+ })
+Databricks Audit
+Analyze your organization's security practices to identify emerging threats and compliance risks.
+})
| [DarkOwl](https://www.darkowl.com/) | Automation integration: [DarkOwl](/docs/platform-services/automation-service/app-central/integrations/darkowl/) |
| })
| [Darktrace](https://darktrace.com/) | Automation integration: [Darktrace](/docs/platform-services/automation-service/app-central/integrations/darktrace/) | [Databricks](https://www.databricks.com/) | Collector: [Databricks Audit Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/databricks-audit-source/) |
+| | [Databricks](https://www.databricks.com/) | App: [Databricks Audit](/docs/integrations/saas-cloud/databricks-audit) }){kind=logo}
| [Datadog](https://www.datadoghq.com/) | App: [Datadog](/docs/integrations/saas-cloud/datadog/) }){kind=logo}
| [Dataminr](https://www.dataminr.com/) | Cloud SIEM integration: [Dataminr](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/0019f757-3674-4688-9d6c-063366cfcfa9.md) })
| [Datto](https://www.datto.com/) | Automated integration: [Datto RMM](/docs/platform-services/automation-service/app-central/integrations/datto-rmm/)
+
+The Sumo Logic app for Databricks Audit provides insights into your organization's security analytics. It provides real-time visibility into user activity, administrative operations, and security-related events across Databricks workspaces, empowering security and compliance teams to quickly detect, investigate, and respond to suspicious behavior.
+
+By ingesting Databricks audit logs, the app enables detection of potential threats such as unauthorized access attempts, privilege escalations, and anomalous job or login activities. Preconfigured dashboards highlight user access trends, critical configuration changes, error patterns, and high-risk operations, helping analysts proactively identify emerging threats and compliance risks.
+
+With rich visualizations and detailed event insights, the app enhances oversight of sensitive data access and strengthens the overall security posture of Databricks environments.
+
+:::info
+This app includes [built-in monitors](#databricks-audit-monitors). For details on creating custom monitors, refer to [Create monitors for Databricks Audit app](#create-monitors-for-databricks-audit-app).
+:::
+
+## Log types
+
+This app uses Sumo Logic’s [Databricks Audit source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/databricks-audit-source/) to collect the [audit logs](https://docs.databricks.com/api/workspace/statementexecution/executestatement) from the Databricks Audit platform.
+
+## Sample log messages
+
+
+
+### Security Overview
+
+The **Databricks Audit - Security Overview** dashboard provides targeted insights into key security events and potential risk exposures across your Databricks environment. It enables proactive detection of suspicious activity by visualizing failed API calls over time, authentication method usage, and API response codes that may indicate unauthorized access attempts or configuration issues.
+
+Security teams can easily track trends in failed authentications and API errors, investigate root causes, and identify patterns that signal emerging threats or compliance violations. The dashboard also includes a geographic overview of audit activities, highlighting events originating from embargoed or high-risk regions to help monitor potential data exfiltration or policy breaches.
+
+By consolidating these critical security indicators, including summaries of failed API attempts and geographic context, the dashboard empowers teams to rapidly investigate incidents, respond to evolving risks, and maintain strong security and compliance across all Databricks workspaces. 
+
+## Create monitors for Databricks Audit app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+Gather information about your organization's cybersecurity practices to strengthen security.
+Analyze your organization's security practices to identify emerging threats and compliance risks.
+}){kind=logo}