From 1ff0357b7e21852fdb708226023973641c2054aa Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 28 Feb 2025 16:00:59 +0530 Subject: [PATCH 1/3] Automox (apps) --- blog-service/2025-02-28-apps.md | 14 ++ cid-redirects.json | 1 + .../product-list/product-list-a-l.md | 2 +- docs/integrations/saas-cloud/automox.md | 207 ++++++++++++++++++ docs/integrations/saas-cloud/index.md | 6 + sidebars.ts | 1 + 6 files changed, 230 insertions(+), 1 deletion(-) create mode 100644 blog-service/2025-02-28-apps.md create mode 100644 docs/integrations/saas-cloud/automox.md diff --git a/blog-service/2025-02-28-apps.md b/blog-service/2025-02-28-apps.md new file mode 100644 index 0000000000..aa8b7b171d --- /dev/null +++ b/blog-service/2025-02-28-apps.md @@ -0,0 +1,14 @@ +--- +title: Automox (Apps) +image: https://help.sumologic.com/img/sumo-square.png +keywords: + - apps + - automox +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +icon + +We're excited to introduce the new Automox app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Automox source that collects audit logs and event logs from the Automox platform, helping organizations enhance security monitoring, streamline endpoint management, and boost operational resilience. [Learn more](/docs/integrations/saas-cloud/automox/). \ No newline at end of file diff --git a/cid-redirects.json b/cid-redirects.json index 56db0245b7..d2c8fcae79 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1610,6 +1610,7 @@ "/cid/10193": "/docs/integrations/saas-cloud/asana", "/cid/11111": "/docs/integrations/saas-cloud/dragos", "/cid/10181": "/docs/integrations/saas-cloud/atlassian", + "/cid/10182": "/docs/integrations/saas-cloud/automox", "/cid/10207": "/docs/integrations/saas-cloud/symantec-endpoint-security-service", "/cid/10197": "/docs/integrations/saas-cloud/symantec-web-security-service", "/cid/6016": "/docs/integrations/saas-cloud/trend-micro-vision-one", diff --git a/docs/integrations/product-list/product-list-a-l.md b/docs/integrations/product-list/product-list-a-l.md index fbd4b48df7..7f0b4e250b 100644 --- a/docs/integrations/product-list/product-list-a-l.md +++ b/docs/integrations/product-list/product-list-a-l.md @@ -79,7 +79,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Asana](https://asana.com/) | App: [Asana](/docs/integrations/saas-cloud/asana/)
Collector: [Asana Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/asana-source/) | | Thumbnail icon | [Atlassian](https://www.atlassian.com) | Apps:
- [Atlassian](/docs/integrations/saas-cloud/atlassian/)
- [Jira](/docs/integrations/app-development/jira/)
- [Jira Cloud](/docs/integrations/app-development/jira-cloud/)
- [Jira - OpenTelemetry](/docs/integrations/app-development/opentelemetry/jira-opentelemetry/)
Automation integrations:
- [Atlassian Confluence](/docs/platform-services/automation-service/app-central/integrations/atlassian-confluence/)
- [Atlassian Jira](/docs/platform-services/automation-service/app-central/integrations/atlassian-jira/)
- [Atlassian Jira V2](/docs/platform-services/automation-service/app-central/integrations/atlassian-jira-v2/)
Collector: [Atlassian Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/atlassian-source/)
Cloud SIEM integration: [Atlassian](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/4d40dc7a-b95e-476c-9fb0-7163ea7fd335.md)
Webhooks:
- [Webhook Connection for Jira Cloud](/docs/alerts/webhook-connections/jira-cloud/)
- [Webhook Connection for Jira Server](/docs/alerts/webhook-connections/jira-server/)
- [Webhook Connection for Jira Service Desk](/docs/alerts/webhook-connections/jira-service-desk/) | | Thumbnail icon | [Automation Anywhere](https://www.automationanywhere.com/) | Partner integration: [Automation Anywhere](https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/control-room/administration/settings/setting-up-sumo-logic.html) | -| Thumbnail icon | [Automox](https://www.automox.com/) | Automation integration: [Automox](/docs/platform-services/automation-service/app-central/integrations/automox/)
