Merge pull request #225490 from MicrosoftDocs/main

Merge main to live, Sunday 1/29, 4 PM

Author: American-Dipper

.openpublishing.redirection.json

@@ -16074,6 +16074,11 @@
             "redirect_url": "/azure/sentinel/normalization-schema-web",
             "redirect_document_id": true
         },
+        {
+            "source_path_from_root": "/articles/sentinel/network-normalization-schema.md",
+            "redirect_url": "/azure/sentinel/normalization-schema-network",
+            "redirect_document_id": true
+        },
         {
             "source_path_from_root": "/articles/sentinel/dns-normalization-schema.md",
             "redirect_url": "/azure/sentinel/normalization-schema-dns",

articles/active-directory/roles/permissions-reference.md

@@ -855,6 +855,8 @@
             href: errors-diagnostics/diagnostic-events/azfd0002.md
           - name: AZFD0003
             href: errors-diagnostics/diagnostic-events/azfd0003.md
+          - name: AZFD0004
+            href: errors-diagnostics/diagnostic-events/azfd0004.md
     - name: host.json 2.x reference
       href: functions-host-json.md
     - name: host.json 1.x reference

articles/azure-functions/TOC.yml

@@ -0,0 +1,39 @@
+---
+title: "AZFD0004: Host ID collision"
+titleSuffix: "Azure Functions"
+description: "AZFD0004: Host ID collision"
+author: madelinegordon
+ms.author: magordon
+ms.topic: troubleshooting
+ms.date: 01/28/2023
+---
+
+# AZFD0004: Host ID collision
+
+This event occurs when you have the same host ID assigned to multiple function apps or slots, which also share the same storage account.
+
+| | Value |
+|-|-|
+| **Event ID** |AZFD0004|
+| **Category** |[Usage]|
+| **Severity** |Error|
+
+## Event description
+
+A host ID collision can occur when more than one function app or slot uses the same host ID while sharing a storage account. This condition usually occurs due to truncation of similar function app names when the host ID value is generated. For example, if you have multiple apps or slots with names longer than 32 characters and the first 32 characters are shared, both generated host ID values may be the same due to truncation. 
+
+You can also have the same collision when you explicitly set the same host ID value on multiple function apps that use the same storage account.
+
+When multiple apps have the same host ID, the resulting collision can cause incorrect behaviors. For example, some triggers, like timer and Blob Storage, store tracking data by host ID. A host ID collision can result in incorrect behavior when the host can't differentiate between apps by host ID. When such a collision is detected, an error (hard failure) is logged and the host is shut down. Before version 4.x of the Functions runtime, a warning was logged, but the host wasn't shut down.
+
+For more information, see [host ID considerations](../../storage-considerations.md#host-id-considerations).
+
+## Options for addressing collisions:
+
+- Connect each function app or slot in the collision to a different storage account by changing the [AzureWebJobsStorage](../../functions-app-settings.md#azurewebjobsstorage) application setting or slot setting.
+- Rename your function apps to a name that has fewer than 32 characters. When app names have fewer than 32 characters, unique host IDs can be generated for each app, which removes the collision.
+- Set explicit host ID values for your function apps or slots so they no longer conflict. For more information, see [host ID considerations](../../storage-considerations.md#host-id-considerations).
+
+## When to suppress the event
+
+This event shouldn't be suppressed.

articles/azure-functions/errors-diagnostics/diagnostic-events/azfd0004.md

@@ -115,7 +115,7 @@ This table lists the tools Azure Monitor provides for collecting data from vario
 | --- | --- | --- |
 | **Azure** | [Diagnostic settings](../essentials/diagnostic-settings.md)  | | **Azure tenant** - Azure Active Directory Audit Logs provide sign-in activity history and audit trail of changes made within a tenant.<br/>**Azure resources** - Logs and performance counters.<br/>**Azure subscription** - Service health records along with records on any configuration changes made to the resources in your Azure subscription. |
 | **Application** | [Application insights](../app/app-insights-overview.md) |Splunk Application Performance Monitoring| Application performance monitoring data. |
-| **Container** |[Container insights](../containers/container-insights-overview.md)|Splunk App for Infrastructure| Container performance data. |
+| **Container** |[Container insights](../containers/container-insights-overview.md)|Container Monitoring| Container performance data. |
 | **Operating system** | [Azure Monitor Agent](../vm/monitor-virtual-machine-agent.md) |Universal Forwarder, Heavy Forwarder | Monitoring data from the guest operating system of Azure and non-Azure virtual machines.|
 | **Non-Azure source** | [Logs Ingestion API](../logs/logs-ingestion-api-overview.md) |HTTP Event Collector (HEC)| File-based logs and any data you send to a [data collection endpoint](../essentials/data-collection-endpoint-overview.md) on a monitored resource.|
 

articles/azure-monitor/logs/migrate-splunk-to-azure-monitor-logs.md

@@ -66,10 +66,10 @@ Open the file and copy the below code. Remember to replace the `key` variable wi
 const { TextAnalyticsClient, AzureKeyCredential } = require("@azure/ai-text-analytics");
 const key = '<paste-your-key-here>';
 const endpoint = '<paste-your-endpoint-here>';
-// Authenticate the client with your key and endpoint
+// Authenticate the client with your key and endpoint.
 const textAnalyticsClient = new TextAnalyticsClient(endpoint, new AzureKeyCredential(key));
 
