MicrosoftDocs
diff --git a/‎articles/azure-monitor/agents/azure-monitor-agent-migration.md
Lines changed: 3 additions & 3 deletions b/‎articles/azure-monitor/agents/azure-monitor-agent-migration.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/azure-monitor/agents/azure-monitor-agent-overview.md
Lines changed: 11 additions & 13 deletions b/‎articles/azure-monitor/agents/azure-monitor-agent-overview.md
Lines changed: 11 additions & 13 deletions
diff --git a/‎articles/azure-monitor/agents/data-collection-rule-azure-monitor-agent.md
Lines changed: 5 additions & 8 deletions b/‎articles/azure-monitor/agents/data-collection-rule-azure-monitor-agent.md
Lines changed: 5 additions & 8 deletions
@@ -70,8 +70,8 @@ The following tables show gap analyses for the **log types** that are currently
 | **Performance counters** | Yes | Yes |
 | **Windows Event Logs** | Yes | Yes |
 | **Filtering by event ID** | Yes | No |
-| **Custom logs** | No | Yes |
-| **IIS logs** | No | Yes |
+| **Text logs** | Yes | Yes |
+| **IIS logs** | Yes | Yes |
 | **Application and service logs** | Yes | Yes |
 | **Multi-homing** | Yes | Yes |
 
@@ -81,7 +81,7 @@ The following tables show gap analyses for the **log types** that are currently
 |---------|---------|---------|
 | **Syslog** | Yes | Yes |
 | **Performance counters** | Yes | Yes |
-| **Custom logs** | No | Yes |
+| **Text logs** | Yes | Yes |
 | **Multi-homing** | Yes | No |
 
 
 
@@ -10,7 +10,7 @@ ms.custom: references_regions
 
 # Azure Monitor agent overview
 The Azure Monitor agent (AMA) collects monitoring data from the guest operating system of Azure virtual machines and delivers it to Azure Monitor. This article provides an overview of the Azure Monitor agent and includes information on how to install it and how to configure data collection.  
-Here's an **introductory video** explaining all about this new agent, including a quick demo of how to set things up using the Azure Portal:  [ITOps Talk: Azure Monitor Agent](https://www.youtube.com/watch?v=f8bIrFU8tCs)
+Here's an **introductory video** explaining all about this new agent, including a quick demo of how to set things up using the Azure portal:  [ITOps Talk: Azure Monitor Agent](https://www.youtube.com/watch?v=f8bIrFU8tCs)
 
 ## Relationship to other agents
 Eventually, the Azure Monitor agent will replace the following legacy monitoring agents that are currently used by Azure Monitor to collect guest data from virtual machines ([view known gaps](../faq.yml)):
@@ -30,10 +30,7 @@ In addition to consolidating this functionality into a single agent, the Azure M
 - **Improved extension management:** The Azure Monitor agent uses a new method of handling extensibility that's more transparent and controllable than management packs and Linux plug-ins in the current Log Analytics agents.
 
 ### Current limitations
-When compared with the legacy agents, this new agent doesn't yet have full parity.
-- **Comparison with Log Analytics agents (MMA/OMS):**
-	- Not all Log Analytics solutions are supported yet. [View supported features and services](#supported-services-and-features).
-	- The support for collecting file based logs or IIS logs is in [private preview](https://aka.ms/amadcr-privatepreviews).
+ Not all Log Analytics solutions are supported yet. [View supported features and services](#supported-services-and-features).
 
 ### Changes in data collection
 The methods for defining data collection for the existing agents are distinctly different from each other. Each method has challenges that are addressed with the Azure Monitor agent.
@@ -84,6 +81,7 @@ The Azure Monitor agent sends data to Azure Monitor Metrics (preview) or a Log A
 | Performance        | Azure Monitor Metrics (preview)<sup>1</sup> - Insights.virtualmachine namespace<br>Log Analytics workspace - [Perf](/azure/azure-monitor/reference/tables/perf) table | Numerical values measuring performance of different aspects of operating system and workloads |
 | Windows event logs | Log Analytics workspace - [Event](/azure/azure-monitor/reference/tables/Event) table | Information sent to the Windows event logging system |
 | Syslog             | Log Analytics workspace - [Syslog](/azure/azure-monitor/reference/tables/syslog)<sup>2</sup> table | Information sent to the Linux event logging system |
+| Text logs | Log Analytics workspace - custom table | Events sent to log file on agent machine. |
 
