Sumo Logic Reviews

30 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.0 out of 101

Do you work for this company?

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-8 of 8)

David Tanner profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic is being used across our company. Our logs are first published to CloudWatch, and then pushed over to Sumo Logic for analysis and debugging. Each log is tagged with a session id that we can use to track API calls across services. We use the logs to verify customer issues, and it lets us see which APIs, and therefore which team to reach out to so we can solve a given issue.
  • The UI is simple and intuitive
  • Data can be searched using simple terms or more complex queries
  • We can ingest all of our logs and not lose anything
  • There isn't an option to do constant refreshes on a query
  • The query language doesn't allow for search by field value automatically
  • Automatic tabs is a little clunky
Sumo Logic appears to be well designed for a small operation to get started with a small amount of logs. As a company grows, I am not sure that the tool will keep up with the demand of massive amounts of logs. This seems to be the case with most of the hosted log services I have worked with at least.
Read David Tanner's full review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source
Currently, SumoLogic is being used to track ALL activity, error, usage, warning, data, and debug logs, that are logged by any user action, or any messages that a service my company uses communicates between other services. Anytime a button is clicked, a page is accessed, workflow is done, or process is completed by an end-user, we log the action in Sumo. Anytime a service or ec2 is running and completes a process or sends/receives a service message, we log that interaction between services. This robust logging allows us to pinpoint specific areas where we need to get more information or want to track specific metrics. We have set up our implementation with Sumo to log anything we tell it to log. If we want a message logged every time an end-user logs in and clicks a certain button, we can log that specific of information down to the second they did it and which browser version they were on. The level of logging is all up to how much you build into your service logging.
  • Activity Tracking
  • Realtime/interactive Dashboard
  • Aggregation of data into tables and graphs
  • Exporting information to be imported into other programs
  • Integrates well with our other internal services
  • Accessibility of information
  • Sumo is very slow compared to other programs like Splunk
  • Sumo only holds data for a certain amount of time, so if you want to reference an entry that was logged 6-months ago, you better have saved your logs in an external database somewhere because Sumo no longer has that information
  • Automatic parsing of data is not set up in Sumo as opposed to Splunk where it automatically parsed ALL logs
It's great for logging all interactions you tell it to log and it's great for sharing information found in queries made by individuals because specific queries can be shared via links that Sumo creates. It's not great for holding information for longer than 30 days or for accessing information over a long period of time.
Read this authenticated review
Jason Sievert profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Sumo Logic to centralize all of our application logs into one easy to use and easy to search interface. This is used not only for production but also our development environments. We use it for troubleshooting issues, development assistance, as well as for security and compliance. Having all of our logs in one place is fantastic.
  • Centralized management, everything can be done from the website.
  • Software upgrades of the collectors, once again all done from the website. Easy to identify out of date collectors
  • Searching and parsing logs. Very easy run a query logs and quantify the data.
  • Changing collectors from web config to local configs could be handled a bit better.
If you have more than one server or application that you generate logs on, Sumo Logic makes the pain of collecting the data and searching it go away. Also with their live tail feature, you can view and parse logs in real time. Sumo Logic makes it easy to collect logs from file based, windows event logs, and network syslog sources.
Read Jason Sievert's full review
Tim Mortensen profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source
My department uses Sumo Logic to evaluate problems with our customer's integration. It gives us valuable insight into the issues our customers are running in to and the visuals to determine a fast solution. Without Sumo Logic, we wouldn't be able to properly troubleshoot with the speed and accuracy needed to help our customer's who are looking for quick resolutions over the phone.
  • Detailed insights into API calls.
  • Fast and accurate results to specific search parameters.
  • Easy to use interface.
  • More customizable shortcuts.
  • Better UI for time-based searches.
  • Adaptive learning for user preferences.
Anytime you are in a customer service role that requires support users connect to your system, you could greatly benefit from your reps using Sumo Logic. Without Sumo Logic, it would be very difficult to troubleshoot in a fast and accurate way. It completely removes the need for a back and forth with your customer to ask probing questions, and replaces it with a direct visual of the problem.
Read Tim Mortensen's full review
Derek Ardolf profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic was being used by developers, system engineers, management, and InfoSec as a primary log aggregation tool. It was replacing the Splunk deployment in our enterprise because it was cheaper, hosted by Sumo Logic, and helped bring larger visibility to the enterprise (as we were able to ingest larger amounts of logs than we had before). As a result, many developer teams that did not initially have the insight into their applications were able to get instant access to how things were running on their systems.
