Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into rolyon-aadroles-roles-october

Author: rolyon

articles/app-service/environment/networking.md

@@ -3,7 +3,7 @@ title: App Service Environment networking
 description: App Service Environment networking details
 author: madsd
 ms.topic: overview
-ms.date: 07/21/2023
+ms.date: 10/02/2023
 ms.author: madsd
 ---
 
@@ -121,7 +121,7 @@ For more information about Private Endpoint and Web App, see [Azure Web App Priv
 
 ## DNS
 
-The following sections describe the DNS considerations and configuration that apply inbound to and outbound from your App Service Environment. The examples use the domain suffix `appserviceenvironment.net` from Azure Public Cloud. If you're using other clouds like Azure Government, you need to use their respective domain suffix.
+The following sections describe the DNS considerations and configuration that apply inbound to and outbound from your App Service Environment. The examples use the domain suffix `appserviceenvironment.net` from Azure Public Cloud. If you're using other clouds like Azure Government, you need to use their respective domain suffix. Note that for App Service Environment domains, the site name will be truncated at 40 characters because of DNS limits. If you have a slot, the slot name will be truncated at 19 characters.
 
 ### DNS configuration to your App Service Environment
 

articles/communication-services/concepts/voice-video-calling/data-channel.md

@@ -142,5 +142,5 @@ These measures are in place to prevent flooding when a significant number of par
 ## Next steps
 For more information, see the following articles:
 
-- Learn about [QuickStart - Add messaging to your calling app](../../quickstarts/voice-video-calling/get-started-data-channel.md)
+- Learn about [QuickStart - Add data channel to your calling app](../../quickstarts/voice-video-calling/get-started-data-channel.md)
 - Learn more about [Calling SDK capabilities](../../quickstarts/voice-video-calling/getting-started-with-calling.md)

articles/cosmos-db/mongodb/vcore/vector-search.md

@@ -122,11 +122,17 @@ To perform a vector search, use the `$search` aggregation pipeline stage in a Mo
         "vector": <vector_to_search>,
         "path": "<path_to_property>",
         "k": <num_results_to_return>
-      }
-    ...
+      },
+      "returnStoredSource": True }},
+  {
+    "$project": { "<custom_name_for_similarity_score>": {
+           "$meta": "searchScore" },
+            "document" : "$$ROOT"
+        }
   }
 }
 ```
+To retrieve the similarity score (`searchScore`) along with the documents found by the vector search, use the `$project` operator to include `searchScore` and rename it as `<custom_name_for_similarity_score>` in the results. Then the document is also projected as nested object. Note that the similarity score is calculated using the metric defined in the vector index.
 
 ### Query a vector index by using $search
 
@@ -142,8 +148,12 @@ db.exampleCollection.aggregate([
         "path": "vectorContent",
         "k": 2
       },
-    "returnStoredSource": true
-    }
+    "returnStoredSource": true }},
+  {
+    "$project": { "similarityScore": {
+           "$meta": "searchScore" },
+            "document" : "$$ROOT"
+        }
   }
 ]);
 ```
@@ -153,16 +163,22 @@ In this example, a vector search is performed by using `queryVector` as an input
 ```javascript
 [
   {
-    _id: ObjectId("645acb54413be5502badff94"),
-    name: 'Eugenia Lopez',
-    bio: 'Eugenia is the CEO of AdvenureWorks.',
-    vectorContent: [ 0.51, 0.12, 0.23 ]
+    similarityScore: 0.9465376,
+    document: {
+      _id: ObjectId("645acb54413be5502badff94"),
+      name: 'Eugenia Lopez',
+      bio: 'Eugenia is the CEO of AdvenureWorks.',
+      vectorContent: [ 0.51, 0.12, 0.23 ]
+    }
   },
   {
-    _id: ObjectId("645acb54413be5502badff97"),
-    name: 'Rory Nguyen',
-    bio: 'Rory Nguyen is the founder of AdventureWorks and the president of the Our Planet initiative.',
-    vectorContent: [ 0.91, 0.76, 0.83 ]
+    similarityScore: 0.9006955,
+    document: {
+      _id: ObjectId("645acb54413be5502badff97"),
+      name: 'Rory Nguyen',
+      bio: 'Rory Nguyen is the founder of AdventureWorks and the president of the Our Planet initiative.',
+      vectorContent: [ 0.91, 0.76, 0.83 ]
+    }
   }
 ]
 ```

articles/iot-hub/iot-hub-automatic-device-management.md

@@ -151,7 +151,7 @@ To view the details of a configuration and monitor the devices running it, use t
 
 1. In the [Azure portal](https://portal.azure.com), go to your IoT hub. 
 
-2. Select **Configurations ** in Device management.
+2. Select **Configurations** in Device management.
 
 3. Inspect the configuration list. For each configuration, you can view the following details:
 

articles/key-vault/general/soft-delete-overview.md

@@ -59,7 +59,7 @@ Permanently deleting, purging, a key vault is possible via a POST operation on t
 
 Exceptions are:
 - When the Azure subscription has been marked as *undeletable*. In this case, only the service may then perform the actual deletion, and does so as a scheduled process. 
-- When the `--enable-purge-protection` argument is enabled on the vault itself. In this case, Key Vault will wait for 90 days from when the original secret object was marked for deletion to permanently delete the object.
+- When the `--enable-purge-protection` argument is enabled on the vault itself. In this case, Key Vault will wait for 7 to 90 days from when the original secret object was marked for deletion to permanently delete the object.
 
