Evaluate your SIEM
Get the guide$0 ingest.
Log everything.
Pay only for the insights.
-
Unlimited users
-
Unthrottled performance
Trusted by more than 2,500 customers globally
Get what you need for monitoring, troubleshooting and security
|
Free Start free trial |
Essentials Start free trial |
Enterprise Suite Contact sales |
||
|---|---|---|---|---|
|
Configurations
|
||||
|
Tiered data analytics Defines the Sumo Logic data tiers available for each package subscription. |
Continuous |
Continuous |
Continuous, Frequent and Infrequent |
$0 ingest with no tiering |
|
Log capacity Defines the upper limit of logs volume that can be ingested daily |
Limited up to 1GB/day** |
Unlimited |
Unlimited |
Unlimited |
|
Metrics capacity Defines the upper limit of metrics volume that can be ingested daily |
Limited up to 3,000 DPM/day** |
Up to 50,000/day |
Unlimited |
Unlimited |
|
Tracing capacity Defines the upper limit of trace volume that can be ingested daily |
Limited up to 1.5GB/day** |
Up to 5GB/day |
Unlimited |
Unlimited |
|
Log data retention Defines the duration of time logs are retained on Sumo Logic |
7 days |
Up to 365 days |
Customer defined |
Customer defined |
|
Real-time alerting (monitors logs/metrics) Defines the upper limit of Logs/Metrics Monitors that are configurable based on your package subscription |
50/50 |
300/500 |
1000/500 |
1000/500 |
|
PCI, SOC2 Type 2, CSA, ISO, HIPAA certifications Get peace of mind with top-grade compliance attestations and certifications. |
||||
|
Support Includes access to certified support engineers to prioritize, analyze, and assist in resolution of issues |
Community |
Standard (8x5) |
Enterprise (P1 24/7) |
Enterprise (P1 24/7) |
|
Premium support Includes access to a named Technical Account Manager for recurring status calls, customer success plans, onsite training and more |
Optional |
Optional |
||
|
Observability
|
||||
|
Application Observability Full-stack observability with MELT telemetry to ensure application reliability |
||||
|
Cloud Log Management Streamlined collection, storage, and analysis of logs as a single source of truth in a unified SaaS platform |
||||
|
Multi-Cloud Observability (AWS, Azure GCP) Deep observability for multi-cloud organizations across vendors-specific cloud services and infrastructure using pre-built integrations |
||||
|
Kubernetes Observability Out-of-the-box analytics visualize k8s hierarchical relationships to simplify troubleshooting across clusters, namespaces, and services |
||||
|
APM and Distributed Tracing Native support for collection of OpenTelemetry with pre-built analytics to monitor and respond to user-impacting performance issues of your instrumented applications |
||||
|
Advanced Span Analytics Aggregate your distributed trace data and dervie advanced analytics using Sumo Logic's Query Language to monitor application performance |
||||
|
Service Maps Easily understand the relationships of complex service interactions across your applications to simplify troubleshooting |
||||
|
Real User Monitoring (RUM) Monitor real-user interactions across your applications with pre-built visualizations and alerts, all powered by OpenTelemetry |
||||
|
Automated Log-level Detection Quickly identify anomalies and drill down into high-severity logs in the log search histogram |
||||
|
Reliability Management (SLIs/SLOs) Simple setup and monitoring of critical user journeys, error budgets and more using pre-built SLO dashboards |
||||
|
Metrics-based SLOs Power your SLIs and SLOs using metrics |
||||
|
Scheduled Alert Muting Pause alert notifications from monitors according to a schedule that you define |
||||
|
Metrics Predict Operators Predict future time series metrics values using linear and auto-regressive models for resource and capacity planning |
||||
|
OTel Data Onboarding Easily set up and configure native OTel data ingest and install relevant content to quickly derive insights for troubleshooting |
||||
|
Automated Playbooks Build and execute automated playbooks tied to alerts with Sumo Logic's Automation Service |
||||
|
OTel for K8s Logs and Events Enable k8s OTel collection with Sumo Logic's Helm Chart |
||||
|
Security
|
||||
|
Cloud Infrastructure Security |
||||
|
Anomaly Detection Leveraging AI models to detect suspicious and anomalous deviations from baseline behaviors. |
||||
|
Entity Normalization Ingested data fields organized into a schema for further queries and advanced analytics. |
||||
|
Risk Assessment Quantifying the possibility of major impacts on business-critical processes due to cybersecurity threats. |
||||
|
Automated Remediation Automatically take action to address security flaws using pre-defined workflows. |
||||
|
Cloud Security Posture Monitoring Continuously view the overall state of cybersecurity readiness of your cloud environment. |
||||
|
AWS CloudTrail and Amazon Guard Duty Threat Benchmarking Provides real-time dashboards and searches, evaluating your organization against a statistical baseline for both performance and risk indicators to optimize security configurations and threat detection. |
||||
|
Cloud SIEM |
Activation required*** |
Activation required*** |
||
|
Insight Rules Engine (including 900+ out-of-the-box rules) Transparent rules engine applied to incoming logs to surface Signals and Insights. |
||||
|
Entity Timeline This view gives information about what else the Entity doing before, during, and after Signals and Insights involving the Entity were generated |
||||
|
