Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into egridehub11118

Author: spelluru

articles/active-directory/reports-monitoring/reference-audit-activities.md

@@ -369,6 +369,7 @@ This article lists the audit activities that can be logged in your audit logs.
 |Application Management|AdminUserJourneys-GetResources|
 |Directory Management|AdminUserJourneys-RemoveResources|
 |Directory Management|AdminUserJourneys-SetResources|
+|Directory Management|Create company|
 |Directory Management|Create IdentityProvider|
 |Directory Management|Create a new AdminUserJourney|
 |Directory Management|Create localized resource json|

articles/active-directory/saas-apps/sharepoint-on-premises-tutorial.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 03/31/2021
+ms.date: 11/14/2022
 ms.author: jeedes
 ---
 # Tutorial: Implement federated authentication between Azure Active Directory and SharePoint on-premises
@@ -343,4 +343,38 @@ $t.Update()
 
 1. In the section **Reply URL (Assertion Consumer Service URL)**, add the URL (for example, `https://otherwebapp.contoso.local/`) of all additional web applications that need to sign in users with Azure Active Directory and click **Save**.
 
-![Specify additional web applications](./media/sharepoint-on-premises-tutorial/azure-active-directory-app-reply-urls.png)
+![Specify additional web applications](./media/sharepoint-on-premises-tutorial/azure-active-directory-app-reply-urls.png)
+
+### Configure the lifetime of the security token
+
+By default, Azure AD creates a SAML token that is valid for 1 hour.  
+This lifetime cannot be customized in the Azure portal, or using a conditional access policy, but it can be done by creating a [custom token lifetime policy](../develop/active-directory-configurable-token-lifetimes.md) and apply it to the enterprise application created for SharePoint.  
+To do this, complete the steps below using Windows PowerShell (at the time of this writing, AzureADPreview v2.0.2.149 does not work with PowerShell Core):
+
+1. Install the module [AzureADPreview](https://www.powershellgallery.com/packages/AzureADPreview/):
+
+    ```powershell
+    Install-Module -Name AzureADPreview -Scope CurrentUser
+    ```
+
+1. Run `Connect-AzureAD` to sign-in as a tenant administrator.
+
+1. Run the sample script below to update the application `SharePoint corporate farm` to issue a SAML token valid for 6h (value `06:00:00` of property `AccessTokenLifetime`):
+
+    ```powershell
+    $appDisplayName = "SharePoint corporate farm"
+    
+    $sp = Get-AzureADServicePrincipal -Filter "DisplayName eq '$appDisplayName'"
+    $oldPolicy = Get-AzureADServicePrincipalPolicy -Id $sp.ObjectId | ?{$_.Type -eq "TokenLifetimePolicy"}
+    if ($null -ne $oldPolicy) {
+        # There can be only 1 TokenLifetimePolicy associated to the service principal (or 0, as by default)
+        Remove-AzureADServicePrincipalPolicy -Id $sp.ObjectId -PolicyId $oldPolicy.Id
+    }
+    
+    # Create a custom TokenLifetimePolicy in Azure AD and add it to the service principal
+    $policy = New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"06:00:00"}}') -DisplayName "Custom token lifetime policy" -IsOrganizationDefault $false -Type "TokenLifetimePolicy"
+    Add-AzureADServicePrincipalPolicy -Id $sp.ObjectId -RefObjectId $policy.Id
+    ```
+
+After the script completed, all users who successfully sign-in to the enterprise application will get a SAML 1.1 token valid for 6h in SharePoint.  
+To revert the change, simply remove the custom `TokenLifetimePolicy` object from the service principal, as done at the beginning of the script.

articles/applied-ai-services/form-recognizer/concept-model-overview.md

@@ -53,7 +53,7 @@ recommendations: false
 
 [:::image type="icon" source="media/studio/read-card.png" :::](https://formrecognizer.appliedai.azure.com/studio/read)
 
-The Read API analyzes and extracts ext lines, words, their locations, detected languages, and handwritten style if detected.
+The Read API analyzes and extracts lines, words, their locations, detected languages, and handwritten style if detected.
 
