SumoLogic · jpipkin1 · Apr 14, 2025 · Apr 4, 2025 · Apr 7, 2025 · Apr 14, 2025
@@ -211,3 +211,10 @@ You can use the following Cloud SIEM APIs to obtain information about your MITRE
 * [MitreAttackCoverageExportJson](https://api.sumologic.com/docs/sec/#operation/MitreAttackCoverageExportJson). Get a JSON representation of the Mitre ATT&CK coverage.
 
 To find the Cloud SIEM API documentation for your endpoint, see [Cloud SIEM APIs](/docs/api/cloud-siem-enterprise/).
+
+## Additional resources
+
+* Blog: [Enhance your cloud security with MITRE ATT&CK and Sumo Logic Cloud SIEM](https://www.sumologic.com/blog/cloud-siem-mitre-attack/)
+* Glossary: [MITRE ATT&CK - definition & overview](https://www.sumologic.com/glossary/mitre-attack/)
+* [Demo](https://www.sumologic.com/demo/cloud-siem-mitre-attack-coverage-explorer/)
+* Cloud SIEM Content Catalog: [Vendors](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/README.md)
@@ -185,3 +185,9 @@ Threat Intelligence sources contain values that, when encountered in a record, a
 
 Threat Intelligence sources are used at the time of record ingestion. When a record is ingested, Cloud SIEM determines whether any of the fields in the record exist in any of your Threat Intelligence sources. When a record contains a value that matches an entry in one or more Threat Intelligence sources, the `hasThreatMatch` Cloud SIEM rules function searches incoming records in Cloud SIEM for matches to threat intelligence indicators. For more information, see [Threat Intelligence Indicators in Cloud SIEM](/docs/security/threat-intelligence/threat-indicators-in-cloud-siem/).
 
+## Additional resources
+
+* Blogs: 
+   * [Secure your CI/CD pipelines from supply chain attacks with Sumo Logic’s Cloud SIEM rules](https://www.sumologic.com/blog/secure-azure-devops-github-supply-chain-attacks/)
+   * [Rule tuning – supercharge Cloud SIEM for better alerts](https://www.sumologic.com/blog/rule-tuning-cloud-siem-alert-fatigue/)
+* Cloud SIEM Content Catalog: [Rules](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/rules/README.md)
@@ -100,12 +100,16 @@ Sumo Logic's Cloud SIEM leverages AI-driven rules for security management, inclu
 Our Global Intelligence Service apps provide security teams with valuable real-time security intelligence to scale detection, prioritization, investigation, and workflow to prevent potentially harmful service configurations that could lead to a costly data breach. [Learn more](/docs/integrations/global-intelligence).
 
 
-## More information
+## Additional resources
+
+* Guide: [Understanding artificial intelligence for log analytics](https://www.sumologic.com/guides/machine-data-analytics)
+* Blogs: 
+   * [What are the differences between artificial intelligence, machine learning, deep learning and generative AI?](https://www.sumologic.com/blog/machine-learning-deep-learning)
+   * [DevSecOps in an AI world requires disruptive log economics](https://www.sumologic.com/blog/devsecops-ai-disruptive-log-economics)
+   * [Generative AI: The latest example of systems of insight](https://www.sumologic.com/blog/generative-ai-latest-example-systems-of-insight)
+   * [Harnessing the power of artificial intelligence in log analytics](https://www.sumologic.com/blog/power-ai-log-analytics/)
+   * [Reduce alert noise, automate incident response and keep coding with AI-driven alerting](https://www.sumologic.com/blog/ai-driven-low-noise-alerts/)
 
-* [What are the differences between artificial intelligence, machine learning, deep learning and generative AI?](https://www.sumologic.com/blog/machine-learning-deep-learning)
-* [Understanding artificial intelligence for log analytics](https://www.sumologic.com/guides/machine-data-analytics)
-* [DevSecOps in an AI world requires disruptive log economics](https://www.sumologic.com/blog/devsecops-ai-disruptive-log-economics)
-* [Generative AI: The latest example of systems of insight](https://www.sumologic.com/blog/generative-ai-latest-example-systems-of-insight)
 <!--
 -Bashyam's blog about how we trained our AI
 -Flex Pricing? The more log data ingested, the sharper your analytics and ML/AI insights become. By eliminating ingest limitations and empowering an ML/AI-driven single source of truth for analytics, Flex enables DevOps and DevSecOps teams to troubleshoot faster, accelerate release velocity, and ensure reliable, secure digital experiences.

@@ -305,3 +305,8 @@ See information about S3 public objects and buckets, including counts of new pub
 **Modified Public Objects-Bucket**. Displays modified public objects per object on a timeline using the `timeslices` of one hour as a stacked column chart for the last 24 hours.
 
