correlates CrowdStrike's threat intelligence data with your own log data, providing security analytics that helps you to detect threats in your environment, while also protecting against sophisticated and persistent cyber-attacks.
๐๏ธ Trend Micro Deep Security
The Trend Micro Deep Security App works with system and security events to monitor event history such as anti-malware, IPS, web reputation, firewall, integrity and log inspection events.
๐๏ธ Twistlock and Twistlock Classic
The Sumo Logic App for Twistlock provides comprehensive monitoring and analysis solution for detecting vulnerabilities and potential threats throughout your environment, including hosts, containers, images, registry.
๐๏ธ VMware Carbon Black
The VMware Carbon Black App provides comprehensive visibility into the security posture of your endpoints, enabling you to determine the effects of a breach across your environment. The App provides visibility into key endpoint security data with preconfigured dashboards for alerts, threats intelligence, feeds, sensors, alerts, users, hosts, processes, IOCs, devices and network status.
๐๏ธ Zscaler Internet Access
This page introduces the Sumo Logic App for Zscaler Internet Access (ZIA) App.
๐๏ธ Zscaler Private Access
The Zscaler Private Access App collects logs from Zscaler using the Log Streaming Service (LSS) to populate pre-configured searches and Dashboards.
๐๏ธ Zscaler Web Security
The Zscaler Web Security App collects logs from Zscaler with Nanolog Streaming Service (NSS) to populate pre-configured searches and Dashboards. The dashboards provide easy-to-access visual insights into web traffic behaviors, security, user browsing activities, and risk.
If you're looking for an app for AWS, Microsoft, or Google, see Amazon and AWS, Microsoft and Azure, or Google.
