Operations | Monitoring | ITSM | DevOps | Cloud

Every single day, the Sumo Logic Platform analyzes more than four exabytes of log data. The good news? The answers to your application performance, infrastructure health, and security incidents are hidden in those logs. The challenge? Historically, uncovering those answers required query language fluency. That’s why we built Mobot, our conversational interface that connects users to advanced AI capabilities using natural language.

When people talk about trusting AI, they usually focus on the interface. It summarizes and uses confident language with a level of clarity that feels reliable. But that’s all window dressing. None of it builds trust. Trust doesn’t come from what the AI says. A verifiable record of what the AI did makes it trustworthy.

Sumo Logic’s log analytics capabilities have always provided the greatest insights to help you secure, monitor and troubleshoot your environment. Now, with our Query Agent, as part of Dojo AI, creating optimized log searches with natural language is even easier. Query Agent works with a wide variety of operators, including the join operator, for parsing, aggregation, data transformation, filtering, advanced analysis and lookup.

Kubernetes is a container orchestration platform that automates the deployment, scaling, and management of containerized applications, abstracting many of the manual steps of rolling upgrades and scaling. When building cloud-native applications in a Kubernetes environment, you’ll often need to deploy database applications like a PostgreSQL database so that your applications can leverage their features within the cluster.

I’ve been staring at Claude Code telemetry for the past few weeks, and I keep noticing the same thing: most teams drop it into their environment, say “it’s amazing,” and have absolutely no idea what it’s actually doing at the system level. That’s fine for a personal dev tool. It’s not fine when you’ve rolled it out to 50 engineers.

Dozens of startups are sprinting to build the next “agentic SIEM” that can autonomously detect, investigate, and respond to threats. They’re well-funded, well-marketed, but structurally hollow. Here’s what it usually looks like: an LLM layer on top of a thin orchestration engine on top of fragmented or customer-hosted data lakes. While it looks impressive in a demo, it quickly falls apart in production. Why? It’s not built on a strong foundation.

Everyone is adding Model Context Protocol (MCP) servers to everything right now. And I get it. MCP is clean. It’s standardized. You write a server, expose some tools, and suddenly your LLM can query your log platform, pull a dashboard, and fire an alert. It feels like the right abstraction. But I’ve watched teams at serious companies burn weeks building MCP integrations for workflows that should have been skills, and build skills for things that genuinely needed MCP.

Back in September, we unveiled Sumo Logic Dojo AI, our agentic AI platform built to power intelligent security operations and incident response. With that launch, we introduced Mobot, our conversational interface, as well as our first agents designed to help automate routine tasks, streamline investigations, and give security teams the freedom and ability to focus on analyzing the highest value security issues facing their organization. Today, we’re excited to share the latest additions to Dojo AI.

In the dojo, not every role is about throwing punches. Some roles are about awareness, the unmistakable voice that tells the fighter when to move, where the strike is coming from, and why the opponent matters. That’s the role of the Summary Agent in Sumo Logic Dojo AI. Unlike a traditional agent, it doesn’t launch queries or carry out actions on its own. Its purpose is to narrate, not act. In doing so, it becomes the foundation for every other decision in the dojo.

If you manage workloads across multiple clouds, you know how easy it is for critical alerts or performance issues to get lost in the noise. Switching between consoles, correlating logs, and tracking metrics across platforms can slow down troubleshooting, delaying incident resolution and increasing risk of missing critical alerts.