Merge branch 'main' into mobile-view-optimization

Author: kimsauce

.github/workflows/build_and_deploy.yml

@@ -0,0 +1,41 @@
+---
+title: November 7, 2025 - Application Update
+hide_table_of_contents: true
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+keywords:
+  - automation service
+  - cloud soar
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+## October release
+
+Following are the updates made in October.
+
+### Changes and enhancements
+
+#### Playbooks
+
+* Updated dropdown placeholders to clarify that users can input custom values.
+* Introduced the ability to assign titles to User Choice nodes for easier identification.
+
+#### Integrations
+
+* Added new integrations: 
+   * [Google Cloud IAM](/docs/platform-services/automation-service/app-central/integrations/google-cloud-iam/)
+   * [Google Firestore](/docs/platform-services/automation-service/app-central/integrations/google-firestore/)
+   * [Microsoft SharePoint (Graph)](/docs/platform-services/automation-service/app-central/integrations/microsoft-sharepoint-graph/)
+   * [ThreatConnect V3](/docs/platform-services/automation-service/app-central/integrations/threatconnect-v3/)
+* Added IAM support for [Google Chat](/docs/platform-services/automation-service/app-central/integrations/google-chat/)  
+
+### Bug Fixes
+
+#### Playbooks
+
+Enhanced security with fixes to prevent potential exploits in Text Area fields and across multiple pages.
+
+#### Integrations
+
+* Implemented polling mechanism (`poll_analysis`) in Scan URL action to wait until VirusTotal scan status becomes completed in the [VirusTotal V3](/docs/platform-services/automation-service/app-central/integrations/virustotal-v3/) integration.
+* Fixed issue in the Download Mail As EML action in [Microsoft EWS (Graph)](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews-graph/).

.github/workflows/delete-review.yml

@@ -4,6 +4,8 @@ title: Alert Response FAQ
 description: Our commonly asked questions about alert response are documented for your reference.
 ---
 
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
 ## Is alert response available in all Sumo Logic packages? 
 