 For steps, see [How to use Key Vault soft-delete with CLI: Purging a key vault](./key-vault-recovery.md?tabs=azure-cli#key-vault-cli) or [How to use Key Vault soft-delete with PowerShell: Purging a key vault](./key-vault-recovery.md?tabs=azure-powershell#key-vault-powershell).
 

articles/sentinel/TOC.yml

@@ -749,6 +749,8 @@
         href: data-connectors/wirex-network-forensics-platform.md
       - name: WithSecure Elements via Connector
         href: data-connectors/withsecure-elements-via-connector.md
+      - name: Wiz
+        href: data-connectors/wiz.md
       - name: Workplace from Facebook (using Azure Functions)
         href: data-connectors/workplace-from-facebook-using-azure-function.md
       - name: Zero Networks Segment Audit

articles/sentinel/data-connectors-reference.md

@@ -657,6 +657,10 @@ Data connectors are available as part of the following offerings:
 
 - [WithSecure Elements via Connector](data-connectors/withsecure-elements-via-connector.md)
 
+## Wiz, Inc.
+
+- [Wiz](data-connectors/wiz.md)
+
 ## ZERO NETWORKS LTD
 
 - [Zero Networks Segment Audit](data-connectors/zero-networks-segment-audit.md)

articles/sentinel/data-connectors/wiz.md

@@ -0,0 +1,87 @@
+---
+title: "Wiz connector for Microsoft Sentinel"
+description: "Learn how to install the connector Wiz to connect your data source to Microsoft Sentinel."
+author: cwatson-cat
+ms.topic: how-to
+ms.date: 09/26/2023
+ms.service: microsoft-sentinel
+ms.author: cwatson
+---
+
+# Wiz connector for Microsoft Sentinel
+
+The Wiz connector allows you to easily send Wiz Issues, Vulnerability Findinsg, and Audit logs to Microsoft Sentinel.
+
+## Connector attributes
+
+| Connector attribute | Description |
+| --- | --- |
+| **Log Analytics table(s)** | WizIssues_CL<br/> WizVulnerabilities_CL<br/> WizAuditLogs_CL<br/> |
+| **Data collection rules support** | Not currently supported |
+| **Supported by** | [Wiz](https://support.wiz.io/) |
+
+## Query samples
+
+**Summary by Issues's severity**
+   ```kusto
+WizIssues_CL
+            
+   | summarize Count=count() by severity_s
+   ```
+
+
+
+## Prerequisites
+
+To integrate with Wiz make sure you have: 
+
+- **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](/azure/azure-functions/).
+- **Wiz Service Account credentials**: Ensure you have your Wiz service account client ID and client secret, API endpoint URL, and auth URL. Instructions can be found on [Wiz documentation](https://docs.wiz.io/wiz-docs/docs/azure-sentinel-native-integration#collect-authentication-info-from-wiz).
+
+
+## Vendor installation instructions
+
+
+> [!NOTE]
+   >  This connector: Uses Azure Functions to connect to Wiz API to pull Wiz Issues, Vulnerability Findings, and Audit Logs into Microsoft Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details.
+Creates an Azure Key Vault with all the required parameters stored as secrets.
+
+STEP 1 - Get your Wiz credentials
+
+
+Follow the instructions on [Wiz documentation](https://docs.wiz.io/wiz-docs/docs/azure-sentinel-native-integration#collect-authentication-info-from-wiz) to get the erquired credentials.
+
+STEP 2 - Deploy the connector and the associated Azure Function
+
+
+>**IMPORTANT:** Before deploying the Wiz Connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Wiz credentials from the previous step.
+
+
+
+Option 1: Deploy using the Azure Resource Manager (ARM) Template
+
+1. Click the **Deploy to Azure** button below. 
+
+	[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-wiz-azuredeploy) 
+2. Select the preferred **Subscription**, **Resource Group** and **Location**. 
+3. Enter the following parameters: 
+> - Choose **KeyVaultName** and **FunctionName** for the new resources 
+ >- Enter the following Wiz credentials from step 1: **WizAuthUrl**, **WizEndpointUrl**, **WizClientId**, and **WizClientSecret** 
+>- Enter the Workspace credentials **AzureLogsAnalyticsWorkspaceId** and **AzureLogAnalyticsWorkspaceSharedKey**
+>- Choose the Wiz data types you want to send to Microsoft Sentinel, choose at least one from **Wiz Issues**, **Vulnerability Findings**, and **Audit Logs**.
+ 
+>- (optional) follow [Wiz documentation](https://docs.wiz.io/wiz-docs/docs/azure-sentinel-native-integration#optional-create-a-filter-for-wiz-queries) to add **IssuesQueryFilter**, **VulnerbailitiesQueryFilter**, and **AuditLogsQueryFilter**.
+ 
+4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. 
+5. Click **Purchase** to deploy.
+
+
+Option 2: Manual Deployment of the Azure Function
+
+>Follow [Wiz documentation](https://docs.wiz.io/wiz-docs/docs/azure-sentinel-native-integration#manual-deployment) to deploy the connector manually.
+
+
+
+## Next steps
+
+For more information, go to the [related solution](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/wizinc1627338511749.wizinc1627338511749_wiz_mss-sentinel?tab=Overview) in the Azure Marketplace.