Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Learn Build Service GitHub App · Learn Build Service GitHub App · commit 8ee7b19a5a58 · 2023-12-28T18:02:02.000Z
diff --git a/articles/azure-arc/system-center-virtual-machine-manager/disaster-recovery.md b/articles/azure-arc/system-center-virtual-machine-manager/disaster-recovery.md
@@ -3,7 +3,7 @@ title: Recover from accidental deletion of resource bridge VM
 description: Learn how to perform recovery operations for the Azure Arc resource bridge VM in Azure Arc-enabled System Center Virtual Machine Manager disaster scenarios.
 ms.topic: how-to 
 ms.custom:
-ms.date: 12/06/2023
+ms.date: 12/28/2023
 ms.services: azure-arc
 ms.subservice: azure-arc-scvmm
 author: Farha-Bano
@@ -27,12 +27,14 @@ To recover from Arc resource bridge VM deletion, you need to deploy a new resour
 > DHCP-based Arc Resource Bridge deployment is no longer supported.<br><br>
 If you had deployed Arc Resource Bridge earlier using DHCP, you must clean up your deployment by removing your resources from Azure and do a [fresh onboarding](./quickstart-connect-system-center-virtual-machine-manager-to-arc.md).
 
-1. Copy the Azure region and resource IDs of the Arc resource bridge, custom location, and SCVMM Azure resources.
+### Recover Arc resource bridge from a Windows machine
 
-2. Download the [onboarding script](/azure/azure-arc/system-center-virtual-machine-manager/quickstart-connect-system-center-virtual-machine-manager-to-arc#download-the-onboarding-script) from the Azure portal and update the following section in the script, using the same information as the original resources in Azure.
+1.	Copy the Azure region and resource IDs of the Arc resource bridge, custom location, and SCVMM management server Azure resources.
+
+2.	Download [this script](https://download.microsoft.com/download/a/a/8/aa8687e4-1a30-485f-9de4-4f15fc576724/arcvmm-windows-dr.ps1) and update the following section in the script using the same information as the original resources in Azure. 
 
     ```powershell
-    $location = <Azure region of the resources>
+    $location = <Azure region of the original Arc resource bridge>
     $applianceSubscriptionId = <subscription-id>
     $applianceResourceGroupName = <resource-group-name>
     $applianceName = <resource-bridge-name>
@@ -45,20 +47,10 @@ If you had deployed Arc Resource Bridge earlier using DHCP, you must clean up yo
     $vmmserverResourceGroupName = <resource-group-name>
     $vmmserverName= <SCVMM-name-in-azure>
     ```
+ 
+3.	Run the updated script from the same location where the config YAML files are stored after the initial onboarding. This is most likely the same folder from where you ran the initial onboarding script unless the config files were moved later to a different location. [Provide the inputs](quickstart-connect-system-center-virtual-machine-manager-to-arc.md#script-runtime) as prompted. 
 
-3. [Run the onboarding script](/azure/azure-arc/system-center-virtual-machine-manager/quickstart-connect-system-center-virtual-machine-manager-to-arc#download-the-onboarding-script) again with the `-Force` parameter.
-
-    ``` powershell-interactive
-    ./resource-bridge-onboarding-script.ps1 -Force
-    ```
-
-4. [Provide the inputs](/azure/azure-arc/system-center-virtual-machine-manager/quickstart-connect-system-center-virtual-machine-manager-to-arc#script-runtime) as prompted.
-
-5. In the same machine, run the following scripts, as applicable:
-     - [Download the script](https://download.microsoft.com/download/6/b/4/6b4a5009-fed8-46c2-b22b-b24a4d0a06e3/arcvmm-appliance-dr.ps1) if you're running the script from a Windows machine
-     - [Download the script](https://download.microsoft.com/download/0/5/c/05c2bcb8-87f8-4ead-9757-a87a0759071c/arcvmm-appliance-dr.sh) if you're running the script from a Linux machine
-
-6. Once the script is run successfully, the old Resource Bridge is recovered and the connection is re-established to the existing Azure-enabled SCVMM resources.
+4.	Once the script is run successfully, the old Resource Bridge is recovered, and the connection is re-established to the existing Azure-enabled SCVMM resources.
 
 ## Next steps
 
diff --git a/articles/azure-monitor/essentials/data-collection-endpoint-overview.md b/articles/azure-monitor/essentials/data-collection-endpoint-overview.md
@@ -26,8 +26,8 @@ This table describes the components of a data collection endpoint, related regio
 
