Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into logrhythm

batamig · batamig · commit 7d3a5d5ad385 · 2022-08-03T17:20:51.000+03:00
diff --git a/articles/container-apps/overview.md b/articles/container-apps/overview.md
@@ -48,13 +48,13 @@ With Azure Container Apps, you can:
 
 - [**Run containers from any registry**](containers.md), public or private, including Docker Hub and Azure Container Registry (ACR).
 
-- [**Use the Azure CLI extension or ARM templates**](get-started.md) to manage your applications.
+- [**Use the Azure CLI extension, Azure portal or ARM templates**](get-started.md) to manage your applications.
 
 - [**Provide an existing virtual network**](vnet-custom.md) when creating an environment for your container apps.
 
 - [**Securely manage secrets**](manage-secrets.md) directly in your application.
 
-- [**View application logs**](monitor.md) using Azure Log Analytics.
+- [**Monitor your apps**](monitor.md) using Azure Log Analytics.
 
 <sup>1</sup> Applications that [scale on CPU or memory load](scale-app.md) can't scale to zero.
 
diff --git a/articles/defender-for-cloud/defender-for-sql-usage.md b/articles/defender-for-cloud/defender-for-sql-usage.md
@@ -30,7 +30,7 @@ Microsoft Defender for SQL servers on machines extends the protections for your
     - [Connect your GCP project to Microsoft Defender for Cloud](quickstart-onboard-gcp.md)
 
     > [!NOTE]
-    > Enable database protection for your multicloud SQL servers through the AWS connector](quickstart-onboard-aws.md?pivots=env-settings#connect-your-aws-account) or the [GCP connector](quickstart-onboard-gcp.md?pivots=env-settings#configure-the-databases-plan).
+    > Enable database protection for your multicloud SQL servers through the [AWS connector](quickstart-onboard-aws.md?pivots=env-settings#connect-your-aws-account) or the [GCP connector](quickstart-onboard-gcp.md?pivots=env-settings#configure-the-databases-plan).
 
 This plan includes functionality for identifying and mitigating potential database vulnerabilities and detecting anomalous activities that could indicate threats to your databases.
 
@@ -44,8 +44,7 @@ Learn more about [vulnerability assessment for Azure SQL servers on machines](de
 |----|:----|
 |Release state:|General availability (GA)|
 |Pricing:|**Microsoft Defender for SQL servers on machines** is billed as shown on the [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/)|
-|Protected SQL versions:|[SQL Server versions currently supported by Microsoft](/mem/configmgr/core/plan-design/configs/support-for-sql-server-versions) in:
-<br>- [SQL on Azure virtual machines](/azure/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview)<br>- [SQL Server on Azure Arc-enabled servers](/sql/sql-server/azure-arc/overview)<br>- On-premises SQL servers on Windows machines without Azure Arc<br>|
+|Protected SQL versions:|[SQL Server versions currently supported by Microsoft](/mem/configmgr/core/plan-design/configs/support-for-sql-server-versions) in: <br>- [SQL on Azure virtual machines](/azure/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview)<br>- [SQL Server on Azure Arc-enabled servers](/sql/sql-server/azure-arc/overview)<br>- On-premises SQL servers on Windows machines without Azure Arc<br>|
 |Clouds:|:::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Azure Government<br>:::image type="icon" source="./media/icons/no-icon.png"::: Azure China 21Vianet|
 
 ## Set up Microsoft Defender for SQL servers on machines
diff --git a/articles/defender-for-cloud/multicloud.yml b/articles/defender-for-cloud/multicloud.yml
@@ -34,7 +34,11 @@ landingContent:
             url: quickstart-onboard-machines.md?pivots=azure-arc
           - text: Enable enhanced security for your multicloud resources
             url: enable-enhanced-security.md
-
+      - linkListType: reference
+        links:
+          - text: Troubleshooting multicloud connectors
+            url: troubleshooting-guide.md#troubleshooting-the-native-multicloud-connector
+            
   # Card
   - title: Defend Amazon AWS resources
     linkLists:
@@ -55,7 +59,7 @@ landingContent:
           - text: Enable Defender for Containers for your AWS EKS containers
             url: defender-for-containers-enable.md?tabs=aks-deploy-portal%2Ck8s-deploy-asc%2Ck8s-verify-asc%2Ck8s-remove-arc%2Caks-removeprofile-api&pivots=defender-for-container-eks
           - text: Enable Defender for SQL servers for your AWS SQL databases
-            url: defender-for-sql-introduction.md
+            url: defender-for-sql-usage.md
       - linkListType: how-to-guide
         links:
           - text: Secure your AWS management ports with just-in-time access
@@ -99,7 +103,7 @@ landingContent:
           - text: Enable Defender for Containers for your GCP GKE containers
             url: defender-for-containers-enable.md?tabs=aks-deploy-portal%2Ck8s-deploy-asc%2Ck8s-verify-asc%2Ck8s-remove-arc%2Caks-removeprofile-api&pivots=defender-for-container-gke
           - text: Enable Defender for SQL servers for your GCP SQL databases
-            url: defender-for-sql-introduction.md
+            url: defender-for-sql-usage.md
       - linkListType: how-to-guide
         links:
           - text: Create custom assessments and standards for GCP workloads
@@ -111,4 +115,4 @@ landingContent:
       # - linkListType: reference
       #   links:
       #     - text: Security recommendations for GCP resources
-      #       url: recommendations-reference-gcp.md
+      #       url: recommendations-reference-gcp.md
diff --git a/articles/defender-for-iot/organizations/TOC.yml b/articles/defender-for-iot/organizations/TOC.yml
@@ -106,6 +106,8 @@
     items:
     - name: Overview
       href: integrate-overview.md
+    - name: ArcSight
+      href: integrations/arcsight.md
     - name: Integrate ClearPass
       href: tutorial-clearpass.md
     - name: Integrate CyberArk
diff --git a/articles/defender-for-iot/organizations/integrate-overview.md b/articles/defender-for-iot/organizations/integrate-overview.md
@@ -16,6 +16,7 @@ The following table lists available integrations for Microsoft Defender for IoT,
 
