Merge branch 'lb-cloudtrail' of https://github.com/SumoLogic/sumologic-documentation into lb-cloudtrail

Author: JV0812

.github/CODEOWNERS

@@ -1,14 +1,14 @@
 # Default owners for everything in the repo.
-* @kimsauce @jpipkin1 @JV0812 @mafsumo
+* @kimsauce @jpipkin1 @JV0812 @mafsumo @amee-sumo
 
 # Owners of all files in the `/docs` directory and its subdirectories.
-/docs/   @kimsauce @jpipkin1 @JV0812 @mafsumo
+/docs/   @kimsauce @jpipkin1 @JV0812 @mafsumo @amee-sumo
 
 # Owners of all files in the `/docs/send-data/kubernetes` directory.
-/docs/send-data/kubernetes/  @SumoLogic/open-source-collection-team @kimsauce @jpipkin1 @JV0812 @mafsumo
+/docs/send-data/kubernetes/  @SumoLogic/open-source-collection-team @kimsauce @jpipkin1 @JV0812 @mafsumo @amee-sumo
 
 # Owners of all files in the `/docs/send-data/opentelemetry-collector` directory and its subdirectories.
-/docs/send-data/opentelemetry-collector/  @SumoLogic/open-source-collection-team @kimsauce @jpipkin1 @mafsumo @JV0812
+/docs/send-data/opentelemetry-collector/  @SumoLogic/open-source-collection-team @kimsauce @jpipkin1 @mafsumo @JV0812 @amee-sumo
 
 # GitHub workflow owners
 /.github/workflows/ @SumoLogic/open-source-collection-team @kimsauce

blog-csoar/2024-11-20-content.md

@@ -0,0 +1,46 @@
+---
+title: November 20, 2024 - Content Release
+hide_table_of_contents: true
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - automation service
+  - cloud soar
+  - soar
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-csoar/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+This release introduces new integrations, new playbooks, and several updates.
+
+### Integrations
+
+* [New] [Google Chat](/docs/platform-services/automation-service/app-central/integrations/google-chat)
+* [New] [Malwarebytes Oneview](/docs/platform-services/automation-service/app-central/integrations/malwarebytes-oneview)
+* [New] [Silent Push](/docs/platform-services/automation-service/app-central/integrations/silent-push)
+* [New] [Sumo Logic Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools)
+* [New] [VirusTotal V3](/docs/platform-services/automation-service/app-central/integrations/virustotal-v3)
+* [Updated] [APIVoid](/docs/platform-services/automation-service/app-central/integrations/apivoid)
+* [Updated] [Atlassian Jira V2](/docs/platform-services/automation-service/app-central/integrations/atlassian-jira-v2)
+* [Updated] [Atlassian Opsgenie](/docs/platform-services/automation-service/app-central/integrations/atlassian-opsgenie)
+* [Updated] [AWS EC2](/docs/platform-services/automation-service/app-central/integrations/aws-ec2)
+* [Updated] [AWS EKS](/docs/platform-services/automation-service/app-central/integrations/aws-eks)
+* [Updated] [Azure AD](/docs/platform-services/automation-service/app-central/integrations/azure-ad)
+* [Updated] [Cloudflare](/docs/platform-services/automation-service/app-central/integrations/cloudflare)
+* [Updated] [ConnectWise Manage](/docs/platform-services/automation-service/app-central/integrations/connectwise-manage)
+* [Updated] [Cortex XDR](/docs/platform-services/automation-service/app-central/integrations/cortex-xdr)
+* [Updated] [CrowdStrike Falcon](/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon)
+* [Updated] [Freshservice](/docs/platform-services/automation-service/app-central/integrations/freshservice)
+* [Updated] [Gmail](/docs/platform-services/automation-service/app-central/integrations/gmail)
+* [Updated] [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools)
+* [Updated] [IBM X-Force Exchange](/docs/platform-services/automation-service/app-central/integrations/ibm-x-force-exchange)
+* [Updated] [Microsoft EWS](/docs/platform-services/automation-service/app-central/integrations/microsoft-ews)
+* [Updated] [Microsoft OneDrive](/docs/platform-services/automation-service/app-central/integrations/microsoft-onedrive)
+* [Updated] [Microsoft Sentinel](/docs/platform-services/automation-service/app-central/integrations/microsoft-sentinel)
+* [Updated] [Netskope V2](/docs/platform-services/automation-service/app-central/integrations/netskope-v2)
+* [Updated] [Slack](/docs/platform-services/automation-service/app-central/integrations/slack)
+* [Updated] [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem)
+* [Updated] [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail)
+* [Updated] [URLScan.io](/docs/platform-services/automation-service/app-central/integrations/urlscan.io)
+* [Updated] [VirusTotal](/docs/platform-services/automation-service/app-central/integrations/virustotal)

