Merge branch 'main' into docs-836-left-nav-reorg

Author: jpipkin1

blog-service/2024/12-31.md

@@ -564,7 +564,7 @@ We're excited to announce the release of the updated version of Azure Functions
 
 We're happy to announce a change to the behaviour of the `count` operator to return `Long` values. Previously, the `count` operator returned `Int` data type which could lead to a negative value if the maximum integer value was exceeded. With this change, we are changing the data type of the count operator result from `Int` to `Long` data type.
 
-This change will apply to all new queries. Any existing queries as part of various content types - Log Search, Scheduled Search, [Lookup Table](/docs/search/lookup-tables/manage-update-lookup-tables/#upgrade-the-lookup-table-to-avoid-negative-count-results), [Scheduled Views](/docs/manage/scheduled-views/scheduled-views-best-practices/#upgrade-your-scheduled-views-to-avoid-negative-count-results), and Saved Search will also seamlessly transition to show `Long` values in case of `Int` overflow.
+This change will apply to all new queries. Any existing queries as part of various content types - Log Search, Scheduled Search, [Lookup Table](/docs/search/lookup-tables/manage-update-lookup-tables/#upgrade-the-lookup-table-to-avoid-negative-count-results), [Scheduled Views](/docs/manage/scheduled-views/scheduled-views-best-practices/#how-to-avoid-negative-count-results), and Saved Search will also seamlessly transition to show `Long` values in case of `Int` overflow.
 
 ### August 27, 2024 (Collection)
 

docs/integrations/google/cloud-security-command-center.md

@@ -468,8 +468,8 @@ This section describes the Sumo Logic pipeline for collecting the data from Goog
 Follow the steps below to integrate the Google Cloud Security Command Center (SCC) app:
 
 1. Enable the [Security Command Center (SCC)](https://cloud.google.com/security-command-center/docs/activate-scc-overview) at the GCP console.
-1. In Sumo Logic, [configure the Google Cloud Platform source](https://help.sumologic.com/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-agoogle-cloud-platform-source).
-1. In the GCP console, configure a Pub/Sub Topic for [GCP](https://help.sumologic.com/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-a-pubsub-topicfor-gcp). This topic will be used to send SCC findings from GCP to Sumo Logic.
+1. In Sumo Logic, [configure the Google Cloud Platform source](/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-agoogle-cloud-platform-source).
+1. In the GCP console, configure a Pub/Sub Topic for [GCP](/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/#configure-a-pubsub-topicfor-gcp). This topic will be used to send SCC findings from GCP to Sumo Logic.
 1. In the SCC blade of the GCP console, click **Continuous Exports**. <br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/Google+Cloud+-+Security+Command+Center/step4.png')} alt="Google Cloud Storage dashboards" width="500" />
 1. In the GCP console, export the findings from SCC to the [Pub/Sub Topic](https://cloud.google.com/security-command-center/docs/how-to-export-data?_gl=1*1dt4zsw*_ga*ODU1MTc4OTQ1LjE3Mzg3ODM5NzI.*_ga_WH2QY8WWF5*czE3NDY2Mzc3MzQkbzMkZzEkdDE3NDY2MzgxNDUkajYwJGwwJGgw#configure-pubsub-exports) created above.
 

docs/integrations/sumo-apps/opentelemetry-collector-insights.md

@@ -29,11 +29,8 @@ Following are the [fields](/docs/manage/fields/) which will be created as part o
 
 ### For OTLP endpoint configuration
 
-Before configuring the OTEL Collector integration, ensure you have the following prerequisites in place:
 
-1. **Sumo Logic OTLP Source**: You need to create an OTLP source in your Sumo Logic hosted collector. The OTLP source will provide the endpoint URL that the OTEL Collector will use to send telemetry data.
-
-  **Documentation**: [Creating a Sumo Logic OTLP Source](https://help.sumologic.com/docs/send-data/hosted-collectors/http-source/otlp/)
+Before configuring the OTEL Collector integration, you need to create an OTLP source in your Sumo Logic hosted collector. The OTLP source will provide the endpoint URL that the OTEL Collector will use to send telemetry data. Learn more at [Creating a Sumo Logic OTLP Source](/docs/send-data/hosted-collectors/http-source/otlp/).
 
 ### For metrics collection
 
@@ -77,7 +74,7 @@ In this step, you will configure the OpenTelemetry Collector's built-in telemetr
 
 Below are the inputs required:
 
-- **OTLP Endpoint**: Your Sumo Logic OTLP endpoint URL.
+- **OTLP Endpoint**. Your Sumo Logic OTLP endpoint URL.
 
