This article helps you understand which Sumo Logic integration you need to connect to the Expel Workbench, and which help articles guide you through the process.
Which Integration Should I Choose?
In Workbench, there are two Sumo Logic integrations to choose from.
-
Set up Sumo Logic Cloud Infrastructure Security if that is the product you have. It provides our analysts with investigative capabilities and generates alerts if you use via SIEM integrations.
For a list of supported via SIEM integrations, see Expel integrations. Search for Sumo Logic.
-
Sumo Logic Cloud SIEM Enterprise is a separate Sumo Logic product. Set up Sumo Logic Cloud SIEM Enterprise if that is the product you have. It provides our analysts with investigative capabilities and generates alerts for Expel.
Sumo Logic Cloud Infrastructure Security
Sumo Logic Cloud Infrastructure Security is a cloud-native security platform that provides the following capabilities:
-
Collecting security log and event data from your infrastructure and applications, on-premises and in-cloud.
-
Analyzing your security data with pre-built and custom dashboards, out-of-the-box security apps, and queries.
For more information, see the Sumo Logic documentation.
Setting up Sumo Logic Cloud Infrastructure Security for Workbench
If you're setting up Sumo Logic Cloud Infrastructure Security you bought from Expel, you should select the following device in Workbench:
For the information on how to set up Sumo Logic Cloud Infrastructure Security for Workbench, see Sumo Logic Cloud Infrastructure Security Setup for Workbench.
Note
To integrate with Sumo Logic Cloud Infrastructure Security, you must have the Enterprise account type. For more information, see the setup documentation.
Sumo Logic Cloud SIEM Enterprise
Sumo Logic Cloud SIEM Enterprise is a cloud-based security information and event management (SIEM) system that provides the following functionalities:
-
Collection of log and event data from your infrastructure and applications, on-premise and in-cloud.
-
Correlation of the collected data to reduce the volume of information needed to investigate issues.
-
An interface that analysts and admins can use for investigation and administration.
-
Integration with the Sumo Logic platform.
For more information, see the Sumo Logic documentation.
Setting up Sumo Logic Cloud SIEM Enterprise for Workbench
In Workbench, Sumo Logic Cloud SIEM Enterprise is one of the available security devices:
For the information on how to set up Sumo Logic Cloud SIEM Enterprise for Workbench, see Sumo Logic Cloud SIEM Enterprise Setup for Workbench.