SumoLogic · Apoorvkudesia-sumologic · Apr 27, 2026 · Apr 27, 2026 · May 18, 2026 · May 19, 2026
@@ -1,6 +1,7 @@
 ---
 id: api-gateway
 title: AWS API Gateway
+sidebar_label: AWS API Gateway
 description: Amazon API Gateway service allows you to create RESTful APIs, HTTP APIs, and WebSocket APIs for real-time two-way communication applications in containerized and serverless environments, as well as web applications.
 ---
 
@@ -565,7 +566,7 @@ Enter a parse expression to create an `account` field that maps to the alias you
 
 Now that you have set up a collection for the **AWS API gateway**, install the Sumo Logic app to use the pre-configured dashboards that provide visibility into your environment for real-time analysis of overall usage.
 
-import AppInstall from '../../reuse/apps/app-install.md';
+import AppInstall from '../../reuse/apps/app-install-v2.md';
 
 <AppInstall/>
 
@@ -715,3 +716,35 @@ Use these dashboards to:
 #### AWS API Gateway - Enhanced Monitoring (WebSocket API)
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/AWS-API-Gateway/7.-AWS-API-Gateway-Enhanced-Monitoring-WebSocket-API.png' alt="Enhanced Monitoring (WebSocket API)" />
+
+## Create monitors for AWS API Gateway app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### AWS API Gateway alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:-----|:------------|:----------------|:--|
+| `AWS API Gateway - High Server-Side Errors` | This alert fires where there are too many API requests (>5%) with server-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
-| `AWS API Gateway - High Server-Side Errors` | This alert fires where there are too many API requests (>5%) with server-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
+| `AWS API Gateway - High Server-Side Errors` | This alert fires when there are too many API requests (>5%) with server-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
-| `AWS API Gateway - High Server-Side Errors` | This alert fires where there are too many API requests (>5%) with server-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
+| `AWS API Gateway - High Server-Side Errors` | This alert fires when there are too many API requests (>5%) with server-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
+| `AWS API Gateway - High Client-Side Errors` | This alert fires where there are too many API requests (>5%) with client-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
-| `AWS API Gateway - High Client-Side Errors` | This alert fires where there are too many API requests (>5%) with client-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
+| `AWS API Gateway - High Client-Side Errors` | This alert fires when there are too many API requests (>5%) with client-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
-| `AWS API Gateway - High Client-Side Errors` | This alert fires where there are too many API requests (>5%) with client-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
+| `AWS API Gateway - High Client-Side Errors` | This alert fires when there are too many API requests (>5%) with client-side errors within 5 minutes. | Count > = 0.05 | Count < 0.05 |
+| `AWS API Gateway - High Integration Latency` | This alert fires when we detect the high integration latency for the API requests in a stage within 5 minutes. | Count > = 2000 | Count < 2000 |
+| `AWS API Gateway - High Latency` | This alert fires when we detect the high latency in a stage within 5 minutes for REST and HTTP API. | Count > = 2500 | Count < 2500 |
+| `AWS API Gateway - Low Traffic API` | This alert fires when there is low message traffic volume for the API within 5 minutes. | Count < = 1 | Count > 1 |
+| `AWS API Gateway - High Authorizer Errors` | This alert fires when there are too many API requests (>5%) with authorizer errors within 5 minutes. | Count > 5 | Count < = 5 |
+| `AWS API Gateway - High Integration Errors` | This alert fires when there are too many API requests (>5%) with integration errors within 5 minutes. | Count > 5 | Count < = 5 |
+| `AWS API Gateway - High WAF Errors` | This alert fires when there are too many API requests (>5%) with WAF errors within 5 minutes. | Count > 5 | Count < = 5 |
+| `AWS API Gateway - High WAF Latency` | This alert fires when we detect the high WAF latency for the REST and WebSocket API requests in a stage within 5 minutes. | Count > 1000 | Count < = 1000 |
+
+## Upgrade/Downgrade the AWS API Gateway app (Optional)
+
+import AppUpdate from '../../reuse/apps/app-update.md';
+
+<AppUpdate/>
+
+## Uninstalling the AWS API Gateway app (Optional)
+
+import AppUninstall from '../../reuse/apps/app-uninstall.md';
+
+<AppUninstall/>
@@ -1,6 +1,7 @@
 ---
 id: application-load-balancer
 title: AWS Application Load Balancer
+sidebar_label: AWS Application Load Balancer
 description: The Sumo Logic app for AWS Elastic Load Balancing ULM - Application is a unified logs and metrics (ULM) app that gives you visibility into the health of your Application Load Balancer and target groups.
 ---
 
