Sumo Logic announced several innovationsmaking it easier for customers to stay competitive in today’s Intelligence Economy. The new enhancements to the company’s platform includes next-generation dashboarding visualization for faster data insights, a Data Enrichment for logs feature that gives users richer metadata for users to describe their log data streams in a more natural and intuitive way and Metric Transformation Rules for advanced control over their time series data.

The company also announced updates to its Global Intelligence Service and added new security out-of-the-box security applications to help security teams better prioritize their security incidents and accelerate response.

In addition, new integrations with Slack and MongoDB provide customers with expanded monitoring capabilities to help them audit and secure these popular enterprise technologies.

“Today, unstructured data created by digital services such as IoT, mobile apps, websites, and SaaS services is the primary source of signal for businesses. Without a way to consolidate these signals into a single, real-time view, companies remain stuck in an intelligence gap,” said Christian Beegen, co-founder and CTO, Sumo Logic. “The new capabilities and integrations we announced today provide our customers with the opportunity to close this gap by securing applications, introducing new services and improving customer experience.”

Sumo Logic’s cloud-native, Continuous Intelligence Platform enables three solutions for customers: Operational Intelligence, Security Intelligence and Global Intelligence. The new platform and solution improvements announced today span across all three areas to help customers leverage analytics and insights to build, run and secure their modern applications and cloud infrastructures.

Operational Intelligence innovations include:

- Next-Gen Dashboard Visualizations enable customers to have rich unified analytics across their metrics and logs data with detailed visual control for optimal monitoring and troubleshooting. Customers can now templatize their dashboards to rescope data on the fly, get interactive and data-dense visuals that help them isolate patterns quickly, and export dashboards to PDF or PNG for easy sharing via email or Slack.

- Data Enrichment for Logs gives customers the ability to describe their log data in a natural and intuitive way by mapping their mental model of how they think about logs to simple key value pairs. Sumo Logic has extended the already extensive metadata support of their metrics product to log data, including automatically capturing metadata from integrations - including the new Kubernetes solution. With this new feature customers can freely tag their logs with simple key-value pairs, helping them investigate and solve issues faster. Any Sumo Logic collector and log source will now support adding key-value pair fields. These fields can be used everywhere in Sumo Logic, from searching logs to securing access via RBAC.

- Metrics Transformation Rules helps users maximize the value of their time series data by giving them control of the granularity and retention of this data. With fine-control over the retention of their time series data, they can now keep high cardinality, high volume operations data for just a few days, while also aggregating the raw data into high-performance, Key Performance Indicators (KPIs) that can be cost-effectively stored for months.

The Security and Global Intelligence updates include:

- New updates to Global Intelligence Services (GIS) for Amazon GuardDuty provide customers a threat anomaly score based on the unusualness of their threat findings they can use to assess their security posture, prioritize responses, and generate a remediation plan. GIS for Amazon GuardDuty helps SecOps professionals cut through the clutter of security alerts and threats by giving them the ability to benchmark their GuardDuty findings against a baseline computed across the broader AWS user base in real time. In addition to the threat anomaly score, customers can leverage a rare events capability that detects threats that are not common in the broader AWS user community, but appear in the customer’s account, to further assist with threat detection and threat hunting.

- 30+ New and Updated Out-of-the-Box Security Applications that further help customers ingest, enrich, and visualize insight from critical elements of their defense. Sumo Logic has updated core applications such as Carbon Black, CrowdStrike, Okta, and Netskope as well as developed new integrations with Aqua, StackRox, and Twistlock that enhance the security of Kubernetes and the modern application stack. In addition, new applications to secure AWS, GCP and Azure extend Sumo Logic’s multi-cloud and hybrid security intelligence solution. With more than 200 total out-of-the-box applications, customers can integrate intelligence across a breadth of both security and operations use cases.

Sumo Logic unveiled integrations with new partners to roll out applications that further expand security and monitoring capabilities and increase users visibility into technologies being used at the heart of enterprises today. These new integrations include:

- Slack - The Sumo Logic App for Slack gives customers the ability to closely monitor external users, access patterns, member profiles, and audit all actions in one place. With this single-pane-of-glass view, users can quickly identify if and when critical data leaves the organization and correlate information across workspaces, channels, member and types (i.e. guest) to accelerate their security, audit incident investigation and threat hunting efforts.

- MongoDB Atlas - The Sumo Logic App for MongoDB Atlas gives customers comprehensive visibility into operations, health and security of their Atlas clusters. With this out-of-the-box solution, users can optimize the performance of an Atlas cluster by identifying slow and inefficient queries and monitor key database and system metrics to determine how to optimize your Atlas cluster resources. For security, users can monitor user logins and audit events, projects and organizational activity. In addition, they can also detect potential incoming threats and indicators of compromise via a built-in threat intelligence database.