Collector: [Automox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source) | +| Thumbnail icon | [Automox](https://www.automox.com/) | Apps: [Automox](/docs/integrations/saas-cloud/automox)
Automation integration: [Automox](/docs/platform-services/automation-service/app-central/integrations/automox/)
Collector: [Automox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source) | | Thumbnail icon | [Auth0](https://auth0.com/) | App: [Auth0](/docs/integrations/saml/auth0/)
Cloud SIEM integration: [Auth0](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/f002a19c-876e-4a33-8be0-ed3b922d19bc.md)
Collector: [Auth0 - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/auth0/)
Partner integration: [Auth0](https://auth0.com/docs/customize/log-streams/sumo-logic-dashboard) | | Thumbnail icon | [AWS](https://aws.amazon.com/) | Apps:
- [Cloud Infrastructure Security for AWS](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/)
- [Threat Intel for AWS](/docs/integrations/amazon-aws/threat-intel/)
Cloud SIEM integration: [Amazon AWS - Trusted Advisor](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/products/99d21ed4-c3fb-452e-8e4a-a10ff4b94fe0.md)
Community app: [Sumo Logic for AWS Health Events](https://github.com/SumoLogic/sumologic-content/tree/master/Amazon_Web_Services/AWS_Health)
Also see [AWS Observability](/docs/observability/aws/). | | Thumbnail icon | [AWS Amplify](https://aws.amazon.com/amplify/) | App: [AWS Amplify](/docs/integrations/amazon-aws/aws-amplify/) | diff --git a/docs/integrations/saas-cloud/automox.md b/docs/integrations/saas-cloud/automox.md new file mode 100644 index 0000000000..2e0d0272a8 --- /dev/null +++ b/docs/integrations/saas-cloud/automox.md @@ -0,0 +1,207 @@ +--- +id: automox +title: Automox +sidebar_label: Automox +description: The Sumo Logic app for Automox provides security and IT teams visibility into endpoint management and security. +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +Automox-icon + +Automox is a cloud-native endpoint management solution that automates patching, configuration, and security enforcement across various operating systems. This app helps organizations monitor security events, audit system activity, and track patch compliance to reduce vulnerabilities and enhance endpoint security. The Sumo Logic app for Automox provides security and IT teams visibility into endpoint management and security. + +Key features and benefits of Automox include: + +- **Patch Compliance and Version Tracking**. Gain insights into patch compliance by tracking applied and pending patches across different OS versions. +- **Security Event Monitoring and Anomaly Detection**. Monitor security events, including policy actions, system modifications, and user activity, to detect anomalies. +- **Audit and Compliance for Administrative Actions**. Audit administrative actions, authentication logs, and system configuration changes for compliance and forensic investigations. +- **Trend Analysis for Risk Identification and Security Optimization**. Analyze trends over time to identify potential risks and optimize endpoint security strategies. +- **Real-Time Alerts for Security and Compliance Response**. Leverage real-time alerts to respond quickly to critical security issues and compliance gaps. + +Integrating Automox data into Sumo Logic helps organizations enhance security monitoring, streamline endpoint management, and boost operational resilience. + +:::info +This app includes [built-in monitors](#automox-alerts). For details on creating custom monitors, refer to the [Create monitors for Automox app](#create-monitors-for-the-automox-app). +::: + +## Log types + +This app uses Sumo Logic’s [Automox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source/) to