Merge branch 'main' into CSOAR-3249

Author: mahendrak-sumo

blog-collector/2024/2025-02-18.md renamed to blog-collector/2025-02-18.md

@@ -0,0 +1,17 @@
+---
+title: Version 19.525-42
+hide_table_of_contents: true
+image: https://help.sumologic.com/img/sumo-square.png
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+In this release, we've enhanced the security and stability of the Collector with added support for security patches and a bug fix.
+
+## Security Fix
+
+- Upgraded `com.google.crypto.tink` to version 1.16.0 to address protobuf-java DOS vulnerability (CVE-2024-7254).
+
+## Bug Fix
+
+- Fixed the improper filtering of `AD` objects when `Exclude Distinguished Name Suffixes` filter is configured.

blog-collector/2025-05-14.md

@@ -0,0 +1,12 @@
+---
+title: Bitwarden (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - bitwarden
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're excited to introduce the new Bitwarden app for Sumo Logic. This app enables threat detection and identification of high-risk events such as vault exports or SSO deactivation, supporting continuous monitoring and accelerating incident response for credential and secret management workflows. [Learn more](/docs/integrations/saas-cloud/bitwarden).

blog-service/2025-05-13-apps.md

@@ -1637,6 +1637,7 @@
   "/cid/6025": "/docs/integrations/saas-cloud/cisco-vulnerability-management",
   "/cid/6026": "/docs/integrations/saas-cloud/sumo-collection",
   "/cid/6027": "/docs/integrations/saas-cloud/sysdig-secure",
+  "/cid/6028": "/docs/integrations/saas-cloud/bitwarden",
   "/cid/10112": "/docs/integrations/app-development/jfrog-xray",
   "/cid/10113": "/docs/observability/root-cause-explorer",
   "/cid/10116": "/docs/manage/fields",
@@ -4294,8 +4295,8 @@
   "/docs/cse/automation-service/automation-service-bridge": "/docs/platform-services/automation-service/automation-service-bridge",
   "/docs/cloud-soar/cloud-soar-bridge": "/docs/platform-services/automation-service/automation-service-bridge",
   "/docs/cloud-soar/audit-event-index": "/docs/platform-services/automation-service/automation-service-audit-logging/",
-  "/docs/cse/automation-service/automation-service-integration-framework": "/docs/platform-services/automation-service/automation-service-integration-framework",
-  "/docs/cloud-soar/cloud-soar-integration-framework": "/docs/platform-services/automation-service/automation-service-integration-framework",
+  "/docs/cse/automation-service/automation-service-integration-framework": "/docs/platform-services/automation-service/integration-framework",
+  "/docs/cloud-soar/cloud-soar-integration-framework": "/docs/platform-services/automation-service/integration-framework",
   "/docs/send-data/collect-from-other-data-sources/kubernetes": "/docs/send-data/kubernetes",
   "/docs/send-data/kubernetes/v4": "/docs/send-data/kubernetes",
   "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/collect-logs-azure-blob-storage": "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/block-blob/collect-logs",

cid-redirects.json

@@ -20,7 +20,7 @@ Because Cloud SOAR provides automation functionality to the [Automation Service]
 * [Playbooks](/docs/platform-services/automation-service/automation-service-playbooks/)
 * [Integrations](/docs/platform-services/automation-service/automation-service-integrations/)
 * [Automation bridge](/docs/platform-services/automation-service/automation-service-bridge)
-* [Integration framework](/docs/platform-services/automation-service/automation-service-integration-framework/)
+* [Integration framework](/docs/platform-services/automation-service/integration-framework/)
 * [Audit logging](/docs/platform-services/automation-service/automation-service-audit-logging)
 
 The following sections describe automation features only used in Cloud SOAR.

docs/cloud-soar/automation.md

@@ -21,7 +21,7 @@ The Automation Service doesn't include any of Cloud SOAR’s case management or
 
