From 97545429ad50450c2fc797fcb0334f4874fa898f Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Wed, 25 Feb 2026 02:35:51 +0530 Subject: [PATCH 1/6] February release note (apps) --- blog-service/2026-02-27-apps.md | 37 +++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 blog-service/2026-02-27-apps.md diff --git a/blog-service/2026-02-27-apps.md b/blog-service/2026-02-27-apps.md new file mode 100644 index 0000000000..8ff2ea2289 --- /dev/null +++ b/blog-service/2026-02-27-apps.md @@ -0,0 +1,37 @@ +--- +title: Apps, Solutions, and Collection Integrations - February Release +image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082 +keywords: + - release-note + - february +hide_table_of_contents: true +--- + +#### New release + +We’re excited to announce the release of the following new apps for Sumo Logic. + +- **Amazon SageMaker**. The Sumo Logic app for Amazon SageMaker helps you centrally monitor Amazon SageMaker logs and performance metrics, enabling faster troubleshooting, better visibility into ML workloads, and improved reliability of model training and deployment. [Learn more](). +- **Azure Firewall**. The Sumo Logic app for Azure Firewall provides a centralized visibility into Azure Firewall health, traffic, and security events—enabling faster threat detection, policy validation, and proactive protection of cloud workloads. [Learn more](). +- **LiteLLM**. The Sumo Logic app for LiteLLM provides a centralized visibility into LiteLLM usage, performance, reliability, and cost, helping teams monitor latency, tokens, spend, failures, and fallbacks across multiple LLM providers to keep AI workloads efficient and reliable. [Learn more](). +- **Apache Hadoop - OpenTelemetry**. The Sumo Logic OpenTelemetry app for Apache Hadoop provides an end-to-end observability into Apache Hadoop clusters by correlating logs and metrics to monitor health, performance, and resource usage, enabling faster troubleshooting, capacity planning, and stable operations.[Learn more](). + +#### Enhancements + +We’re excited to announce new enhancements to the following Sumo Logic apps, designed to improve visibility, usability, and troubleshooting capabilities while helping you gain deeper insights and operate more efficiently. + +- **Enterprise Search Audit**. Added the **Enterprise Search Audit – Failures KPIs and Breakdowns** dashboard and monitor alerts to the app. + - The dashboard helps you understand search reliability at a glance by visualizing failure trends, slow-running queries, high-cost searches, and problematic content across users and query types, enabling faster troubleshooting and better prioritization of fixes. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit---failures-kpis-and-breakdowns). + - The associated monitors proactively alert you when search failures, query runtimes, or data usage exceed defined thresholds, allowing you to detect reliability, performance, or cost issues early and take corrective action before they impact users or budgets. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit-app-alerts). +- **Enterprise Audit apps**: + - **Enterprise Audit - Collector & Data Forwarding Management**. Added new monitors to the app that help you proactively detect and respond to critical collector and data-forwarding issues, ensuring reliable data ingestion, secure configurations, and uninterrupted operations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---collector-and-data-forwarding-management-app). + - **Enterprise Audit - Content Management**. Released 12-Feb-2026 (Shivani) [Learn more](). + - **Enterprise Audit - Security Management**. Released 13-Feb-2026 (Prafull) [Learn more](). + - **Enterprise Audit - User & Role Management**. Released 13-Feb-2026 (Priyansh) [Learn more](). +- **Data Volume**. Added Data Volume monitor alerts that help you proactively track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). +- **Flex**. Added Flex monitor alerts that help you proactively detect ingestion spikes, prevent budget overruns, and control expensive queries by automatically flagging abnormal data usage and credit consumption before they impact costs or system stability. [Learn more](/docs/integrations/sumo-apps/flex/#flex-app-alerts). +- **Infrequent Data Tier**. Infrequent Data Tier monitor alerts helps you proactively control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). + +- Enterprise Audit – Cloud SIEM - @Priyansh Patel @Darshan Raval please take this up on priority - To be released on Mon 23-Feb [Learn more](). +- Audit App (Apoorv) to cover Delete use use cases To be released on Tue 24-Feb [Learn more](). +- 4 Apps from Priyansh, 1 App from Prafull, ++ [Learn more](). \ No newline at end of file From d2c44e56b502266371cef87e7a25d3b55244fed8 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Wed, 25 Feb 2026 02:41:50 +0530 Subject: [PATCH 2/6] Update 2026-02-27-apps.md --- blog-service/2026-02-27-apps.