Entity Relationship Graph This view gives information about an Entity in an Insight and all other connected (related) entities or systems. |
||||
|
Insight Global Confidence Scores Represents a level of confidence, predicted by Sumo Logic’s Global Intelligence machine learning model, that the Insight is actionable |
||||
|
Automation Service (playbooks for Insight enrichment, notifications, and containment actions) Allows you to set up actions that run automatically when certain conditions are met in Sumo Logic |
||||
|
MITRE ATT&CK Coverage Explorer Shows the MITRE ATT&CK adversary tactics, techniques, and procedures (TTP) from the Enterprise Matrix that are covered by rules in your system |
||||
|
Insight Trainer A dashboard in the Enterprise Audit - Cloud SIEM app. Insight Trainer offers suggestions for making adjustments to rules, such as writing rule tuning expressions and changing severities |
||||
|
UEBA behavioral models A suite of UEBA-specifc rules specifically designed to detect various classifications of anomalous activities compared against existing normal baselines. |
||||
|
Cloud SOAR |
Activation required*** |
Activation required*** |
||
|
Playbooks (including complete Sumo Logic playbook catalog) A playbook is a predefined set of actions and conditional statements that run in an automated workflow to respond to a certain event or incident type. |
||||
|
Progressive Automation Driven by machine learning, SOAR uses progressive automation to learn repeatable patterns, distinguish between real threats and false threats, and offer recommended courses of action |
||||
|
Case Manager Tools for managing and documenting security cases, including evidence collection, analysis, and reporting |
||||
|
Supervised Active Intelligence A combination of multiple Machine Learning capabilities, all working together to ensure a smooth and uninterrupted SecOps workflow |
||||
|
War Room The War Room provides a complete, chronological, and detailed picture of a specific incident process |
||||
|
Platform
|
||||
|
AI-driven Alerting AutoML-powered anomaly detection to reduce false positives |
||||
|
Alert Response Alert Response provides contextual insights about triggered alerts to minimize the time needed to investigate and resolve application failures. |
||||
|
Alerting Integrations (Slack, PagerDuty, ServiceNow, etc.) Alerting integrations enable users to route contextualized alerts to 3rd party tools to streamline investigations and resolve failures quickly. |
||||
|
Compliance and Audit Logging Monitor and audit Sumo Logic usage to meet regulatory and compliance requirements |
||||
|
CrowdStrike Threat Intelligence Identify indicators of compromise (IOCs) in your log data by comparing it against CrowdStrike's IOC feed |
||||
|
Customizable Dashboards Tailor, extend, or create dashboards from the ground up to align with your specific monitoring, analytics, and reporting needs |
||||
|
Enterprise Audit and Logging Dashboards Out-of-the-box dashboards that visualize Sumo Logic audit logs to give teams quick insight into user activities and events |
||||
|
Geo IP Lookups Automatically visualize IP addresses in dashboards by geolocation |
||||
|
Global Intelligence Service apps A collection of apps leveraging machine learning to create advanced operational and security insights benchmarked against the population of Sumo Logic customers |
||||
|
Historical and Live Streaming Dashboards Visualize historical and real-time data in Sumo Logic dashboards to derive contextualized, actionable analytics |
||||
|
Ingest Budgets Control the daily volume of log data sent to Sumo Logic by assigning ingest budgets that define daily log capacity limits |
||||
|
Live Tail for Streaming Logs View a real-time feed of log events associated with a Source or Collector. These live feeds can help you with development and troubleshooting |
||||
|
Log Search API Integrate Sumo Logic's Log Search capabilities into your workflows and 3rd party tools via API to solve more complex use cases |
||||
|
Log Search and Visualizations Use Sumo Logic's Query Language and Dashboarding Framework used to quickly parse, aggregate and visualize insights entirely based off of raw log data |
||||
|
LogReduce©, LogCompare, and LogExplain A collection of patented and patent-pending operators designed to quickly assess activity patterns and surface behavioral insights to accelerate troubleshooting |
||||
|
Lookup Tables Enrich log data ingested by Sumo Logic in real time with in-memory lookup tables |
||||
|
Management APIs Administor Sumo Logic and manage users via API and/or with IaC tooling like Terraform |
||||
|
PCI Compliance Apps and Dashboards for Audit Readiness Simplify audits and maintain compliance with apps designed to help teams meet evolving PCI requirements |
||||
|
Predictive Analytics and Outlier Detection Forecast trends and identify anomalous activity in real time with advanced query operators. |
||||
|
Root Cause Explorer Accelerate troubleshooting and root cause isolation for incidents in across apps and microservices running on AWS, public cloud hosts, and Kubernetes. |
||||
|
Single sign-on with SAML Support for federated identiy access management and single sign-on |
||||
|
Software Development Optimization Manage software delivery performance against industry-standard DORA metrics |
||||
|
Sumo Logic Apps Access to 400+ apps and integrations designed to turn data into insights |
||||
Flex pricing estimate
Has your data outpaced your budget?
Get unlimited data ingest.