 **Modified Public Objects Table**. Displays a table with modified public objects in your S3 bucket, with time, key, bucket name, account ID, region, username, and access key ID for the last 24 hours.
+
+## Additional resources
+
+* Blog: [What is AWS CloudTrail?](https://www.sumologic.com/blog/what-is-aws-cloudtrail/)
+* App description: [Logs for Security app for AWS CloudTrail](https://www.sumologic.com/application/aws-cloudtrail/)
@@ -691,3 +691,9 @@ postgresql_index_size<br/>
 postgresql_table_size<br/>
 
 </details>
+
+## Additional resources
+
+* Blogs: 
+   * [How to use Kubernetes to deploy Postgres](https://www.sumologic.com/blog/kubernetes-deploy-postgres/)
+   * [PostgreSQL vs MySQL](https://www.sumologic.com/blog/postgresql-vs-mysql/) 
@@ -370,3 +370,8 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md';
 | `HAProxy - Backend Server Down` | This alert is triggered when a backend server for a given HAProxy server is down. | Count > 0 | Count < = 0 |
 | `HAProxy - High Client (HTTP 4xx) Error Rate` | This alert is triggered when there are too many HTTP requests (>5%) with a response status of 4xx. | Count > 0 | Count < = 0 |
 | `HAProxy - High Server (HTTP 5xx) Error Rate` | This alert fires when there are too many HTTP requests (>5%) with a response status of 5xx. | Count > 0 | Count < = 0 |
+
+## Additional resources
+
+* Blog: [Everything you need to know about HAProxy log format](https://www.sumologic.com/blog/haproxy-log-format/)
+* App description: [HAProxy App for Sumo Logic](https://www.sumologic.com/application/haproxy/)
@@ -106,3 +106,9 @@ The following Sumo Logic [AWS Observability Solution apps](/docs/observability/a
 * [AWS Observability Classic Load Balancer](/docs/observability/aws/integrations/aws-classic-load-balancer). The [AWS Observability Classic Load Balancer](/docs/observability/aws/integrations/aws-classic-load-balancer) is a unified logs and metrics app that provides visibility into the health of your [AWS Classic Load Balancer](https://aws.amazon.com/elasticloadbalancing/classic-load-balancer/). The preconfigured dashboards provide insights into latency, request and host status, threat intel, and HTTP backend codes by Availability Zones.
 * [Amazon SNS](/docs/observability/aws/integrations/amazon-sns). The [Amazon SNS](/docs/observability/aws/integrations/amazon-sns) app provides insight into the operations and utilization of your [Amazon SNS](https://aws.amazon.com/sns) service. The preconfigured dashboards help you monitor the key metrics by application, platform, region, and topic name, view the SNS events for activities, and help you plan the capacity of your SNS service.
 * [Amazon SQS](/docs/observability/aws/integrations/amazon-sqs). The [Amazon SQS](/docs/observability/aws/integrations/amazon-sqs) app provides insight into the operations and utilization of your [Amazon SQS](https://aws.amazon.com/sqs) service. The preconfigured dashboards help you monitor the key metrics, view the SQS events for queue activities, and help you plan the capacity of your SQS service utilization.
+
+## Additional resources
+
+* Blog: [Lightning-fast troubleshooting for AWS: How to find the root cause fast with Sumo Logic](https://www.sumologic.com/blog/aws-observability-fast-troubleshooting/)
+* White paper: [Advancing Observability on AWS with Sumo Logic](https://www.sumologic.com/brief/advancing-observability-on-aws-with-sumo-logic/)
+* Demo: [AWS Logs for Monitoring and Troubleshooting](https://www.sumologic.com/demo/aws-logs-for-monitoring-and-troubleshooting/)
@@ -100,3 +100,9 @@ The kube-proxy is a network proxy that runs on each node in your cluster. The ku
 Pods reside on a given node, and a pod can contain several containers. For pods, you should monitor:
 * Scheduler health for individual pods - so they do not get stuck in a restart loop
 * Pod health - availability, resource consumption, and performance
+
+## Additional resources
+
+* Blogs: 
+   * [Kubernetes DevSecOps](https://www.sumologic.com/blog/kubernetes-devsecops/)
+   * [Logging and monitoring Kubernetes](https://www.sumologic.com/blog/kubernetes-logs/)
@@ -413,3 +413,12 @@ We want your feedback! Let us know what you think by clicking the thumbs up or t
 You can also leave feedback on specific errors.
 
 <img src={useBaseUrl('img/search/copilot/feedback-error.png')} alt="Copilot feedback icons" style={{border: '1px solid gray'}} width="800" />
+
+## Additional resources
+
+* Blogs:
+   * [Sumo Logic Mo Copilot: AI assistant for faster incident response and simplified troubleshooting](https://www.sumologic.com/blog/mo-copilot-ai-assistant/)
+   * [Designing Sumo Logic Mo Copilot for success](https://www.sumologic.com/blog/designing-mo-copilot-success/)
+   * [Differentiating Sumo Logic Mo Copilot using Amazon Bedrock](https://www.sumologic.com/blog/copilot-amazon-bedrock/)
+* Brief: [Sumo Logic's Mo Copilot speeds up response](https://www.sumologic.com/brief/sumo-logics-mo-copilot-speeds-up-response/)
+* Webinar: [Revolutionizing Incident Management with AI: Meet Mo Copilot](https://www.sumologic.com/webinar/revolutionizing-incident-management-with-ai-meet-mo-copilot/)
@@ -177,3 +177,7 @@ To use Sumo Logic to start an audit of AWS root for compliance, perform these st
 1. Click the magnifying glass icon or press Enter to start the search.
 1. Click the **Aggregates** tab in the results. In the results, see API calls using the root account type. You can work with your AWS administrators to find out if this use of root is necessary and legitimate or not.
 
