In one of my previous blogs I explained how important it is for a modern observability platform to provide “the observers” full, flexible access to all raw telemetry. Observability’s promise to find unknown unknowns relied directly on the ability of fast, powerful and multidimensional high-cardinality analysis of raw data, to uncover previously unknown patterns that have not yet been visualized as a metric, dashboard panel or an alert or anomaly event.

Apache Cassandra is an open-source distributed NoSQL database management system that was released by Facebook almost 12 years ago. It’s designed to handle vast amounts of data, with high availability and no single point of failure. It is a wide-column store, meaning that it organizes related facts into columns. Columns are grouped into “column families.” The benefit is that you can manage data that just won’t fit on one computer.

Many of our customers today leverage Office 365 GCC High, including organizations looking to meet evolving requirements for working with the United States Department of Defense. Sumo Logic enables customers to leverage our out-of-the-box monitoring and analytics capabilities to analyze Office 365 GCC High data to offer security engineers and security analysts stronger situational awareness of internal employee data.

A common scenario for log analytics is that many log events are high value for real time analytics, but there are also events that are low value for analytics, but account for a very large percentage of overall log volume. Often these same low value logs are used only for ad-hoc investigations from time to time or need to be retained for audit purposes.