 | Component | Description | Regionality considerations |Data collection rule configuration |
 |:---|:---|:---|
-| Configuration access endpoint | The endpoint from which Azure Monitor Agent retrieves data collection rules (DCRs).<br>Example: `<unique-dce-identifier>.<regionname>-1.handler.control`. | Same region as the monitored resources. | Set on the **Basics** tab when you create a data collection rule using the portal. | 
-| Logs ingestion endpoint | The endpoint that ingests logs into the data ingestion pipeline. Azure Monitor transforms the data and sends it to the defined destination Log Analytics workspace and table based on a DCR ID sent with the collected data.<br>Example: `<unique-dce-identifier>.<regionname>-1.ingest`. |Same region as the destination Log Analytics workspace. |Set on the **Resources** tab when you create a data collection rule using the portal.|
+| Logs ingestion endpoint | The endpoint that ingests logs into the data ingestion pipeline. Azure Monitor transforms the data and sends it to the defined destination Log Analytics workspace and table based on a DCR ID sent with the collected data.<br>Example: `<unique-dce-identifier>.<regionname>-1.ingest`. |Same region as the destination Log Analytics workspace. |Set on the **Basics** tab when you create a data collection rule using the portal. |
+| Configuration access endpoint | The endpoint from which Azure Monitor Agent retrieves data collection rules (DCRs).<br>Example: `<unique-dce-identifier>.<regionname>-1.handler.control`. | Same region as the monitored resources. | Set on the **Resources** tab when you create a data collection rule using the portal.| 
 
 
 ## How to set up data collection endpoints based on your deployment
diff --git a/articles/azure-monitor/logs/ingest-logs-event-hub.md b/articles/azure-monitor/logs/ingest-logs-event-hub.md
@@ -6,7 +6,7 @@ author: guywi-ms
 ms.author: guywild
 ms.reviewer: ilanawaitser
 ms.topic: tutorial 
-ms.date: 09/20/2022
+ms.date: 12/28/2023
 ms.custom: references_regions 
 
 # customer-intent: As a DevOps engineer, I want to ingest data from an event hub into a Log Analytics workspace so that I can monitor logs that I send to Azure Event Hubs.
diff --git a/articles/cosmos-db/vector-database.md b/articles/cosmos-db/vector-database.md
@@ -71,6 +71,15 @@ The native vector search feature in our NoSQL API is under development. In the m
 - [.NET tutorial - recipe chatbot](https://github.com/microsoft/AzureDataRetrievalAugmentedGenerationSamples/tree/main/C%23/CosmosDB-NoSQL_CognitiveSearch)
 - [.NET tutorial - recipe chatbot w/ Semantic Kernel](https://github.com/microsoft/AzureDataRetrievalAugmentedGenerationSamples/tree/main/C%23/CosmosDB-NoSQL_CognitiveSearch_SemanticKernel)
 - [Python notebook tutorial - Azure product chatbot](https://github.com/microsoft/AzureDataRetrievalAugmentedGenerationSamples/tree/main/Python/CosmosDB-NoSQL_CognitiveSearch)
+  
+## Next step
+
+[30-day Free Trial without Azure subscription](https://azure.microsoft.com/try/cosmosdb/)
+
+[90-day Free Trial with Azure AI Advantage](ai-advantage.md)
+
+> [!div class="nextstepaction"]
+> [Use the Azure Cosmos DB lifetime free tier](free-tier.md)
 
 ## Vector database related concepts
 
@@ -112,12 +121,3 @@ The process of creating good prompts for a scenario is called prompt engineering
 ### Tokens
 
 Tokens are small chunks of text generated by splitting the input text into smaller segments. These segments can either be words or groups of characters, varying in length from a single character to an entire word. For instance, the word hamburger would be divided into tokens such as ham, bur, and ger while a short and common word like pear would be considered a single token. LLMs like ChatGPT, GPT-3.5, or GPT-4 break words into tokens for processing.
-  
-## Next step
-
-[30-day Free Trial without Azure subscription](https://azure.microsoft.com/try/cosmosdb/)
-
-[90-day Free Trial with Azure AI Advantage](ai-advantage.md)
-
-> [!div class="nextstepaction"]
-> [Use the Azure Cosmos DB lifetime free tier](free-tier.md)
diff --git a/articles/defender-for-cloud/auto-deploy-azure-monitoring-agent.md b/articles/defender-for-cloud/auto-deploy-azure-monitoring-agent.md
@@ -78,21 +78,15 @@ The required [Log Analytics workspace solutions](/previous-versions/azure/azure-
 - Cloud security posture management (CSPM) – **SecurityCenterFree solution**
 - Defender for Servers Plan 2 – **Security solution**
 
-### Other extensions for Defender for Cloud
-
-The Azure Monitor Agent requires more extensions. The ASA extension, which supports endpoint protection recommendations, fileless attack detection, and Adaptive Application controls, is automatically installed when you autoprovision the Azure Monitor Agent.
-
 ### Other security events collection
 
-When you autoprovision the Log Analytics agent in Defender for Cloud, you can choose to collect other security events to the workspace. When you autoprovision the Azure Monitor agent in Defender for Cloud, the option to collect other security events to the workspace isn't available. Defender for Cloud doesn't rely on these security events, but they can be helpful for investigations through Microsoft Sentinel.
-
-If you want to collect security events when you autoprovision the Azure Monitor Agent, you can create a [Data Collection Rule](../azure-monitor/essentials/data-collection-rule-overview.md) to collect the required events. Learn [how do it with PowerShell or with Azure Policy](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/how-to-configure-security-events-collection-with-azure-monitor/ba-p/3770719).
+When you autoprovision the Log Analytics agent in Defender for Cloud, you can choose to collect other security events to the workspace.
 
