Merge branch 'main' into postgresqlST

Author: sumoanema

blog-cse/2025-01-31-content.md

@@ -0,0 +1,54 @@
+---
+title: January 31, 2025 - Content Release
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - log mappers
+  - parsers
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-cse/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+This content release includes:
+- Removal and updates to Cloud SIEM rules.
+- Parsing and mapping support for new products.
+- Updates to existing parsing and mappers to support additional events and field mappings.
+
+Changes are enumerated below.
+
+### Rules
+- [Deleted] MATCH-S00604 OneLogin - API Credentials - Key Used from Untrusted Location
+- [Updated] FIRST-S00044 First Seen AppID Generating MailItemsAccessed Event from User
+    - Corrected typo in "MailItemsAccessed".
+- [Updated] FIRST-S00046 First Seen Client Generating MailItemsAccessed Event from User
+    - Corrected typo in "MailItemsAccessed".
+
+### Log Mappers
+- [New] Crowdstrike FileVantage Catch All
+- [New] Dragos Communication
+- [New] Dragos Indicator
+- [New] Dragos System|Asset
+- [New] Extrahop JSON Catch All
+- [New] F5 TMM Http Request|TMM Network|TMM Connection error
+- [New] F5 TMSH - Custom Parser
+- [New] Zendesk - Login events
+#### Updated Field Mappings
+- [Updated] Code42 Incydr Alerts C2C
+- [Updated] Cyber Ark EPM AggregateEvent
+- [Updated] Google G Suite - meet
+- [Updated] Palo Alto GlobalProtect - Custom Parser
+- [Updated] Palo Alto GlobalProtect Auth - Custom Parser
+- [Updated] Zendesk Catch All
+
+### Parsers
+- [New] /Parsers/System/CrowdStrike/CrowdStrike Filevantage
+- [New] /Parsers/System/Extrahop/Extrahop JSON
+#### Updated parsers to handle additional events and field parsing
+- [Updated] /Parsers/System/Code42/Code42 Incydr
+- [Updated] /Parsers/System/Dragos/Dragos
+- [Updated] /Parsers/System/F5/F5 Syslog
+- [Updated] /Parsers/System/Microsoft/Microsoft Azure JSON
+- [Updated] /Parsers/System/Microsoft/Office 365
+- [Updated] /Parsers/System/Palo Alto/PAN Firewall CSV

