Merge branch 'main' into apps-october-release-notes

himanshu219 · web-flow · commit 5f1900864a6a · 2024-11-06T14:07:00.000+05:30
diff --git a/blog-collector/2024-10-31.md b/blog-collector/2024-10-31.md
@@ -0,0 +1,21 @@
+---
+title: Version 19.514-1
+hide_table_of_contents: true
+image: https://help.sumologic.com/img/sumo-square.png
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-collector/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.
+
+### Security Fixes
+
+- Upgraded `com.fasterxml.jackson.core` to version 2.15.4 to address jackson-core vulnerability (CVE-2023-0067).
+- Upgraded `org.apache.avro:avro` to version 1.11.4 to address ion-java vulnerability (CVE-2024-47561).
+
+### Bug Fix
+
+- Fixed the intermittent collector crash issue for AD source.
+
diff --git a/blog-cse/2024-10-31-content.md b/blog-cse/2024-10-31-content.md
diff --git a/blog-service/2024-10-14-manage.md b/blog-service/2024-10-14-manage.md
@@ -17,7 +17,7 @@ We're excited to announce that when you create a role, you can select **Index Ac
 This feature was [previously only available to participants in our beta program](/release-notes-service/2023/12/31/#october-27-2023-manage-account). It is now available for general use.
 
 :::note
-These changes are rolling out across deployments incrementally and will be available on all deployments by October 25, 2024.
+These changes are rolling out across deployments incrementally and will be available on all deployments by November 15, 2024.
 :::
 
 [Learn more](/docs/manage/users-roles/roles/create-manage-roles/#create-a-role).
diff --git a/blog-service/2024-10-22-alerts.md b/blog-service/2024-10-22-alerts.md
@@ -14,7 +14,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 <a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
 
-We're excited to announce the general availability of AI-driven alerts for metrics anomalies, extending our AI-driven alerting to metrics-based monitors. This release helps reduce alert fatigue and enables faster incident resolution with automated playbooks.
+We're excited to announce the preview of AI-driven alerts for metrics anomalies, extending our AI-driven alerting to metrics-based monitors. This preview release helps reduce alert fatigue and enables faster incident resolution with automated playbooks.
 
 ### Key Features
 
diff --git a/blog-service/2024-10-29-manage.md b/blog-service/2024-10-29-manage.md
@@ -16,7 +16,7 @@ We are happy to introduce our new **Usage Management** tab under the **Accounts*
 Key features include:
 
 - **Org-wide query budget**. Set a budget for queries that applies to all users in the organization.
-- **User-level query budget**. Set a budget for queries at the user level. With this, *Admins* can specify roles and easily select groups based on roles.
+- **User level and role level query budget**. Set limits on query data volume at the user level and role level.
 - **Flexible actions**. Choose what happens when the budget limit is reached. Options include **Display a warning to the user** or **Restrict queries to background scans only**.
 