-// Example method for extracting information from healthcare-related text 
+// Example method for extracting information from healthcare-related text.
 async function healthExample(client) {
     console.log("== Recognize Healthcare Entities Sample ==");
 

articles/cognitive-services/language-service/text-analytics-for-health/includes/quickstarts/nodejs-sdk.md

@@ -89,9 +89,8 @@ compute](concepts-burstable-compute.md) and regular compute.
 | Resource | Resource value |
 |----------|----------------|
 | Burstable compute, vCores | 1, 2 |
-| Burstable compute memory per vCore, GiB | 4 |
-| Storage size, GiB | 32, 64, 128 |
-| Storage IOPS | Up to 500 |
+| Burstable compute memory per vCore, GiB | 2 |
+| Storage size, GiB (IOPS, up to) | 32 (120), 64 (240), 128 (500) |
 | Storage type | General purpose (SSD) |
 
 **Regular compute**

articles/cosmos-db/postgresql/resources-compute.md

@@ -46,9 +46,10 @@ You can choose from two Defender for Servers paid plans:
 | **Licensing** | Defender for Servers covers licensing for Defender for Endpoint. Licensing is charged per hour instead of per seat, lowering costs by protecting virtual machines only when they're in use.| :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 1."::: | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
 | **Defender for Endpoint provisioning** | Defender for Servers automatically provisions the Defender for Endpoint sensor on every supported machine that's connected to Defender for Cloud.| :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 1."::: | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
 | **Unified view** | Defender for Endpoint alerts appear in the Defender for Cloud portal. You can get detailed information in the Defender for Endpoint portal.| :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 1."::: | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
-| **Threat detection for OS-level (agent-based)** | Defender for Servers and Defender for Endpoint detect threats at the OS level, including virtual machine behavioral detections and *fileless attack detection*, which generates detailed security alerts that accelerate alert triage, correlation, and downstream response time.<br>[Learn more](alerts-reference.md#alerts-windows) | :::image type="icon" source="./media/icons/yes-icon.png"::: | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
+| **Threat detection for OS-level (agent-based)** | Defender for Servers and Defender for Endpoint detect threats at the OS level, including virtual machine behavioral detections and *fileless attack detection*, which generates detailed security alerts that accelerate alert triage, correlation, and downstream response time.<br>[Learn more](alerts-reference.md#alerts-windows) | :::image type="icon" source="./media/icons/yes-icon.png":::</br>[Provided by MDE](/microsoft-365/security/defender-endpoint/overview-endpoint-detection-response) | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
 | **Threat detection for network-level (agentless)** | Defender for Servers detects threats that are directed at the control plane on the network, including network-based detections for Azure virtual machines. | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
 | **Microsoft Defender Vulnerability Management Add-on** | See a deeper analysis of the security posture of your protected servers, including risks related to browser extensions, network shares, and digital certificates. [Learn more](deploy-vulnerability-assessment-defender-vulnerability-management.md). | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
+| **Security Policy and Regulatory Compliance** | Customize a security policy for your subscription and also compare the configuration of your resources with requirements in industry standards, regulations, and benchmarks. Learn more about [regulatory compliance](regulatory-compliance-dashboard.md) and [security policies](security-policy-concept.md) | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2.":::|
 | **[Qualys vulnerability assessment](deploy-vulnerability-assessment-vm.md)** | As an alternative to Defender Vulnerability Management, Defender for Cloud integrates with the Qualys scanner to identify vulnerabilities. You don't need a Qualys license or account. | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2.":::|
 **[Adaptive application controls](adaptive-application-controls.md)** | Adaptive application controls define allowlists of known safe applications for machines. To use this feature, Defender for Cloud must be enabled on the subscription. | Not supported in Plan 1 |:::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |
 | **Free data ingestion (500 MB) in workspaces** | Free data ingestion is available for [specific data types](faq-defender-for-servers.yml#what-data-types-are-included-in-the-daily-allowance-). Data ingestion is calculated per node, per reported workspace, and per day. It's available for every workspace that has a *Security* or *AntiMalware* solution installed. | Not supported in Plan 1 | :::image type="icon" source="./media/icons/yes-icon.png" alt-text="Icon that shows it's supported in Plan 2."::: |