Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into donet_core_fix

Author: rishiilangomaran

articles/application-gateway/key-vault-certs.md

@@ -11,12 +11,9 @@ ms.author: victorh
 
 # SSL termination with Key Vault certificates
 
-[Azure Key Vault](../key-vault/key-vault-overview.md) is a platform-managed secret store that you can use to safeguard secrets, keys, and SSL certificates. Azure Application Gateway supports integration with Key Vault (in public preview) for server certificates that are attached to HTTPS-enabled listeners. This support is limited to the v2 SKU of Application Gateway.
+[Azure Key Vault](../key-vault/key-vault-overview.md) is a platform-managed secret store that you can use to safeguard secrets, keys, and SSL certificates. Azure Application Gateway supports integration with Key Vault for server certificates that are attached to HTTPS-enabled listeners. This support is limited to the v2 SKU of Application Gateway.
 
-> [!IMPORTANT]
-> Integration of Application Gateway with Key Vault is currently in public preview. This preview is provided without a service-level agreement (SLA) and isn't recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
-This public preview offers two models for SSL termination:
+Key Vault integration offers two models for SSL termination:
 
 - You can explicitly provide SSL certificates attached to the listener. This model is the traditional way to pass SSL certificates to Application Gateway for SSL termination.
 - You can optionally provide a reference to an existing Key Vault certificate or secret when you create an HTTPS-enabled listener.

articles/azure-monitor/app/opencensus-python-dependency.md

@@ -12,7 +12,7 @@ ms.date: 10/15/2019
 
 # Track dependencies with OpenCensus Python
 
-A dependency is an external component that is called by your application. Dependency data is collected using OpenCensus Python and its various integrations. The data is then sent to Application Insights under Azure Monitor.
+A dependency is an external component that is called by your application. Dependency data is collected using OpenCensus Python and its various integrations. The data is then sent to Application Insights under Azure Monitor as `dependencies` telemetry.
 
 First, instrument your Python application with latest [OpenCensus Python SDK](../../azure-monitor/app/opencensus-python.md).
 