 Explore our technical documentation [here](/docs/manage/manage-subscription/usage-management/) to learn how to set up and use Scan Budgets.
diff --git a/blog-service/2024-11-01-observability.md b/blog-service/2024-11-01-observability.md
@@ -0,0 +1,14 @@
+---
+title: Deprecation Notice - Root Cause Explorer (Observability)
+image: https://www.sumologic.com/img/logo.svg
+keywords:
+  - observability
+  - root cause explorer
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+As part of our ongoing evaluation of the Sumo Logic service, our product team is deprecating [Root Cause Explorer](/docs/observability/root-cause-explorer), and it will no longer be available as of 30 April 2025.
+
+Learn more [here](/docs/observability/root-cause-explorer-deprecation).
diff --git a/blog-service/2024-11-05-alerts.md b/blog-service/2024-11-05-alerts.md
@@ -0,0 +1,23 @@
+---
+title: AI-Driven Alerts for Metrics Anomalies (Monitors)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - metrics
+  - monitors
+  - alerts
+  - anomalies
+  - ai
+hide_table_of_contents: true  
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to announce the general availability of AI-driven alerts for metrics anomalies, extending our AI-driven alerting capabilities to include metrics-based monitors. This new feature aims to reduce alert fatigue and accelerate incident resolution through the use of automated playbooks. [Learn more](/docs/alerts/monitors/create-monitor).
+
+### Key features
+
+* **Advanced anomaly detection**. Leverages 30 days of historical metrics data to establish baselines and identify critical anomalies.
+* **Customizable detection**. Allows configuration based on specific criteria, such as detecting multiple anomalies within a defined time window.
+* **Playbook integration**. Streamlines diagnosis and recovery by automating responses through integrated playbooks.
diff --git a/cid-redirects.json b/cid-redirects.json
@@ -104,6 +104,7 @@
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon_MSK_Prometheus_metrics_collection": "/docs/send-data/collect-from-other-data-sources/amazon-msk-prometheus-metrics-collection",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
   "/Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
+  "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-Web-Services": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs/Collect_Amazon_CloudWatch_Logs_using_a_Lambda_Function": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs/collect-with-lambda-function",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs/Collect_CloudWatch_Logs_using_a_CloudFormation_Template_with_secured_Sumo_Endpoint": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs/collect-with-cloudformation-template",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs/Collect-Amazon-CloudWatch-Logs-using-a-Collector-Script": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
@@ -219,6 +220,7 @@
   "/03Send-Data/Installed-Collectors/05Reference-Information-for-Collector-Installation/Verify-Authenticity-of-Collector-Downloads": "/docs/send-data/reference-information",
   "/03Send-Data/Setup-Wizard": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Upload-Static-Files-with-the-Setup-Wizard": "/docs/send-data/setup-wizard",
+  "/03Send-Data/Setup-Wizard/About-Streaming-Data-Collection": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Collect-from-Custom-Apps": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Collect-from-Custom-Apps/Collect_Streaming_Data_from_HTTP": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Collect-from-Custom-Apps/Collect-Streaming-Data-from-a-Local-File": "/docs/send-data/setup-wizard",
@@ -1377,6 +1379,7 @@
   "/APIs/General_API_Information/API_Authentication": "/docs/api/getting-started",
   "/APIs/General_API_Information/Sumo_Logic_Endpoints": "/docs/api/getting-started",
   "/APIs/General_API_Information/Sumo_Logic_Endpoints_and_Firewall_Security": "/docs/api/getting-started",
+  "/Send_Data": "/docs/send-data",
   "/Send_Data/Collector_Management_API/Sumo_Logic_Endpoints": "/docs/api/collector-management",
   "/Send_Data/Collector_FAQs/How_to_Ingest_Old_or_Historical_Data": "/docs/send-data/opentelemetry-collector/faq",
   "/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security": "/docs/api/getting-started",
@@ -3441,6 +3444,7 @@
   "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Save_to_Index": "/docs/alerts/scheduled-searches/save-to-index",
   "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Schedule_a_Search": "/docs/alerts/scheduled-searches/schedule-search",
   "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Scheduled_Search_FAQs": "/docs/alerts/scheduled-searches/schedule-search",
+  "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Scheduled_Search_FAQs/How-to-Prevent-your-Scheduled-Search-from-Timing-Out": "/docs/alerts/scheduled-searches/schedule-search",
   "/Visualizations-and-Alerts/Dashboard_(New)": "/docs/dashboards",
   "/Visualizations-and-Alerts/Dashboard_(New)/About_Dashboard_(New)": "/docs/dashboards/about",
   "/Visualizations-and-Alerts/Dashboard_(New)/Create_a_Dashboard_(New)": "/docs/dashboards/create-dashboard-new",
@@ -3566,6 +3570,7 @@
   "/07Sumo-Logic-Apps/01Amazon_and_AWS": "/docs/integrations/amazon-aws",
   "/07Sumo_Logic_Apps/01Amazon_and_AWS/Amazon_RDS_Metrics/Amazon-RDS-Metrics-App-Dashboards": "/docs/observability/aws/integrations/amazon-rds",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/Amazon_Security_Quick_Start": "/docs/integrations/amazon-aws/security-quickstart",
+  "/docs/integrations/amazon-aws/amazon-opensearch-service": "/docs/integrations/amazon-aws/amazon-opensearch",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/Global_Intelligence_for_CloudTrail_DevOps": "/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/Global_Intelligence_for_AWS_CloudTrail/Install_the_GI_CloudTrail_App_and_view_the_Dashboards": "/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops",
   "/07Sumo_Logic_Apps/06Google/Google_Cloud_VPC/Install-the-Google-Cloud-VPC-App-and-view-the-Dashboards": "/docs/integrations/google/cloud-vpc",
@@ -4041,6 +4046,7 @@
   "/docs/cse/automation-service/automation-service-integration-framework": "/docs/platform-services/automation-service/automation-service-integration-framework",
   "/docs/cloud-soar/cloud-soar-integration-framework": "/docs/platform-services/automation-service/automation-service-integration-framework",
   "/docs/send-data/collect-from-other-data-sources/kubernetes": "/docs/send-data/kubernetes",
+  "/docs/send-data/kubernetes/v4": "/docs/send-data/kubernetes",
   "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/collect-logs-azure-blob-storage": "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/block-blob/collect-logs",
   "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/troubleshoot-azure-blob-storage-log-collection": "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/troubleshoot-log-collection",
   "/docs/cloud-soar/mssp": "/docs/cloud-soar/legacy/legacy-cloud-soar-mssp",
diff --git a/docs/cse/get-started-with-cloud-siem/insight-generation-process.md b/docs/cse/get-started-with-cloud-siem/insight-generation-process.md
@@ -87,7 +87,7 @@ The severities of the `RDP Brute Force Attempt bad` and the `RDP Brute Force At
 