collect [audit logs](https://developer.automox.com/openapi/audit-trail/operation/getAuditEvents/) and [events logs](https://developer.automox.com/openapi/axconsole/operation/getEvents/) from Automox. + +## Sample log message + +```json title="Event Log" +{ + "id": 1245817905, + "name": "user.create", + "user_id": 93789, + "server_id": null, + "organization_id": 114830, + "policy_id": null, + "data": { + "email": "abc.123@example.com", + "orgname": "Sumo Logic", + "lastname": "Raval", + "trialend": null, + "firstname": "abc", + "trialstart": null + }, + "server_name": null, + "policy_name": null, + "policy_type_name": null, + "create_time": "2024-09-26 07:30:19.223963" +} +``` + +```json title="Audit Log" +{ + "id": "66f50ffd8be0f28b7ba2f05a7a", + "activity": "Attach Policy", + "activity_id": 7, + "actor": { + "user": { + "email_addr": null, + "org": { + "uid": "dfffdf9c-0844-4302-80fb-31f9c27d5f74", + "name": "Sumo Logic" + }, + "uid": null + } + }, + "category_uid": 3, + "class_uid": 3001, + "count": 1, + "message": "User Zone Role Assignment", + "metadata": { + "tenant_uid": null, + "uid": "7f4bf345-a188-42de-83rc6-84872a79828f", + "correlation_uid": "dfffdf9c-0844-4302-80fb-31f9c27d5f74", + "version": "1.1.0", + "product": { + "version": "1.0.0-dev", + "vendor_name": "Automox" + } + }, + "severity": "Informational", + "severity_id": 1, + "status_code": 201, + "status_id": 1, + "time": 1727335819520, + "timezone_offset": 0, + "type_name": "Account Change: Attach Policy", + "type_uid": 300107, + "user": { + "uid": "93789", + "email_addr": "abc.123@example.com" + }, + "user_result": { + "uid": "93789", + "email_addr": "abc.123@example.com", + "groups": [ + { + "type": "organization", + "privileges": [ + "No Global Access" + ], + "uid": "5ca5de57-4f69-42fd-b8ec-b838f1a37475", + "name": "Sumo Logic" + }, + { + "type": "organization", + "privileges": [ + "Zone Administrator" + ], + "uid": "dfffdf9c-0844-4302-80fb-31f9c27d5f74", + "name": "Sumo Logic" + } + ] + } +} + +``` + +## Sample queries + +```sql title="Recent Access Activities" +_sourceCategory="Labs/automox" activity_id +| json "id", "activity_id", "activity", "severity", "type_name", "entity.name", "entity.type", "actor.user.email_addr", "actor.user.org.name", "auth_protocol_id", "category_uid", "count", "message", "metadata.correlation_uid", "metadata.tenant_uid", "metadata.product.vendor_name", "status_code", "status_id", "status_details", "time", "user.email", "user_result.email_addr", "user_result.groups[*].type", "user_result.groups[*].name", "user_result.groups[*].privileges[*]", "observables[*].type", "observables[*].value", "observables[*].name", "web_resources[*].name", "web_resources[*].type", "web_resources[*].url_string" as id, activity_id, activity, severity, type_name, entity_name, entity_type, actor_email, actor_org, auth_protocol_id, category_uid, event_count, message, correlation_uid, tenant_uid, vendor_name, status_code, status, status_details, event_time, target_user_email, result_user_email, group_type, group_name, group_privileges, observables_type, observables_value, observables_name, web_resource_name, web_resource_type, url_string nodrop + +| If (status matches "0", "Unknown", if (status matches "1", "Success", if (status matches "2", "Failure", "Other"))) as status + +// global filters +| where activity matches "{{activity_type}}" +| where severity matches "{{severity}}" +| where status matches "{{status}}" +| where status_code matches "{{status_code}}" + +| count by id +| count +``` + +## Collection configuration and app installation + +import CollectionConfiguration from '../../reuse/apps/collection-configuration.md'; + + + +:::important +Use the [Cloud-to-Cloud Integration for Automox](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source/) to create the source and use the same source category while installing