SumoLogicFluentd

Sumo Logic is a hosted logging platform. This chart adds the Sumo Logic Collector to all nodes in your cluster as a DaemonSet. The image supports fluentd file and system log sources.

After you have installed the chart, each pod, deployment, etc. can be optionally configured to specify its log format, source category, source name, or exclude itself from SumoLogic.

Prerequisites

Kubernetes 1.2+ with Beta APIs enabled. However, certain configuration parameters may require a more recent version of Kubernetes. Such parameters will specify the minimum Kubernetes version required in the parameter description.

What you could able to do?

• OptimizeContinuous Delivery: Accelerate development, testing, & deployment of your application.
• Monitor & Troubleshooting Real Time: Enable DevOps to proactively identify and fix performance issues.
• secure your Platform: Detect, investigate and respond to security issues instantly.
• simplify compliance Management: Ensure compliance with HIPAA, PCI, GDPR and much more.

Sumo Logic’s Platform Security

Third parties can be a boon to your cybersecurity efforts, or they can be the weak link in an otherwise secure operation. That’s why companies must stay alert to platform security considerations when choosing their partners—and ensure their data remains in capable hands—with vendors who take platform security seriously. Sumo Logic security applies best-in-class technologies and a rigorous process to put the safety of your data first.

Security Background and Culture

Sumo Logic has been a platform security-minded operation from day one. The company was founded by veterans of the IT security sector who understand the crucial need to put security first in every step of the development lifecycle. The platform security team takes a fundamental role in the development of our log management and analytics software and stays closely involved in the specifications process, coding, code review, user acceptance, and operations.

Some key indicators of Sumo Logic’s platform security commitment include:

• Whole-disk encryption
• Access controls at the per-thread granularity
• Whitelisting of individual processes, users, ports, and addresses
• AES 256 encryption
• Regular penetration tests and vulnerability scans
• A strong Secure Development Lifecycle (SDLC)
• Compliance and Certifications

Compliance attestations and certifications speak to vendors’ commitment to data security. Sumo Logic currently holds the following:

• SOC 2, Type 2 attestation
• Attestation of HIPAA compliance
• FIPS-140 compliance
• PCI DSS 3.2 Service Provider Level 1 certification

Physical Security

In cybersecurity, the importance of physical protections can’t be overstated. That’s why Sumo Logic operates in ISO-certified data centers with PCI DSS Service Level 1 compliance.

Only key personnel knows the location of our physical data centers, which are protected 24/7 by armed guards, video surveillance, and biometric access controls.

Logical Data Separation and Encryption

Sumo Logic keeps data logically separate on various layers throughout our service. We tag all data per organization, throughout the lifecycle, and enforce tagging at all layers.

No data is transmitted to Sumo Logic without encryption. Within the Sumo Logic system, AES 256-bit encryption protects all data at rest. All spinning disks are encrypted at the OS level. All data is kept for long-term storage in Amazon’s Simple Storage Service, encrypted per a customer key that is changed every 24 hours.

User-Level SecuritySecurity operations graphics

The security of user accounts is a priority for Sumo Logic services. On account creation, the service automatically creates and issues a strong temporary password, which must be reset upon the first login. We maintain stringent password standards that users see in a password dialog, which also urges users to use a password that does not match any of their existing passwords.

After logging in and changing the temporary password, customers download Sumo Logic’s collector software. To securely register the collector, a customer must provide the one-time collector registration ID that the collector will generate upon installation.

When authenticating to a Sumo Logic security service, a highly secure session-ID tracking mechanism ensures that only an authorized user initiates requests.

Finally, Sumo Logic’s Role-Based Access Control (RBAC) features allow our customers to set per-user permissions to all of their data from their Sumo Logic console.

Node Security

The Sumo Logic production system consists of many individual nodes running as a cluster. Each of these nodes is a hardened and well-protected system at the network and application layers.

Each cluster node is booted with the latest, up-to-the-minute Security releases of Ubuntu 14.04 LTS, and security updates are installed as they become available. All OS, application and security logs from each of the cluster-nodes are fed into a separate copy of the Sumo Logic environment for analysis.

Each node in the cluster also runs a default-deny firewall and the Snort Intrusion Detection System.

Access to Data by Sumo Logic

Only Sumo Logic employees with a validated need for access may access the production cluster, and they can only achieve this using a highly secured two-factor authentication system.

automated testing in a DevOps worldTesting Program
Critical to platform security is regular testing, including penetration testing and scanning. The Sumo Logic Security team runs daily scans of all new servers. On a weekly basis, we run fully credentialed scans of every new build. Every quarter, we run ASV scans, and penetration testers go to work on our platform every six months.

Trusting the Sumo Logic Platform

Security is our highest priority at Sumo Logic, and earning your trust is our top goal. Learn more about:

• Sumo Logic’s Secure-by-Design Model
• SIEM 101: Managing Your Information Security
• White Paper Securing the Sumo Logic Service
• Sumo Logic Unifies Logs and Metrics

Unified platform for all your logs and metrics. Analyze all data in real-time with machine learning, perform root-cause analysis, and monitor apps and infrastructure in real-time.

Comprehensive Collection of All Metrics and Logs

• Unified platform for metrics and logs collection and consolidation
• Out-of-the-box support for host metrics (CPU, memory, disk, etc.)
• Leveraging Graphite support, can easily extend collection to other applications and metrics (including custom metrics)
• Comprehensive support for AWS metrics with native Cloudwatch integration
• Support for high-resolution metrics – up to 1s granularity
• Real-time Analysis of Metrics to Generate Actionable Insights
• Search, analyze and view your metrics data with intuitive query engine.
• Apply flexible analytics – average, min, max, percentile to get maximum insights from time series data.
• Overlay multiple metrics (for example. CPU, memory, network utilization) and compare metrics over time to correlate data and gather insights.
• Easily filter and group data with flexible tags to create custom and service views
• Unified Logs and Metrics Dashboard Enables Fast Correlation of Root Cause
• View metrics and log dashboards together to correlate issues and identify root cause analysis.
• Intuitively navigate to any time period to identify metrics and logs for visibility into a specific period.
• Filter by tags across metrics and logs to quickly focus on relevant application and infrastructure data.
• Share your dashboards across the organization and enforce role-based access control.

The Sumo Logic Difference

Sumo Logic is introducing the industry’s first machine data analytics platform, powered by machine learning, to transform logs and metrics into real-time continuous intelligence for managing modern applications. Sumo Logic is a secure, cloud-native service that allows you to:

• Get started in minutes unifying your logs and metrics for greater visibility
• Onboard new data sources and scale to support even the most demanding business needs without manual intervention.
• Apply advanced analytics and machine-learning algorithms to your logs and time-series metrics to accelerate troubleshooting and proactively surface unknown issues.