  • Sumo Logic allowed for our InfoSec team to ingest logs from our CDN directly, in real-time, instead of massive compressed archives that were sent every two-hours (the only alternative at the time). Sumo Logic had an app for these logs, that allowed us to easily get an immediate payoff from the data, with canned dashboard and saved searches.
  • Sumo Logic has a fairly extensive REST API when it comes to log sources, source configurations, dashboard data, searches, etc. Their wiki for the API is usually kept up to date.
  • Sumo Logic, during the period of time I had used their product, had added the ability to configure agents via configuration files. This allowed customers to configure their endpoints, and modify the endpoints, with configuration management tools like Chef / Puppet / Salt. Beforehand, the only option was to always make changes either via the web portal or REST API.
  • The solutions engineers were extremely helpful, and easily reachable when issues would occur.
  • Users at our company found it easy to get started, working on new dashboards, scheduled searches, and alerting. The alerting worked well with our third-party paging tool.
  • Sumo Logic, during the period that I used their product (up until at least November 2015), did not have a User / RBAC API. This made it very difficult to manage users (we had about 100 users). Even though they had SAML integration, allowing us to utilize a single-sign on solution, we would have to do manual reviews of user accounts in Sumo Logic on a regular basis. There was no export feature, so it became a matter of copy/pasting all users from the web portal, and creating a spreadsheet out of the data. This was a big pain, as we were all about automation. I had been told that a User / RBAC REST API would be made available sometime during Q1 - Q1 2016.
  • The user who creates any saved search queries, alerts, reports, or dashboards, is the only user that is able to edit them. In a collaborative environment, or larger enterprise, this brings a level of difficulty. For example, if an alert breaks and is spamming an inbox/pager, it cannot be edited or stopped unless done specifically by the user who created it. The RBAC has not been improved enough to allow groups/teams/organizations to have ownership over them (as of November 2015).
  • If you are to delete a user account in Sumo Logic, as your account is setup to allow a specific amount of user accounts in addition to the storage limits agreed in contract, all of the work they had created for teams -- dashboards, scheduled searches, alerting, reporting, etc. -- all become unpublished and unscheduled. They all become inherited by the user that deletes their account. This may create a mess, as this may now completely stop many useful reports/alerts/dashboards that were being taken care of initially. As a result, deletion of a user who is no longer having access to Sumo Logic (due to leaving the company, or leaving a team the needs access), requires a complete review of everything the user has saved in order to see whether anything needs to be rescheduled for alerting/reporting or republished for dashboard viewing. This is all as of November 2015.
  • Purging log data can be extremely difficult. Sumo Logic stores data in a WORM (Write Once, Read Many) type of database. This is done for security reasons, and the database also stores it's data in an encrypted form. If you wish for any data to be removed for any reason, such as PHI / PII / etc. information, you have to wipe out absolutely all data within a time range that Sumo Logic has ever gathered for you. This does not just include the source of the data you are trying to purge, but would include all log data from all sources that you have (even if separately indexed, or partitioned). I am unsure of whether this is still the fact, or if this has at least narrowed down to partition/index, or source.
  • In the web portal, Sumo Logic has icons for agents that are working -- green/yellow if I remember right. Source hosts would always show a big green checkmark for health, even if certain sources were completely failing. If Sumo Logic agents are logging errors that logs can't be collected (permissions, some agent issue, etc.), there wasn't a way to visibly see there was an issue unless you were looking for it in logs. This resulted in periods of time where we did not receive logs from many sources. This is hard to alert on, as we found we would have to create a scheduled search of Sumo Logic agent logs that looked for as many error/warning messages as we could, that we knew about. This was incredibly difficult, and unmanageable.
Sumo Logic is best suited, as of the time of this review, for a smaller-to-medium sized enterprise. Medium may be pushing it, depending on the deployment. The larger the enterprise, user access, and server agent count, the harder Sumo Logic is at scaling and realistically using. I have not managed or deployed other log aggregation solutions, so I'm not aware of whether competitors may suffer from the same setbacks as Sumo Logic. The ease of use, ability to deploy quickly, always having the latest version of the web portal (due to it being hosted), and being able to have data readily available for a critical time of the year were great benefits. Sumo Logic had also shown that they were taking our feedback seriously, and seemed to be working on resolutions to many of these issues for 2016. I'm giving a 7 out of 10 based on the Sumo Logic as it was in November 2015. If one is in talks with the vendor, the cons listed here should be mentioned in order to see if they have been resolved.
Read Derek Ardolf's full review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic is used mostly for analysis in gaps where other monitoring tools fall short. Specifically, log aggregation and even more importantly than the aggregation is that it uses intelligent (and customizable) heuristics to analyze logs for specific event information and sorting.