articles/azure-monitor/app/opencensus-python-request.md

@@ -0,0 +1,136 @@
+---
+title: Incoming Request Tracking in Azure Application Insights with OpenCensus Python | Microsoft Docs
+description: Monitor request calls for your Python apps via OpenCensus Python.
+ms.service:  azure-monitor
+ms.subservice: application-insights
+ms.topic: conceptual
+author: lzchen
+ms.author: lechen
+ms.date: 10/15/2019
+
+---
+
+# Track incoming requests with OpenCensus Python
+
+Incoming request data is collected using OpenCensus Python and its various integrations. Track incoming request data sent to your web applications built on top of the popular web frameworks `django`, `flask` and `pyramid`. The data is then sent to Application Insights under Azure Monitor as `requests` telemetry.
+
+First, instrument your Python application with latest [OpenCensus Python SDK](../../azure-monitor/app/opencensus-python.md).
+
+## Tracking Django applications
+
+1. Download and install `opencensus-ext-django` from [PyPI](https://pypi.org/project/opencensus-ext-django/) and instrument your application with the `django` middleware. Incoming requests sent to your `django` application will be tracked.
+
+2. Include `opencensus.ext.django.middleware.OpencensusMiddleware` in your `settings.py` file under `MIDDLEWARE`.
+
+    ```python
+    MIDDLEWARE = (
+        ...
+        'opencensus.ext.django.middleware.OpencensusMiddleware',
+        ...
+    )
+    ```
+
+3. Make sure AzureExporter is properly configured in your `settings.py` under `OPENCENSUS`.
+
+    ```python
+    OPENCENSUS = {
+        'TRACE': {
+            'SAMPLER': 'opencensus.trace.samplers.ProbabilitySampler(rate=0.5)',
+            'EXPORTER': '''opencensus.ext.azure.trace_exporter.AzureExporter(
+                service_name='foobar',
+            )''',
+        }
+    }
+    ```
+
+4. You can also add urls to `settings.py` under `BLACKLIST_PATHS` for requests that you do not want to track.
+
+    ```python
+    OPENCENSUS = {
+        'TRACE': {
+            'SAMPLER': 'opencensus.trace.samplers.ProbabilitySampler(rate=0.5)',
+            'EXPORTER': '''opencensus.ext.azure.trace_exporter.AzureExporter(
+                service_name='foobar',
+            )''',
+            'BLACKLIST_PATHS': 'https://example.com',  <--- This site will not be traced if a request is sent from it.
+        }
+    }
+    ```
+
+## Tracking Flask applications
+
+1. Download and install `opencensus-ext-flask` from [PyPI](https://pypi.org/project/opencensus-ext-flask/) and instrument your application with the `flask` middleware. Incoming requests sent to your `flask` application will be tracked.
+
+    ```python
+    
+    from flask import Flask
+    from opencensus.ext.azure.trace_exporter import AzureExporter
+    from opencensus.ext.flask.flask_middleware import FlaskMiddleware
+    from opencensus.trace.samplers import ProbabilitySampler
+    
+    app = Flask(__name__)
+    middleware = FlaskMiddleware(
+        app,
+        exporter=AzureExporter(connection_string="InstrumentationKey=<your-ikey-here>"),
+        sampler=ProbabilitySampler(rate=1.0),
+    )
+    
+    @app.route('/')
+    def hello():
+        return 'Hello World!'
+    
+    if __name__ == '__main__':
+        app.run(host='localhost', port=8080, threaded=True)
+    
+    ```
+
+2. You can configure your `flask` middleware directly in the code. For requests from urls that you do not wish to track, add them to `BLACKLIST_PATHS`.
+
+    ```python
+    app.config['OPENCENSUS'] = {
+        'TRACE': {
+            'SAMPLER': 'opencensus.trace.samplers.ProbabilitySampler(rate=1.0)',
+            'EXPORTER': '''opencensus.ext.azure.trace_exporter.AzureExporter(
+                service_name='foobar',
+            )''',
+            'BLACKLIST_PATHS': 'https://example.com',  <--- This site will not be traced if a request is sent to it.
+        }
+    }
+    ```
+
+## Tracking Pyramid applications
+
+1. Download and install `opencensus-ext-django` from [PyPI](https://pypi.org/project/opencensus-ext-pyramid/) and instrument your application with the `pyramid` tween. Incoming requests sent to your `pyramid` application will be tracked.
+
+    ```python
+    def main(global_config, **settings):
+        config = Configurator(settings=settings)
+    
+        config.add_tween('opencensus.ext.pyramid'
+                         '.pyramid_middleware.OpenCensusTweenFactory')
+    ```
+
+2. You can configure your `pyramid` tween directly in the code. For requests from urls that you do not wish to track, add them to `BLACKLIST_PATHS`.
+
+    ```python
+    settings = {
+        'OPENCENSUS': {
+            'TRACE': {
+                'SAMPLER': 'opencensus.trace.samplers.ProbabilitySampler(rate=1.0)',
+                'EXPORTER': '''opencensus.ext.azure.trace_exporter.AzureExporter(
+                    service_name='foobar',
+                )''',
+                'BLACKLIST_PATHS': 'https://example.com',  <--- This site will not be traced if a request is sent to it.
+            }
+        }
+    }
+    config = Configurator(settings=settings)
+    ```
+
+## Next steps
+
+* [Application Map](../../azure-monitor/app/app-map.md)
+* [Availability](../../azure-monitor/app/monitor-web-app-availability.md)
+* [Search](../../azure-monitor/app/diagnostic-search.md)
+* [Log (Analytics) query](../../azure-monitor/log-query/log-query-overview.md)
+* [Transaction diagnostics](../../azure-monitor/app/transaction-diagnostics.md)

articles/azure-monitor/app/opencensus-python.md

@@ -20,8 +20,6 @@ Azure Monitor supports distributed tracing, metric collection, and logging of Py
 - An Azure subscription. If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/) before you begin.
 - Python installation. This article uses [Python 3.7.0](https://www.python.org/downloads/), though earlier versions will likely work with minor changes.
 
