Sumo Logic Reviews

39 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.0 out of 100

Do you work for this company? Learn how we help vendors

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-11 of 11)

Companies can't remove reviews or game the system. Here's why.
Anonymous | TrustRadius Reviewer
July 15, 2020

The (Sumo) Logic(al) choice

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use SumoLogic across all IT as a way of monitoring and analyzing application logs as well as some auditing. We use it to proactively monitor applications looking for new or potential problems. We also use it to analyze the root causes of problems. It is the best way we have to explore logs across clusters of machines.
  • Searching is powerful and fast and does not require you to pre-filter/pre-parse your data in order to extract fields, filter messages, or run analytics
  • User data can be private or shared with the organization, allowing developers to create searches and share them with Support folks.
  • It's easy to create email alerts when certain conditions are detected.
  • Pricing is per ingested byte, so it forces you to pick and choose what you log, rather than ingesting everything and figuring it out later
SumoLogic is a fantastic log aggregator and analysis tool, a fine alternative to Splunk. Searching is powerful and mostly intuitive and results come fast. If you have application logs in clusters or Kubernetes pods that lose their logs every time they're restarted, Sumo is the solution for you.
Documentation is decent. Support is reasonably responsive. For our initial rollout 5 years ago, they provided a lot of hand holding.
Read this authenticated review
M Phillip Yogore | TrustRadius Reviewer
March 02, 2020

Desktop Admin in <3 with Sumo, would like to know more!

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Sumo Logic to pull data from other systems we use. Once we have all the data in a centralized location, we use it to help us analyze our services. From an IT perspective, it helps us support our end users in the best way possible. I would say that our IT team is quite new and green with Sumo Logic, and some would like more information on what Sumo Logic can do for us.
  • It helps our track down laptops that touch our systems
  • It helps us decipher laptops that have self-named hostnames
  • It helps us track down mac addresses
  • I like the help center, but I think if it had more GUI tools, it could help new users.
  • Pulling out data is sometimes hard to read, (Maybe if I knew how to export data better, this would not be an issue for me).
  • I would like better know-how on how to create reports that will help our business.
I love using Sumo Logic when it comes to it finding a laptop on our system. Sometimes we always don't have the right documentation on a system or no documentation on a system at all. In these scenarios, we might have the name of the user, their user ID, or the mac address. What Sumo Logic has provided us when pulling reports from the various systems it allows us to find these machines.
I would give this rating because I attended a free Sumo Logic training at a WeWork in Chicago. I found the training very useful, and I learned a lot of features that I was not aware of before I went to the training. I like the idea that SumoLogic provides free training seminars. I am certified in level1, and I plan on certifying to level2.
Read M Phillip Yogore's full review
Anonymous | TrustRadius Reviewer
March 06, 2020

SumoLogic is a great alerting and log research tool

Score 9 out of 10
Vetted Review
Verified User
Review Source
SumoLogic is being used by our eCommerce department to monitor the logs from our applications. We use it for both ad hoc queries, as well as using it on a frequent basis for setting up alerts. It helps us to quickly be alerted if there are any problems with our systems.
  • Alerts
  • Ad hoc queries
  • Reports
  • Training
  • Cost
  • UI
It is appropriate for ad hoc queries and for alerting.
They have a great Support team!
Read this authenticated review
David Tanner | TrustRadius Reviewer
May 14, 2019

Sumo Logic for Log processing

Score 9 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic is being used across our company. Our logs are first published to CloudWatch, and then pushed over to Sumo Logic for analysis and debugging. Each log is tagged with a session id that we can use to track API calls across services. We use the logs to verify customer issues, and it lets us see which APIs, and therefore which team to reach out to so we can solve a given issue.
  • The UI is simple and intuitive
  • Data can be searched using simple terms or more complex queries
  • We can ingest all of our logs and not lose anything
  • There isn't an option to do constant refreshes on a query
  • The query language doesn't allow for search by field value automatically
  • Automatic tabs is a little clunky
Sumo Logic appears to be well designed for a small operation to get started with a small amount of logs. As a company grows, I am not sure that the tool will keep up with the demand of massive amounts of logs. This seems to be the case with most of the hosted log services I have worked with at least.
Read David Tanner's full review
Jason Sievert | TrustRadius Reviewer
March 31, 2017