@@ -163,6 +164,8 @@ import AppInstallNoDataSourceV2 from '../../reuse/apps/app-install-index-apps-v2
 
 ## Viewing AWS Application Load Balancer dashboards
 
+We highly recommend you view these dashboards in the [AWS Observability view](/docs/dashboards/explore-view/#aws-observability) of the AWS Observability solution.
+
 ### Overview
 
 The **AWS Application Load Balancer - Overview** dashboard provides visibility into the health of your Application Load Balancer and target groups, with at-a-glance views of latency, request and host status, requests from malicious sources, and HTTP backend codes.
@@ -255,3 +258,32 @@ Use this dashboard to:
 * Identify the most common error types and the users experiencing the highest failure rates, facilitating targeted improvements and user support.
 
 <img src={useBaseUrl('img/integrations/amazon-aws/AWS-Application-Load-Balancer-CloudTrail-Audit.png')} alt="AWS Application Load Balancer dashboard" style={{border: '1px solid gray'}} width="800"/>
+
+## Create monitors for AWS Application Load Balancer app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### AWS Application Load Balancer alerts
+
+| Name                                                                  | Description                                                                                                                                                          | Alert Condition   | Recover Condition |
+|:----------------------------------------------------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------|:--|
+| `AWS Application Load Balancer - Access from Highly Malicious Sources` | This alert fires when an application load balancer is accessed from highly malicious IP addresses within last 5 minutes.                                             | Count > 0         | Count < = 0       |
+| `AWS Application Load Balancer - Deletion Alert`                       | This alert fires when an application load balancer is deleted within last 5 minutes.                                                                                 | Count > = 2       | Count < 2         |
+| `AWS Application Load Balancer - High 4XX Errors`                      | This alert fires when there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes.                                         | Count > = 5       | Count < 5         |
+| `AWS Application Load Balancer - High 5XX Errors`                      | This alert fires when there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes.                                         | Count > = 5       | Count < 5         |
+| `AWS Application Load Balancer - High Latency`                         | This alert fires when we detect that the average latency for a given application load balancer within a time interval of 5 minutes is greater than or equal to three seconds. | Count > = 3000    | Count < 3000      |
+| `AWS Application Load Balancer - Targets Deregistered`                 | This alert fires when targets are deregistered from an application load balancer within last 5 minutes.                                                              | Count > = 1       | Count < 1         |
+
+## Upgrade/Downgrade the AWS Application Load Balancer app (Optional)
+
+import AppUpdate from '../../reuse/apps/app-update.md';
+
+<AppUpdate/>
+
+## Uninstalling the AWS Application Load Balancer app (Optional)
+
+import AppUninstall from '../../reuse/apps/app-uninstall.md';
+
+<AppUninstall/>
@@ -1,6 +1,7 @@
 ---
 id: classic-load-balancer
 title: AWS Classic Load Balancer
+sidebar_label: AWS Classic Load Balancer
 description: The Sumo Logic app for AWS Elastic Load Balancing Classic is a unified logs and metrics (ULM) app which helps you monitor the classic load balancer.
 ---
 