 ### Daemon and trigger action types
 
-The Automation Service does not support [daemon](/docs/platform-services/automation-service/automation-service-integration-framework/#daemon-action-definitions) and [trigger](/docs/platform-services/automation-service/automation-service-integration-framework/#trigger-action-definitions) action types. The Automation Service can only use triggers built into Cloud SIEM and the Log Analytics platform. So you can’t configure a playbook in the Automation Service to monitor an external process or file and fire a trigger in response like you can with Cloud SOAR. A trigger can only fire in the Automation Service for limited events, such as when an Insight is created in Cloud SIEM.
+The Automation Service does not support [daemon](/docs/platform-services/automation-service/integration-framework/about-integration-framework/#daemon-action-definitions) and [trigger](/docs/platform-services/automation-service/integration-framework/about-integration-framework/#trigger-action-definitions) action types. The Automation Service can only use triggers built into Cloud SIEM and the Log Analytics platform. So you can’t configure a playbook in the Automation Service to monitor an external process or file and fire a trigger in response like you can with Cloud SOAR. A trigger can only fire in the Automation Service for limited events, such as when an Insight is created in Cloud SIEM.
 
 ### Additional features
 

docs/cloud-soar/compared-to-automation-service.md

@@ -409,7 +409,7 @@ Within Automation, you’ll see subsections for:
 * [App Central](/docs/platform-services/automation-service/app-central/). A large out-of-the-box library of playbooks, integrations, and use cases for different threats to get you started with orchestrating and automating your SOC.
 * [Playbooks](/docs/platform-services/automation-service/automation-service-playbooks/). Allows you to create new playbooks and edit, delete, and manage existing ones.
 * [Template](/docs/cloud-soar/automation/#incident-templates). Allows you to create new incident templates and edit, delete, and manage existing ones.
-* [Integrations](/docs/platform-services/automation-service/automation-service-integration-framework/). Lets you connect third party tools through APIs.
+* [Integrations](/docs/platform-services/automation-service/automation-service-integrations/). Lets you connect third party tools through APIs.
 * [Rules](/docs/cloud-soar/automation/#automation-rules). Lets you create new automation rules.
 * [Bridge](/docs/platform-services/automation-service/automation-service-bridge/). Contains configuration details on any installed bridges.
 

docs/cloud-soar/introduction.md

@@ -62,7 +62,7 @@ Gain complete insight into incident response performance with customizable dashb
 
 ### Open Integration Framework (OIF)
 
-Choose from hundreds of out-of-the-box actions and playbooks or ask the Sumo Logic team to develop the connectors you need. Anyone can access the API code to quickly integrate tools without any coding experience required. For more information, see [Integrations](/docs/platform-services/automation-service/automation-service-integrations/) and [Integration Framework](/docs/platform-services/automation-service/automation-service-integration-framework/).
+Choose from hundreds of out-of-the-box actions and playbooks or ask the Sumo Logic team to develop the connectors you need. Anyone can access the API code to quickly integrate tools without any coding experience required. For more information, see [Integrations](/docs/platform-services/automation-service/automation-service-integrations/) and [Integration Framework](/docs/platform-services/automation-service/integration-framework/).
 
 <img src={useBaseUrl('img/cloud-soar/overview-openI-itegration.png')} alt="Integrations" style={{border: '1px solid gray'}} width="800" />
 

docs/cloud-soar/overview.md

@@ -153,7 +153,7 @@ The following example shows how to configure a notification that sends an email
 
 ## Advanced example: Configure a custom integration
 
-The following example shows how to create a custom integration with an action that runs a script you provide. The custom integration and action are defined by YAML files. To learn how to build your own YAML files, see [Integration framework file formats](/docs/platform-services/automation-service/automation-service-integration-framework/#integration-framework-file-formats).
+The following example shows how to create a custom integration with an action that runs a script you provide. The custom integration and action are defined by YAML files. To learn how to build your own YAML files, see [Integration framework file formats](/docs/platform-services/automation-service/integration-framework/about-integration-framework/#integration-framework-file-formats).
 
 The action uses [IP Quality Score](https://www.ipqualityscore.com/) to gather IP reputation information for enrichment. (This example shows how to add enrichment to an insight. To use the same action to add enrichment to entities, see [Add entity enrichment](#add-entity-enrichment) below.)