 ***Sample document processed using the [Form Recognizer Studio](https://formrecognizer.appliedai.azure.com/studio/read)***:
 

articles/azure-maps/how-to-dev-guide-csharp-sdk.md

@@ -392,11 +392,11 @@ The [Azure.Maps Namespace][Azure.Maps Namespace] in the .NET documentation.
 [rendering readme]: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/maps/Azure.Maps.Rendering/README.md
 [rendering sample]: https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/maps/Azure.Maps.Rendering/samples
 [geolocation package]: https://www.nuget.org/packages/Azure.Maps.geolocation
-[geolocation readme]: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/maps/Azure.Maps.geolocation/README.md
+[geolocation readme]: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/maps/Azure.Maps.Geolocation/README.md
 [geolocation sample]: https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/maps/Azure.Maps.Geolocation/samples
 [FuzzySearch]: /dotnet/api/azure.maps.search.mapssearchclient.fuzzysearch
 [Azure.Maps Namespace]: /dotnet/api/azure.maps
 [search-api]: /dotnet/api/azure.maps.search
 [Identity library .NET]: /dotnet/api/overview/azure/identity-readme?view=azure-dotnet
 [defaultazurecredential.NET]: /dotnet/api/overview/azure/identity-readme?view=azure-dotnet#defaultazurecredential
-[NuGet]: https://www.nuget.org/
+[NuGet]: https://www.nuget.org/

articles/azure-maps/index.yml

@@ -34,7 +34,7 @@ landingContent:
       - linkListType: video
         links:
           - text: Introduction to Azure Maps
-            url: https://sec.ch9.ms/ch9/d498/3d435d2c-ac85-421b-b3a7-5e0c7630d498/IoT_AzureMaps_high.mp4
+            url: /shows/azure-videos/an-introduction-to-azure-maps
 
   # Card
   - title: Get Started
@@ -283,4 +283,4 @@ landingContent:
       - linkListType: reference
         links:
           - text: Weather services
-            url: /rest/api/maps/weather
+            url: /rest/api/maps/weather

articles/azure-maps/rest-sdk-developer-guide.md

@@ -81,7 +81,7 @@ Azure Maps Java SDK supports [Java 8][Java 8] or above.
 [C# rendering readme]: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/maps/Azure.Maps.Rendering/README.md
 [C# rendering sample]: https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/maps/Azure.Maps.Rendering/samples
 [C# geolocation package]: https://www.nuget.org/packages/Azure.Maps.geolocation
-[C# geolocation readme]: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/maps/Azure.Maps.geolocation/README.md
+[C# geolocation readme]: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/maps/Azure.Maps.Geolocation/README.md
 [C# geolocation sample]: https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/maps/Azure.Maps.Geolocation/samples
 
 <!--  Python SDK Developers Guide  --->
@@ -90,8 +90,8 @@ Azure Maps Java SDK supports [Java 8][Java 8] or above.
 [py search readme]: https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/maps/azure-maps-search/README.md
 [py search sample]: https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/maps/azure-maps-search/samples
 [py route package]: https://pypi.org/project/azure-maps-route
-[py route readme]: https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/maps/azure-maps-routing/README.md
-[py route sample]: https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/maps/azure-maps-routing/samples
+[py route readme]: https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/maps/azure-maps-route/README.md
+[py route sample]: https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/maps/azure-maps-route/samples
 [py render package]: https://pypi.org/project/azure-maps-render
 [py render readme]: https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/maps/azure-maps-render/README.md
 [py render sample]: https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/maps/azure-maps-render/samples

