Sumo Logic November 2023 Update: What’s New and What’s Changed – Advent Calendar 2023 Day2 #SumoLogic

Sumo Logic November 2023 Update: What’s New and What’s Changed – Advent Calendar 2023 Day2 #SumoLogic

Clock Icon2023.12.02


Hemanth from the Alliance Department here. This time, I would like to share the changes and updates that took place in Sumo Logic during the month of November 2023.

Sumo Logic

Sumo Logic is a leading AI-driven SaaS log analytics platform, unifying application telemetry for Dev, Sec, and Ops teams to make data-driven decisions, ensuring application reliability, security against modern threats, and gaining insights into cloud infrastructures. It simplifies log data analysis, providing real-time visibility into operational and security insights through an open standard approach to data collection with OpenTelemetry.

The information below is used as reference, so if you want to check all the latest information, please check from the URL below

  • What's new
  • Release Notes Service
  • Release Notes CSE
  • Release Notes SOAR
  • Release Notes Collector
  • Release Notes CSE(SEIM) (Application Update) - November 1, 2023

    Multi-record Signals now display all involved records directly in the UI. Queried Records tab is removed; the first record is attached, and others are gathered automatically. Outlier Rule Signals also show all related records, simplifying the user interface. The Automation Service now supports automatic logging of events, such as integration updates and playbook execution, to Sumo Logic Audit Logging indices. In Bug Fixes there were cases, Insights would appear to be open after they had been closed/resolved.

    Release Notes Service - November 2, 2023

    AWS observability 2.7.0

    The 2.7.0 includes out-of-the-box dashboards for Amazon RDS logs (especially MySQL for diagnosing slow queries), Terraform 5.x support, and Lambda function enhancements for CloudWatch log subscriptions and metric streams using Python 3.11 runtime.

    [AWS observability 2.7.0 | Sumo Logic Docs]

    Release Notes CSE(SEIM) (Content Release) - November 2, 2023

    This release brings new support for parsing and mapping Claroty xDome logs in Common Event Format (CEF). Specific log mappers for Claroty xDome alerts, communications events, and vulnerabilities have been added. Additionally, parser templates have been updated, removing unnecessary comments, and new parsers for Claroty xDome in CEF format are now available.

    Release Notes Service - November 7, 2023

    Time Zone Settings for Monitors (Alerts)

    Now you can choose your preferred time zone for alert monitor notifications during setup.

    [Time Zone Settings for Monitors (Alerts) | Sumo Logic Docs]

    Release Notes Collector (Version 19.467-2) - November 13, 2023

    The latest release improves Collector security and stability by incorporating support for security patches and bug fixes.

    Security Fixes

    The Collector's underlying components, like Java and libraries, have been upgraded to newer versions to fix known security issues (CVEs) and enhance overall security. Specific upgrades include Java Runtime Environment, Apache Commons Compress, Snappy-Java, Bouncy Castle, and Google Tink libraries.

    Bug Fixes

    This update resolves issues on Windows, addressing both AWS archive temporary files cleanup and general temporary files problems during installation, with a note that a collector restart may be needed after upgrading from a previous version.

    Release Notes CSE(SEIM) (Content Release) - November 13, 2023


    The new rule MATCH-S00894 identifies the creation of HAR files, which store session and network data in browsers; users are advised to verify and sanitize these files to protect sensitive information from potential unauthorized access.

    Log Mappers

    It is possible to now link the client field to the resource in Microsoft Office 365 Exchange Mailbox Audit Events, enhancing mapping for easier interpretation.


    Updates to Microsoft Office 365 and Windows JSON parsers improve user agent parsing and ensure compatibility with upcoming format changes, addressing event ID issues for better mapping.

    Release Notes CSE(SEIM) (Application Update) - November 17, 2023

    Links in Rule Description Field

    In Rules, you can now include clickable links in description fields using standard markdown syntax, facilitating easier access to documentation or runbooks during security event investigations.

    Minor Changes and Enhancements

    Wildcards can now be used in Entity Group Value fields, allowing flexible specifications like OU=TCH,OU=PAR,OU=EUR. Update also includes using second-level unnormalized inventory attributes, non-CSE playbooks in Automation, new API endpoints for Log Mappings, Entity listing with pagination, deprecation of JASK forwarding, and UI changes reflecting product name updates without altering URLs or API endpoints.

    Bug Fixes

    It Addresses issues where users couldn't reuse deleted rule names and where links in the Insights by Status panel weren't properly enabled on the HUD.

    Release Notes Service - November 21, 2023

    New Partner Apps

    New Sumo Logic Partner apps: Dataminr Pulse aids rapid threat detection, while Jamf Protect offers detailed Mac security insights and streamlined investigation for Apple device fleets.

    [New Partner Apps (Apps) | Sumo Logic Docs]

    Release Notes Service - November 27, 2023

    Cloud Infrastructure Security for AWS (Apps)

    This App provides a unified view of threats, security control failures, and suspicious activity for comprehensive visibility into your AWS environment's security posture. Key features include a risk overview dashboard and insights into active threats, misconfigurations, and suspicious activity, facilitating informed and actionable security measures.

    [Cloud Infrastructure Security for AWS (Apps) | Sumo Logic Docs]

    Release Notes - November 28, 2023

    Service logs for Monitoring and Troubleshooting for AWS

    Exciting enhancements to AWS Observability now include an all-in-one hub for easy access to dashboards, alerts, and performance reports, along with simplified log searches for efficient troubleshooting within your AWS environment.

    [logs for Monitoring and Troubleshooting for AWS | Sumo Logic Docs]

    Release Notes Service - November 29, 2023

    Download SAML Metadata XML (Manage)

    You can now download the metadata XML of your SAML configurations in Sumo Logic, making it simple to share setup details with identity provider administrators for an easier SAML configuration process.

    [Download SAML Metadata XML (Manage) | Sumo Logic Docs]


    facebook logohatena logotwitter logo

    © Classmethod, Inc. All rights reserved.