Log all the things with Sumo Logic

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Sumo Logic to centralize all of our application logs into one easy to use and easy to search interface. This is used not only for production but also our development environments. We use it for troubleshooting issues, development assistance, as well as for security and compliance. Having all of our logs in one place is fantastic.
  • Centralized management, everything can be done from the website.
  • Software upgrades of the collectors, once again all done from the website. Easy to identify out of date collectors
  • Searching and parsing logs. Very easy run a query logs and quantify the data.
  • Changing collectors from web config to local configs could be handled a bit better.
If you have more than one server or application that you generate logs on, Sumo Logic makes the pain of collecting the data and searching it go away. Also with their live tail feature, you can view and parse logs in real time. Sumo Logic makes it easy to collect logs from file based, windows event logs, and network syslog sources.
Read Jason Sievert's full review
Tim Mortensen | TrustRadius Reviewer
March 27, 2017

The Logical Choice: Sumo Logic

Score 8 out of 10
Vetted Review
Verified User
Review Source
My department uses Sumo Logic to evaluate problems with our customer's integration. It gives us valuable insight into the issues our customers are running in to and the visuals to determine a fast solution. Without Sumo Logic, we wouldn't be able to properly troubleshoot with the speed and accuracy needed to help our customer's who are looking for quick resolutions over the phone.
  • Detailed insights into API calls.
  • Fast and accurate results to specific search parameters.
  • Easy to use interface.
  • More customizable shortcuts.
  • Better UI for time-based searches.
  • Adaptive learning for user preferences.
Anytime you are in a customer service role that requires support users connect to your system, you could greatly benefit from your reps using Sumo Logic. Without Sumo Logic, it would be very difficult to troubleshoot in a fast and accurate way. It completely removes the need for a back and forth with your customer to ask probing questions, and replaces it with a direct visual of the problem.
Read Tim Mortensen's full review
Derek Ardolf | TrustRadius Reviewer
February 05, 2016