-
-
 ## Sign in to the Azure portal
 
 Sign in to the [Azure portal](https://portal.azure.com/).
@@ -52,6 +50,8 @@ Install the OpenCensus Azure Monitor exporters:
 python -m pip install opencensus-ext-azure
 ```
 
+For a full list of packages and integrations, see [OpenCensus packages](https://docs.microsoft.com/azure/azure-monitor/app/nuget#common-packages-for-python-using-opencensus).
+
 > [!NOTE]
 > The `python -m pip install opencensus-ext-azure` command assumes that you have a `PATH` environment variable set for your Python installation. If you haven't configured this variable, you need to give the full directory path to where your Python executable is located. The result is a command like this: `C:\Users\Administrator\AppData\Local\Programs\Python\Python37-32\python.exe -m pip install opencensus-ext-azure`.
 
@@ -124,6 +124,10 @@ The SDK uses three Azure Monitor exporters to send different types of telemetry
 
 4. Now when you run the Python script, you should still be prompted to enter values, but only the value is being printed in the shell. The created `SpanData` will be sent to Azure Monitor. You can find the emitted span data under `dependencies`.
 
+5. For information on sampling in OpenCensus, take a look at [sampling in OpenCensus](https://docs.microsoft.com/azure/azure-monitor/app/sampling#configuring-fixed-rate-sampling-in-opencensus-python).
+
+6. For details on telemetry correlation in your trace data, take a look at OpenCensus [telemetry correlation](https://docs.microsoft.com/azure/azure-monitor/app/correlation#telemetry-correlation-in-opencensus-python).
+
 ### Metrics
 
 1. First, let's generate some local metric data. We'll create a simple metric to track the number of times the user presses Enter.
@@ -288,6 +292,8 @@ The SDK uses three Azure Monitor exporters to send different types of telemetry
 
 4. The exporter will send log data to Azure Monitor. You can find the data under `traces`.
 
+5. For details on how to enrich your logs with trace context data, see OpenCensus Python [logs integration](https://docs.microsoft.com/azure/azure-monitor/app/correlation#logs-correlation).
+
 ## Start monitoring in the Azure portal
 
 1. You can now reopen the Application Insights **Overview** pane in the Azure portal, to view details about your currently running application. Select **Live Metrics Stream**.

articles/azure-monitor/toc.yml

@@ -318,6 +318,8 @@
           href: app/opencensus-python.md
         - name: Dependencies 
           href: app/opencensus-python-dependency.md
+        - name: Requests 
+          href: app/opencensus-python-request.md
       - name: Web pages
         items:
         - name: Client-side JavaScript

articles/firewall/threat-intel.md

@@ -5,20 +5,17 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: article
-ms.date: 3/11/2019
+ms.date: 11/05/2019
 ms.author: victorh
 ---
 
-# Azure Firewall threat intelligence-based filtering - Public Preview
+# Azure Firewall threat intelligence-based filtering
 
 Threat intelligence-based filtering can be enabled for your firewall to alert and deny traffic from/to known malicious IP addresses and domains. The IP addresses and domains are sourced from the Microsoft Threat Intelligence feed. [Intelligent Security Graph](https://www.microsoft.com/en-us/security/operations/intelligence) powers Microsoft threat intelligence and is used by multiple services including Azure Security Center.
 
 ![Firewall threat intelligence](media/threat-intel/firewall-threat.png)
 
-> [!IMPORTANT]
-> Threat intelligence based filtering is currently in public preview and is provided with a preview service level agreement. Certain features may not be supported or may have constrained capabilities.  See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for details.
-
-If threat intelligence-based filtering is enabled, the associated rules are processed before any of the NAT rules, network rules, or application rules. During the preview, only highest confidence records are included.
+If you've enabled threat intelligence-based filtering, the associated rules are processed before any of the NAT rules, network rules, or application rules.
 
 You can choose to just log an alert when a rule is triggered, or you can choose alert and deny mode.
 
@@ -46,7 +43,7 @@ The following log excerpt shows a triggered rule:
 
 - **Outbound testing** - Outbound traffic alerts should be a rare occurrence, as it means that your environment has been compromised. To help test outbound alerts are working, a test FQDN has been created that triggers an alert. Use **testmaliciousdomain.eastus.cloudapp.azure.com** for your outbound tests.
 
-- **Inbound testing** - You can expect to see alerts on incoming traffic if DNAT rules are configured on the firewall. This is true even if only specific sources are allowed on the DNAT rule and traffic is otherwise denied. Azure Firewall does not alert on all known port scanners; only on scanners that are known to also engage in malicious activity.
+- **Inbound testing** - You can expect to see alerts on incoming traffic if DNAT rules are configured on the firewall. This is true even if only specific sources are allowed on the DNAT rule and traffic is otherwise denied. Azure Firewall doesn't alert on all known port scanners; only on scanners that are known to also engage in malicious activity.
 
 ## Next steps
 

articles/search/TOC.yml

@@ -195,6 +195,8 @@
       href: search-blob-storage-integration.md
     - name: Set up a blob indexer
       href: search-howto-indexing-azure-blob-storage.md
+    - name: Set up an Azure Data Lake Storage Gen2 indexer
+      href: search-howto-index-azure-data-lake-storage.md
     - name: Index one-to-many blobs
