Sumo Logic Cloud Connectors

Crest Data wrote multiple C2C connectors to get data into Sumo Logic. Users can collect data by providing the authentication parameters from the UI.


Home > Case Studies > Sumo Logic Cloud Connectors

 

Executive Summary

Cloud customers had to add an agent based data collector in order to ingest data into Sumo Logic.

This consumed both time and effort. A C2C (Cloud to Cloud) connector will simplify this and customers will be able to directly ingest data into Sumo Logic with minimal configurations.

Sumo Logic, Inc. is a cloud-based machine data analytics company in California that focuses on security, operations and BI use cases that provides log management and analytics services for leveraging machine-generated big data and delivering real-time IT insights. Its cloud-native, multi-tenant platform helps making data-driven decisions and reduces time in investigating security and operational issues.

 

Business Challenge

Customers had to add an agent based data collector where locally installed agents would forward data to Sumo Logic. Customers had to perform tasks like calling the APIs as per polling intervals, refreshing token for API calls, sorting data for next calls and ingest data in Sumo Logic. A C2C (Cloud to Cloud) connector simplifies this entire process and customers can now ingest data by just configuring it. The C2C connector will retain logs which will help in identifying user behaviour, it will detect threats by analysing authentication logs and deliver the top security by detecting abnormal logs and users.

 

Customer Solution

Using the C2C connectors, the customers can now directly ingest data into Sumo Logic and analyse the data using the built-in dashboards. The customers can mitigate the breaches or errors using the real time alerting emails the connector provides. Crest Data wrote multiple C2C connectors to get data into Sumo Logic. Users can collect data by providing the authentication parameters from the UI. Additionally, these C2C connectors provide events that help in troubleshooting the errors generated while collecting the data. These connectors have metrics added to handle data in visualisation and a checkpoint mechanism to avoid data duplication.

 

The Crest Difference

The C2C connectors helped in:

  • Simplifying data ingestion into Sumo Logic

  • Analyse the collected data using built-in dashboards

  • Troubleshooting the errors generated while data ingestion

  • Sending alerts on emails to allow work on issues immediately

 

Example C2C connectors:

The Okta Integration for Sumologic helps in retaining logs for PCI and HIPAA compliance with ease. It moreover detects and identifies abnormal user behaviour across all SaaS applications faster by correlating the ingested authentication logs. It also increases security visibility as security operations and DevOps teams can view and identify top users with failed authentication and deactivated multi-factor authentication across applications.

The Mimecast Integration for Sumologic helps in delivering the best security via email to ensure that the organisation is protected from advance threats by correlating the mails with cross-source threats to provide deep security insights and rich data visualisation. Its email threats are prioritised and contextualised with automated security workflows, designed to eliminate the manual work for security analysts.

 

This dashboard demonstrates the events sent to sumologic per API type which will show the response codes sent, which includes both success and failure logs responses. This dashboard can be filtered with values such as source ID, source version, customer ID, API type. A timeslice can also be added to segregate data by time period.

The below dashboard deprecates the metric logs sent to sumologic which will demonstrate the average delay in logs sent, log ingestion rate, total and average bytes ingested, counts of requests and responses along with response rate. This dashboard can be filtered with values such as source ID, source type, source version, customer ID. A timeslice can also be added to segregate data by time period.

 

The C2C connectors created:

Symantec WSS, Proofpoint(POD), SentinelOne, Mimecast, MS Azure AD Inventory, MS Azure AD Reporting, MS Identity Protection, Okta Inventory, Google Workspace.

Previous
Previous

Splunk Application Development for NetApp SANtricity

Next
Next

Silver Parsers for Cybereason