We use sumo logic primarily for historical analysis but it is very reliable and customizable. For example, for errors that show symptoms directly in their log files (which we already piped to sumo logic for historical analysis) we have used this to generate alerts. This is ideal as log errors often occur before a service fully crashes and has reduced our response time to these types of incidents.

Finally, we have turned some of these into dashboards for certain business users. I don't think there is much helpful use to technical needs, but it can help quickly satisfy business users by providing simple and quick insights into the IT infrastructure. This is a common type of request for internal IT and it is nice to be able to actually fulfill those tickets instead of declining them (without a good tool, it might not be practical to fulfill such small impact requests).
  • Log Aggregation and uploading. The architecture for Sumo Logic makes a great deal of sense and works very well.
  • Automated analysis. It still impresses me how well a newly uploaded log can be broken into intelligent parts, then searched and sorted using their tools.
  • Dashboards. It might not be what YOU will need as an IT admin, but you can give access to these dashboards easily to business users who love that kind of stuff. Most other types of (monitoring / alerting) tools, for no apparent reason, lack this feature.
  • Reporting, monitoring, and graphing. Given, you need to have useful log generation for an application or service as a prerequisite for sumo logic to be able to gain use, once it has it is an amazingly powerful tool.
  • I do not think, as I remember, Sumo Logic works well with things that don't generate as a 'standard' of log. Therefore, sumo logics natural limitation is that it works best with pre-existing logs and doesn't do well to monitor a system for other types of events that don't reach a flat file or standardized log format. If you develop mostly internal applications and like to rely on sumo logic, you may find yourselves begging the developers for more useful and cleaner logs.
Sumo Logic is great anytime you already have a flat log file that your application uses well, and naturally it does not perform well if your applications or services do not write useful information to their logs. We particularly rely on sumo logic to help with post mortems and root cause analysis as we can look environment wide for log anomalies.
Read this authenticated review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
Sumo logic is being used as a single source of log aggregation for multiple system types from Windows, Linux, Networking, Mainframe, etc. This allows cross OS/cross system searches for specific items. This allows our IT security team to research issues quickly. This also allows us to limit the amount of disk space used to store logs on internal systems. We can build custom reporting to track issues or changes that can be shared with teams and management without allowing direct access to the systems involved.
  • Custom reporting
  • Multiple platform access
  • Easy setup for consuming log data
  • Report engine takes work to create useable info
  • User interface needs improvement
  • Better training options
If you are looking for an internal only system then this may not work for you, but aside from that I cannot see where this would be less appropriate. This system is well suited to bring diverse system info together for cross platform research and auditing. It is really helpful where custom reporting is desired or required.
Read this authenticated review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic is used to aggregate our logs from multiple environments and allows us a one stop location to see everything that's happening within our infrastructure. We just log into Sumo Logic and are able to use their query system to easily get at the data we need to make decisions.
  • One stop shop to analyze your data.
  • Great search tool to drill down to issues/problems you might have.
  • Easy interface.
  • Can be daunting at first.
  • Need to educate people on how the categorizing and searching works.
  • Setup can be a bit slow.
For us using Sumo Logic as the centralized location for all of our logs is great. You can either set up custom dashboards to see your data or they have default dashboards/graphs for whatever type of data you're trying to input (web logs, server logs, etc). It makes seeing your data easy.
Read this authenticated review

About Sumo Logic

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Sumo Logic Competitors

Sumo Logic Technical Details

Operating Systems: Unspecified
Mobile Application:No