 By default, when an entity’s Activity Score exceeds the threshold of 12, Cloud SIEM generates an Insight on the entity. Like the detection period, you can [configure a different Activity Score threshold value](/docs/cse/records-signals-entities-insights/set-insight-generation-window-threshold) for Insight generation. When Cloud SIEM creates an Insight on an Entity, it resets the Entity’s Activity Score to 0.
 
-After Cloud SIEM fires a particular Signal on a particular Entity, it suppresses Signals for that Signal-Entity combination for 12 to 24 hours. For more information, see [Redundant Signal suppression](#redundant-signal-suppression), below. 
+After Cloud SIEM fires a particular Signal on a particular Entity, it suppresses Signals for that Signal-Entity combination for a time to prevent redundant Signals. For more information, see [Redundant Signal suppression](#redundant-signal-suppression), below.
 
 ### Example of an Entity that has exceeded Activity Score threshold
 
diff --git a/docs/cse/sensors/network-sensor-end-of-life.md b/docs/cse/sensors/network-sensor-end-of-life.md
@@ -0,0 +1,28 @@
+---
+id: network-sensor-end-of-life
+title: Cloud SIEM Network Sensor End-of-Life
+description: Cloud SIEM Network Sensor has reached its end-of-life and will no longer be supported.
+---
+
+<head>
+ <meta name="robots" content="noindex" />
+</head>
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+At Sumo Logic, we pride ourselves on being a leading SaaS log analytics company for observability and security solutions. Our strategic focus centers on delivering cloud-based solutions, as we firmly believe that SaaS represents the most effective means to deliver substantial value and a seamless experience to our customer base.
+
+The Sumo Logic Product Team is discontinuing our on-premise network sensor feature for Sumo Logic Cloud SIEM. This end-of-life notification for Sumo Logic's network sensor means the feature will no longer receive support or updates based on the timelines listed below. We believe this to be the best course of action to keep our development focus on delivering world class detection and response capabilities.
+
+We fully recognize that this decision may have implications for your business operations, and we are committed to planning with you and your security team to minimize disruptions. We fully support a customer or partner managed [Zeek network sensor](/docs/cse/sensors/ingest-zeek-logs/) as a data source for our Cloud SIEM product that will provide equivalent monitoring of your network.
+
+We're confident that our highly scalable, cloud-native security solutions can continue to support your security operations. Let's discuss how we can help you achieve your security goals.
+
+If you have any questions, please don't hesitate to reach out to your Sumo Logic Account team or [open a support ticket](https://support.sumologic.com/support/s/) with our Customer Support Team. We're happy to help.
+
+| Milestone | Definition | Date |
+| :-- | :-- | :-- |
+| End-of-life announcement | The date this feature is announced as end-of-life. | November 8, 2024 |
+| End of software release | The last date that Sumo Logic may release any final software maintenance releases or bug fixes. After this date, Sumo Logic will no longer develop, repair, maintain, or test product software. | November 8, 2024 |
+| Last date of support | The last date to receive applicable support for the feature as entitled by active support contracts or by applicable warrant terms and conditIons. After this date, all support services for this feature are unavailable and the feature becomes obsolete. | January 31, 2025 |
+
diff --git a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-firewall-10.md b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-firewall-10.md
@@ -94,7 +94,7 @@ To create a server profile specifying  the log destination, do the following:
 
 To configure syslog forwarding for traffic and threat logs, follow the steps to [Configure Log Forwarding](https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/configure-log-forwarding) as described in the Palo Networks documentation.
 
-As of March 24, 2022, some Palo Alto Network systems have experienced troubles with validating the Sumo Logic certificate due to their OCSP checking logic. Please contact Palo Alto’s support for  a workaround, and if needed, contact Sumo Logic’s support for the related Palo Alto Case number.
+As of March 24, 2022, some Palo Alto Network systems have experienced troubles with validating the Sumo Logic certificate due to their OCSP checking logic. If you encounter this problem, try disabling OCSP checking logic in the firewall. If you continue to have issues, contact Palo Alto’s support, and if needed, contact Sumo Logic’s support for the related Palo Alto case number.
 
