SumoLogic · Apoorvkudesia-sumologic · Feb 5, 2026 · Feb 5, 2026
@@ -365,6 +365,24 @@ Use this dashboard to:
 
 <img src={useBaseUrl('img/integrations/sumo-apps/EA_SAML_Activities.png')} alt="test" />
 
+## Create monitors for the Sumo Logic Enterprise Audit app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### Enterprise Audit - Collector and Data Forwarding Management App alerts
+
+| Name  | Description  | Alert Condition | Recover Condition |
+|:--|:--|:--|:--|
+| `Enterprise Audit - Collector Deleted or Deregistered`  | This alert is triggered when a collector is deleted or deregistered.   | Count >= 1  | Count < 1   |
+| `Enterprise Audit - Collector Source Synchronization Failures`  | This alert is triggered when collector source synchronization failures are detected. | Count > 2   | Count < = 2   |
+| `Enterprise Audit - Collector Upgrade Failed`  | This alert is triggered when collector upgrade failure is detected. | Count >= 1  | Count < 1 |
+| `Enterprise Audit - Data Forwarding Destination Deleted Alert`   | This alert is triggered when one or more data forwarding destination is deleted.  | Count > 0   | Count < = 0  |
+| `Enterprise Audit - Data Forwarding Index Deactivation Alert`  | This alert is triggered when data forwarding index deactivation is detected. | Count > 0   | Count < = 0   |
+| `Enterprise Audit - Data Forwarding S3 Unencrypted Destination Created`  | This alert is triggered when a unencrypted data forwarding destination is created for S3.  | Count > = 1  | Count < 1  |
+
+
 ## Upgrade/Downgrade the Enterprise Audit apps (Optional)
 
 import AppUpdate from '../../reuse/apps/app-update.md';
@@ -375,4 +393,4 @@ import AppUpdate from '../../reuse/apps/app-update.md';
 
 import AppUninstall from '../../reuse/apps/app-uninstall.md';
 
-<AppUninstall/>
+<AppUninstall/>