SumoLogic
diff --git a/‎docs/integrations/web-servers/nginx-ingress.md‎
Lines changed: 17 additions & 111 deletions b/‎docs/integrations/web-servers/nginx-ingress.md‎
Lines changed: 17 additions & 111 deletions
diff --git a/‎docs/integrations/web-servers/nginx-plus-ingress.md‎
Lines changed: 14 additions & 74 deletions b/‎docs/integrations/web-servers/nginx-plus-ingress.md‎
Lines changed: 14 additions & 74 deletions
@@ -35,18 +35,15 @@ In a Kubernetes environment, we use our Sumo Logic Kubernetes collection. You ca
 
 Configuring log and metric collection for the Nginx Ingress app includes the following tasks:
 
-### Step 1: Configure Fields in Sumo Logic
+### Step 1: Fields in Sumo Logic
 
-Create the following Fields in Sumo Logic prior to configuring the collection. This ensures that your logs and metrics are tagged with relevant metadata, which is required by the app dashboards. For information on setting up fields, see [Sumo Logic Fields](/docs/manage/fields).
-
-If you're using Nginx Ingress in a Kubernetes environment, create the fields:
+If you're using Nginx Ingress in a Kubernetes environment, Following fields will be created automatically as a part of app installation process:
 
 * `pod_labels_component`
 * `pod_labels_environment`
 * `pod_labels_webserver_system`
 * `pod_labels_webserver_farm`
 