blog-service/2025-01-31-apps.md

@@ -0,0 +1,57 @@
+---
+title: Apps, Solutions, and Collection Integrations - January Release 
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - january-release
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+### New release
+
+We’re excited to announce the release of the new Azure Virtual Network app and 11 new OpenTelemetry Remote Management source templates for Sumo Logic.
+
+- **Azure Virtual Network**. Azure Virtual Network is a service that provides the fundamental building block for your private network in Azure, enabling many types of Azure resources to securely communicate with one other, using the internet, and on-premises networks. This integration helps in monitoring the outgoing and incoming traffic flows, dropped packets, bandwidth consumption, verifying network isolation, and compliance. [Learn more](/docs/integrations/microsoft-azure/azure-virtual-network/).
+- **OpenTelemetry Remote Management**. Released [Apache](/docs/send-data/opentelemetry-collector/remote-management/source-templates/apache/), [Docker](/docs/send-data/opentelemetry-collector/remote-management/source-templates/docker/), [Kafka](/docs/send-data/opentelemetry-collector/remote-management/source-templates/kafka/), [Linux](/docs/send-data/opentelemetry-collector/remote-management/source-templates/linux/), [Local File](/docs/send-data/opentelemetry-collector/remote-management/source-templates/localfile/), [Mac](/docs/send-data/opentelemetry-collector/remote-management/source-templates/mac/), [Nginx](/docs/send-data/opentelemetry-collector/remote-management/source-templates/nginx/), [RabbitMQ](/docs/send-data/opentelemetry-collector/remote-management/source-templates/rabbitmq/), [Redis](/docs/send-data/opentelemetry-collector/remote-management/source-templates/redis/), [Syslog](/docs/send-data/opentelemetry-collector/remote-management/source-templates/syslog/), and [Windows](/docs/send-data/opentelemetry-collector/remote-management/source-templates/windows/) OpenTelemetry Remote Management source templates.
+
+### AWS Observability v2.11.0
+
+This section details the new features and updates in AWS Observability for upgrading your Terraform script or CloudFormation template to version v2.11.0.
+
+- **New Features**:
+    - **Amazon RDS app**. Added support to analyze and monitor RDS Oracle CloudWatch and CloudTrail logs.
+    - **Amazon Load Balancer apps**. Added support to analyze and monitor Cloudtrail audit event logs for Application Load Balancer, Classic Load Balancer, and Network Load Balancer.
+    - Added out-of-the-box monitors for RDS Oracle DB, Application Load Balancer, Classic Load Balancer, and Network Load Balancer. Solution now supports 78 out-of-box monitors.
+    - Added support to collect custom metrics namespaces.
+    - Added support to subscribe cloudWatch log groups based on AWS tags to Sumo Logic.
+    - Added support to filter AWS CloudWatch metrics based on AWS tags.
+- **Updates**:
+    - Updated cloudformation helper function with Lambda Runtime to python v3.13.
+    - Updated SAM Lambda runtime to python v3.13 with latest library updates.
+    - Updated Telemetry Lambda Runtime to python v3.13 with latest library updates.
+
+To learn more, refer the [AWS Observability changelog](/docs/observability/aws/deploy-use-aws-observability/changelog/#v2110-24-jan-2025).
+
+### Enhancements
+
+- **Added Monitors in OpenTelemetry apps**. [Jira - App Development](/docs/integrations/app-development/opentelemetry/jira-opentelemetry/#jira-alerts), [Linux - Cloud Security and Monitoring Analytics](/docs/integrations/cloud-security-monitoring-analytics/opentelemetry/linux-opentelemetry/#linux---cloud-security-monitoring-and-analytics-alerts), [PCI Compliance for Linux](/docs/integrations/pci-compliance/opentelemetry/linux-opentelemetry/#pci-compliance-for-linux-alerts), [PCI Compliance For Windows JSON](/docs/integrations/pci-compliance/opentelemetry/windows-json-opentelemetry/#pci-compliance-for-windows-json-alerts), [Puppet - App Development](/docs/integrations/app-development/opentelemetry/puppet-opentelemetry/#puppet-alerts), and [Windows - Cloud Security Monitoring and Analytics](/docs/integrations/cloud-security-monitoring-analytics/opentelemetry/windows-opentelemetry/#windows---cloud-security-monitoring-and-analytics-alerts) apps are updated with new monitors.
+- **Integrated Cloud-to-Cloud source creation and app installation**. [Armis](/docs/integrations/saas-cloud/armis/#collection-configuration-and-app-installation), [Asana](/docs/integrations/saas-cloud/asana/#collection-configuration-and-app-installation), [Digital Guardian ARC](/docs/integrations/saas-cloud/digital-guardian-arc/#collection-configuration-and-app-installation), [DocuSign](/docs/integrations/saas-cloud/docusign/#collection-configuration-and-app-installation), [Dropbox](/docs/integrations/saas-cloud/dropbox/#collection-configuration-and-app-installation), [Druva](/docs/integrations/saas-cloud/druva/#collection-configuration-and-app-installation), [Druva Cyber Resilience](/docs/integrations/saas-cloud/druva-cyber-resilience/#collection-configuration-and-app-installation), [Gmail Trace Logs](/docs/integrations/saas-cloud/gmail-tracelogs/#collection-configuration-and-app-installation), [Microsoft Exchange Trace Logs](/docs/integrations/saas-cloud/microsoft-exchange-trace-logs/#collection-configuration-and-app-installation), [Microsoft Graph Identity Protection](/docs/integrations/microsoft-azure/microsoft-graph-identity-protection/#collection-configuration-and-app-installation), [Miro](/docs/integrations/saas-cloud/miro/#collection-configuration-and-app-installation), [SailPoint](/docs/integrations/security-threat-detection/sailpoint/#collection-configuration-and-app-installation), and [Zendesk](/docs/integrations/saas-cloud/zendesk/#collection-configuration-and-app-installation) apps are now updated to have integrated Cloud-to-Cloud source creation and app installation.
+- **Classic Apps to Next-Gen Apps Migration.** [CIS AWS Foundations Benchmark](/docs/integrations/amazon-aws/cis-aws-foundations-benchmark), [Gmail Trace Logs](/docs/integrations/saas-cloud/gmail-tracelogs), and [Microsoft Exchange Trace Logs](/docs/integrations/saas-cloud/microsoft-exchange-trace-logs) apps are migrated from [Classic Apps (Legacy)](/docs/get-started/apps-integrations/#classic-apps-legacy) to [Next-Gen Apps](/docs/get-started/apps-integrations/#next-gen-apps).
+- We have enhanced the following six Cloudtrail Logs based apps:
+    - [Amazon CloudTrail - Cloud Security Monitoring and Analytics](/docs/integrations/cloud-security-monitoring-analytics/aws-cloudtrail)
+    - [AWS CloudTrail](/docs/integrations/amazon-aws/cloudtrail)
+    - [CIS AWS Foundations Benchmark](/docs/integrations/amazon-aws/cis-aws-foundations-benchmark)
+    - [Cloud Infrastructure Security for AWS](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws)
+    - [PCI Compliance For AWS CloudTrail](/docs/integrations/amazon-aws/cloudtrail-pci-compliance)
+    - [Threat Intel for AWS](/docs/integrations/amazon-aws/threat-intel)
+- **Sumo Logic Kickstart Data**. Updated the default time range of all the panels to six hours and added text panels in the dashboards.
+- **AWS Serverless Application Models**. Added support for Sumo Logic Korea deployment by releasing the following SAM:
+    - [sumologic-aws-cloudtrail-benchmark](https://github.com/SumoLogic/sumologic-aws-lambda/tree/main/cloudtrailbenchmark) - Semantic v1.0.19
+
+### Bug Fixes
+
+- **Kubernetes Control Plane**. Added the `quantization_interval` filter variable.