Sumo Wrestling Your Logs with Sumo Logic

Score 7 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic was being used by developers, system engineers, management, and InfoSec as a primary log aggregation tool. It was replacing the Splunk deployment in our enterprise because it was cheaper, hosted by Sumo Logic, and helped bring larger visibility to the enterprise (as we were able to ingest larger amounts of logs than we had before). As a result, many developer teams that did not initially have the insight into their applications were able to get instant access to how things were running on their systems.
  • Sumo Logic allowed for our InfoSec team to ingest logs from our CDN directly, in real-time, instead of massive compressed archives that were sent every two-hours (the only alternative at the time). Sumo Logic had an app for these logs, that allowed us to easily get an immediate payoff from the data, with canned dashboard and saved searches.
  • Sumo Logic has a fairly extensive REST API when it comes to log sources, source configurations, dashboard data, searches, etc. Their wiki for the API is usually kept up to date.
  • Sumo Logic, during the period of time I had used their product, had added the ability to configure agents via configuration files. This allowed customers to configure their endpoints, and modify the endpoints, with configuration management tools like Chef / Puppet / Salt. Beforehand, the only option was to always make changes either via the web portal or REST API.
  • The solutions engineers were extremely helpful, and easily reachable when issues would occur.
  • Users at our company found it easy to get started, working on new dashboards, scheduled searches, and alerting. The alerting worked well with our third-party paging tool.
  • Sumo Logic, during the period that I used their product (up until at least November 2015), did not have a User / RBAC API. This made it very difficult to manage users (we had about 100 users). Even though they had SAML integration, allowing us to utilize a single-sign on solution, we would have to do manual reviews of user accounts in Sumo Logic on a regular basis. There was no export feature, so it became a matter of copy/pasting all users from the web portal, and creating a spreadsheet out of the data. This was a big pain, as we were all about automation. I had been told that a User / RBAC REST API would be made available sometime during Q1 - Q1 2016.
  • The user who creates any saved search queries, alerts, reports, or dashboards, is the only user that is able to edit them. In a collaborative environment, or larger enterprise, this brings a level of difficulty. For example, if an alert breaks and is spamming an inbox/pager, it cannot be edited or stopped unless done specifically by the user who created it. The RBAC has not been improved enough to allow groups/teams/organizations to have ownership over them (as of November 2015).
  • If you are to delete a user account in Sumo Logic, as your account is setup to allow a specific amount of user accounts in addition to the storage limits agreed in contract, all of the work they had created for teams -- dashboards, scheduled searches, alerting, reporting, etc. -- all become unpublished and unscheduled. They all become inherited by the user that deletes their account. This may create a mess, as this may now completely stop many useful reports/alerts/dashboards that were being taken care of initially. As a result, deletion of a user who is no longer having access to Sumo Logic (due to leaving the company, or leaving a team the needs access), requires a complete review of everything the user has saved in order to see whether anything needs to be rescheduled for alerting/reporting or republished for dashboard viewing. This is all as of November 2015.
  • Purging log data can be extremely difficult. Sumo Logic stores data in a WORM (Write Once, Read Many) type of database. This is done for security reasons, and the database also stores it's data in an encrypted form. If you wish for any data to be removed for any reason, such as PHI / PII / etc. information, you have to wipe out absolutely all data within a time range that Sumo Logic has ever gathered for you. This does not just include the source of the data you are trying to purge, but would include all log data from all sources that you have (even if separately indexed, or partitioned). I am unsure of whether this is still the fact, or if this has at least narrowed down to partition/index, or source.
  • In the web portal, Sumo Logic has icons for agents that are working -- green/yellow if I remember right. Source hosts would always show a big green checkmark for health, even if certain sources were completely failing. If Sumo Logic agents are logging errors that logs can't be collected (permissions, some agent issue, etc.), there wasn't a way to visibly see there was an issue unless you were looking for it in logs. This resulted in periods of time where we did not receive logs from many sources. This is hard to alert on, as we found we would have to create a scheduled search of Sumo Logic agent logs that looked for as many error/warning messages as we could, that we knew about. This was incredibly difficult, and unmanageable.
Sumo Logic is best suited, as of the time of this review, for a smaller-to-medium sized enterprise. Medium may be pushing it, depending on the deployment. The larger the enterprise, user access, and server agent count, the harder Sumo Logic is at scaling and realistically using. I have not managed or deployed other log aggregation solutions, so I'm not aware of whether competitors may suffer from the same setbacks as Sumo Logic. The ease of use, ability to deploy quickly, always having the latest version of the web portal (due to it being hosted), and being able to have data readily available for a critical time of the year were great benefits. Sumo Logic had also shown that they were taking our feedback seriously, and seemed to be working on resolutions to many of these issues for 2016. I'm giving a 7 out of 10 based on the Sumo Logic as it was in November 2015. If one is in talks with the vendor, the cons listed here should be mentioned in order to see if they have been resolved.
Read Derek Ardolf's full review
Anonymous | TrustRadius Reviewer
May 07, 2018

SumoLogic -- Reliable, cost efficient, and versatile -- but slow

Score 8 out of 10
Vetted Review
Verified User
Review Source
Currently, SumoLogic is being used to track ALL activity, error, usage, warning, data, and debug logs, that are logged by any user action, or any messages that a service my company uses communicates between other services. Anytime a button is clicked, a page is accessed, workflow is done, or process is completed by an end-user, we log the action in Sumo. Anytime a service or ec2 is running and completes a process or sends/receives a service message, we log that interaction between services. This robust logging allows us to pinpoint specific areas where we need to get more information or want to track specific metrics. We have set up our implementation with Sumo to log anything we tell it to log. If we want a message logged every time an end-user logs in and clicks a certain button, we can log that specific of information down to the second they did it and which browser version they were on. The level of logging is all up to how much you build into your service logging.
  • Activity Tracking
  • Realtime/interactive Dashboard
  • Aggregation of data into tables and graphs
  • Exporting information to be imported into other programs
  • Integrates well with our other internal services
  • Accessibility of information
  • Sumo is very slow compared to other programs like Splunk
  • Sumo only holds data for a certain amount of time, so if you want to reference an entry that was logged 6-months ago, you better have saved your logs in an external database somewhere because Sumo no longer has that information
  • Automatic parsing of data is not set up in Sumo as opposed to Splunk where it automatically parsed ALL logs
It's great for logging all interactions you tell it to log and it's great for sharing information found in queries made by individuals because specific queries can be shared via links that Sumo creates. It's not great for holding information for longer than 30 days or for accessing information over a long period of time.
Read this authenticated review
Anonymous | TrustRadius Reviewer
November 14, 2017

Sumo Logic - More than just log aggregation

Score 10 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic is used mostly for analysis in gaps where other monitoring tools fall short. Specifically, log aggregation and even more importantly than the aggregation is that it uses intelligent (and customizable) heuristics to analyze logs for specific event information and sorting.