 
 ### Step 4. Verify logs in Palo Alto Networks
diff --git a/docs/manage/manage-subscription/usage-management.md b/docs/manage/manage-subscription/usage-management.md
@@ -28,6 +28,12 @@ To manage the query size limit using the **Basic** configuration:
 1. **Enable Query Limit**. Select this checkbox and enter the GB value based on your needs. Sumo Logic recommends setting a GB value per query based on the 95th percentile to stay within safe limits. You can also check the query size of the last 10 queries by clicking on **Click here** to help you determine the appropriate size limit. If you leave this checkbox unchecked, no limits will be added to the query.
 1. Click **Save Limit**.
 
+:::info
+Sumo Logic defines scan as two types:
+  - **Foreground interactive search**. Search page UI, Copilot, and Dashboards.
+  - **Background search**. API, Scheduled Search, Monitor, and SLO. 
+:::
+
 :::note
 It may take up to 5 minutes for a newly created budget to become active and enforceable in the system.
 :::
@@ -52,7 +58,12 @@ To create the query size limit using the **Advanced** configuration:
 1. **Capacity**. Enter the GB value based on your needs. Sumo Logic recommends setting a GB value per query based on the 95th percentile to stay within safe limits. You can also check the query size of the last 10 queries by clicking on **Click here** to help you determine the appropriate size limit.
 1. **Action**. Select the type of action/response you require when the budget limit is reached.
     - **Show Warning to the user**. Query result will be displayed with a the error message.
-    - **Only allow background query scans**. A warning message will be displayed if you run a query that exceeds the budget set, which will block the foreground searches, such as querying in the search UI and dashboards, but will not impact any background searches, such as scheduled search, monitors, SLO, and API.
+    - **Only allow background query scans**. A warning message will be displayed if you run a query that exceeds the budget set. This will block the foreground searches but will not impact any background searches/automated queries.
+    :::info
+    Sumo Logic defines scan as two types:
+    - **Foreground interactive search**. Search page UI, Copilot, and Dashboards.
+    - **Background search**. API, Scheduled Search, Monitors, and SLO. 
+    :::
 1. **Details**. Enter the name for the scan budget.<br/><img src={useBaseUrl('/img/manage/account/create-scan-budget.png')} alt="create-scan-budget" style={{border:'1px solid gray'}} width="650"/>
 1. Click **Save** to create the scan budget.
 
diff --git a/docs/search/copilot.md b/docs/search/copilot.md
@@ -45,14 +45,14 @@ Copilot reduces manual effort by combining prebuilt insights with natural langua
 * **Conversation history**. Save and resume any troubleshooting session without losing context.
 * **Auto-visualize**. Copilot renders charts based on search results automatically. These charts can be added to dashboards from within Copilot.
 
-## Security and compliance
+## Security compliance and legal
 
-Copilot leverages foundational models available through Amazon Bedrock. As a result, our Copilot compliance and security posture are inherited from Amazon Bedrock. Refer to the following resources for Amazon Bedrock security and compliance:
+Copilot leverages foundational models available through Amazon Bedrock. As a result, our Copilot compliance and security posture are inherited from Amazon Bedrock. For detailed information, refer to the following Amazon Bedrock security and compliance resources:
 
 * [Security in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/security.html)
 * [Amazon Bedrock Security and Privacy](https://aws.amazon.com/bedrock/security-compliance/)
 
-Over and above, all aspects of our service, including Copilot, conform to the security and compliance requirements in our [Service Agreement](https://www.sumologic.com/service-agreement).
+Additionally, all aspects of our service, including Copilot, adhere to the security and compliance requirements outlined in our [service agreement](https://www.sumologic.com/service-agreement) or in individually negotiated contracts. 
 
 ### Who benefits from Copilot?
 
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/workday-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/workday-source.md
@@ -132,6 +132,7 @@ To resolve this:
 1. Check if you have such an authentication policy enabled. If by default your users' login via SSO then you may have to exclude the ISU Security Group to allow it to use username and password by creating a separate authentication policy.
 1. Try changing the Session Timeout Minutes to 0 as shown in the article https://www.sora.co/help/configuring-your-workday-integration.
 1. Exempt user from password expiration as shown in the article https://www.sora.co/help/configuring-your-workday-integration.
+1. Configure the user login to skip security questions, if any.
 
 Below is the section for common errors for **Activity Logs**.
 
diff --git a/docs/send-data/kubernetes/collecting-logs.md b/docs/send-data/kubernetes/collecting-logs.md
diff --git a/package.json b/package.json
diff --git a/yarn.lock b/yarn.lock
