You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/cse/get-started-with-cloud-siem/about-cse-insight-ui.md
+12-3Lines changed: 12 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -113,19 +113,28 @@ The left pane of the insight details page displays detailed information about th
113
113
1.**Comments.** Displays any comments that have been made on the insight, and a field for adding a comment.
114
114
1.**Show Comments/History.** The controls allow you to switch between viewing the insight's comments and history.
115
115
116
-
117
116
### Insight summary
118
117
119
118
The insight **Summary** pane provides a concise, actionable summary of threat incidents based on triggered signals. It consolidates key details to facilitate quick understanding and response by security teams. The summary is generated by Sumo Logic's Summary Agent, an agentic AI tool.
120
119
121
-
The summary is generated when an insight is created, and is regenerated whenever the insight is modified, keeping it current with added or removed signals. Summaries are not only generated for insights created by the system, but also insights created manually by users via the UI.
Help us refine the tool by using the thumbs-up or thumbs-down buttons to provide feedback on the effectiveness of the summary presented.
127
124
:::
128
125
126
+
The summary is generated when an insight is created, and is regenerated whenever the insight is modified, keeping it current with added or removed signals. Summaries are not only generated for insights created by the system, but also custom insights created manually by users via the UI.
127
+
128
+
#### FAQs about the insight summary
129
+
130
+
***How does the AI handle data privacy?**
131
+
* There is no data sharing across tenants.
132
+
* No customer data or personally identifiable information (PII) is used to train models.
133
+
* Processing is limited to schemas and sample fields, and is reviewed for compliance.
134
+
* The AI is powered by Amazon Bedrock, with rolling expiration for temporary query history.
135
+
***Can insight summaries be accessed by the API?**<br/>Yes. The summaries are included in output when you run the [insight APIs](https://api.sumologic.com/docs/sec/#operation/GetInsight) in the [Cloud SIEM APIs](https://help.sumologic.com/docs/api/cloud-siem-enterprise/).
136
+
***Is there an additional cost?**<br/>No. The insight summary is included as part of Cloud SIEM at no extra licensing fee.
137
+
129
138
### Signal visualization area
130
139
131
140
At the top of the insight details page, you’ll see a signal timeline that visualizes the insight’s attached signals, which are the signals that caused the insight to be created, and any signals that have been manually added to the insight.
0 commit comments