1. Home
  2. Observability Tools
  3. Sumo Logic Reviews
  4. User Review of Sumo Logic
SumoLogic -- Reliable, cost efficient, and versatile -- but slow
May 07, 2018

SumoLogic -- Reliable, cost efficient, and versatile -- but slow

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Sumo Logic

Currently, SumoLogic is being used to track ALL activity, error, usage, warning, data, and debug logs, that are logged by any user action, or any messages that a service my company uses communicates between other services. Anytime a button is clicked, a page is accessed, workflow is done, or process is completed by an end-user, we log the action in Sumo. Anytime a service or ec2 is running and completes a process or sends/receives a service message, we log that interaction between services. This robust logging allows us to pinpoint specific areas where we need to get more information or want to track specific metrics. We have set up our implementation with Sumo to log anything we tell it to log. If we want a message logged every time an end-user logs in and clicks a certain button, we can log that specific of information down to the second they did it and which browser version they were on. The level of logging is all up to how much you build into your service logging.
  • Activity Tracking
  • Realtime/interactive Dashboard
  • Aggregation of data into tables and graphs
  • Exporting information to be imported into other programs
  • Integrates well with our other internal services
  • Accessibility of information
  • Sumo is very slow compared to other programs like Splunk
  • Sumo only holds data for a certain amount of time, so if you want to reference an entry that was logged 6-months ago, you better have saved your logs in an external database somewhere because Sumo no longer has that information
  • Automatic parsing of data is not set up in Sumo as opposed to Splunk where it automatically parsed ALL logs
  • I can't think of any negative side effects other than it being SO slow sometimes, but compared to Splunk everything is slow
  • It's SO much cheaper than Splunk that the time it takes to query information is well worth it
  • In the times that we've had Sumo go down or stop logging information, we've found that we'd be absolutely lost without Sumo
It's cheaper, by an ungodly number of dollars. Splunk is insanely expensive. But Splunk is also incredibly fast and efficient. Splunk also holds information indefinitely (forever) so if I wanted to see if a specific end-user clicked a very specific button in 2012, I can search for that and Splunk would find it in a short amount of time. I can do the same thing with Sumo, but only for the last 90-days and that search takes an extremely long time. But, again, for the price that Sumo offers the same tools as Splunk but just not as efficient, it's well worth the inefficiencies to save that kind of money.
It's great for logging all interactions you tell it to log and it's great for sharing information found in queries made by individuals because specific queries can be shared via links that Sumo creates. It's not great for holding information for longer than 30 days or for accessing information over a long period of time.