cid-redirects.json

@@ -2636,6 +2636,7 @@
   "/cid/16323": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source",
   "/cid/13428": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/kandji-source",
   "/cid/17343": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source",
+  "/cid/17344": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source",
   "/cid/20172": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cisco-vulnerability-management-source",
   "/cid/19880": "/docs/metrics/metrics-operators/predict",
   "/cid/19881": "/docs/metrics/metrics-operators/accum",

docs/integrations/product-list/product-list-m-z.md

@@ -141,6 +141,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/shodan.png')} alt="Thumbnail icon" width="100"/> | [Shodan](https://www.shodan.io/) | Automation integration: [Shodan](/docs/platform-services/automation-service/app-central/integrations/shodan/) |
 | <img src={useBaseUrl('/img/platform-services/automation-service/app-central/logos/silent-push.png')} alt="Thumbnail icon" width="100"/> | [Silent Push](https://www.silentpush.com/) | Automation integration: [Silent Push](/docs/platform-services/automation-service/app-central/integrations/silent-push) |
 |  <img src={useBaseUrl('img/integrations/saas-cloud/slack.png')} alt="Thumbnail icon" width="50"/>   |  [Slack](https://slack.com/) | 	App: [Slack](/docs/integrations/saas-cloud/slack/)	<br/>Automation integration: [Slack](/docs/platform-services/automation-service/app-central/integrations/slack/) <br/>Cloud SIEM integration: [Slack](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c93d9bf6-0a88-49fc-aebb-ac7b2ea6792c.md) <br/>Collector: [Slack Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/slack-source/) <br/>Webhook: [Webhook Connection for Slack](/docs/alerts/webhook-connections/slack/) |
+| <img src={useBaseUrl('img/send-data/smartsheet.png')} alt="Thumbnail icon" width="50"/> |  [Smartsheet](https://www.smartsheet.com/) | Collector: [Smartsheet Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source)  |
 | <img src={useBaseUrl('img/integrations/misc/snare-logo.png')} alt="Thumbnail icon" width="75"/> | [Snare](https://www.snaresolutions.com/) | Cloud SIEM integration: [Intersect Alliance](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/005c835d-f067-4147-9da9-fe4d2691247e.md) |
 | <img src={useBaseUrl('img/integrations/misc/snowflake-logo.png')} alt="Thumbnail icon" width="100"/> | [Snowflake](https://www.snowflake.com/en/) | Cloud SIEM integration: [Snowflake](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/5541f59d-e27d-48e6-a35c-34fb75e9cf13.md) <br/>Collector: [Snowflake SQL API Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api-source) |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/snyk.png')} alt="Thumbnail icon" width="75"/> | [Snyk](https://snyk.io/) | Automation integration: [Snyk](/docs/platform-services/automation-service/app-central/integrations/snyk/) |

docs/observability/reliability-management-slo/index.md

@@ -73,9 +73,9 @@ As an example, let's say an eCommerce app considers its checkout service transac
 
 The _SLI_ can be defined as the percentage of successful 5m windows in a _compliance period_ of 30 days (30d) or equal to 99.9% for any month. The number of unsuccessful (bad) transactions we allow as an _error budget_ is 0.1% of these 5m windows in 30d.
 
-The following chart shows our calculations and an example 5m window for the month of January where a number of requests were unsuccessful due to a completions that averaged greater than 600ms:
+The following chart shows our calculations and an example 5m window for the month of January where a number of requests were unsuccessful due to completions that were greater than 500ms:
 
-<img src={useBaseUrl('img/observability/slo-checkout-example.png')} alt="Reliability Management SLO SLI" />
+<img src={useBaseUrl('img/observability/slo-checkout-example.png')} alt="Reliability Management SLO SLI" style={{border: '1px solid gray'}} width="800" />
 
 With these calculations, we can configure an SLO, add a monitor, and start managing this and other services with ease. This is just one example. You can develop many different SLOs based on evaluation types (windows-based and request-based), ratios and thresholds for calculations, and error budgets for rolling or calendar compliance periods.
 
@@ -137,7 +137,7 @@ In the SLO screen, you can view, search, and add SLOs. Use folders to collect, p
 
 To locate an SLO, use the search that returns a list of SLOs based on the name and description.
 