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/blog-service/2026-02-27-apps.md b/blog-service/2026-02-27-apps.md index 8ff2ea2289..8d544d35ad 100644 --- a/blog-service/2026-02-27-apps.md +++ b/blog-service/2026-02-27-apps.md @@ -11,10 +11,10 @@ hide_table_of_contents: true We’re excited to announce the release of the following new apps for Sumo Logic. -- **Amazon SageMaker**. The Sumo Logic app for Amazon SageMaker helps you centrally monitor Amazon SageMaker logs and performance metrics, enabling faster troubleshooting, better visibility into ML workloads, and improved reliability of model training and deployment. [Learn more](). -- **Azure Firewall**. The Sumo Logic app for Azure Firewall provides a centralized visibility into Azure Firewall health, traffic, and security events—enabling faster threat detection, policy validation, and proactive protection of cloud workloads. [Learn more](). -- **LiteLLM**. The Sumo Logic app for LiteLLM provides a centralized visibility into LiteLLM usage, performance, reliability, and cost, helping teams monitor latency, tokens, spend, failures, and fallbacks across multiple LLM providers to keep AI workloads efficient and reliable. [Learn more](). -- **Apache Hadoop - OpenTelemetry**. The Sumo Logic OpenTelemetry app for Apache Hadoop provides an end-to-end observability into Apache Hadoop clusters by correlating logs and metrics to monitor health, performance, and resource usage, enabling faster troubleshooting, capacity planning, and stable operations.[Learn more](). +- **Amazon SageMaker**. The Sumo Logic app for Amazon SageMaker helps you centrally monitor Amazon SageMaker logs and performance metrics, enabling faster troubleshooting, better visibility into ML workloads, and improved reliability of model training and deployment. +- **Azure Firewall**. The Sumo Logic app for Azure Firewall provides a centralized visibility into Azure Firewall health, traffic, and security events—enabling faster threat detection, policy validation, and proactive protection of cloud workloads. +- **LiteLLM**. The Sumo Logic app for LiteLLM provides a centralized visibility into LiteLLM usage, performance, reliability, and cost, helping teams monitor latency, tokens, spend, failures, and fallbacks across multiple LLM providers to keep AI workloads efficient and reliable. +- **Apache Hadoop - OpenTelemetry**. The Sumo Logic OpenTelemetry app for Apache Hadoop provides an end-to-end observability into Apache Hadoop clusters by correlating logs and metrics to monitor health, performance, and resource usage, enabling faster troubleshooting, capacity planning, and stable operations. #### Enhancements @@ -25,13 +25,13 @@ We’re excited to announce new enhancements to the following Sumo Logic apps, d - The associated monitors proactively alert you when search failures, query runtimes, or data usage exceed defined thresholds, allowing you to detect reliability, performance, or cost issues early and take corrective action before they impact users or budgets. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit-app-alerts). - **Enterprise Audit apps**: - **Enterprise Audit - Collector & Data Forwarding Management**. Added new monitors to the app that help you proactively detect and respond to critical collector and data-forwarding issues, ensuring reliable data ingestion, secure configurations, and uninterrupted operations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---collector-and-data-forwarding-management-app). - - **Enterprise Audit - Content Management**. Released 12-Feb-2026 (Shivani) [Learn more](). - - **Enterprise Audit - Security Management**. Released 13-Feb-2026 (Prafull) [Learn more](). - - **Enterprise Audit - User & Role Management**. Released 13-Feb-2026 (Priyansh) [Learn more](). + - **Enterprise