 |Partner service  |Description | Learn more  |
 |---------|---------|---------|
+| **ArcSight** | Forward Defender for IoT alerts to ArcSight. | [Integrate ArcSight with Microsoft Defender for IoT](integrations/arcsight.md) |
 |**Aruba ClearPass**     | Share Defender for IoT data with ClearPass Security Exchange and update the ClearPass Policy Manager Endpoint Database with Defender for IoT data. | [Integrate ClearPass with Microsoft Defender for IoT](tutorial-clearpass.md)       |
 |**CyberArk**     | Send CyberArk PSM syslog data on remote sessions and verification failures to Defender for IoT for data correlation.   | [Integrate CyberArk with Microsoft Defender for IoT](tutorial-cyberark.md)       |
 |**Forescout**     | Automate actions in Forescout based on activity detected by Defender for IoT, and correlate Defender for IoT data with other *Forescout eyeExtended* modules that oversee monitoring, incident management, and device control.  | [Integrate Forescout with Microsoft Defender for IoT](tutorial-forescout.md)      |
diff --git a/articles/defender-for-iot/organizations/integrations/arcsight.md b/articles/defender-for-iot/organizations/integrations/arcsight.md
@@ -0,0 +1,57 @@
+---
+title: Integrate ArcSight with Microsoft Defender for IoT
+description: Learn how to send Microsoft Defender for IoT alerts to ArcSight.
+ms.topic: how-to
+ms.date: 08/02/2022
+---
+
+# Integrate ArcSight with Microsoft Defender for IoT
+
+This article describes how to send Microsoft Defender for IoT alerts to ArcSight. Integrating Defender for IoT with ArcSight provides visibility into the security and resiliency of OT networks and a unified approach to IT and OT security.
+
+## Prerequisites
+
+Before you begin, make sure that you have the following prerequisites:
+
+- Access to a Defender for IoT OT sensor as an Admin user.
+
+## Configure the ArcSight receiver type
+
+To configure your ArcSight server settings so that it can receive Defender for IoT alert information:
+
+1. Sign in to your ArcSight server.
+1. Configure your receiver type as a **CEF UDP Receiver**.
+
+For more information, see the [ArcSight SmartConnectors Documentation](https://www.microfocus.com/documentation/arcsight/arcsight-smartconnectors/#gsc.tab=0).
+
+## Create a Defender for IoT forwarding rule
+
+This procedure describes how to create a forwarding rule from your OT sensor to send Defender for IoT alerts from that sensor to ArcSight.
+
+For more information, see [Forward alert information](../how-to-forward-alert-information-to-partners.md).
+
+1. Sign in to your OT sensor console and select **Forwarding** on the left.
+
+1. Enter a meaningful name for your rule, and then define your rule details, including:
+
+    - The minimal alert level. For example, if you select Minor, you are notified about all minor, major and critical incidents.
+    - The protocols you want to include in the rule.
+    - The traffic you want to include in the rule.
+
+1. In the **Actions** area, define the following values:
+
+    - **Server**: Select **ArcSight**
+    - **Host**: The ArcSight server address
+    - **Port**: The ArcSight server port
+    - **Timezone**: The timezone of the ArcSight server
+
+1. Select **Save** to save your forwarding rule.
+
+## Next steps
+
+For more information, see:
+
+- [Integrations with partner services](../integrate-overview.md)
+- [Forward alert information](../how-to-forward-alert-information-to-partners.md)
+- [Manage individual sensors](../how-to-manage-individual-sensors.md)
+
diff --git a/articles/firewall/firewall-performance.md b/articles/firewall/firewall-performance.md
@@ -5,7 +5,7 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: conceptual
-ms.date: 07/08/2022
+ms.date: 08/03/2022
 ms.author: victorh
 ---
 
@@ -26,7 +26,7 @@ For more information about Azure Firewall, see [What is Azure Firewall?](overvie
 