articles/azure-monitor/agents/data-collection-snmp-data.md

@@ -0,0 +1,136 @@
+---
+title: Collect SNMP trap data with Azure Monitor Agent
+description: Learn how to collect SNMP trap data and send the data to Azure Monitor Logs using Azure Monitor Agent.  
+ms.topic: how-to
+ms.date: 06/22/2022
+ms.reviewer: shseth
+
+---
+
+# Collect SNMP trap data with Azure Monitor Agent
+  
+Simple Network Management Protocol (SNMP) is a widely-deployed management protocol for monitoring and configuring Linux devices and appliances.  
+  
+You can collect SNMP data in two ways: 
+
+- **Polls** - The managing system polls an SNMP agent to gather values for specific properties.
+- **Traps** - An SNMP agent forwards events or notifications to a managing system. 
+
+Traps are most often used as event notifications, while polls are more appropriate for stateful health detection and collecting performance metrics.  
+  
+You can use Azure Monitor Agent to collect SNMP traps as syslog events or as events logged in a text file.
+
+In this tutorial, you learn how to:
+
+> [!div class="checklist"]
+> * Set up the trap receiver log options and format 
+> * Configure the trap receiver to send traps to syslog or text file
+> * Collect SNMP traps using Azure Monitor Agent
+
+## Prerequisites
+
+To complete this tutorial, you need: 
+
+- A Log Analytics workspace where you have at least [contributor rights](../logs/manage-access.md#azure-rbac).
+
+-  Management Information Base (MIB) files for the devices you are monitoring.
+    
+    SNMP identifies monitored properties using Object Identifier (OID) values, which are defined and described in vendor-provided MIB files.  
+
+    The device vendor typically provides MIB files. If you don't have the MIB files, you can find the files for many vendors on third-party websites.
+
+    Place all MIB files for each device that sends SNMP traps in `/usr/share/snmp/mibs`, the default directory for MIB files. This enables logging SNMP trap fields with meaningful names instead of OIDs. 
+
+    Some vendors maintain a single MIB for all devices, while others have hundreds of MIB files. To load an MIB file correctly, snmptrapd must load all dependent MIBs. Be sure to check the snmptrapd log file after loading MIBs to ensure that there are no missing dependencies in parsing your MIB files.  
+
+- A Linux server with an SNMP trap receiver.
+
+    In this article, we use **snmptrapd**, an SNMP trap receiver from the [Net-SNMP](https://www.net-snmp.org/) agent, which most Linux distributions provide. However, there are many other SNMP trap receiver services you can use.
+
+    The snmptrapd configuration procedure may vary between Linux distributions. For more information on snmptrapd configuration, including guidance on configuring for SNMP v3 authentication, see the [Net-SNMP documentation](https://www.net-snmp.org/docs/man/snmptrapd.conf.html).  
+
+    It's important that the SNMP trap receiver you use can load MIB files for your environment, so that the properties in the SNMP trap message have meaningful names instead of OIDs.  
+ 
+## Set up the trap receiver log options and format
+
+To set up the snmptrapd trap receiver on a CentOS 7, Red Hat Enterprise Linux 7, Oracle Linux 7 server:
+
+1. Install and enable snmptrapd: 
+
+    ```bash
+    #Install the SNMP agent
+    sudo yum install net-snmp
+    #Enable the service
+    sudo systemctl enable snmptrapd
+    #Allow UDP 162 through the firewall
+    sudo firewall-cmd --zone=public --add-port=162/udp --permanent
+    ```
+
+1. Authorize community strings (SNMP v1 and v2 authentication strings) and define the format for the traps written to the log file: 
+  
+    1. Open `snmptrapd.conf`: 
+    
+        ```bash
+        sudo vi /etc/snmp/snmptrapd.conf  
+        ```        
+
+    1.  Add these lines to your `snmptrapd.conf` file: 
+    
+        ```bash
+        # Allow all traps for all OIDs, from all sources, with a community string of public
+        authCommunity log,execute,net public
+        # Format logs for collection by Azure Monitor Agent
+        format2 snmptrap %a %B %y/%m/%l %h:%j:%k %N %W %q %T %W %v \n
+        ```
+
+        > [!NOTE]
+        > snmptrapd logs both traps and daemon messages - for example, service stop and start - to the same log file. In the example above, we’ve defined the log format to start with the word “snmptrap” to make it easy to filter snmptraps from the log later on. 
+## Configure the trap receiver to send trap data to syslog or text file
+
+There are two ways snmptrapd can send SNMP traps to Azure Monitor Agent: 
+
+- Forward incoming traps to syslog, which you can set as the data source for Azure Monitor Agent. 
+
+- Write the syslog messages to a file, which Azure Monitor Agent can *tail* and parse. This option allows you to send the SNMP traps as a new datatype rather than sending as syslog events.  
+    
+To edit the output behavior configuration of snmptrapd: 
+
+1. Open the `/etc/snmp/snmptrapd.conf` file: 
+    
+    ```bash
+    sudo vi /etc/sysconfig/snmptrapd
+    ```    
+
+1. Configure the output destination.
+
+   Here's an example configuration:   
+
+    ```bash        
+    # snmptrapd command line options
+    # '-f' is implicitly added by snmptrapd systemd unit file
+    # OPTIONS="-Lsd"
+    OPTIONS="-m ALL -Ls2 -Lf /var/log/snmptrapd"
+    ```  
+        
+    The options in this example configuration are:  
+    
+    - `-m ALL` - Load all MIB files in the default directory.
+    - `-Ls2` - Output traps to syslog, to the Local2 facility.
+    - `-Lf /var/log/snmptrapd` - Log traps to the `/var/log/snmptrapd` file. 
+    
+> [!NOTE]   
+> See Net-SNMP documentation for more information about [how to set output options](https://www.net-snmp.org/docs/man/snmpcmd.html) and [how to set formatting options](https://www.net-snmp.org/docs/man/snmptrapd.html). 
+    
+## Collect SNMP traps using Azure Monitor Agent
+
+If you configured snmptrapd to send events to syslog, follow the steps described in [Collect events and performance counters with Azure Monitor Agent](../agents/data-collection-rule-azure-monitor-agent.md). Make sure to select **Linux syslog** as the data source when you define the data collection rule for Azure Monitor Agent.
+
+If you configured snmptrapd to write events to a file, follow the steps described in [Collect text and IIS logs with Azure Monitor agent](../agents/data-collection-text-log.md).
+
+## Next steps
+
+Learn more about: 
+
+- [Azure Monitor Agent](azure-monitor-agent-overview.md).
+- [Data collection rules](../essentials/data-collection-rule-overview.md).
+- [Best practices for cost management in Azure Monitor](../best-practices-cost.md). 