the app. By following these steps, you can ensure that your Automox app is properly integrated and configured to collect and analyze your Automox data. +::: + +### Create a new collector and install the app + +import AppCollectionOPtion1 from '../../reuse/apps/app-collection-option-1.md'; + + + +### Use an existing collector and install the app + +import AppCollectionOPtion2 from '../../reuse/apps/app-collection-option-2.md'; + + + +### Use an existing source and install the app + +import AppCollectionOPtion3 from '../../reuse/apps/app-collection-option-3.md'; + + + +## Viewing the Automox dashboards​​ + +import ViewDashboards from '../../reuse/apps/view-dashboards.md'; + + + +### Events + +The **Automox - Events** dashboard provides a centralized view of the security and system events across managed endpoints. It highlights key metrics such as total events, user activities, policy actions, and notifications. Events are categorized by Operating System (OS) and event type, enabling administrators to track patches, policies, and system deletions. Geolocation heatmaps identify the event origins, which aids in threat analysis, while time-series visualizations display trends to help detect anomalies. Detailed event logs offer insights into user actions, policy executions, and patch deployments for auditing and compliance. This dashboard assists security teams in monitoring security, enforcing policies, and maintaining system integrity.
Automox-Events-Overview + +### Audit Security + +The **Automox - Audit Security** dashboard provides a comprehensive overview of the audit events, enabling security teams monitor system activity and potential risks. Events are categorized by severity (fatal, critical, high, medium, and low) for quick identification of critical issues. The dashboard also includes a breakdown of statuses (success, failure, and unknown) to evaluate the effectiveness of security measures. Events are further classified by type, entity, and web resource, offering insights into account changes, authentication logs, and entity management. Time-series charts track trends, making it easier to identify anomalies. User activity data highlights key individuals involved in security events, supporting investigations and compliance. Furthermore, detailed event summaries provide visibility into authentication attempts, account modifications, and resource deletions, ensuring thorough auditing.
Automox-Audit-Security-Overview + +## Create monitors for the Automox app + +import CreateMonitors from '../../reuse/apps/create-monitors.md'; + + + +### Automox alerts + +| Name | Description | Trigger Type (Critical / Warning / MissingData) | Alert Condition | +|:--|:--|:--|:--| +| `Automox - Critical Severity Events` | This alert is triggered when critical severity events are detected in Automox, such as security risks, failed patches, or policy violations. It helps IT and security teams quickly identify and address high-impact incidents before they escalate. | Critical | Count > 0 | +| `Automox - Events from Embargoed Geo Locations` | This alert is triggered when events originate from restricted or embargoed geographic locations, indicating possible unauthorized access or compliance violations. Security teams can use it to enforce geo-based access policies and mitigate potential threats. | Critical | Count > 0| + +## Upgrading/Downgrading the Automox app (Optional) + +import AppUpdate from '../../reuse/apps/app-update.md'; + + + +## Uninstalling the Automox app (Optional) + +import AppUninstall from '../../reuse/apps/app-uninstall.md'; + + diff --git a/docs/integrations/saas-cloud/index.md b/docs/integrations/saas-cloud/index.md index 09563c52df..6039388e31 100644 --- a/docs/integrations/saas-cloud/index.md +++ b/docs/integrations/saas-cloud/index.md @@ -63,6 +63,12 @@ Learn about the Sumo Logic apps for SaaS and Cloud applications.