-As in Log Analytics workspaces, Defender for Cloud users are eligible for [500 MB of free data](faq-defender-for-servers.yml) daily on defined data types that include security events.
+As in Log Analytics workspaces, Defender for Servers Plan 2 users are eligible for [500 MB of free data](faq-defender-for-servers.yml) daily on defined data types that include security events.
 
 ## Next steps
 
-Now that you enabled the Azure Monitor Agent, check out the features that are supported by the agent:
+Now that you enabled the Log Analytics agent, check out the features that are supported by the agent:
 
 - [Endpoint protection assessment](endpoint-protection-recommendations-technical.md)
 - [Adaptive application controls](adaptive-application-controls.md)
diff --git a/articles/defender-for-cloud/plan-defender-for-servers-select-plan.md b/articles/defender-for-cloud/plan-defender-for-servers-select-plan.md
@@ -51,7 +51,7 @@ You can choose from two paid plans:
 | **Defender for Endpoint provisioning** | Defender for Servers automatically provisions the Defender for Endpoint sensor on every supported machine that's connected to Defender for Cloud.| :::image type="icon" source="./media/icons/yes-icon.png"::: | :::image type="icon" source="./media/icons/yes-icon.png"::: |
 | **Unified view** | Alerts from Defender for Endpoint appear in the Defender for Cloud portal. You can get detailed information in the Defender for Endpoint portal.| :::image type="icon" source="./media/icons/yes-icon.png"::: | :::image type="icon" source="./media/icons/yes-icon.png"::: |
 | **Threat detection for OS-level (agent-based)** | Defender for Servers and Defender for Endpoint detect threats at the OS level, including virtual machine behavioral detections and *fileless attack detection*, which generates detailed security alerts that accelerate alert triage, correlation, and downstream response time.<br><br />[Learn more about alerts for Windows machines](alerts-reference.md#alerts-windows)<br /><br />[Learn more about alerts for Linux machines](alerts-reference.md#alerts-linux)<br /><br /><br />[Learn more about alerts for DNS](alerts-reference.md#alerts-dns) | :::image type="icon" source="./media/icons/yes-icon.png":::</br>[Provided by MDE](/microsoft-365/security/defender-endpoint/overview-endpoint-detection-response) | :::image type="icon" source="./media/icons/yes-icon.png"::: |
-| **Threat detection for network-level (agentless security alerts)** | Defender for Servers detects threats that are directed at the control plane on the network, including network-based security alerts for Azure virtual machines. | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png"::: |
+| **Threat detection for network-level (agentless security alerts)** | Defender for Servers detects threats that are directed at the control plane on the network, including network-based security alerts for Azure virtual machines. [Learn more](/azure/defender-for-cloud/alerts-reference) | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png"::: |
 | **Microsoft Defender Vulnerability Management (MDVM) Add-on** | Enhance your vulnerability management program consolidated asset inventories, security baselines assessments, application block feature, and more. [Learn more](deploy-vulnerability-assessment-defender-vulnerability-management.md). | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png"::: |
 | **Security Policy and Regulatory Compliance** | Customize a security policy for your subscription and also compare the configuration of your resources with requirements in industry standards, regulations, and benchmarks. Learn more about [regulatory compliance](regulatory-compliance-dashboard.md) and [security policies](security-policy-concept.md) | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png":::|
 | **[Qualys vulnerability assessment](deploy-vulnerability-assessment-vm.md)** | As an alternative to Defender Vulnerability Management, Defender for Cloud can deploy a Qualys scanner and display the findings. You don't need a Qualys license or account. | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png":::|
diff --git a/articles/healthcare-apis/fhir/migration-strategies.md b/articles/healthcare-apis/fhir/migration-strategies.md
@@ -41,7 +41,7 @@ Compare the differences between Azure API for FHIR and Azure Health Data Service
 |**Autoscaling**|Supported on request and incurs charge|Enabled by default at no extra charge|
 |**Search parameters**|Bundle type supported: Batch <br> • Include and revinclude, iterate modifier not supported  <br> • Sorting supported by first name, last name, birthdate and clinical date|Bundle type supported: Batch and transaction  <br> • Selectable search parameters  <br> • Include, revinclude, and iterate modifier is supported <br>• Sorting supported by string and dateTime fields|
 |**Events**|Not Supported|Supported|
-|**Infrastructure**|Supported: <br> • Customer managed keys <br> • AZ support and PITR  <br> • Cross region DR|Supported: <br> • Data recovery  <br> • [Customer managed keys](configure-customer-managed-keys.md) <br> Upcoming: <br> • AZ support for customer managed keys|
+|**Infrastructure**|Supported: <br> • Customer managed keys <br> • AZ support and PITR  <br> • Cross region DR|Supported: <br> • Data recovery  <br> • [Customer managed keys](configure-customer-managed-keys.md) <br> Upcoming: <br> • Availability zone support|
 
 ### Things to consider that may affect your architecture
 