articles/azure-monitor/toc.yml

@@ -200,6 +200,9 @@ items:
       - name: Collect text and IIS Logs
         displayName: data collection rule,Azure Monitor agent
         href: agents/data-collection-text-log.md
+      - name: Collect SNMP traps
+        displayName: data collection rule,Azure Monitor agent
+        href: agents/data-collection-snmp-data.md        
     - name: Define network settings
       href: agents/azure-monitor-agent-data-collection-endpoint.md
     - name: Migrate from Log Analytics Agent

articles/azure-video-indexer/logic-apps-connector-arm-accounts.md

@@ -13,7 +13,7 @@ ms.date: 11/16/2022
 Azure Video Indexer (AVI) [REST API](https://api-portal.videoindexer.ai/api-details#api=Operations&operation=Upload-Video) supports both server-to-server and client-to-server communication. The API enables you to integrate video and audio insights into your application logic.
 
 > [!TIP]
-> For the latest `api-version`, chose the latest stable version in our documentation.
+> For the latest `api-version`, chose the latest stable version in [our REST documentation](/rest/api/videoindexer/stable/generate).
 
 To make the integration easier, we support [Logic Apps](https://azure.microsoft.com/services/logic-apps/) and [Power Automate](https://preview.flow.microsoft.com/connectors/shared_videoindexer-v2/video-indexer-v2/) connectors that are compatible with the Azure Video Indexer API. 
 
@@ -115,12 +115,12 @@ The following image shows the first flow:
 
     Search and create an **HTTP** action.
 
-    |Key| Value|
-    |----|----|
-    |Method | **POST**|
-    | URI| [generateAccessToken](/rest/api/videoindexer/stable/generate/access-token?tabs=HTTP#generate-accesstoken-for-account-contributor). |
-    | Body|`{ "permissionType": "Contributor", "scope": "Account" }` |
-    | Add new parameter | **Authentication**  |
+    |Key| Value|Notes|
+    |----|----|---|
+    |Method | **POST**||
+    | URI| [generateAccessToken](/rest/api/videoindexer/stable/generate/access-token?tabs=HTTP#generate-accesstoken-for-account-contributor). ||
+    | Body|`{ "permissionType": "Contributor", "scope": "Account" }` |See the [REST doc example](/rest/api/videoindexer/preview/generate/access-token?tabs=HTTP#generate-accesstoken-for-account-contributor), make sure to delete the **POST** line.|
+    | Add new parameter | **Authentication**  ||
 
     ![Screenshot of the HTTP access token.](./media/logic-apps-connector-arm-accounts/http-with-param.png)