 Overall, yes. Alert response is available in all the Sumo Logic packages. However, there are specific features within alert response that only work on specific packages. See the table below for details. 
@@ -41,7 +43,7 @@ For example, in Slack, you can add the following section to the **Alert Payload*
 },
 ```
 
-![alertResponseURLExample.png](/img/alerts/monitors/alertResponseURLExample.png)
+<img src={useBaseUrl('img/alerts/monitors/alertResponseURLExample.png')} alt="Alert response URL example" style={{border: '1px solid gray'}} width="800" />
 
 Learn more about [Alert Variables](/docs/alerts/monitors/alert-variables).
 

.github/workflows/production.yml

@@ -37,7 +37,7 @@ Learn how to use alert response.
 
 ## Setting up alert response
 
-Email alerts automatically get a button labeled **View Alert** that opens the alert on the alert page, shown in the below image.<br/> ![view alert from email.png](/img/alerts/monitors/view-alert-from-email.png)
+Email alerts automatically get a button labeled **View Alert** that opens the alert on the alert page, shown in the below image.<br/><img src={useBaseUrl('img/alerts/monitors/view-alert-from-email.png')} alt="View alert from email" style={{border: '1px solid gray'}} width="800" />
 
 If you use [Webhook connections](/docs/alerts/webhook-connections) offered by Sumo Logic for receiving notifications, you'll need to provide the [`alertResponseUrl` variable](/docs/alerts/monitors/alert-variables) in your notification payload of a monitor to receive a link that opens alert response. When your monitor is triggered, it will generate a URL and provide it in the alert notification payload, which you can use to open the alert response.
 
@@ -72,7 +72,7 @@ To get to your Alert List:
 * From the [**New UI**](/docs/get-started/sumo-logic-ui/), select **Alerts**.
 * From the [**Classic UI**](/docs/get-started/sumo-logic-ui-classic), click the bell icon in the top menu.
 
-To search alerts, use the search bar and filters.<br/>![search alert list.png](/img/alerts/monitors/search-alert-list.png)
+To search alerts, use the search bar and filters.<br/><img src={useBaseUrl('img/alerts/monitors/search-alert-list.png')} alt="Search alert list" style={{border: '1px solid gray'}} width="800" />
 
 To sort by category (for example, **Name**, **Severity**, **Status**), click on a column header.
 
@@ -115,7 +115,7 @@ To view detailed information about an alert, go to your [Alert List](#alert-list
 * A history of previous occurrences of the alert.
 * Key details such as the trigger time and the condition that caused the alert.
 
-The following images and lists describe alert element on the page.<br/>![top of the alert response page.png](/img/alerts/monitors/top-alert-response-page.png)
+The following images and lists describe alert element on the page.<br/><img src={useBaseUrl('img/alerts/monitors/top-alert-response-page.png')} alt="Top of the alert response page" style={{border: '1px solid gray'}} width="800" />
 
 * **A**. Monitor name.
 * **B**. Copies the link to the opened alert page.
@@ -130,11 +130,11 @@ The following images and lists describe alert element on the page.<br/>![top of
    :::note
    Sumo Logic automatically resolves alerts when the monitor's recovery condition is met. This behavior cannot be modified or disabled. While you could configure a recovery condition that prevents Sumo Logic from resolving a monitor, this is not recommended, as it may suppress unrelated alerts from being triggered.
    :::
-   ![alert page sep 23.png](/img/alerts/monitors/alert-page.png)
+   <img src={useBaseUrl('img/alerts/monitors/alert-page.png')} alt="Resolves the alert" style={{border: '1px solid gray'}} width="800" />
 * **K**. The red exclamation mark indicates the alert is still active and a white exclamation in the gray circle indicates it's resolved. <br/> <img src={useBaseUrl('img/alerts/monitors/k-label.png')} alt="labels" width="300"/>
   * **Related Alerts**. A panel with related alerts and the monitor History. It shows other alerts in the system that were triggered around the same time as this alert. This information is helpful to know what issues are happening in the system and whether the current problem is an isolated issue or a more systemic one. There are two types of relations that a related alert can have.<br/> <img src={useBaseUrl('img/alerts/monitors/related-alerts.png')} alt="related alerts" width="200"/>
     * **Time**. Shows all the alerts that were triggered 30 minutes before or after the given alert that doesn't have another association.
-    * **Entity**. Shows all the alerts that were triggered one hour before and after the given alert that happened on the same entity (node, pod, cluster, etc.). You can click the expand arrow ![expand arrow.png](/img/alerts/monitors/expand-arrow.png) to view the alert's trigger condition and the white arrow in the square ![open in new tab icon.png](/img/alerts/monitors/open-new-tab.png) to open the alert in its own alert page.
+    * **Entity**. Shows all the alerts that were triggered one hour before and after the given alert that happened on the same entity (node, pod, cluster, etc.). You can click the expand arrow <img src={useBaseUrl('img/alerts/monitors/expand-arrow.png')} alt="Expand arrow" width="30" /> to view the alert's trigger condition and the white arrow in the square <img src={useBaseUrl('img/alerts/monitors/open-new-tab.png')} alt="Open in new tab icon" width="30" /> to open the alert in its own alert page.
   * **Monitor History**. Shows the past 30 days of similar alerts that were triggered by the monitor (that generated the current alert). Monitor History can be helpful to determine how frequently an alert has fired in the past and if the alert is flaky. You can then quickly correlate whether the current problem is similar to a past one by comparing the information shared for the alert.
 * **L**. The query of the monitor.<br/><img src={useBaseUrl('img/alerts/monitors/l-m-n-labels.png')} alt="labels" width="800"/>
 * **M**. A chart that visualizes the trend of the metric that was tracked as part of the alert condition of the monitor. The visualization tracks the *before* and *during* trends of the metric.
@@ -191,7 +191,7 @@ The **Log Fluctuations** context card, available for logs monitors, detects diff
 