@@ -153,11 +154,11 @@ json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.loadBa
 | fields region, namespace, loadbalancername, accountid
 ```
 
-## Install the AWS Classic Load Balancer app
+## Installing the AWS Classic Load Balancer app
 
 Now that you have set up a collection for AWS Classic Load Balancer, install the Sumo Logic app to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
 
-import AppInstall from '../../reuse/apps/app-install.md';
+import AppInstall from '../../reuse/apps/app-install-v2.md';
 
 <AppInstall/>
 
@@ -255,4 +256,33 @@ Use this dashboard to:
 * Investigate specific error events, including their details, frequency, and associated users, enabling faster troubleshooting and resolution of issues.
 * Identify the most common error types and the users experiencing highest failure rates, facilitating targeted improvements and user support.
 
-<img src={useBaseUrl('img/integrations/amazon-aws/AWS-Classic-Load-Balancer-CloudTrail-Audit.png')} alt="AWS Elastic Load Balancer Classic" style={{border: '1px solid gray'}} width="800" />
+<img src={useBaseUrl('img/integrations/amazon-aws/AWS-Classic-Load-Balancer-CloudTrail-Audit.png')} alt="AWS Elastic Load Balancer Classic" style={{border: '1px solid gray'}} width="800" />
+
+## Create monitors for AWS Classic Load Balancer app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### AWS Classic Load Balancer alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:-----|:------------|:----------------|:--|
+| `AWS Classic Load Balancer - Access from Highly Malicious Sources` | This alert fires when the classic load balancer is accessed from highly malicious IP addresses within last 5 minutes. | Count > 0 | Count < = 0 |
+| `AWS Classic Load Balancer - Deletion Alert` | This alert fires when we detect greater than or equal to 2 application load balancers are deleted over a 5 minute time-period. | Count > = 2 | Count < 2 |
+| `AWS Classic Load Balancer - High 4XX Errors` | This alert fires when there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes. | Count > = 5 | Count < 5 |
+| `AWS Classic Load Balancer - High 5XX Errors` | This alert fires when there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes. | Count > = 5 | Count < 5 |
+| `AWS Classic Load Balancer - High Latency` | This alert fires when we detect that the average latency for a given classic load balancer within a time interval of 5 minutes is greater than or equal to three seconds. | Count > = 3000 | Count < 3000 |
+| `AWS Classic Load Balancer - Targets Deregistered` | This alert fires when we detect greater than or equal to 1 target is de-registered over a 5 minute time-period. | Count > = 1 | Count < 1 |
+
+## Upgrade/Downgrade the AWS Classic Load Balancer app (Optional)
+
+import AppUpdate from '../../reuse/apps/app-update.md';
+
+<AppUpdate/>
+
+## Uninstalling the AWS Classic Load Balancer app (Optional)
+
+import AppUninstall from '../../reuse/apps/app-uninstall.md';
+
+<AppUninstall/>
@@ -1,6 +1,7 @@
 ---
 id: dynamodb
 title: Amazon DynamoDB
+sidebar_label: Amazon DynamoDB
 description: The Sumo Logic app for DynamoDB provides operational insight into your database environment and Dashboards displaying the events, errors, latency, and capacity of your DynamoDB environment.
 ---
 
@@ -158,7 +159,7 @@ Enter a parse expression to create an “account” field that maps to the alias
 
 Now that you have set up a collection for **Amazon DynamoDB**, install the Sumo Logic app to use the pre-configured [dashboards](#viewing-amazon-dynamodb-dashboards) that provide visibility into your environment for real-time analysis of overall usage.
 
-import AppInstall from '../../reuse/apps/app-install.md';
+import AppInstall from '../../reuse/apps/app-install-v2.md';
 
 <AppInstall/>
 
@@ -222,4 +223,35 @@ Use this dashboard to:
 
 * Identify malicious IPs performing operations on DynamoDB tables using Sumo Logic Threat Intel.
 
-<img src={useBaseUrl('img/integrations/amazon-aws/AWS-DynamoDB-Threat-Intel.png')} alt="Amazon DynamoDB" />
+<img src={useBaseUrl('img/integrations/amazon-aws/AWS-DynamoDB-Threat-Intel.png')} alt="Amazon DynamoDB" />
+
+## Create monitors for Amazon DynamoDB app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### Amazon DynamoDB alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:-----|:------------|:----------------|:--|
+| `AWS DynamoDB - High Account Provisioned Read Capacity` | This alert fires when we detect that the average read capacity provisioned for an account for a time interval of 5 minutes is greater than or equal to 80%. | Count > = 80 | Count < 80 |
+| `AWS DynamoDB - High Account Provisioned Write Capacity` | This alert fires when we detect that the average write capacity provisioned for an account for a time interval of 5 minutes is greater than or equal to 80%. | Count > = 80 | Count < 80 |
+| `AWS DynamoDB - High Max Provisioned Table Read Capacity` | This alert fires when we detect that the average percentage of read provisioned capacity used by the highest read provisioned table of an account for a time interval of 5 minutes is greater than or equal to 80%. | Count > = 80 | Count < 80 |
+| `AWS DynamoDB - High Max Provisioned Table Write Capacity` | This alert fires when we detect that the average percentage of write provisioned capacity used by the highest write provisioned table of an account for a time interval of 5 minutes is greater than or equal to 80%. | Count > = 80 | Count < 80 |