Monitor and analyze the critical events of Atlassian data.

+
+
+ automox-icon.png

Automox

 +

Enhance security monitoring, streamline endpoint management, and boost operational resilience.

+
+
icon

Box

 diff --git a/sidebars.ts b/sidebars.ts index fb8923655c..24af5ce6ed 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -2500,6 +2500,7 @@ integrations: [ 'integrations/saas-cloud/armis', 'integrations/saas-cloud/asana', 'integrations/saas-cloud/atlassian', + 'integrations/saas-cloud/automox', 'integrations/saas-cloud/box', 'integrations/saas-cloud/cato-networks', 'integrations/saas-cloud/cisco-amp', From 6c7646694fb73304b19b2bb46d04c41a54df3f7f Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 28 Feb 2025 16:30:16 +0530 Subject: [PATCH 2/3] changed release note date to avoid clash with monthly release note --- blog-service/{2025-02-28-apps.md => 2025-02-27-apps.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename blog-service/{2025-02-28-apps.md => 2025-02-27-apps.md} (100%) diff --git a/blog-service/2025-02-28-apps.md b/blog-service/2025-02-27-apps.md similarity index 100% rename from blog-service/2025-02-28-apps.md rename to blog-service/2025-02-27-apps.md From a1a7fd2e57d21497f6db554307c59a1f1be27a81 Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Fri, 28 Feb 2025 17:23:06 +0530 Subject: [PATCH 3/3] minor fixes --- blog-service/2025-02-28-apps.md | 3 ++- docs/integrations/saas-cloud/automox.md | 28 ++++++++++++++++--------- docs/integrations/saas-cloud/index.md | 2 +- 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/blog-service/2025-02-28-apps.md b/blog-service/2025-02-28-apps.md index aa8b7b171d..c7ef572aa5 100644 --- a/blog-service/2025-02-28-apps.md +++ b/blog-service/2025-02-28-apps.md @@ -11,4 +11,5 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; icon -We're excited to introduce the new Automox app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Automox source that collects audit logs and event logs from the Automox platform, helping organizations enhance security monitoring, streamline endpoint management, and boost operational resilience. [Learn more](/docs/integrations/saas-cloud/automox/). \ No newline at end of file +We're excited to introduce the new Automox app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Automox source to collect audit and event logs from the Automox platform. It provides security and IT teams with visibility into endpoint management and security. By using this app, teams can improve their security monitoring, streamline endpoint management, and strengthen operational resilience. [Learn more](/docs/integrations/saas-cloud/automox/). + diff --git a/docs/integrations/saas-cloud/automox.md b/docs/integrations/saas-cloud/automox.md index 2e0d0272a8..47d82b1040 100644 --- a/docs/integrations/saas-cloud/automox.md +++ b/docs/integrations/saas-cloud/automox.md @@ -9,17 +9,17 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; Automox-icon -Automox is a cloud-native endpoint management solution that automates patching, configuration, and security enforcement across various operating systems. This app helps organizations monitor security events, audit system activity, and track patch compliance to reduce vulnerabilities and enhance endpoint security. The Sumo Logic app for Automox provides security and IT teams visibility into endpoint management and security. +Automox is a cloud-native endpoint management solution that automates patching, configuration, and security enforcement across various operating systems. This app helps you monitor security events, audit system activity, and track patch compliance to reduce vulnerabilities and enhance endpoint security. The Sumo Logic app for Automox helps security and IT teams with visibility into endpoint management and security. -Key features and benefits of Automox include: +Key features and benefits of the Automox app include: - **Patch Compliance and Version Tracking**. Gain insights into patch compliance by tracking applied and pending patches across different OS versions. -- **Security Event Monitoring and Anomaly Detection**. Monitor security events, including policy actions, system modifications, and user activity, to detect anomalies. +- **Security Event Monitoring and Anomaly Detection**. Monitor security events, including policy actions, system modifications, and user activity to detect anomalies. - **Audit and Compliance for Administrative Actions**. Audit administrative actions, authentication logs, and system configuration changes for compliance and forensic investigations. - **Trend Analysis for Risk Identification and Security Optimization**. Analyze trends over time to identify potential risks and optimize endpoint security strategies. - **Real-Time Alerts for Security and Compliance Response**. Leverage real-time alerts to respond quickly to critical security issues and compliance gaps. -Integrating Automox data into Sumo Logic helps organizations enhance security monitoring, streamline endpoint management, and boost operational resilience. +Integrating Automox data with Sumo Logic helps organizations enhance security monitoring, streamline endpoint management, and boost operational resilience. :::info This app includes [built-in monitors](#automox-alerts). For details on creating custom monitors, refer to the [Create monitors for Automox app](#create-monitors-for-the-automox-app). @@ -27,11 +27,14 @@ This app includes [built-in monitors](#automox-alerts). For details on creating ## Log types -This app uses Sumo Logic’s [Automox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source/) to collect [audit logs](https://developer.automox.com/openapi/audit-trail/operation/getAuditEvents/) and [events logs](https://developer.automox.com/openapi/axconsole/operation/getEvents/) from Automox. +This app uses Sumo Logic’s [Automox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source/) to collect [audit logs](https://developer.automox.com/openapi/audit-trail/operation/getAuditEvents/) and [events logs](https://developer.automox.com/openapi/axconsole/operation/getEvents/) from the Automox platform. ## Sample log message -```json title="Event Log" +