 ## Performance testing
 
-Before deploying Azure Firewall, the performance needs to be tested and evaluated to ensure it meets your expectations. Not only should Azure Firewall handle the current traffic on a network, but it should also be ready for potential traffic growth. It is recommended to evaluate on a test network and not in a production environment. The testing should attempt to replicate the production environment as close as possible. This includes the network topology, and emulating the actual characteristics of the expected traffic through the firewall.
+Before you deploy Azure Firewall, the performance needs to be tested and evaluated to ensure it meets your expectations. Not only should Azure Firewall handle the current traffic on a network, but it should also be ready for potential traffic growth. It is recommended to evaluate on a test network and not in a production environment. The testing should attempt to replicate the production environment as close as possible. This includes the network topology, and emulating the actual characteristics of the expected traffic through the firewall.
 
 ## Performance data
 
@@ -52,6 +52,7 @@ Azure Firewall also supports the following throughput for single connections:
 |Standard<br>Max bandwidth for single TCP connection     |1.3|
 |Premium<br>Max bandwidth for single TCP connection     |9.5|
 |Premium max bandwidth with TLS/IDS|100|
+|Premium single TCP connection with IDPS on *Alert and Deny* mode|up to 300 Mbps|
 
 Performance values are calculated with Azure Firewall at full scale. Actual performance may vary depending on your rule complexity and network configuration. These metrics are updated periodically as performance continuously evolves with each release.
 
diff --git a/articles/mysql/flexible-server/concepts-service-tiers-storage.md b/articles/mysql/flexible-server/concepts-service-tiers-storage.md
@@ -106,8 +106,6 @@ While the service attempts to make the server read-only, all new write transacti
 
 To get the server out of read-only mode, you should increase the provisioned storage on the server. This can be done using the Azure portal or Azure CLI. Once increased, the server will be ready to accept write transactions again.
 
-We recommend that you set up an alert to notify you when your server storage is approaching the threshold so you can avoid getting into the read-only state. Refer to the [monitoring article](./concepts-monitoring.md) to learn about metrics available. 
-
 We recommend that you <!--turn on storage auto-grow or to--> set up an alert to notify you when your server storage is approaching the threshold so you can avoid getting into the read-only state. For more information, see the documentation on alert documentation [how to set up an alert](how-to-alert-on-metric.md).
 
 ### Storage auto-grow
diff --git a/articles/purview/how-to-monitor-scan-runs.md b/articles/purview/how-to-monitor-scan-runs.md
@@ -6,7 +6,7 @@ ms.author: jingwang
 ms.service: purview
 ms.subservice: purview-data-map
 ms.topic: how-to
-ms.date: 04/04/2022
+ms.date: 08/03/2022
 ---
 
 # Monitor scan runs in Microsoft Purview
@@ -18,7 +18,7 @@ In Microsoft Purview, you can register and scan various types of data sources, a
 
 ## Monitor scan runs
 
-1. Go to your Microsoft Purview account -> open **Microsoft Purview governance portal** -> **Data map** -> **Monitoring**.
+1. Go to your Microsoft Purview account -> open **Microsoft Purview governance portal** -> **Data map** -> **Monitoring**. You need to have **Data source admin** role on any collection to access this page. And you will see the scan runs that belong to the collections on which you have data source admin privilege.
  
 1. The high-level KPIs show total scan runs within a period. The time period is defaulted at last 30 days, you can also choose to select last seven days. Based on the time filter selected, you can see the distribution of successful, failed, and canceled scan runs by week or by the day in the graph.
 
diff --git a/articles/site-recovery/vmware-azure-manage-configuration-server.md b/articles/site-recovery/vmware-azure-manage-configuration-server.md
@@ -6,7 +6,7 @@ manager: gaggupta
 ms.service: site-recovery
 ms.topic: conceptual
 ms.author: v-pgaddala
-ms.date: 05/27/2021
+ms.date: 08/03/2022
 ---
 
 # Manage the configuration server for VMware VM/physical server disaster recovery
@@ -111,7 +111,7 @@ The expiry date appears under **Configuration Server health**. For configuration
 ### If certificates have already expired
 
 1. Post expiry, certificates **cannot be renewed from Azure portal**. Before proceeding, ensure all components scale-out process servers, master target servers and mobility agents on all protected machines are on latest versions and are in connected state.
-2. **Follow this procedure only if certificates have already expired.** Login to configuration server, navigate to C drive > Program Data > Site Recovery > home > svsystems > bin and execute "RenewCerts" executor tool as administrator.
+2. **Follow this procedure only if certificates have already expired.** Login to configuration server, navigate to *C:\ProgramData\ASR\home\svsystems\bin* and execute **RenewCerts** executor tool as administrator.
 3. A PowerShell execution window pops-up and triggers renewal of certificates. This can take up to 15 minutes. Do not close the window until completion of renewal.
 
 :::image type="content" source="media/vmware-azure-manage-configuration-server/renew-certificates.png" alt-text="RenewCertificates":::