-<img src={useBaseUrl('img/observability/slo1.png')} alt="Reliability Management SLO SLI" />
+<img src={useBaseUrl('img/observability/slo1.png')} alt="Reliability Management SLO SLI" style={{border: '1px solid gray'}} width="800" />
 
 To open the dashboard, locate and select an SLO. The details pane gives you a preview and an option to **Open SLO Dashboard**. See [SLO Dashboards and Notifications](/docs/observability/reliability-management-slo/dashboards) for more information.
 
@@ -154,7 +154,7 @@ The **SLO Details** tab provides a quick view of the SLO ID, description, config
 
 The **Monitors** tab provides a list of associated monitors for the SLO. Expand entries to review the status, condition, and configured triggers. Click the open icon (<img src={useBaseUrl('img/observability/open-monitor.png')} alt="Reliability Management SLO SLI" width="20" /> ) to open and edit the monitor.
 
-<img src={useBaseUrl('img/observability/slo-preview.gif')} alt="Reliability Management SLO SLI" />
+<img src={useBaseUrl('img/observability/slo-preview.gif')} alt="Reliability Management SLO SLI" style={{border: '1px solid gray'}} width="800" />
 
 
 ### Query Recommendations

docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md

@@ -451,6 +451,12 @@ In this section, we'll introduce the following concepts:
         <p>Learn about the Slack Source, part of Sumo Logic's Cloud-to-Cloud Integration Framework.</p>
         </div>
       </div>
+      <div className="box smallbox card">
+        <div className="container">
+        <a href="/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source"><img src={useBaseUrl('img/send-data/smartsheet.png')} alt="Thumbnail icon" width="50"/><h4>Smartsheet</h4></a>
+        <p>Learn how to collect events from Smartsheet platform.</p>
+        </div>
+      </div>
       <div className="box smallbox card">
         <div className="container">
         <a href="/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sophos-central-source"><img src={useBaseUrl('img/send-data/sophos.jpeg')} alt="icon" width="50"/><h4>Sophos Central</h4></a>

docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source.md

@@ -0,0 +1,90 @@
+---
+id: smartsheet-source
+title: Smartsheet Source
+sidebar_label: Smartsheet
+keywords:
+  - smartsheet
+  - cloud-to-cloud
+description: Learn how to collect events from Smartsheet platform.
+---
+import CodeBlock from '@theme/CodeBlock';
+import ExampleJSON from '/files/c2c/smartsheet/example.json';
+import MyComponentSource from '!!raw-loader!/files/c2c/smartsheet/example.json';
+import TerraformExample from '!!raw-loader!/files/c2c/smartsheet/example.tf';
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<img src={useBaseUrl('img/send-data/smartsheet.png')} alt="thumbnail icon" width="55"/>
+
+Smartsheet is used to collaborate on project timelines, documents, calendars, tasks, and other works. Smartsheet integrates and connects with many of the systems teams use today. This allows for efficient information sharing, improved collaboration, and decision-making across teams’ tech stack. The Smartsheet source collects and ingests the events that are occurring in your Smartsheet organization account. Examples of events are creation, update, load, and delete of sheets, reports, dashboards, attachments, and users.
+
+## Data collected
+
+| Polling Interval | Data |
+| :--- | :--- |
+| User entered |  [List Events](https://smartsheet.redoc.ly/tag/events/#operation/list-events) |
+
+## Setup
+
+### Vendor configuration
+
+To collect data from Smartsheet, you need a Smartsheet account with admin privileges that would allow the creation of an app via a developer account. See [steps in the Smartsheet documentation](https://smartsheet.redoc.ly/#section/OAuth-Walkthrough/First-Steps) to create a developer account in Smartsheet.
+
+### Source configuration
+
+When you create a Smartsheet source, you add it to a Hosted Collector. Before creating the source, identify the Hosted Collector you want to use or create a new Hosted Collector. For instructions, see [Configure a Hosted Collector and Source](/docs/send-data/hosted-collectors/configure-hosted-collector).
+
+To configure Smartsheet Source:
+1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Collection > Collection**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the Sumo Logic top menu select **Configuration**, and then under **Data Collection** select **Collection**. You can also click the **Go To...** menu at the top of the screen and select **Collection**.
+1. On the collectors page, click **Add Source** next to a Hosted Collector.
+1. Search for and select **Smartsheet** icon.
+1. Enter a **Name** to display for the source in the Sumo Logic web application. The description is optional.
+1. (Optional) For **Source Category**, enter any string to tag the output collected from the source. Category metadata is stored in a searchable field called `_sourceCategory`.
+1. (Optional) **Fields**. Click the **+Add Field** link to define the fields you want to associate. Each field needs a name (key) and value.
+   * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema.
+   * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema it is ignored, known as dropped.
+1. In **Application (client) ID**, paste in the Client ID from the vendor's setup "Create a Developer Account and Register an App" steps.
+1. In **Client Secret**, paste in the Client Secret from the vendor's setup "Create a Developer Account and Register an App" steps.
+1. In **Oauth 2.0 Authorization Code**, paste in the Authorization Code from the vendor's setup "Create a Developer Account and Register an App" steps.
+1. **Polling Interval**. You have the option to select how often to poll for events in minutes. Default is 10 minutes.
+1. When you are finished configuring the source, click **Save**.
+
+## JSON schema
+
+Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See [Use JSON to Configure Sources](/docs/send-data/use-json-configure-sources) for details. 
+
+| Parameter | Type | Value | Required | Description |
+|:--|:--|:--|:--|:--|
+| schemaRef | JSON Object  | `{"type":"Smartsheet"}` | Yes | Define the specific schema type. |
+| sourceType | String | `"Universal"` | Yes | Type of source. |
+| config | JSON Object | [Configuration object](#configuration-object) | Yes | Source type specific values. |
+
+### Configuration Object
+
+| Parameter | Type | Required | Default | Description | Example |
+|:--|:--|:--|:--|:--|:--|
+| name | String | Yes | `null` | Type a desired name of the source. The name must be unique per Collector. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_source`. | `"mySource"` |
+| description | String | No | `null` | Type a description of the source. | `"Testing source"`\ |
+| category | String | No | `null` | Type a category of the source. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_sourceCategory`. See [best practices](/docs/send-data/best-practices) for details. | `"mySource/test"` |
+| fields | JSON Object | No | `null` | JSON map of key-value fields (metadata) to apply to the Collector or Source. Use the boolean field `_siemForward` to enable forwarding to SIEM.|`{"_siemForward": false, "fieldA": "valueA"}` |
+| app_client_id | String | Yes | `null` | The Smartsheet app client ID to collect from Smartsheet platform. |  |
+| client_secret | String | Yes | `null` | The Smartsheet app client secret to collect from Smartsheet platform. |  |
+| authorization_code | String | Yes | `null` | The Smartsheet app client OAuth2 authorization code to collect from Smartsheet platform. |  |
+| polling_interval | Integer | Yes | 10 | How frequently the integration should poll to Smartsheet. |  |
+
+### JSON example
+
+<CodeBlock language="json">{MyComponentSource}</CodeBlock>
+
+<a href="/files/c2c/smartsheet/example.json" target="_blank">Download example</a>
+
+### Terraform example
+
+<CodeBlock language="json">{TerraformExample}</CodeBlock>
+
+<a href="/files/c2c/smartsheet/example.tf" target="_blank">Download example</a>
+
+## FAQ
+
+:::info
+Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
+:::

sidebars.ts

@@ -458,6 +458,7 @@ module.exports = {
                 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/salesforce-source',
                 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/sentinelone-mgmt-api-source',
                 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/slack-source',
+                'send-data/hosted-collectors/cloud-to-cloud-integration-framework/smartsheet-source',
                 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-sql-api-source',
                 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/sophos-central-source',
                 //'send-data/hosted-collectors/cloud-to-cloud-integration-framework/sumo-logic-kickstart-data-source',

static/files/c2c/smartsheet/example.json

@@ -0,0 +1,16 @@
+{
+    "api.version": "v1",
+    "source": {
+        "schemaRef": {
+            "type": "Smartsheet"
+        },
+        "config": {
+                "name": "smartsheet",
+                "app_client_id": "<your client id>",
+                "client_secret": "***********",
+                "authorization_code": "***********",
+                "polling_interval": 10
+        },
+        "sourceType": "Universal"
+    }
+}

static/files/c2c/smartsheet/example.tf

@@ -0,0 +1,17 @@
+resource "sumologic_cloud_to_cloud_source" "lastpass-source" {
+  collector_id = sumologic_collector.collector.id
+  schema_ref = {
+    type = "Smartsheet"
+  }
+  config = jsonencode({
+        "name": "smartsheet",
+        "app_client_id": "<your client id>",
+        "client_secret": "***********",
+        "authorization_code": "***********",
+        "polling_interval": 10
+  })
+}
+resource "sumologic_collector" "collector" {
+  name        = "my-collector"
+  description = "Just testing this"
+}