What's your analytics usage profile?
Select the AWS Region, where you want Sumo Logic to store your data. Please choose an appropriate region based on your data residency requirements.
- Ad-hoc research and troubleshooting analytics
- Compliance and audit readiness
- Accelerating distributed DevOps teams
500-750 scans
per GB ingested
per GB ingested
- Cloud-wide analytics for application reliability
- Realtime security and infrastructure monitoring
- Empowering technical and security teams
750-1500 scans
per GB ingested
per GB ingested
- Enterprise-wide analytics and troubleshooting across business-critical applications and infrastructure
- AI-driven diagnostics, remediation and automation
- 100% visibility at cloud scale
- Enabling collaboration and success for DevSecOps teams
1500-2000 scans
per GB ingested
per GB ingested
Select the AWS Region, where you want Sumo Logic to store your data. Please choose an appropriate region based on your data residency requirements.
Estimated price per TB scanned
3.14
2.57
2.05
- $0 ingest
- Unlimited users
- Cloud-scale
- Unthrottled performance
- 100% indexed readily available
- DevSecOps single source of truth
Terms and conditions apply.
*The MSRP is calculated assuming Customer purchases: (1) an annual commitment to Sumo Logic Enterprise Flex; (2) configured based on the ingest, retention and analytic profile settings specified; (3) leverages Sumo Logic's New Logo Onboarding Acceleration promotion, and (4) election of a US Deployment Region. Pricing may vary based on Deployment Region selected by Customer. Contact an authorized Sumo Logic reseller for pricing details. Minimum qualifications apply for the New Logo Onboarding Acceleration promotion.
Contact Sumo Logic for full terms and conditions.
Other tools can't compete
Stop paying a premium for weak insights, scaling challenges and exorbitant costs
Ineffective troubleshooting
- Can't handle unstructured data
- Must rehydrate non-indexed data in S3 buckets for analysis
- Only data samples used for anomaly and outlier detection
On-prem, single tenant scalability
- Searches are slowest when needed most due to concurrent user limits
- Data latency caused by inability to scale for seasonality or spikes
- High infrastructure and maintenance costs
Unreasonable pricing models
- CPU/core pricing may trade performance for cost savings
- Long-term data retention means hefty storage expenses
- Hidden fees can apply to customization or user-based pricing
Frequently asked questions
What is a scan and what is scan volume?
Data scanning occurs when a Sumo Logic query is executed across log data (e.g. Log Search, Dashboards, Monitors). A data scan facilitates the query and retrieval process of a log search by traversing table items from beginning to end and assessing each item against specified values derived from the query. Scan volume is the total storage volume that is scanned on the platform. Data scanning offers a more efficient way to search for and access data and it can be used to quickly locate, access, and analyze data stored.
What is a credit?
A credit is a unit of measure that is used to flexibly pay against use of any products (Monitoring and troubleshooting, SIEM, Cloud Infrastructure Security, etc.) within a service agreement plan. As product variables are processed in the platform, credits are recorded in the account management console.
Credits reflect the platform utilization by product variable on a daily, weekly, or monthly basis, and are updated in the system in real time. Each product variable tracks to a pre-defined number of credits per event.
Credits are licensed as part of the agreement in annual buckets, and you can choose how best to configure the platform to maximize your ROI by optimizing ingest and use case patterns.
With Flex Licensing, log data ingested into the platform does not consume credits, storing and scan volumes consume credits.
Is Flex credits tracking real time or is there a 24-hour delay?
Tracking is real time. The Sumo Logic platform constantly tracks credit utilization as it happens. You immediately see the impact of your product usage and immediately see any significant spikes. There is no artificial 24-hour delay that impacts your ability to manage your account. You see it as it happens so there are no surprises.
What is a DPM?
For billing and reporting purposes, data volume for metrics is measured in Data Points per Minute (DPM). DPM is defined as the average number of metric data points ingested per minute in one thousand increments. The per minute ingest is then averaged for a calendar day to get the average data points per minute for that day. The daily DPM average in one thousand increments is the unit of measure used to track metric ingestion for reporting and licensing within the Sumo Logic SaaS Log Analytics Platform.
Does pricing impact performance?
No. You do not need to trade off price for performance. The model provides economics allowing you to optimize data analytics as you see fit with no dependency on hardware. Sumo Logic’s SaaS Log Analytics Platform can easily scale based on your analytics requirements in order to maximize performance for ingest and query response.
Do you charge for demand spikes, or charge penalties for increased use?
No. With Flex credits, Sumo Logic does not charge after the fact for any ingest spike or increased usage at penalty rates. Unlike other market options, you do not need to pay or provision for peaks. You will never get surprised with on-demand/overage bills. Your credit utilization simply reflects the product used for that specific time.
Is there a storage or data retention cost?
Yes. There is a nominal charge component to keeping data stored and secure within the Sumo platform. Typical customers retain data to cover the most common post-event analytic needs and those needs vary. With Sumo Logic, you only get charged on actual retention, which is configured directly by you for each data source configured in the platform.
Do you provide 24x7 technical support?
Yes. Flex pricing includes 24×7, Priority 1 Technical Support.