blog-service/2025-02-01-apps.md

@@ -0,0 +1,14 @@
+---
+title: JumpCloud Directory Insights (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - jumpcloud-directory-insights
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce the new JumpCloud Directory Insights app for Sumo Logic. This app provides a comprehensive visibility into authentication events, user activities, and security-related actions within your JumpCloud-managed environment. The pre-configured dashboards can help you to track failed login attempts, privileged access changes, and account lockouts in real-time to improve security and ensure organizational policy compliance. [Learn more](/docs/integrations/saas-cloud/jumpcloud-directory-insights/).

cid-redirects.json

@@ -722,7 +722,7 @@
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing_Metrics": "/docs/integrations/amazon-aws/application-load-balancer",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing_Metrics/01Collect-Metrics-for-the-AWS-Elastic-Load-Balancing-App": "/docs/integrations/amazon-aws/application-load-balancer",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing_Metrics/03Amazon-CloudWatch---ELB-Metrics-Dashboards": "/docs/integrations/amazon-aws/application-load-balancer",
-  "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing": "/docs/integrations/amazon-aws/elastic-load-balancing",
+  "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing": "/docs/integrations/amazon-aws/classic-load-balancer",
   "/docs/integrations/amazon-aws/elastic-load-balancing-metrics": "/docs/integrations/amazon-aws/application-load-balancer",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing/01-Collect-logs-for-the-AWS-Elastic-Load-Balancing-App": "/docs/integrations/amazon-aws/application-load-balancer",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Elastic_Load_Balancing/AWS-Elastic-Load-Balancing-App-Dashboards": "/docs/integrations/amazon-aws/classic-load-balancer",
@@ -1584,6 +1584,7 @@
   "/cid/10188": "/docs/integrations/saas-cloud/miro",
   "/cid/10187": "/docs/integrations/saas-cloud/digital-guardian-arc",
   "/cid/10114": "/docs/integrations/saas-cloud/jamf",
+  "/cid/10115": "/docs/integrations/saas-cloud/jumpcloud-directory-insights",
   "/cid/10208": "/docs/integrations/saas-cloud/cisco-meraki-c2c",
   "/cid/10209": "/docs/integrations/security-threat-detection/cisco-meraki",
   "/cid/10210": "/docs/integrations/saas-cloud/proofpoint-tap",
@@ -2464,7 +2465,7 @@
   "/cid/5375": "/",
   "/cid/5377": "/docs/search/behavior-insights/logreduce/understand-the-logreduce-relevance-column",
   "/cid/5378": "/docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-cloudtrail",
-  "/cid/5379": "/docs/integrations/amazon-aws/elastic-load-balancing",
+  "/cid/5379": "/docs/integrations/amazon-aws/classic-load-balancer",
   "/cid/5380": "/docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-cloudtrail",
   "/cid/5381": "/docs/integrations/containers-orchestration/vmware-legacy",
   "/cid/5382": "/docs/integrations/pci-compliance",
@@ -4255,5 +4256,6 @@
   "/docs/search/logreduce/influence-the-logreduce-outcome": "/docs/search/behavior-insights/logreduce/influence-the-logreduce-outcome",
   "/docs/search/logreduce/understand-the-logreduce-relevance-column": "/docs/search/behavior-insights/logreduce/understand-the-logreduce-relevance-column",
   "/docs/search/behavior-insights/logreduce-values": "/docs/search/behavior-insights/logreduce/logreduce-values",
-  "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-cloud-to-cloud-source-migration":"/docs/send-data/collect-from-other-data-sources/azure-monitoring/azure-event-hubs-source-migration"
+  "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-cloud-to-cloud-source-migration":"/docs/send-data/collect-from-other-data-sources/azure-monitoring/azure-event-hubs-source-migration",
+  "/docs/integrations/amazon-aws/elastic-load-balancing":"/docs/integrations/amazon-aws/classic-load-balancer"
 }