 This card detects time series anomalies for entities related to the alert.
 
-Anomalies are grouped into [golden signals](https://sre.google/sre-book/monitoring-distributed-systems/). Anomalies are also presented on a timeline; the length of the anomaly represents its duration. <br/> ![anomalies .png](/img/alerts/monitors/anomalies.png)
+Anomalies are grouped into [golden signals](https://sre.google/sre-book/monitoring-distributed-systems/). Anomalies are also presented on a timeline; the length of the anomaly represents its duration. <br/><img src={useBaseUrl('img/alerts/monitors/anomalies.png')} alt="Anomalies" style={{border: '1px solid gray'}} width="800" />
 
 * **A**. Name and description of the context card.
 * **B**. Count of anomalies belonging to each golden signal type.
@@ -202,15 +202,15 @@ Anomalies are grouped into [golden signals](https://sre.google/sre-book/monitor
 Only anomalies with a start time around 30 minutes before or after the alert was created show up in the card.
 :::
 
-Hover over an EOI to view key information about the event.<br/> ![eoi-stats.png](/img/alerts/monitors/eoi-stats.png)
+Hover over an EOI to view key information about the event.<br/><img src={useBaseUrl('img/alerts/monitors/eoi-stats.png')} alt="EOI stats" style={{border: '1px solid gray'}} width="300" />
 
-Click on the EOI to open the **Summary View** and **Entity Inspector**.<br/> ![entity inspector.png](/img/alerts/monitors/entity-inspector.png)
+Click on the EOI to open the **Summary View** and **Entity Inspector**.<br/><img src={useBaseUrl('img/alerts/monitors/entity-inspector.png')} alt="Entity inspector" style={{border: '1px solid gray'}} width="400" />
 
 ### Benchmark
 
 Benchmarks refer to baselines computed from anonymized and aggregated telemetry data from Sumo Logic customers in domains such as AWS. If the telemetry values for your entity during an alert period are unusual compared to benchmarks, you may have an unusual configuration change or other backend issues. 
 
-For example, the card below shows that `ServiceUnavailable` error is happening 32 times more often in your AWS account compared with other Sumo Logic customer’s accounts. This AWS error pertains to AWS API calls that are failing at a higher rate than what is expected based on cross-customer baselines. This particular error implies an AWS incident affecting the particular AWS resource type and API. <br/> ![benchmark card.png](/img/alerts/monitors/benchmark.png)
+For example, the card below shows that `ServiceUnavailable` error is happening 32 times more often in your AWS account compared with other Sumo Logic customer’s accounts. This AWS error pertains to AWS API calls that are failing at a higher rate than what is expected based on cross-customer baselines. This particular error implies an AWS incident affecting the particular AWS resource type and API. <br/><img src={useBaseUrl('img/alerts/monitors/benchmark.png')} alt="Benchmark card" style={{border: '1px solid gray'}} width="800" />
 
 * **A**. Name and description of the context card.
 * **B**. Count of unusual Benchmarks by golden signal type.

blog-csoar/2025-11-07-application-update.md

@@ -318,7 +318,7 @@ For example, when an alert is set to `greater than 10`, the recovery would be
 | `<threshold type>` | How you want the value compared. Select greater than, greater than or equal, less than or equal, or less than. |
 | `<threshold>` | The value against which the resolution will be evaluated. You can specify any valid numeric value. |
 
-The Alert and recovery setting affects both the alert generation logic and the alert recovery logic. `Alert and recovery require a minimum of <count> data points for "at all times" evaluation windows`. This setting only works when you choose `at all times within` as the type of occurrence for the alert. <br/>![metrics alert datapoints.png](/img/alerts/monitors/minimum-datapoints.png)
+The Alert and recovery setting affects both the alert generation logic and the alert recovery logic. `Alert and recovery require a minimum of <count> data points for "at all times" evaluation windows`. This setting only works when you choose `at all times within` as the type of occurrence for the alert. <br/><img src={useBaseUrl('img/alerts/monitors/minimum-datapoints.png')} alt="Metrics alert datapoints" style={{border: '1px solid gray'}} width="800" />
 
 | Parameter | Description |
 |:--|:--|

docs/alerts/monitors/alert-response-faq.md

@@ -4,6 +4,7 @@ title: Monitors FAQ
 description: Frequently asked questions about Sumo Logic monitors.
 ---
 
+import useBaseUrl from '@docusaurus/useBaseUrl';
 import AlertsTimeslice from '../../reuse/alerts-timeslice.md';
 
 ## How can I optimize scan costs for monitors when using Flex Pricing?
@@ -85,9 +86,9 @@ The [Test Connection feature for webhooks](/docs/alerts/webhook-connections/se
 
 ## One of our monitors suddenly stopped sending notifications, even though I see it on the monitors page
 
-One reason could be that the user who created the monitor was deleted. You can check the **Created By** value on the monitors page. If it has `<User Unknown>`, you will need to re-create the monitor.  <br/>![user unknown monitors.png](/img/alerts/monitors/user-unknown-monitors.png)
+One reason could be that the user who created the monitor was deleted. You can check the **Created By** value on the monitors page. If it has `<User Unknown>`, you will need to re-create the monitor.  <br/><img src={useBaseUrl('img/alerts/monitors/user-unknown-monitors.png')} alt="User unknown monitors" style={{border: '1px solid gray'}} width="200" />
 
-You can quickly **Duplicate** the monitor by hovering over it on the monitors page and clicking the three-dot kebab icon:<br/>![more actions menu for monitors.png](/img/alerts/monitors/more-actions-menu-for-monitors.png)  
+You can quickly **Duplicate** the monitor by hovering over it on the monitors page and clicking the three-dot kebab icon:<br/><img src={useBaseUrl('img/alerts/monitors/more-actions-menu-for-monitors.png')} alt="More actions menu for monitors" style={{border: '1px solid gray'}} width="300" />
 
 then selecting **Duplicate**. If your monitor still doesn't work, we recommend contacting [Sumo Logic support](https://support.sumologic.com/).