We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it.

If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google.

We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users.

I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything.

Overall, I rate the solution a nine out of ten.

It is important to tune the rules so that are minimal false positives.

I rate Sumo Logic Security an eight out of ten.

I'm using the latest version of the solution right now. 

It's great for application monitoring and security. It is user-friendly. 

If anyone needs to handle log management, they should consider a trial with SumoLogic. 

I'd rate the solution nine out of ten. 

First-time users must decide how they want to use the tool. The product is very good as a log aggregator. If we want to use the solution as a SIEM console, it will not be that useful because it does not have the features a SIEM tool would have. It does not have analyzing or threat intel features. The product does provide the option of using extensions, but it does not have its own threat intel feature. Overall, I rate the solution a seven out of ten.

I would advise other people looking into this solution to get used to the monitoring and log analysis tool. This solution has a learning curve at the beginning and requires practice, so it's good to familiarize yourself with that.

I would rate this solution as a whole an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would recommend Sumo Logic. It is easy to use. The culture at Sumo Logic seems to be developer focused. The product is good. The developers are able to use it to get their job done quickly and easily. It fits into the developer's workload. The support is excellent.

We use it in both AWS and on-premise. It tends to work the same in both cases.

We have integrated it with Beanstalk, Lambda, and EC2, and it integrates very well. Though, they have some work to do on the containment side, at least with EC2.

I would rate the solution a nine out of ten. 

Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos. It's just an all-around, easy solution to use. I would be shocked if it doesn't meet your needs.

They just need to keep the pricing model right and ensure that the integrations are seamless. Sumo Logic needs to make sure integrating solutions are seamless. As a startup, we're looking to scale our team with tools that are really easy to use, that scale as well — tools like Sumo Logic, where one person can manage a ton. We probably have 20,000 assets in the cloud, and probably 60 assets in corporate IT, and they're all pumping everything to Sumo logic. Then from one place, you can start analyzing just about anything. That's really important to us.

Overall, on a scale from one to ten, I would give Sumo Logic a rating of nine. If they added more integration, I would give them a rating of ten.

If you want to do a PoC with Sumo Logic, their documentation is very good.

The product is only on AWS. We using it on our production environment.

The product integrates well with our websites.

We have been using only the on-premise versions of this product, so we have not used the AWS versions.

Sumo Logic provide a specific solution for logging. If you cannot handle every server or centralized system, it can provide specific access for your developers. This is helpful for an infrastructure or DevOps team.

We're just a customer.

It's a good tool. It has helped us, and there's a whole lot of features included. 

For new businesses considering using the solution, if you are strictly or directly only looking towards the cost then it might not be justified, because stability is something which can't be measured, or rather it's not exactly tangible. You might say that, okay, one hour of downtime results in so much of a loss in the business, and if you're effectively making use of the tool for bringing up the systems really fast, potential damage will be zero.

I'd rate the solution eight out of ten.

To rate it at a perfect ten, maybe if they offered just a few more features I'd rate it higher. 

They would also get a higher rating if they offered differential pricing to focus on super-critical logs instead of all data in aggregate. On a need basis, whenever I do a query on them, I should be charged based on that. So some kind of a differential pricing model is something that I would expect out of this platform.

We love the product and haven't had any bad experiences with it.

We integrated it with Windows Active Directory. With one of our customers, we integrated it with some security software. It was some antivirus platform. We worked with their security team to ingest some logs that they used at the time and queried the data that they ingested.

It integrates easily with other products. You just have to install the Collector. Then, as long as you know what the format of your logs are like, you can write your field extraction rules, and away you go. As long as you know what you're doing, and as long as you are familiar with the logs that you're ingesting, then it is easy.

We ultimately use it because we are a managed services partner of Amazon, and we need to do it for our ordering purposes. It's just something that we have to have to be able to look at our logs in a dated manner.

I would tell people to not get Sumo Logic if you are looking for a traditional monitoring software, because that was not the purpose it was written for. They should get it if they are looking for a log ingestion and aggregation system.

We use the AWS version of the product.

It is a good tool for operational logging and monitoring of applications.

We are using the hosted version.

Reach out, see if you can get a demo on your data, and see how it fits your needs.

It works with all our main applications, so the integration with those products is pretty seamless from my standpoint.

We use the AWS version.

It satisfied what we required of it, but there's still room for improvement in terms of adding applications. Also, there is a little more improvement needed in terms of guiding users on the start up process.

Look at your functionalities, features, and how appropriate the solution is with what you need. Sumo Logic does give a lot of monitoring ability, even ingesting logs and integrating dashboard reports. You can do reports and alarms, which will aid whomever in the management of their infrastructure.