       href: search-howto-index-one-to-many-blobs.md
     - name: Index CSV blobs

articles/search/search-api-preview.md

@@ -20,7 +20,7 @@ This article describes the `api-version=2019-05-06-Preview` version of Search se
 
 ## New in 2019-05-06-Preview
 
-[**Incremental indexing](cognitive-search-incremental-indexing-conceptual.md) is a new mode for indexing that adds state and caching, allowing you to reuse existing output when data, indexer, and skillset definitions are unchanged. This feature applies only to enrichments through a cognitive skillset.
+[**Incremental indexing**](cognitive-search-incremental-indexing-conceptual.md) is a new mode for indexing that adds state and caching, allowing you to reuse existing output when data, indexer, and skillset definitions are unchanged. This feature applies only to enrichments through a cognitive skillset.
 
 [**Knowledge store**](knowledge-store-concept-intro.md) is a new destination of an AI-based enrichment pipeline. In addition to an index, you can now persist populated data structures created during indexing in Azure storage. You control the physical structures of your data through elements in a Skillset, including how data is shaped, whether data is stored in Table storage or Blob storage, and whether there are multiple views.
 
@@ -31,8 +31,9 @@ This article describes the `api-version=2019-05-06-Preview` version of Search se
 Features announced in earlier previews are still in public preview. If you're calling an API with an earlier preview api-version, you can continue to use that version or switch to `2019-05-06-Preview` with no changes to expected behavior.
 
 + [moreLikeThis query parameter](search-more-like-this.md) finds documents that are relevant to a specific document. This feature has been in earlier previews. 
-* [CSV blob indexing](search-howto-index-csv-blobs.md) creates one document per line, as opposed to one document per text blob.
-* [MongoDB API support for Cosmos DB indexers](search-howto-index-cosmosdb.md) is in preview.
++ [CSV blob indexing](search-howto-index-csv-blobs.md) creates one document per line, as opposed to one document per text blob.
++ [Cosmos DB indexer](search-howto-index-cosmosdb.md) supports MongoDB API, Gremlin API, and Cassandra API.
++ [Azure Data Lake Storage Gen2 indexer](search-howto-index-azure-data-lake-storage.md) can index content and metadata from Data Lake Storage Gen2.
 
 
 ## How to call a preview API

articles/search/search-howto-index-azure-data-lake-storage.md

@@ -0,0 +1,44 @@
+---
+title: Indexing documents in Azure Data Lake Storage Gen2 (preview)
+titleSuffix: Azure Cognitive Search
+description: Learn how to index content and metadata in Azure Data Lake Storage Gen2.
+
+manager: nitinme
+author: markheff
+ms.author: maheff
+ms.devlang: rest-api
+ms.service: cognitive-search
+ms.topic: conceptual
+ms.date: 11/04/2019
+---
+
+# Indexing documents in Azure Data Lake Storage Gen2 (preview)
+
+When setting up an Azure storage account, you have the option to enable [hierarchical namespace](https://docs.microsoft.com/azure/storage/blobs/data-lake-storage-namespace). This allows the collection of content in an account to be organized into a hierarchy of directories and nested subdirectories. By enabling hierarchical namespace, you enable [Azure Data Lake Storage Gen2](https://docs.microsoft.com/azure/storage/blobs/data-lake-storage-introduction).
+
+This article describes how to get started with indexing documents that are in Azure Data Lake Storage Gen2.
+
+> [!Note]
+> The Azure Data Lake Storage Gen2 indexer is in preview and is not intended for production use.
+
+## Set up Azure Data Lake Storage Gen2 indexer
+
+There are a few steps you'll need to complete to index content from Data Lake Storage Gen2.
+
+### Step 1: Sign up for the preview
+
+Sign up for the Data Lake Storage Gen2 indexer preview by filling out [this form](https://aka.ms/azure-cognitive-search/indexer-preview). You will receive a confirmation email once you have been accepted into the preview.
+
+### Step 2: Follow the Azure Blob storage indexing setup steps
+
+Once you've received confirmation that your preview sign-up was successful, you're ready to create the indexing pipeline.
+
+You can index content and metadata from Data Lake Storage Gen2 by using the [REST API version 2019-05-06-Preview](search-api-preview.md). There is no .NET SDK support at this time.
+
+Indexing content in Data Lake Storage Gen2 is identical to indexing content in Azure Blob storage. So to understand how to set up the Data Lake Storage Gen2 data source, index, and indexer, refer to [How to index documents in Azure Blob Storage with Azure Cognitive Search](search-howto-indexing-azure-blob-storage.md). The Blob storage article also provides information about what document formats are supported, what blob metadata properties are extracted, incremental indexing, and more. This information will be the same for Data Lake Storage Gen2.
+
+## Access control
+
+Azure Data Lake Storage Gen2 implements an [access control model](https://docs.microsoft.com/azure/storage/blobs/data-lake-storage-access-control) that supports both Azure role-based access control (RBAC) and POSIX-like access control lists (ACLs). When indexing content from Data Lake Storage Gen2, Azure Cognitive Search will not extract the RBAC and ACL information from the content. As a result, this information will not be included in your Azure Cognitive Search index.
+
+If maintaining access control on each document in the index is important, it is up to the application developer to implement [security trimming](https://docs.microsoft.com/azure/search/search-security-trimming-for-azure-search).