We use sumo logic primarily for historical analysis but it is very reliable and customizable. For example, for errors that show symptoms directly in their log files (which we already piped to sumo logic for historical analysis) we have used this to generate alerts. This is ideal as log errors often occur before a service fully crashes and has reduced our response time to these types of incidents.

Finally, we have turned some of these into dashboards for certain business users. I don't think there is much helpful use to technical needs, but it can help quickly satisfy business users by providing simple and quick insights into the IT infrastructure. This is a common type of request for internal IT and it is nice to be able to actually fulfill those tickets instead of declining them (without a good tool, it might not be practical to fulfill such small impact requests).
  • Log Aggregation and uploading. The architecture for Sumo Logic makes a great deal of sense and works very well.
  • Automated analysis. It still impresses me how well a newly uploaded log can be broken into intelligent parts, then searched and sorted using their tools.
  • Dashboards. It might not be what YOU will need as an IT admin, but you can give access to these dashboards easily to business users who love that kind of stuff. Most other types of (monitoring / alerting) tools, for no apparent reason, lack this feature.
  • Reporting, monitoring, and graphing. Given, you need to have useful log generation for an application or service as a prerequisite for sumo logic to be able to gain use, once it has it is an amazingly powerful tool.
  • I do not think, as I remember, Sumo Logic works well with things that don't generate as a 'standard' of log. Therefore, sumo logics natural limitation is that it works best with pre-existing logs and doesn't do well to monitor a system for other types of events that don't reach a flat file or standardized log format. If you develop mostly internal applications and like to rely on sumo logic, you may find yourselves begging the developers for more useful and cleaner logs.
Sumo Logic is great anytime you already have a flat log file that your application uses well, and naturally it does not perform well if your applications or services do not write useful information to their logs. We particularly rely on sumo logic to help with post mortems and root cause analysis as we can look environment wide for log anomalies.
Read this authenticated review
Anonymous | TrustRadius Reviewer
June 02, 2016

Sumologic - logging with limited hassles

Score 9 out of 10
Vetted Review
Verified User
Review Source
Sumo logic is being used as a single source of log aggregation for multiple system types from Windows, Linux, Networking, Mainframe, etc. This allows cross OS/cross system searches for specific items. This allows our IT security team to research issues quickly. This also allows us to limit the amount of disk space used to store logs on internal systems. We can build custom reporting to track issues or changes that can be shared with teams and management without allowing direct access to the systems involved.
  • Custom reporting
  • Multiple platform access
  • Easy setup for consuming log data
  • Report engine takes work to create useable info
  • User interface needs improvement
  • Better training options
If you are looking for an internal only system then this may not work for you, but aside from that I cannot see where this would be less appropriate. This system is well suited to bring diverse system info together for cross platform research and auditing. It is really helpful where custom reporting is desired or required.
Read this authenticated review
Anonymous | TrustRadius Reviewer
April 28, 2016

Sumo Logic makes storing and analyzing your data seamless.

Score 9 out of 10
Vetted Review
Verified User
Review Source
Sumo Logic is used to aggregate our logs from multiple environments and allows us a one stop location to see everything that's happening within our infrastructure. We just log into Sumo Logic and are able to use their query system to easily get at the data we need to make decisions.
  • One stop shop to analyze your data.
  • Great search tool to drill down to issues/problems you might have.
  • Easy interface.
  • Can be daunting at first.
  • Need to educate people on how the categorizing and searching works.
  • Setup can be a bit slow.
For us using Sumo Logic as the centralized location for all of our logs is great. You can either set up custom dashboards to see your data or they have default dashboards/graphs for whatever type of data you're trying to input (web logs, server logs, etc). It makes seeing your data easy.
Read this authenticated review

About Sumo Logic

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Sumo Logic Competitors

Sumo Logic Technical Details

Operating Systems: Unspecified
Mobile Application:No