 <sup>1</sup> [Click here](../essentials/metrics-custom-overview.md#quotas-and-limits) to review other limitations of using Azure Monitor Metrics. On Linux, using Azure Monitor Metrics as the only destination is supported in v1.10.9.0 or higher. 
 <sup>2</sup> Azure Monitor Linux Agent v1.15.2 or higher supports syslog RFC formats including **Cisco Meraki, Cisco ASA, Cisco FTD, Sophos XG, Juniper Networks, Corelight Zeek, CipherTrust, NXLog, McAfee and CEF (Common Event Format)**.
@@ -100,16 +98,16 @@ The following table shows the current support for the Azure Monitor agent with A
 
 | Azure Monitor feature | Current support | More information |
 |:---|:---|:---|
-| File based logs and Windows IIS logs | Private preview | [Sign-up link](https://aka.ms/amadcr-privatepreviews) |
+| Text logs and Windows IIS logs | Public preview | [Collect text logs with Azure Monitor agent (preview)](data-collection-text-log.md) |
 | Windows Client OS installer | Private preview | [Sign-up link](https://aka.ms/amadcr-privatepreviews) |
 | [VM insights](../vm/vminsights-overview.md) | Private preview  | [Sign-up link](https://aka.ms/amadcr-privatepreviews) |
 
 The following table shows the current support for the Azure Monitor agent with Azure solutions.
 
 | Solution | Current support | More information |
 |:---|:---|:---|
-| [Change Tracking](../../automation/change-tracking/overview.md) | Supported as File Integrity Monitoring in the Microsoft Defender for Cloud private preview.  | [Sign-up link](https://aka.ms/AMAgent) |
-| [Update Management](../../automation/update-management/overview.md) | Use Update Management v2 (private preview) that doesn't require an agent. | [Sign-up link](https://www.yammer.com/azureadvisors/threads/1064001355087872) |
+| [Change Tracking](../../automation/change-tracking/overview.md) | Supported as File Integrity Monitoring in the Microsoft Defender for Cloud Private Preview.  | [Sign-up link](https://aka.ms/AMAgent) |
+| [Update Management](../../automation/update-management/overview.md) | Use Update Management v2 (Private Preview) that doesn't require an agent. | [Sign-up link](https://www.yammer.com/azureadvisors/threads/1064001355087872) |
 
 ## Costs
 There's no cost for the Azure Monitor agent, but you might incur charges for the data ingested. For details on Log Analytics data collection and retention and for customer metrics, see [Azure Monitor pricing](https://azure.microsoft.com/pricing/details/monitor/).
@@ -119,7 +117,7 @@ There's no cost for the Azure Monitor agent, but you might incur charges for the
 The Azure Monitor agent doesn't require any keys but instead requires a [system-assigned managed identity](../../active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm.md#system-assigned-managed-identity). You must have a system-assigned managed identity enabled on each virtual machine before you deploy the agent.
 
 ## Networking
-The Azure Monitor agent supports Azure service tags (both AzureMonitor and AzureResourceManager tags are required). It supports connecting via **direct proxies, Log Analytics gateway, and private links** as described below.
+The Azure Monitor agent supports Azure service tags (both *AzureMonitor* and *AzureResourceManager* tags are required). It supports connecting via **direct proxies, Log Analytics gateway, and private links** as described below.
 
 ### Firewall requirements
 | Cloud |Endpoint |Purpose |Port |Direction |Bypass HTTPS inspection|
@@ -135,7 +133,7 @@ The Azure Monitor agent supports Azure service tags (both AzureMonitor and Azure
 | Azure China |`<log-analytics-workspace-id>`.ods.opinsights.azure.cn |Ingest logs data |Port 443 |Outbound|Yes |  
 
 
-If using private links on the agent, you must also add the [dce endpoints](../essentials/data-collection-endpoint-overview.md#components-of-a-data-collection-endpoint)
+If using private links on the agent, you must also add the [DCE endpoints](../essentials/data-collection-endpoint-overview.md#components-of-a-data-collection-endpoint)
 
 ### Proxy configuration
 If the machine connects through a proxy server to communicate over the internet, review requirements below to understand the network configuration required.
@@ -149,7 +147,7 @@ The Azure Monitor agent extensions for Windows and Linux can communicate either
 
     ![Flowchart to determine the values of settings and protectedSettings parameters when you enable the extension.](media/azure-monitor-agent-overview/proxy-flowchart.png)
 
-2. After the values for the *settings* and *protectedSettings* parameters are determined, **provide these additional parameters** when you deploy the Azure Monitor agent by using PowerShell commands. Refer the following examples.
+2. After the values for the *settings* and *protectedSettings* parameters are determined, **provide these additional parameters** when you deploy the Azure Monitor agent by using PowerShell commands. Refer to the following examples.
 