docs/dashboards/about.md

@@ -101,3 +101,20 @@ Dashboards have two themes available: Light mode (which is the default) and Dar
 ## Clickable Legend
 
 If you want to focus on one item in your chart you can simply click on the item in the legend. If you want to toggle just one legend item, just hold the **shift** key and then click the item.<br/><img src={useBaseUrl('/img/dashboards/about-dashboard/clicklegend.gif')} alt="clicklegend" style={{border: '1px solid gray'}} width="700" />
+
+## Dashboard Information
+
+The dashboard information popup provides insights into the scan costs associated with log-based queries that run within dashboards.
+
+To view the dashboard information, follow the steps below:
+1. Open the dashboard for which you need to view the information.
+2. Click the three-dot kebab menu icon in the top right corner of the dashboard and select **Info** from the dropdown menu.<br/><img src={useBaseUrl('img/dashboards/dashboard_info/dashboard_info.png')} alt="dashboard_info" style={{border: '1px solid gray'}} width="230"/>
+3. A popup pane will appear, displaying the following dashboard information:<br/><img src={useBaseUrl('img/dashboards/dashboard_info/dashboard_info_panel.png')} alt="dashboard_info_panel" style={{border: '1px solid gray'}} width="600"/>
+    - **Dashboard Name**. Name of the dashboard.
+    - **Created By**. The user who created the dashboard. 
+    - **Time Range Expression**. The time range selected for the dashboard.
+    - **Start**. The current start time based on the selected time range.
+    - **End**. The current end time based on the selected time range.
+    - **Time Zone**. The time zone for the set time range.
+    - **Scanned Bytes**. The total amount of data scanned in bytes.
+    - **Dashboard ID**. A unique identification ID for the dashboard. Copy and use the dashboard ID within the APIs to identify the dashboard when making requests.

docs/get-started/quickstart.md

@@ -25,9 +25,14 @@ What you'll learn:
 
 You'll need a Sumo Logic account. Sign up for a free trial [here](/docs/get-started/sign-up).
 
-## Getting started with kickstart data in your trial
+## Getting started with Kickstart Data in your trial
 
-With your [trial](/docs/get-started/sign-up), you can access preloaded placeholder Kickstart Data to explore Sumo Logic instantly without setting up your own data. This feature helps trial users see immediate value and bypass setup barriers like firewall and security configurations.
+With your [Sumo Logic trial](/docs/get-started/sign-up), you can access preloaded placeholder Kickstart Data to explore Sumo Logic instantly prior to setting up your own data. This feature helps trial users see immediate value and bypass setup barriers like firewall and security configurations.
+
+:::warning limitations
+* Your trial workflow—Kickstart Data or custom data—is automatically determined by marketing-based user profiling. Manual selection of a workflow is not currently supported.
+* This feature is only available to select trial users during the initial rollout phase.
+:::
 
 ### Key benefits
 
@@ -50,11 +55,6 @@ With your [trial](/docs/get-started/sign-up), you can access preloaded placehold
 
 You can skip Kickstart Data anytime and begin ingesting your own data.
 
-:::warning limitations
-* User profiling for selection. Your assignment to either placeholder data or your own data workflow is determined by user profiling data from marketing. You won't be able to manually select your preferred workflow.
-* Limited availability. At launch, the placeholder data option will only be available to select trial users based on profiling.
-:::
-
 ## Step 1: Get your data into Sumo
 
 The journey of 10,000 logs begins with a single collector. Your data analytics journey starts by sending your data to Sumo.