Audit - Content Management**. Released 12-Feb-2026 (Shivani). + - **Enterprise Audit - Security Management**. Released 13-Feb-2026 (Prafull). + - **Enterprise Audit - User & Role Management**. Released 13-Feb-2026 (Priyansh). - **Data Volume**. Added Data Volume monitor alerts that help you proactively track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). - **Flex**. Added Flex monitor alerts that help you proactively detect ingestion spikes, prevent budget overruns, and control expensive queries by automatically flagging abnormal data usage and credit consumption before they impact costs or system stability. [Learn more](/docs/integrations/sumo-apps/flex/#flex-app-alerts). - **Infrequent Data Tier**. Infrequent Data Tier monitor alerts helps you proactively control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). -- Enterprise Audit – Cloud SIEM - @Priyansh Patel @Darshan Raval please take this up on priority - To be released on Mon 23-Feb [Learn more](). -- Audit App (Apoorv) to cover Delete use use cases To be released on Tue 24-Feb [Learn more](). -- 4 Apps from Priyansh, 1 App from Prafull, ++ [Learn more](). \ No newline at end of file +- Enterprise Audit – Cloud SIEM - @Priyansh Patel @Darshan Raval please take this up on priority - To be released on Mon 23-Feb. +- Audit App (Apoorv) to cover Delete use use cases To be released on Tue 24-Feb. +- 4 Apps from Priyansh, 1 App from Prafull, ++. \ No newline at end of file From a41f8143e7f63cce75d70e848c05ab96fc038c89 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Wed, 25 Feb 2026 12:59:48 +0530 Subject: [PATCH 3/6] Update 2026-02-27-apps.md --- blog-service/2026-02-27-apps.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog-service/2026-02-27-apps.md b/blog-service/2026-02-27-apps.md index 8d544d35ad..d3ae2ea608 100644 --- a/blog-service/2026-02-27-apps.md +++ b/blog-service/2026-02-27-apps.md @@ -34,4 +34,4 @@ We’re excited to announce new enhancements to the following Sumo Logic apps, d - Enterprise Audit – Cloud SIEM - @Priyansh Patel @Darshan Raval please take this up on priority - To be released on Mon 23-Feb. - Audit App (Apoorv) to cover Delete use use cases To be released on Tue 24-Feb. -- 4 Apps from Priyansh, 1 App from Prafull, ++. \ No newline at end of file +- 4 Apps from Priyansh, 1 App from Prafull, ++. From f7ced17bdb8a726a67b2324cd5b07c0f85901c90 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Wed, 25 Feb 2026 18:43:41 +0530 Subject: [PATCH 4/6] Update 2026-02-27-apps.md --- blog-service/2026-02-27-apps.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/blog-service/2026-02-27-apps.md b/blog-service/2026-02-27-apps.md index d3ae2ea608..3beca6140b 100644 --- a/blog-service/2026-02-27-apps.md +++ b/blog-service/2026-02-27-apps.md @@ -30,7 +30,8 @@ We’re excited to announce new enhancements to the following Sumo Logic apps, d - **Enterprise Audit - User & Role Management**. Released 13-Feb-2026 (Priyansh). - **Data Volume**. Added Data Volume monitor alerts that help you proactively track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). - **Flex**. Added Flex monitor alerts that help you proactively detect ingestion spikes, prevent budget overruns, and control expensive queries by automatically flagging abnormal data usage and credit consumption before they impact costs or system stability. [Learn more](/docs/integrations/sumo-apps/flex/#flex-app-alerts). -- **Infrequent Data Tier**. Infrequent Data Tier monitor alerts helps you proactively control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). +- **Infrequent Data Tier**. Added Infrequent Data Tier monitor alerts that help you proactively control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). +- **SentinelOne**. Added SentinelOne monitor alerts that help you proactively detect high-risk threats, suspicious activity, and compliance violations in real time, enabling faster response and stronger endpoint security. - Enterprise Audit – Cloud SIEM - @Priyansh Patel @Darshan Raval please take this up on priority - To be released on Mon 23-Feb. - Audit App (Apoorv) to cover Delete use use cases To be released on Tue 24-Feb. From 6a1e0d5a9fd02380063b856c1c39af35c087bc5d Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 26 Feb 2026 01:59:42 +0530 Subject: [PATCH 5/6] Update 2026-02-27-apps.md --- blog-service/2026-02-27-apps.md | 38 ++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/blog-service/2026-02-27-apps.md b/blog-service/2026-02-27-apps.md index 3beca6140b..01127d8e97 100644 --- a/blog-service/2026-02-27-apps.md +++ b/blog-service/2026-02-27-apps.md @@ -6,7 +6,7 @@ keywords: - february hide_table_of_contents: true --- - + #### Enhancements We’re excited to announce new enhancements to the following Sumo Logic apps, designed to improve visibility, usability, and troubleshooting capabilities while helping you gain deeper insights and operate more efficiently. - **Enterprise Search Audit**. Added the **Enterprise Search Audit – Failures KPIs and Breakdowns** dashboard and monitor alerts to the app. - The dashboard helps you understand search reliability at a glance by visualizing failure trends, slow-running queries, high-cost searches, and problematic content across users and query types, enabling faster troubleshooting and better prioritization of fixes. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit---failures-kpis-and-breakdowns). - - The associated monitors proactively alert you when search failures, query runtimes, or data usage exceed defined thresholds, allowing you to detect reliability, performance, or cost issues early and take corrective action before they impact users or budgets. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit-app-alerts). -- **Enterprise Audit apps**: - - **Enterprise Audit - Collector & Data Forwarding Management**. Added new monitors to the app that help you proactively detect and respond to critical collector and data-forwarding issues, ensuring reliable data ingestion, secure configurations, and uninterrupted operations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---collector-and-data-forwarding-management-app). - - **Enterprise Audit - Content Management**. Released 12-Feb-2026 (Shivani). - - **Enterprise Audit - Security Management**. Released 13-Feb-2026 (Prafull). - - **Enterprise Audit - User & Role Management**. Released 13-Feb-2026 (Priyansh). -- **Data Volume**. Added Data Volume monitor alerts that help you proactively track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). -- **Flex**. Added Flex monitor alerts that help you proactively detect ingestion spikes, prevent budget overruns, and control expensive queries by automatically flagging abnormal data usage and credit consumption before they impact costs or system stability. [Learn more](/docs/integrations/sumo-apps/flex/#flex-app-alerts). -- **Infrequent Data Tier**. Added Infrequent Data Tier monitor alerts that help you proactively control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). -- **SentinelOne**. Added SentinelOne monitor alerts that help you proactively detect high-risk threats, suspicious activity, and compliance violations in real time, enabling faster response and stronger endpoint security. + - The associated monitors alert you when search failures, query runtimes, or data usage exceed defined thresholds, allowing you to detect reliability, performance, or cost issues early and take corrective action before they impact users or budgets. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit-app-alerts). +- **Enterprise Audit apps**. Updated the following Enterprise Audit apps to add monitor alerts. + - **Enterprise Audit - Collector & Data Forwarding Management**. The monitor alerts help you detect and respond to critical collector and data-forwarding issues, ensuring reliable data ingestion, secure configurations, and uninterrupted operations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---collector-and-data-forwarding-management-app). + - **Enterprise Audit - Content Management**. The monitor alerts help you maintain security and compliance by alerting when content is made public or accessed publicly, enabling quick detection of unintended exposure and potential data risks. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---content-management-alerts). + - **Enterprise Audit – Cloud SIEM**. The monitor alerts help you detect and respond to high-risk security threats and SLA breaches by automatically alerting on critical Cloud SIEM activities like brute-force attacks, malware, anomalous access, and delayed detection or remediation. [Learn more](/docs/integrations/sumo-apps/cse/#enterprise-audit---cloud-siem-alerts). + - **Enterprise Audit - Security Management**. The monitor alerts help you ensure regulatory compliance and reduce risk by detecting and alerting on security events originating from embargoed or sanctioned geographic locations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---security-management-alerts). + - **Enterprise Audit - User & Role Management**. The monitor alerts help you enhance security and compliance by alerting on user or role management activities originating from embargoed or high-risk geographic locations, enabling faster detection of suspicious access. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---user-and-role-management-alerts) +- **Data Volume**. Added Data Volume monitor alerts that help you track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). +- **Flex**. Added Flex monitor alerts that help you detect ingestion spikes, prevent budget overruns, and control expensive queries by automatically flagging abnormal data usage and credit consumption before they impact costs or system stability. [Learn more](/docs/integrations/sumo-apps/flex/#flex-app-alerts). +- **Infrequent Data Tier**. Added Infrequent Data Tier monitor alerts that help you control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). +- **SentinelOne**. Added SentinelOne monitor alerts that help you detect high-risk threats, suspicious activity, and compliance violations in real time, enabling faster response and stronger endpoint security. +- **Azure Security apps**. Updated the following Microsoft Azure Security apps to refresh sample queries, localize dashboard images, and add monitor alerts. + - **Azure Security - Microsoft Defender for Endpoint**. The monitor alerts help you identify and respond to critical endpoint threats by alerting on high-severity incidents, suspicious devices, and activity from embargoed or high-risk locations. [Learn more](/docs/integrations/microsoft-azure/microsoft-defender-for-endpoint/#azure-security---microsoft-defender-for-endpoint-alerts). + - **Azure Security - Microsoft Defender for Identity**. The monitor alerts help you detect and prioritize identity-based threats by alerting on high-severity incidents, embargoed locations, and suspicious devices to enable faster investigation and response. [Learn more](/docs/integrations/microsoft-azure/azure-security-microsoft-defender-for-identity/#azure-security---microsoft-defender-for-identity-alerts). + - **Azure Security - Microsoft Defender for Office 365**. The monitor alerts help you detect and respond to high-risk email and collaboration threats by alerting on embargoed locations, high-severity incidents, and suspicious device activity in Microsoft Defender for Office 365. [Learn more](/docs/integrations/microsoft-azure/azure-security-microsoft-defender-for-office-365/#azure-security---microsoft-defender-for-office-365-alerts). + - **Microsoft Graph Security**. The monitor alerts help you detect and prioritize critical security threats by alerting on high-severity incidents, risky devices, and suspicious activity from embargoed or high-risk locations using Microsoft Graph Security signals. [Learn more](/docs/integrations/saas-cloud/microsoft-graph-security-v2/#microsoft-graph-security-alerts). + + + +#### App deprecation -- Enterprise Audit – Cloud SIEM - @Priyansh Patel @Darshan Raval please take this up on priority - To be released on Mon 23-Feb. -- Audit App (Apoorv) to cover Delete use use cases To be released on Tue 24-Feb. -- 4 Apps from Priyansh, 1 App from Prafull, ++. +- **Security Analytics**. The Security Analytics has been deprecated and is no longer actively supported or recommended for use. \ No newline at end of file From 9ece04f56f4bf864943867fa942d252f62cff8b6 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 26 Feb 2026 02:02:18 +0530 Subject: [PATCH 6/6] Update 2026-02-27-apps.md --- blog-service/2026-02-27-apps.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/blog-service/2026-02-27-apps.md b/blog-service/2026-02-27-apps.md index 01127d8e97..923f92bc89 100644 --- a/blog-service/2026-02-27-apps.md +++ b/blog-service/2026-02-27-apps.md @@ -20,24 +20,24 @@ We’re excited to announce the release of the following new apps for Sumo Logic We’re excited to announce new enhancements to the following Sumo Logic apps, designed to improve visibility, usability, and troubleshooting capabilities while helping you gain deeper insights and operate more efficiently. -- **Enterprise Search Audit**. Added the **Enterprise Search Audit – Failures KPIs and Breakdowns** dashboard and monitor alerts to the app. - - The dashboard helps you understand search reliability at a glance by visualizing failure trends, slow-running queries, high-cost searches, and problematic content across users and query types, enabling faster troubleshooting and better prioritization of fixes. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit---failures-kpis-and-breakdowns). - - The associated monitors alert you when search failures, query runtimes, or data usage exceed defined thresholds, allowing you to detect reliability, performance, or cost issues early and take corrective action before they impact users or budgets. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit-app-alerts). +- **Azure Security apps**. Updated the following Microsoft Azure Security apps to refresh sample queries, localize dashboard images, and add monitor alerts. + - **Azure Security - Microsoft Defender for Endpoint**. The monitor alerts help you identify and respond to critical endpoint threats by alerting on high-severity incidents, suspicious devices, and activity from embargoed or high-risk locations. [Learn more](/docs/integrations/microsoft-azure/microsoft-defender-for-endpoint/#azure-security---microsoft-defender-for-endpoint-alerts). + - **Azure Security - Microsoft Defender for Identity**. The monitor alerts help you detect and prioritize identity-based threats by alerting on high-severity incidents, embargoed locations, and suspicious devices to enable faster investigation and response. [Learn more](/docs/integrations/microsoft-azure/azure-security-microsoft-defender-for-identity/#azure-security---microsoft-defender-for-identity-alerts). + - **Azure Security - Microsoft Defender for Office 365**. The monitor alerts help you detect and respond to high-risk email and collaboration threats by alerting on embargoed locations, high-severity incidents, and suspicious device activity in Microsoft Defender for Office 365. [Learn more](/docs/integrations/microsoft-azure/azure-security-microsoft-defender-for-office-365/#azure-security---microsoft-defender-for-office-365-alerts). + - **Microsoft Graph Security**. The monitor alerts help you detect and prioritize critical security threats by alerting on high-severity incidents, risky devices, and suspicious activity from embargoed or high-risk locations using Microsoft Graph Security signals. [Learn more](/docs/integrations/saas-cloud/microsoft-graph-security-v2/#microsoft-graph-security-alerts). +- **Data Volume**. Added Data Volume monitor alerts that help you track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). - **Enterprise Audit apps**. Updated the following Enterprise Audit apps to add monitor alerts. - **Enterprise Audit - Collector & Data Forwarding Management**. The monitor alerts help you detect and respond to critical collector and data-forwarding issues, ensuring reliable data ingestion, secure configurations, and uninterrupted operations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---collector-and-data-forwarding-management-app). - **Enterprise Audit - Content Management**. The monitor alerts help you maintain security and compliance by alerting when content is made public or accessed publicly, enabling quick detection of unintended exposure and potential data risks. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---content-management-alerts). - **Enterprise Audit – Cloud SIEM**. The monitor alerts help you detect and respond to high-risk security threats and SLA breaches by automatically alerting on critical Cloud SIEM activities like brute-force attacks, malware, anomalous access, and delayed detection or remediation. [Learn more](/docs/integrations/sumo-apps/cse/#enterprise-audit---cloud-siem-alerts). - **Enterprise Audit - Security Management**. The monitor alerts help you ensure regulatory compliance and reduce risk by detecting and alerting on security events originating from embargoed or sanctioned geographic locations. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---security-management-alerts). - - **Enterprise Audit - User & Role Management**. The monitor alerts help you enhance security and compliance by alerting on user or role management activities originating from embargoed or high-risk geographic locations, enabling faster detection of suspicious access. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---user-and-role-management-alerts) -- **Data Volume**. Added Data Volume monitor alerts that help you track log ingestion, detect usage spikes or data gaps, and prevent unexpected credit overages by alerting you to abnormal volume patterns and plan-limit risks in real time. [Learn more](/docs/integrations/sumo-apps/data-volume/#data-volume-app-alerts). + - **Enterprise Audit - User & Role Management**. The monitor alerts help you enhance security and compliance by alerting on user or role management activities originating from embargoed or high-risk geographic locations, enabling faster detection of suspicious access. [Learn more](/docs/integrations/sumo-apps/enterprise-audit/#enterprise-audit---user-and-role-management-alerts). +- **Enterprise Search Audit**. Added the **Enterprise Search Audit – Failures KPIs and Breakdowns** dashboard and monitor alerts to the app. + - The dashboard helps you understand search reliability at a glance by visualizing failure trends, slow-running queries, high-cost searches, and problematic content across users and query types, enabling faster troubleshooting and better prioritization of fixes. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit---failures-kpis-and-breakdowns). + - The associated monitors alert you when search failures, query runtimes, or data usage exceed defined thresholds, allowing you to detect reliability, performance, or cost issues early and take corrective action before they impact users or budgets. [Learn more](/docs/integrations/sumo-apps/enterprise-search-audit/#enterprise-search-audit-app-alerts). - **Flex**. Added Flex monitor alerts that help you detect ingestion spikes, prevent budget overruns, and control expensive queries by automatically flagging abnormal data usage and credit consumption before they impact costs or system stability. [Learn more](/docs/integrations/sumo-apps/flex/#flex-app-alerts). - **Infrequent Data Tier**. Added Infrequent Data Tier monitor alerts that help you control costs and usage by detecting consumption spikes, expensive or failed queries, and abnormal user or module-level scan activity before they waste credits. [Learn more](/docs/integrations/sumo-apps/infrequent-data-tier/#infrequent-data-tier-app-alerts). - **SentinelOne**. Added SentinelOne monitor alerts that help you detect high-risk threats, suspicious activity, and compliance violations in real time, enabling faster response and stronger endpoint security. -- **Azure Security apps**. Updated the following Microsoft Azure Security apps to refresh sample queries, localize dashboard images, and add monitor alerts. - - **Azure Security - Microsoft Defender for Endpoint**. The monitor alerts help you identify and respond to critical endpoint threats by alerting on high-severity incidents, suspicious devices, and activity from embargoed or high-risk locations. [Learn more](/docs/integrations/microsoft-azure/microsoft-defender-for-endpoint/#azure-security---microsoft-defender-for-endpoint-alerts). - - **Azure Security - Microsoft Defender for Identity**. The monitor alerts help you detect and prioritize identity-based threats by alerting on high-severity incidents, embargoed locations, and suspicious devices to enable faster investigation and response. [Learn more](/docs/integrations/microsoft-azure/azure-security-microsoft-defender-for-identity/#azure-security---microsoft-defender-for-identity-alerts). - - **Azure Security - Microsoft Defender for Office 365**. The monitor alerts help you detect and respond to high-risk email and collaboration threats by alerting on embargoed locations, high-severity incidents, and suspicious device activity in Microsoft Defender for Office 365. [Learn more](/docs/integrations/microsoft-azure/azure-security-microsoft-defender-for-office-365/#azure-security---microsoft-defender-for-office-365-alerts). - - **Microsoft Graph Security**. The monitor alerts help you detect and prioritize critical security threats by alerting on high-severity incidents, risky devices, and suspicious activity from embargoed or high-risk locations using Microsoft Graph Security signals. [Learn more](/docs/integrations/saas-cloud/microsoft-graph-security-v2/#microsoft-graph-security-alerts).