 # [Windows VM](#tab/PowerShellWindows)
 
@@ -188,11 +186,11 @@ New-AzConnectedMachineExtension -Name AzureMonitorLinuxAgent -ExtensionType Azur
 
 ### Log Analytics gateway configuration
 1. Follow the instructions above to configure proxy settings on the agent and provide the IP address and port number corresponding to the gateway server. If you have deployed multiple gateway servers behind a load balancer, the agent proxy configuration is the virtual IP address of the load balancer instead.  
-2. Add the **configuration endpoint URL** to fetch data collection rules to the allow list for the gateway  
+2. Add the **configuration endpoint URL** to fetch data collection rules to the allowlist for the gateway  
    `Add-OMSGatewayAllowedHost -Host global.handler.control.monitor.azure.com`  
    `Add-OMSGatewayAllowedHost -Host <gateway-server-region-name>.handler.control.monitor.azure.com`  
    (If using private links on the agent, you must also add the [dce endpoints](../essentials/data-collection-endpoint-overview.md#components-of-a-data-collection-endpoint))  
-3. Add the **data ingestion endpoint URL** to the allow list for the gateway  
+3. Add the **data ingestion endpoint URL** to the allowlist for the gateway  
    `Add-OMSGatewayAllowedHost -Host <log-analytics-workspace-id>.ods.opinsights.azure.com`  
 3. Restart the **OMS Gateway** service to apply the changes  
    `Stop-Service -Name <gateway-name>`  
 
@@ -1,30 +1,26 @@
 ---
 title: Configure data collection for the Azure Monitor agent
-description: Describes how to create a data collection rule to collect data from virtual machines using the Azure Monitor agent.
+description: Describes how to create a data collection rule to collect events and performance data from virtual machines using the Azure Monitor agent.
 ms.topic: conceptual
 ms.date: 03/16/2022
 
 ---
 
 # Configure data collection for the Azure Monitor agent
-
-Data Collection Rules (DCR) define data coming into Azure Monitor and specify where it should be sent. This article describes how to create a data collection rule to collect data from virtual machines using the Azure Monitor agent.
-
-For a complete description of data collection rules, see [Data collection rules in Azure Monitor](../essentials/data-collection-rule-overview.md).
+This article describes how to create a [data collection rule](../essentials/data-collection-rule-overview.md) to collect events and performance counters from virtual machines using the Azure Monitor agent. The data collection rule defines data coming into Azure Monitor and specify where it should be sent. 
 
 > [!NOTE]
 > This article describes how to configure data for virtual machines with the Azure Monitor agent only.
 
 ## Data collection rule associations
 
-To apply a DCR to a virtual machine, you create an association for the virtual machine. A virtual machine may have an association to multiple DCRs, and a DCR may have multiple virtual machines associated to it. This allows you to define a set of DCRs, each matching a particular requirement, and apply them to only the virtual machines where they apply. 
+To apply a DCR to a virtual machine, you create an association for the virtual machine. A virtual machine may have an association to multiple DCRs, and a DCR may have multiple virtual machines associated to it. This allows you to define a set of DCRs, each matching a particular requirement, and apply them to only the virtual machines where they apply.
 
 For example, consider an environment with a set of virtual machines running a line of business application and others running SQL Server. You might have one default data collection rule that applies to all virtual machines and separate data collection rules that collect data specifically for the line of business application and for SQL Server. The associations for the virtual machines to the data collection rules would look similar to the following diagram.
 
 ![Diagram shows virtual machines hosting line of business application and SQL Server associated with data collection rules named central-i t-default and lob-app for line of business application and central-i t-default and s q l for SQL Server.](media/data-collection-rule-azure-monitor-agent/associations.png)
 
 
-
 ## Create rule and association in Azure portal
 
 You can use the Azure portal to create a data collection rule and associate virtual machines in your subscription to that rule. The Azure Monitor agent will be automatically installed and a managed identity created for any virtual machines that don't already have it installed.
@@ -77,7 +73,7 @@ Since you're charged for any data collected in a Log Analytics workspace, you sh
 To specify additional filters, you must use Custom configuration and specify an XPath that filters out the events you don't. XPath entries are written in the form `LogName!XPathQuery`. For example, you may want to return only events from the Application event log with an event ID of 1035. The XPathQuery for these events would be `*[System[EventID=1035]]`. Since you want to retrieve the events from the Application event log, the XPath would be `Application!*[System[EventID=1035]]`
 
 ### Extracting XPath queries from Windows Event Viewer
-One of the ways to create XPath quries is to use Windows Event Viewer to extract XPath queries as shown below.  
+One of the ways to create XPath queries is to use Windows Event Viewer to extract XPath queries as shown below.  
 *In step 5 when pasting over the 'Select Path' parameter value, you must append the log type category followed by '!' and then paste the copied value.
 
 [![Extract XPath](media/data-collection-rule-azure-monitor-agent/data-collection-rule-extract-xpath.png)](media/data-collection-rule-azure-monitor-agent/data-collection-rule-extract-xpath.png#lightbox)
@@ -164,5 +160,6 @@ This is enabled as part of Azure CLI **monitor-control-service** Extension. [Vie
 
 ## Next steps
 
+- [Collect text logs using Azure Monitor agent.](data-collection-text-log.md)
 - Learn more about the [Azure Monitor Agent](azure-monitor-agent-overview.md).
 - Learn more about [data collection rules](../essentials/data-collection-rule-overview.md).