+| `AWS DynamoDB - High Read Throttle` | This alert fires when we detect that the total read throttle events for a DynamoDB table is high (>5) for a time interval of 5 minutes. | Count > 5 | Count < = 5 |
+| `AWS DynamoDB - High Write Throttle` | This alert fires when we detect that the total write throttle events for a DynamoDB table is high (>5) for a time interval of 5 minutes. | Count > 5 | Count < = 5 |
+| `AWS DynamoDB - Multiple Tables deleted` | This alert fires when five or more tables are deleted within 15 minutes. | Count > = 5 | Count < 5 |
+| `AWS DynamoDB - System Errors` | This alert fires when we detect system errors for a DynamoDB table is high (>10) for a time interval of 5 minutes. | Count > 10 | Count < = 10 |
+
+## Upgrade/Downgrade the Amazon DynamoDB app (Optional)
+
+import AppUpdate from '../../reuse/apps/app-update.md';
+
+<AppUpdate/>
+
+## Uninstalling the Amazon DynamoDB app (Optional)
+
+import AppUninstall from '../../reuse/apps/app-uninstall.md';
+
+<AppUninstall/>
@@ -219,7 +219,7 @@ Enter a parse expression to create an “account” field that maps to the alias
 Now that you have set up collection for AWS EC2 metrics install the Sumo Logic app to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
 
 
-import AppInstall from '../../reuse/apps/app-install.md';
+import AppInstall from '../../reuse/apps/app-install-v2.md';
 
 <AppInstall/>
 
@@ -319,3 +319,32 @@ Use this dashboard to:
 * Monitor if an instance has passed the system status check at last minute
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/AWS-EC2-CW-Metrics/6.1.-AWS-EC2-Status-Check-CloudWatch-Metrics.png' alt="AWS EC2 Status Check (CloudWatch Metrics) dashboard" style={{border: '1px solid gray'}} width="800" />
+
+## Create monitors for AWS EC2 app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### AWS EC2 alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:-----|:------------|:----------------|:--|
+| `AWS EC2 CW - High CPU Utilization` | This alert fires when the average CPU utilization based on cloud watch metrics, within a 5 minute interval for an EC2 instance is high (>=85%). | Count > 85 | Count < = 85 |
+| `AWS EC2 CW - Status Check Failed` | This alert fires when there is a status check failures within a 5 minute interval for an EC2 instance. | Count > 0 | Count < = 0 |
+| `AWS EC2 - High Disk Utilization` | This alert fires when the average disk utilization within a 5 minute time interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+| `AWS EC2 - High Memory Utilization` | This alert fires when the average memory utilization within a 5 minute interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+| `AWS EC2 - High System CPU Utilization` | This alert fires when the average system CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+| `AWS EC2 - High Total CPU Utilization` | This alert fires when the average total CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+
+## Upgrade/Downgrade the AWS EC2 app (Optional)
+
+import AppUpdate from '../../reuse/apps/app-update.md';
+
+<AppUpdate/>
+
+## Uninstalling the AWS EC2 app (Optional)
+
+import AppUninstall from '../../reuse/apps/app-uninstall.md';
+
+<AppUninstall/>
@@ -117,11 +117,11 @@ You can also build your EC2 AMI machine image with these fields and settings. Fo
 Collectors running on AWS EC2 instances can optionally collect AWS Metadata such as EC2 tags to make it easier to search for Host Metrics. Only one AWS Metadata Source for Metrics is required to collect EC2 tags from multiple hosts. For more information, see [AWS Metadata Source for Metrics](/docs/send-data/hosted-collectors/amazon-aws/aws-metadata-tag-source).
 
 
-## Install the Host Metrics (EC2) App
+## Installing the Host Metrics (EC2) app
 
 Now that you have set up the collection for Host Metrics (EC2) metrics, install the Sumo Logic App to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
 
-import AppInstall from '../../reuse/apps/app-install.md';
+import AppInstall from '../../reuse/apps/app-install-v2.md';
 
 <AppInstall/>
 
@@ -207,3 +207,30 @@ Use this dashboard to:
 * Identify if any improvements need to be made to optimize TCP traffic by analyzing various TCP connection states.
 
 <img src={useBaseUrl('img/integrations/amazon-aws/AWS-EC2-Metrics-TCP-Host-Metrics.png')} alt="EC2 host metrics dashboard" />
+
+## Create monitors for Host Metrics (EC2) app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### Host Metrics (EC2) alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:-----|:------------|:----------------|:--|
+| `AWS EC2 - High System CPU Utilization` | This alert fires when the average system CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+| `AWS EC2 - High Total CPU Utilization` | This alert fires when the average total CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+| `AWS EC2 - High Memory Utilization` | This alert fires when the average memory utilization within a 5 minute interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+| `AWS EC2 - High Disk Utilization` | This alert fires when the average disk utilization within a 5 minute time interval for an EC2 instance is high (>=85%). | Count > = 85 | Count < 85 |
+
+## Upgrade/Downgrade the Host Metrics (EC2) app (Optional)
+
+import AppUpdate from '../../reuse/apps/app-update.md';
+
+<AppUpdate/>
+
+## Uninstalling the Host Metrics (EC2) app (Optional)
+
+import AppUninstall from '../../reuse/apps/app-uninstall.md';
+
+<AppUninstall/>