Sumo Logic Security

The Security page is available only to administrators.

This guide has information about the options available on the Security page. To access the Security page, go to Administration > Security. 

In this section, we'll introduce the following concepts:

📄️ About 2-Step Verification

Sumo Logic offers 2-Step Verification, also known as two-factor authentication, as an optional feature for customers to enhance security and secure sensitive data stored in Sumo Logic. When 2-Step Verification is configured, the user is prompted for an additional security code after authenticating with their username and password. The user obtains the additional security code from a configured device.

📄️ 2-Step Verification for Administrators

These sections describe how to administer 2-Step Verification across your organization.

📄️ 2-Step Verification for Users

These sections describe how to set up and use 2-Step Verification for your Sumo Logic account:

📄️ Access Keys

In Sumo Logic, you must use an access key to:

📄️ Audit Index

Availability

📄️ Audit Event Index

Availability

📄️ Audit Index Data Permissions (Beta)

Beta

📄️ Create an Allowlist for IP or CIDR Addresses

Service Allowlist Settings allow you to explicitly grant access to specific IP addresses and/or CIDR notations for logins, APIs, and dashboard access.

📄️ Data Access Level for Shared Dashboards

The Data Access Level for Shared Dashboards security policy allows you to set all newly created dashboards to run with the viewer's role access filter when the dashboards are shared. If you do not enable this policy, by default newly created dashboards will run with the creator's role access filter, so viewers might see data that their own role search filters do not grant access.

📄️ Enable a Support Account

Administrators can decide to enable a Sumo Logic support account, which grants very select Sumo Logic support agents access to your organization's account, helping those agents to review and resolve complex issues. Admins can choose to keep the support account enabled full-time, or the account can be disabled when no issues are being investigated.

📄️ Installation Tokens

Use Installation Tokens to register Installed Collectors.

🗃️ SAML

10 items

📄️ Search Audit Index

Availability

📄️ Log Search Audit Index

The Search Audit Index is populated with log messages and the message contains search usage and activities for your account. You can query the search audit index just like any other message using the Sumo Logic search page.

📄️ Set the Password Policy

Account admins with the Manage Password Policy capability can set the account's password policy on the Administration \> Security \> Password Policy.

📄️ Set a Limit for User Concurrent Sessions

User Concurrent sessions refer to the number of interactive, UI based, sessions an individual user can have open and active per Sumo Logic account. Users may create multiple user sessions as they log in to an account from different browser types and devices. By default, there are no limits applied to the number of concurrent sessions a user may create.

📄️ Set a Maximum Web Session Timeout

Sumo Logic users can set their web session timeout on the Preferences page, up to a maximum of 7 days. If you are a Sumo Logic admin with the Manage Organizational Settings role capability, you can specify the maximum web session timeout period that users in your org can select. The period you choose controls what values appear on the Web session timeout pulldown on a user’s Preferences page.