Skip to main content
TrustRadius
Sumo Logic

Sumo Logic

Overview

What is Sumo Logic?

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing

Essentials

$3.00

Cloud
Per GB Logs

Enterprise

$4.00

Cloud
Per GB Logs

Enterprise Security

$4.25

Cloud
Per GB Logs

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Sumo Logic Search Job API

YouTube

Sumo Logic: Unified Logs and Metrics

YouTube

Demo of Sumo Logic Log Reduce - Next Generation Log Analytics

YouTube

Next Generation Log Management & Analytics - Demo of Sumo Logic

YouTube
Return to navigation

Product Details

What is Sumo Logic?

Sumo Logic is a cloud-native SaaS analytics platform powered by logs that helps customers deliver reliable and secure cloud-native applications. Sumo Logic helps practitioners and developers to ensure application reliability and security against modern threats and gain insights into their cloud infrastructures. The scalable platform also offers real-time analytics and insights across observability and security solutions for their cloud-native applications.

Sumo Logic Video

Sumo Logic platform intro

Sumo Logic Competitors

Sumo Logic Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Datadog, Splunk Cloud, and New Relic are common alternatives for Sumo Logic.

Reviewers rate Usability highest, with a score of 9.

The most common users of Sumo Logic are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

(1-5 of 13)

Sumo Wrestling Your Logs with Sumo Logic

Rating: 7 out of 10
February 05, 2016
DA
Vetted Review
Verified User
Sumo Logic
1 year of experience
Sumo Logic was being used by developers, system engineers, management, and InfoSec as a primary log aggregation tool. It was replacing the Splunk deployment in our enterprise because it was cheaper, hosted by Sumo Logic, and helped bring larger visibility to the enterprise (as we were able to ingest larger amounts of logs than we had before). As a result, many developer teams that did not initially have the insight into their applications were able to get instant access to how things were running on their systems.
  • Sumo Logic allowed for our InfoSec team to ingest logs from our CDN directly, in real-time, instead of massive compressed archives that were sent every two-hours (the only alternative at the time). Sumo Logic had an app for these logs, that allowed us to easily get an immediate payoff from the data, with canned dashboard and saved searches.
  • Sumo Logic has a fairly extensive REST API when it comes to log sources, source configurations, dashboard data, searches, etc. Their wiki for the API is usually kept up to date.
  • Sumo Logic, during the period of time I had used their product, had added the ability to configure agents via configuration files. This allowed customers to configure their endpoints, and modify the endpoints, with configuration management tools like Chef / Puppet / Salt. Beforehand, the only option was to always make changes either via the web portal or REST API.
  • The solutions engineers were extremely helpful, and easily reachable when issues would occur.
  • Users at our company found it easy to get started, working on new dashboards, scheduled searches, and alerting. The alerting worked well with our third-party paging tool.
Cons
  • Sumo Logic, during the period that I used their product (up until at least November 2015), did not have a User / RBAC API. This made it very difficult to manage users (we had about 100 users). Even though they had SAML integration, allowing us to utilize a single-sign on solution, we would have to do manual reviews of user accounts in Sumo Logic on a regular basis. There was no export feature, so it became a matter of copy/pasting all users from the web portal, and creating a spreadsheet out of the data. This was a big pain, as we were all about automation. I had been told that a User / RBAC REST API would be made available sometime during Q1 - Q1 2016.
  • The user who creates any saved search queries, alerts, reports, or dashboards, is the only user that is able to edit them. In a collaborative environment, or larger enterprise, this brings a level of difficulty. For example, if an alert breaks and is spamming an inbox/pager, it cannot be edited or stopped unless done specifically by the user who created it. The RBAC has not been improved enough to allow groups/teams/organizations to have ownership over them (as of November 2015).
  • If you are to delete a user account in Sumo Logic, as your account is setup to allow a specific amount of user accounts in addition to the storage limits agreed in contract, all of the work they had created for teams -- dashboards, scheduled searches, alerting, reporting, etc. -- all become unpublished and unscheduled. They all become inherited by the user that deletes their account. This may create a mess, as this may now completely stop many useful reports/alerts/dashboards that were being taken care of initially. As a result, deletion of a user who is no longer having access to Sumo Logic (due to leaving the company, or leaving a team the needs access), requires a complete review of everything the user has saved in order to see whether anything needs to be rescheduled for alerting/reporting or republished for dashboard viewing. This is all as of November 2015.
  • Purging log data can be extremely difficult. Sumo Logic stores data in a WORM (Write Once, Read Many) type of database. This is done for security reasons, and the database also stores it's data in an encrypted form. If you wish for any data to be removed for any reason, such as PHI / PII / etc. information, you have to wipe out absolutely all data within a time range that Sumo Logic has ever gathered for you. This does not just include the source of the data you are trying to purge, but would include all log data from all sources that you have (even if separately indexed, or partitioned). I am unsure of whether this is still the fact, or if this has at least narrowed down to partition/index, or source.
  • In the web portal, Sumo Logic has icons for agents that are working -- green/yellow if I remember right. Source hosts would always show a big green checkmark for health, even if certain sources were completely failing. If Sumo Logic agents are logging errors that logs can't be collected (permissions, some agent issue, etc.), there wasn't a way to visibly see there was an issue unless you were looking for it in logs. This resulted in periods of time where we did not receive logs from many sources. This is hard to alert on, as we found we would have to create a scheduled search of Sumo Logic agent logs that looked for as many error/warning messages as we could, that we knew about. This was incredibly difficult, and unmanageable.
Sumo Logic is best suited, as of the time of this review, for a smaller-to-medium sized enterprise. Medium may be pushing it, depending on the deployment. The larger the enterprise, user access, and server agent count, the harder Sumo Logic is at scaling and realistically using. I have not managed or deployed other log aggregation solutions, so I'm not aware of whether competitors may suffer from the same setbacks as Sumo Logic. The ease of use, ability to deploy quickly, always having the latest version of the web portal (due to it being hosted), and being able to have data readily available for a critical time of the year were great benefits. Sumo Logic had also shown that they were taking our feedback seriously, and seemed to be working on resolutions to many of these issues for 2016. I'm giving a 7 out of 10 based on the Sumo Logic as it was in November 2015. If one is in talks with the vendor, the cons listed here should be mentioned in order to see if they have been resolved.

