SumoLogic
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/auth0.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/auth0.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-application-load-balancer.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-application-load-balancer.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-cloudtrail.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-cloudtrail.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-guardduty.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-guardduty.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-network-firewall.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-network-firewall.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-vpc-flow.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/aws-vpc-flow.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/carbon-black.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/carbon-black.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/check-point-firewall.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/check-point-firewall.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/cisco-asa.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/cisco-asa.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/cisco-meraki.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/ingestion/ingestion-sources-for-cloud-siem/cisco-meraki.md‎
Lines changed: 1 addition & 1 deletion
@@ -15,4 +15,4 @@ To ingest Auth0 data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for Auth0 and check the **Records** columns.<br/><img src={useBaseUrl('img/cse/auth0-reocrd-volume.png')} alt="Record volume" style={{border: '1px solid gray'}} style={{border: '1px solid gray'}} width="800" />
-    1. For a more granular look at the incoming records, you can also use the Sumo Logic platform to search for Auth0 security records.<br/><img src={useBaseUrl('img/cse/auth0-search.png')} alt="Auth0 search" style={{border: '1px solid gray'}} style={{border: '1px solid gray'}} width="500" />
+    1. For a more granular look at the incoming records, you can also use the Sumo Logic platform to search for Auth0 security records: <br/>`_index=sec_record* and metadata_product = "Auth0"`
@@ -15,4 +15,4 @@ To ingest AWS Application Load Balancer data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM: 
    1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
    1. On the **Log Mappings** tab search for "AWS Application Load Balancer" and check the **Records** columns.
-   1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for AWS ALB Flow security records.<br/><img src={useBaseUrl('img/cse/AWS-elb-search.png')} alt="AWS ELB search" style={{border: '1px solid gray'}} width="600"/>
+   1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for AWS ALB Flow security records:<br/>`_index=sec_record* and metadata_product = "AWS - Application Load Balancer - JSON"`
@@ -18,5 +18,5 @@ To ingest AWS CloudTrail data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM. 
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "CloudTrail" and check the **Records** columns.
-    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for CloudTrail security records.<br/><img src={useBaseUrl('img/cse/cloudtrail-search.png')} alt="CloudTrail search" style={{border: '1px solid gray'}} width="400"/>
+    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for CloudTrail security records:<br/>`_index=sec_record* and metadata_product = "CloudTrail"`
 
@@ -15,4 +15,4 @@ To ingest AWS GuardDuty data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "GuardDuty" and check the **Records** columns.
-    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for GuardDuty security records..<br/><img src={useBaseUrl('img/cse/guardduty-search.png')} alt="GuardDuty search" style={{border: '1px solid gray'}} width="400"/>
+    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for GuardDuty security records:<br/>`_index=sec_record* and metadata_product = "GuardDuty"`
@@ -17,4 +17,4 @@ To ingest AWS Network Firewall data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM: 
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "AWS Network Firewall " and check the **Records** columns.
-    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for AWS Network Firewall security records. <br/><img src={useBaseUrl('img/cse/AWS-network-firewall-search.png')} alt="AWS Firewall search" style={{border: '1px solid gray'}} width="600"/>
+    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for AWS Network Firewall security records:<br/>`_index=sec_record* and metadata_vendor = "AWS" and metadata_product = "Network Firewall"`
@@ -14,4 +14,4 @@ To ingest AWS VPC Flow data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "AWS VPC Flow" and check the **Records** columns. 
-    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for AWS VPC Flow security records.
+    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for AWS VPC Flow security records:<br/>`_index=sec_record* and metadata_product = "VPC Flow"`
@@ -15,4 +15,4 @@ To ingest Carbon Black Cloud data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for Carbon Black Cloud and check the **Records** columns.
-    1. For a more granular look at the incoming records, you can also search Sumo Logic for Carbon Black Cloud records.<br/> <img src={useBaseUrl('img/cse/carbon-black-search.png')} alt="A Carbon Black query" style={{border: '1px solid gray'}} width="500" />
+    1. For a more granular look at the incoming records, you can also search Sumo Logic for Carbon Black Cloud records:<br/>`_index=sec_record* and metadata_product = "Carbon Black Cloud"`
@@ -15,4 +15,4 @@ To ingest Check Point Firewall data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "checkpoint" and check the **Records** columns.
-    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for Check Point Firewall security records.<br/><img src={useBaseUrl('img/cse/checkpoint-search.png')} alt="Checkpoint search" style={{border: '1px solid gray'}} width="400"/>
+    1. For a more granular look at the incoming records, you can also search the Sumo Logic platform for Check Point Firewall security records:<br/>`_index=sec_record* and metadata_product = "checkpoint"`
@@ -15,4 +15,4 @@ To ingest Cisco ASA data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "Cisco ASA" and check the **Records** columns. A list of mappers for Cisco ASA Syslog will appear and you can see if logs are coming in.
-    1. For a more granular look at the incoming records, you can also use search the Sumo Logic platform for Cisco ASA security records.<br/><img src={useBaseUrl('img/cse/cisco-asa-search.png')} alt="Cisco ASA search" style={{border: '1px solid gray'}} width="400"/>
+    1. For a more granular look at the incoming records, you can also use search the Sumo Logic platform for Cisco ASA security records:<br/>`_index=sec_record* and metadata_product = "ASA"`
@@ -15,4 +15,4 @@ To ingest Cisco Meraki data into Cloud SIEM:
 1. To verify that your logs are successfully making it into Cloud SIEM:
     1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Configuration**, and then under **Incoming Data** select **Log Mappings**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Integrations** select **Log Mappings**. You can also click the **Go To...** menu at the top of the screen and select **Log Mappings**.  
     1. On the **Log Mappings** tab search for "Cisco Meraki" and check the **Records** columns. A list of mappers for Cisco Meraki will appear and you can see if logs are coming in.
-    1. For a more granular look at the incoming records, you can also use search the Sumo Logic platform for Cisco Meraki security records.<br/><img src={useBaseUrl('img/cse/cisco-meraki-search.png')} alt="Cisco Meraki search" style={{border: '1px solid gray'}} width="400"/>
+    1. For a more granular look at the incoming records, you can also use search the Sumo Logic platform for Cisco Meraki security records:<br/>`_index=sec_record* and metadata_product = "Meraki"`