Sumo Logic + Fortigate + Monitoring Children (update)
Sumo Logic dashboard query to build a graph of usage by MAC address over time.
Suricata + Sumo Logic Basic Port Analysis
Take the output from Suricata, send it into Sumo Logic, then create a dashboard to view top allowed/denied port usage, and DNS nameservers.
Suricata IDS/IPS reporting
Summary post with picture of dashboard in Sumo Logic of my start with running Suricata on my systems.
Fortigate to Sumo Logic How-To
I received a question via Twitter today on how to configure the Fortigate firewall to send data into Sumo Logic.
Sumo Logic + Fortigate + Web Classification (update!)
Updated query replacing an empty category with UNRATED for a more useful display.
Sumo Logic + Fortigate + Web Classification
Website classification can be used for content filtering. This post has Sumo Logic searches from Fortigate logs to look at utilization by category as well as an example of a scheduled search to create a daily report, perhaps of just the adult content categories.
Sumo Logic – example json’ery
Creating a configuration strategy for your Sumo Logic collector requires you to decide on whether you are going to use the web interface to control your collector or use a JSON configuration file.
Sumo Logic + Fortigate = My Dashboard
My dashboard – I took the Cisco ASA application from Sumo Logic and converted it into a dashboard that is built from the logging of a Fortigate firewall.
Sumo Logic + Fortigate + IPS Results
An additional panel that provides a representation of IPS triggered rules.