+## Additional resources
+
+* Blog: [What to expect when you’re expecting a cybersecurity audit for compliance](https://www.sumologic.com/blog/what-to-expect-when-youre-expecting-a-cybersecurity-audit-for-compliance/)
+* Guide: [NIS2 compliance guide](https://www.sumologic.com/brief/nis2-compliance-guide/)
@@ -75,3 +75,9 @@ Cybersecurity refers to the set of processes, policies and techniques that work
 ### How does Sumo Logic encrypt its data for cloud security?
 
 All data at rest within the Sumo Logic system is encrypted using strong AES 256-bit encryption. All spinning disks are encrypted at the OS level and all long-term data storage is encrypted using per-customer keys that are rotated every twenty-four hours.
+
+## Additional resources
+
+* Blog: [Making the cloud the safest place to compute: Sumo Logic Cloud Infrastructure Security for AWS](https://www.sumologic.com/blog/cloud-infrastructure-security-aws/)
+* Brief: [Cloud Infrastructure Security for AWS solutions brief](https://www.sumologic.com/brief/security-analytics/)
+* Webinar: [Cloud Infrastructure Security for AWS](https://www.sumologic.com/webinar/cloud-infrastructure-security-for-aws/)
@@ -62,3 +62,10 @@ Queries are the core of Sumo Logic's data processing platform. With queries, you
 * **Lookup tables**. Create lookup tables to enrich the log data received by Sumo Logic. See [Create a Lookup Table](/docs/search/lookup-tables/create-lookup-table/).
 * **Dashboards**. Dashboards to display a number of useful metrics in easy-to-read form to allow administrators to see system status at a glance. You can quickly set up custom dashboards from scratch. See [Create a Dashboard](/docs/dashboards/create-dashboard-new/).
 * **Alerts**. Automated alerts notify important personnel when there may be a potential threat. Again, Sumo Logic's analytics platform makes it simple. You can learn how to set up an alert in just a few minutes. See [Create a Monitor](/docs/alerts/monitors/create-monitor/).
+
+## Additional resources
+
+* Blogs: 
+   * [Why your security analytics needs proactive threat hunting](https://www.sumologic.com/blog/why-proactive-threat-hunting-is-a-necessity/)
+   * [Cloudy with a chance of breach: advanced threat hunting strategies for a hyperconnected and SaaSy world](https://www.sumologic.com/blog/threat-hunting-hybrid-cloud-environment/)
+* Glossary: [Threat detection and response (TDR) - definition & overview](https://www.sumologic.com/glossary/threat-detection-response/)
@@ -223,3 +223,9 @@ dimensions = ""
 ```
 
 **Custom dimensions.** Set a comma-separated key=value list of dimensions to apply to every metric. These dimensions allow you to query metrics a more granular level.
+
+## Additional resources
+
+* Blogs: 
+   * [Why Prometheus isn’t enough to monitor complex environments](https://www.sumologic.com/blog/prometheus-monitoring/)
+   * [Monitoring with Prometheus vs Grafana: understanding the difference](https://www.sumologic.com/blog/prometheus-vs-grafana/)
@@ -556,3 +556,7 @@ Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
   <summary>What timestamp is used for the data?</summary>
   <div>If you leave the time parsing configuration blank, it will cause the source to use current time for the collected logs. Be sure to configure the HTTP response log ingestion configuration section to ensure time parsing is correctly handled. The source will enter an error health status if time parsing is configured and is unsuccessful.</div>
 </details>
+
+## Additional resources
+
+* Blog: [Break down barriers to log collection with Sumo Logic’s Universal Connector](https://www.sumologic.com/blog/universal-connector/)
@@ -76,7 +76,9 @@ In this section, we'll introduce the following concepts:
   </div>
 </div>
 
-## More information
+## Additional resources
 
-* [Sumo Logic Guide to OpenTelemetry](https://www.sumologic.com/guides/opentelemetry). Learn about the powerful observability tool OpenTelemetry and what it can provide for your business.
-* [OpenTelemetry Tutorials](https://www.sumologic.com/blog/common-opentelemetry-demo-application/). Learn how to use the common OpenTelemetry demo application with Sumo Logic.
+* Guide: [The Sumo Logic Guide to OpenTelemetry](https://www.sumologic.com/guides/opentelemetry)
+* Blogs: 
+   * [Learn how to use the common OpenTelemetry demo application with Sumo Logic](https://www.sumologic.com/blog/common-opentelemetry-demo-application/)
+   * [Take control of your OpenTelemetry Collectors with Otel Remote Management](https://www.sumologic.com/blog/otel-remote-management/)