+Event Log + +```json { "id": 1245817905, "name": "user.create", @@ -53,8 +56,12 @@ This app uses Sumo Logic’s [Automox Source](/docs/send-data/hosted-collectors/ "create_time": "2024-09-26 07:30:19.223963" } ``` +
+ +
+Audit Log -```json title="Audit Log" +```json { "id": "66f50ffd8be0f28b7ba2f05a7a", "activity": "Attach Policy", @@ -120,7 +127,8 @@ This app uses Sumo Logic’s [Automox Source](/docs/send-data/hosted-collectors/ } ``` - +
+ ## Sample queries ```sql title="Recent Access Activities" @@ -175,11 +183,11 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md'; ### Events -The **Automox - Events** dashboard provides a centralized view of the security and system events across managed endpoints. It highlights key metrics such as total events, user activities, policy actions, and notifications. Events are categorized by Operating System (OS) and event type, enabling administrators to track patches, policies, and system deletions. Geolocation heatmaps identify the event origins, which aids in threat analysis, while time-series visualizations display trends to help detect anomalies. Detailed event logs offer insights into user actions, policy executions, and patch deployments for auditing and compliance. This dashboard assists security teams in monitoring security, enforcing policies, and maintaining system integrity.
Automox-Events-Overview +The **Automox - Events** dashboard provides a centralized view of the security and system events across managed endpoints. It highlights key metrics such as total events, user activities, policy actions, and notifications. Events are categorized by Operating System (OS) and event type, enabling administrators to track patches, policies, and system deletions. Geolocation heatmaps identify the event origins, which aids in threat analysis, while time-series visualizations display trends to help detect anomalies. Detailed event logs offer insights into user actions, policy executions, and patch deployments for auditing and compliance. This dashboard assists security teams in monitoring security, enforcing policies, and maintaining system integrity.
Automox-Events-Overview ### Audit Security -The **Automox - Audit Security** dashboard provides a comprehensive overview of the audit events, enabling security teams monitor system activity and potential risks. Events are categorized by severity (fatal, critical, high, medium, and low) for quick identification of critical issues. The dashboard also includes a breakdown of statuses (success, failure, and unknown) to evaluate the effectiveness of security measures. Events are further classified by type, entity, and web resource, offering insights into account changes, authentication logs, and entity management. Time-series charts track trends, making it easier to identify anomalies. User activity data highlights key individuals involved in security events, supporting investigations and compliance. Furthermore, detailed event summaries provide visibility into authentication attempts, account modifications, and resource deletions, ensuring thorough auditing.
Automox-Audit-Security-Overview +The **Automox - Audit Security** dashboard provides a comprehensive overview of the audit events, enabling security teams to monitor system activity and potential risks. Events are categorized by severity (fatal, critical, high, medium, and low) for quick identification of critical issues. The dashboard also includes a breakdown of statuses (success, failure, and unknown) to evaluate the effectiveness of security measures. Events are further classified by type, entity, and web resource, offering insights into account changes, authentication logs, and entity management. Time-series charts track trends, making it easier to identify anomalies. User activity data highlights key individuals involved in security events, supporting investigations and compliance. Furthermore, detailed event summaries provide visibility into authentication attempts, account modifications, and resource deletions, ensuring thorough auditing.
Automox-Audit-Security-Overview ## Create monitors for the Automox app diff --git a/docs/integrations/saas-cloud/index.md b/docs/integrations/saas-cloud/index.md index 6039388e31..6c8f55ea63 100644 --- a/docs/integrations/saas-cloud/index.md +++ b/docs/integrations/saas-cloud/index.md @@ -66,7 +66,7 @@ Learn about the Sumo Logic apps for SaaS and Cloud applications.
automox-icon.png

Automox

 -

Enhance security monitoring, streamline endpoint management, and boost operational resilience.

+

Gain insights into Automox events and audit data to enhance security monitoring, streamline endpoint management, and boost operational resilience.