Sumo Logic--A great tool for anyone using OneLogin

Rating: 10 out of 10
June 30, 2021
MB
Vetted Review
Verified User
Sumo Logic
3 years of experience
OneLogin utilizes Sumo Logic for an advanced look into transactions that occur within the OneLogin platform for all of its customers. As a valued partner of OneLogin, Sumo Logic extends a limited version of its cloud-based offering. OneLogin customers can use Sumo Logic in the same way that we at OneLogin utilize it with restrictions. The limited users without a paid subscription can only view seven days of log history and a limited amount of logs. Sumo Logic is a go-to troubleshooting tool for technical folks like myself at OneLogin. It just works, and the information is there for us to review.
  • Streams logs in near-real-time to the platform
  • Allows email alerts based upon log information
  • Allows users to create dashboards based upon events
  • Searchable event history from logs
Cons
  • Could possibly place events in more human-readable form
  • Could display errors with descriptions instead of just the code
  • Probably other areas for improvement on the dashboard functionality
Many products have built-in visibility to events like when a user logs in. What they don't have is visibility into failed login events, for instance. Sumo Logic provides incredible insight for troubleshooting when things don't go as expected. Based upon the logs, key people could also be alerted based upon event details. This is a very powerful platform.

Sumo Logic

Rating: 7 out of 10
July 22, 2021
Vetted Review
Verified User
Sumo Logic
3 years of experience
Sumo Logic is used purely within the corporate IT area of the business as a limited access storage location for logs as part of a larger solution to help with ISO 27001 certification.
  • Extremely versatile
  • Good user management
  • Helpful support
Cons
  • Quite complex set up
  • Steep learning curve
Sumo Logic can deal with large amounts of data very well and has incredible processing power to give you real meaningful interpretations of the data you give it. It requires some time to get the best out of it and will only be as good as the data you feed into it.

Log all the things with Sumo Logic

Rating: 10 out of 10
March 31, 2017
JS
Vetted Review
Verified User
Sumo Logic
2 years of experience
We use Sumo Logic to centralize all of our application logs into one easy to use and easy to search interface. This is used not only for production but also our development environments. We use it for troubleshooting issues, development assistance, as well as for security and compliance. Having all of our logs in one place is fantastic.
  • Centralized management, everything can be done from the website.
  • Software upgrades of the collectors, once again all done from the website. Easy to identify out of date collectors
  • Searching and parsing logs. Very easy run a query logs and quantify the data.
Cons
  • Changing collectors from web config to local configs could be handled a bit better.
If you have more than one server or application that you generate logs on, Sumo Logic makes the pain of collecting the data and searching it go away. Also with their live tail feature, you can view and parse logs in real time. Sumo Logic makes it easy to collect logs from file based, windows event logs, and network syslog sources.

SumoLogic -- Reliable, cost efficient, and versatile -- but slow

Rating: 8 out of 10
May 07, 2018
Vetted Review
Verified User
Sumo Logic
3 years of experience
Currently, SumoLogic is being used to track ALL activity, error, usage, warning, data, and debug logs, that are logged by any user action, or any messages that a service my company uses communicates between other services. Anytime a button is clicked, a page is accessed, workflow is done, or process is completed by an end-user, we log the action in Sumo. Anytime a service or ec2 is running and completes a process or sends/receives a service message, we log that interaction between services. This robust logging allows us to pinpoint specific areas where we need to get more information or want to track specific metrics. We have set up our implementation with Sumo to log anything we tell it to log. If we want a message logged every time an end-user logs in and clicks a certain button, we can log that specific of information down to the second they did it and which browser version they were on. The level of logging is all up to how much you build into your service logging.
  • Activity Tracking
  • Realtime/interactive Dashboard
  • Aggregation of data into tables and graphs
  • Exporting information to be imported into other programs
  • Integrates well with our other internal services
  • Accessibility of information
Cons
  • Sumo is very slow compared to other programs like Splunk
  • Sumo only holds data for a certain amount of time, so if you want to reference an entry that was logged 6-months ago, you better have saved your logs in an external database somewhere because Sumo no longer has that information
  • Automatic parsing of data is not set up in Sumo as opposed to Splunk where it automatically parsed ALL logs
It's great for logging all interactions you tell it to log and it's great for sharing information found in queries made by individuals because specific queries can be shared via links that Sumo creates. It's not great for holding information for longer than 30 days or for accessing information over a long period of time.
Return to navigation