 
 ```yaml
@@ -107,13 +104,13 @@ service:
       deployment.environment: ${DEPLOYMENT_ENVIRONMENT}
 ```
 
-You can add any custom fields which you want to tag along with the data ingested in Sumo.
+You can add any custom fields which you want to tag along with the data ingested in Sumo Logic.
 
 import EnvVar from '../../reuse/apps/opentelemetry/env-var-required.md';
 
 <EnvVar/>
 
-<img src='https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/OpenTelemetry-Collector-Insights/opentelemetry-collector-insights-configure-form.png' style={{border:'1px solid gray'}} alt="YAML" />
+<img src='https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/OpenTelemetry-Collector-Insights/opentelemetry-collector-insights-configure-form.png' style={{border:'1px solid gray'}} alt="YAML" width="700"/>
 
 ### Step 3: Send logs and metrics to Sumo Logic
 
@@ -137,31 +134,31 @@ import LogsIntro from '../../reuse/apps/opentelemetry/send-logs-intro.md';
 
 1. Add the telemetry configuration to your existing collector configuration file in `/etc/otelcol-sumo/conf.d/` or directly in the main configuration file.
 2. Place Env file in the following directory:
-  ```sh
-  /etc/otelcol-sumo/env/
-  ```
+   ```sh
+   /etc/otelcol-sumo/env/
+   ```
 3. Restart the collector using:
-  ```sh
-  sudo systemctl restart otelcol-sumo
-  ```
+   ```sh
+   sudo systemctl restart otelcol-sumo
+   ```
 
 </TabItem>
 <TabItem value="Windows">
 
 1. Add the telemetry configuration to your existing collector configuration file in `C:\ProgramData\Sumo Logic\OpenTelemetry Collector\config\conf.d` or the main configuration file.
 2. Restart the collector using:
-  ```sh
-  Restart-Service -Name OtelcolSumo
-  ```
+   ```sh
+   Restart-Service -Name OtelcolSumo
+   ```
 
 </TabItem>
 <TabItem value="macOS">
 
 1. Add the telemetry configuration to your existing collector configuration file in `/etc/otelcol-sumo/conf.d/` or the main configuration file.
 2. Restart the otelcol-sumo process using:
-  ```sh
-  otelcol-sumo --config /etc/otelcol-sumo/sumologic.yaml --config "glob:/etc/otelcol-sumo/conf.d/*.yaml"
-  ```
+   ```sh
+   otelcol-sumo --config /etc/otelcol-sumo/sumologic.yaml --config "glob:/etc/otelcol-sumo/conf.d/*.yaml"
+   ```
 
 </TabItem>
 <TabItem value="Chef">
@@ -419,4 +416,4 @@ import CreateMonitors from '../../reuse/apps/create-monitors.md';
 | `OpenTelemetry Collector Insights - Collector Instance is Down` | This alert fires when a Collector instance stops sending telemetry for more than 10 minutes, indicating it is down or has a connectivity issue. | Missing Data | Data Found |
 | `OpenTelemetry Collector Insights - Exporter Queue Nearing Capacity` | This alert fires when an exporter's sending queue is over 90% full. This is a strong leading indicator of back pressure and imminent data loss. | Count > = 90 | Count < 90 |
 | `OpenTelemetry Collector Insights - High Memory Usage (RSS)` | This alert fires when a Collector's memory usage (RSS) exceeds 2GB. This could be an early indicator of a memory leak or an under-provisioned host. | Count > 2000000000 | Count < = 2000000000 |
-| `OpenTelemetry Collector Insights  - High Metadata Cardinality` | This alert fires when the batch processor is handling more than 1000 unique combinations of metadata. This is a known cause of performance degradation, high CPU, and high memory usage. | Count > 1000 | Count < = 1000 |
+| `OpenTelemetry Collector Insights  - High Metadata Cardinality` | This alert fires when the batch processor is handling more than 1000 unique combinations of metadata. This is a known cause of performance degradation, high CPU, and high memory usage. | Count > 1000 | Count < = 1000 |

docs/manage/scheduled-views/scheduled-views-best-practices.md

@@ -222,6 +222,8 @@ _view=nice_view_man | timeslice 1d | sum(_count) by _timeslice, status_code
 
 ## FAQ
 
-### Upgrade your scheduled views to avoid negative count results
+### How to avoid negative count results
 
-The existing scheduled views will use the `Int` data type for the `count` operator, giving a negative count value after crossing the maximum integer value of `2147483647`. To resolve this, create a new scheduled view with the same starting date as the old scheduled view. These new scheduled views will utilize the `Long` data type for the `count` operator and will not provide negative values.
+Validate if you are using the scheduled views created before August 28, 2024. The scheduled views created before this date will use the `Int` data type for the `count` operator, inturn resulting in a negative count value after exceeding the maximum integer value of `2147483647`. 
+
+To resolve this, create a new scheduled view with the same starting date as the old scheduled view. These new scheduled views will utilize the `Long` data type for the `count` operator and will not provide negative values.