-
 ### Step 2: Configure Nginx Ingress Logs and Metrics Collection
 
 Sumo Logic supports the collection of logs and metrics data from Nginx Ingress in Kubernetes environments.
@@ -71,112 +68,7 @@ It’s assumed that you are using the latest helm chart version if not please up
   **Do not modify** the following values set by this configuration as it will cause the Sumo Logic app to not function correctly.
      * `component: “webserver”`. This value is used by Sumo Logic apps to identify application components.
      * `webserver_system: “nginx_ingress”`. This value identifies the database system.
-4. **Add an FER to normalize the fields in Kubernetes environments.** Labels created in Kubernetes environments automatically are prefixed with `pod_labels`. To normalize these for our app to work, we need to create a Field Extraction Rule if not already created for Proxy Application Components. To do so:
-   1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Logs > Field Extraction Rules**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu select **Configuration**, and then under **Logs** select **Field Extraction Rules**. You can also click the **Go To...** menu at the top of the screen and select **Field Extraction Rules**.  
-   2. Click the **+ Add** button on the top right of the table.
-   3. The **Add Field Extraction Rule** form will appear. Enter the following options:
-     * **Rule Name**. Enter the name as **App Observability - Webserver**.
-     * **Applied At.** Choose **Ingest Time.**
-     * **Scope**. Select **Specific Data.**
-     * **Scope**: Enter the following keyword search expression.
-      ```sql
-        pod_labels_environment=* pod_labels_component=webserver pod_labels_webserver_farm=* pod_labels_webserver_system=*
-      ```
-     * **Parse Expression**. Enter the following parse expression.
-      ```sql
-      if (!isEmpty(pod_labels_environment), pod_labels_environment, "") as environment
-      | pod_labels_component as component
-      | pod_labels_webserver_system as webserver_system
-      | pod_labels_webserver_farm as webserver_farm
-      ```
-
-## Installing Nginx Ingress Monitors
-
-After [setting up collection](/docs/integrations/web-servers/nginx), you can proceed to installing the Nginx Ingress monitors, app, and view examples of each of dashboard.
-* To install these alerts, you need to have the Manage Monitors role capability.
-* Alerts can be installed by either importing a JSON file or a Terraform script.
-
-There are limits to how many alerts can be enabled - for details, see the [Alerts FAQ](/docs/alerts/monitors/monitor-faq.md).
-
-
-### Method A: Import a JSON file
-
-1. Download the [JSON file](https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/blob/main/monitor_packages/nginx-ingress/nginxingress.json) that describes the monitors.
-2. The JSON file contains the alerts that are based on Sumo Logic searches that do not have any scope filters and therefore will be applicable to all Nginx Ingress farms, the data for which has been collected via the instructions in the previous sections. However, if you would like to restrict these alerts to specific farms or environments, update the JSON file by replacing the text `webserver_system=nginx_ingress` with `<Your Custom Filter>`. Custom filter examples:
-   * For alerts applicable only to a specific farm, your custom filter would be: `webserver_farm=nginx-ingress.01`
-   * For alerts applicable to all farms that start with `nginx-ingress`, your custom filter would be: `webserver_system=nginx-ingress*`
-   * For alerts applicable to a specific farm within a production environment, your custom filter would be: `webserver_farm=nginx-ingress-1` AND `environment=dev` (This assumes you have set the optional environment tag while configuring collection)
-3. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Monitoring > Monitors**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the main Sumo Logic menu, select **Alerts > Monitors**. You can also click the **Go To...** menu at the top of the screen and select **Monitors**. 
-4. Click **Add**.
-5. Click Import and then copy-paste the above JSON to import monitors.
-
-The monitors are disabled by default. Once you have installed the alerts using this method, navigate to the Nginx folder under **Monitors** to configure them. See [this](/docs/alerts/monitors) document to enable monitors to send notifications to teams or connections. See the instructions detailed in Step 4 of this [document](/docs/alerts/monitors/create-monitor).
-
-
-### Method B: Using a Terraform script
-
-1. Generate a Sumo Logic access key and access ID for a user that has the Manage Monitors role capability in Sumo Logic using these[ instructions](/docs/manage/security/access-keys#from-the-preferences-page). Identify which deployment your Sumo Logic account is in, using this [link](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security).
-2. [Download and install Terraform 0.13](https://www.terraform.io/downloads.html) or later.
-3. Download the Sumo Logic Terraform package for Nginx Ingress alerts: The alerts package is available in the Sumo Logic GitHub [repository](https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/Nginx%20Ingress). You can either download it through the “git clone” command or as a zip file.
-4. Alert Configuration: After the package has been extracted, navigate to the package directory terraform-sumologic-sumo-logic-monitor/monitor_packages/Nginx Ingress.
-   1. Edit the **nginx_ingress.auto.tfvars** file and add the Sumo Logic Access Key, Access Id and Deployment from Step 1.
-    ```sql
-    access_id   = "<SUMOLOGIC ACCESS ID>"
-    access_key  = "<SUMOLOGIC ACCESS KEY>"
-    environment = "<SUMOLOGIC DEPLOYMENT>"
-    ```
-   The Terraform script installs the alerts without any scope filters, if you would like to restrict the alerts to specific farms or environments, update the variable `nginx_ingress_data_source`. Custom filter examples:
-      * A specific farm `webserver_farm=nginx.ingress.01`.
-      * All farms in an environment `environment=dev`.
-      * For alerts applicable to all farms that start with nginx ingress, your custom filter would be: `webserver_farm=nginx-ingress*`
-      * For alerts applicable to a specific farm within a production environment, your custom filter would be: `webserver_system=nginx_ingress-1` and `environment=dev` (This assumes you have set the optional environment tag while configuring collection)
-
-All monitors are disabled by default on installation, if you would like to enable all the monitors, set the parameter **monitors_disabled** to **false** in this file.
-
-By default, the monitors are configured in a monitor **folder** called “**Nginx Ingress**”, if you would like to change the name of the folder, update the monitor folder name in “folder” key at nginx_ingress.auto.tfvars file.
-
-5. If you would like the alerts to send email or connection notifications, modify the file nginx_ingress_notifications.auto.tfvars and populate `connection_notifications` and `email_notifications` as per below examples.
-
-```bash title="Pagerduty Connection Example"
-connection_notifications = [
-    {
-      connection_type       = "PagerDuty",
-      connection_id         = "<CONNECTION_ID>",
-      payload_override      = "{\"service_key\": \"your_pagerduty_api_integration_key\",\"event_type\": \"trigger\",\"description\": \"Alert: Triggered {{TriggerType}} for Monitor {{Name}}\",\"client\": \"Sumo Logic\",\"client_url\": \"{{QueryUrl}}\"}",
-      run_for_trigger_types = ["Critical", "ResolvedCritical"]
-    },
-    {
-      connection_type       = "Webhook",
-      connection_id         = "<CONNECTION_ID>",
-      payload_override      = "",
-      run_for_trigger_types = ["Critical", "ResolvedCritical"]
-    }
-  ]
-```
-
-Replace `<CONNECTION_ID>` with the connection id of the webhook connection. The webhook connection id can be retrieved by calling the [Monitors API](https://api.sumologic.com/docs/#operation/listConnections).
-
-For overriding payload for different connection types, refer to this [document](/docs/alerts/webhook-connections/set-up-webhook-connections).
-
-```bash title="Email Notifications Example"
-email_notifications = [
-    {
-      connection_type       = "Email",
-      recipients            = ["[email protected]"],
-      subject               = "Monitor Alert: {{TriggerType}} on {{Name}}",
-      time_zone             = "PST",
-      message_body          = "Triggered {{TriggerType}} Alert on {{Name}}: {{QueryURL}}",
-      run_for_trigger_types = ["Critical", "ResolvedCritical"]
-    }
-      ]
-```
-
-6. **Install the Alerts**.
-    1. Navigate to the package directory `terraform-sumologic-sumo-logic-monitor/monitor_packages/**Nginx Ingress**/` and run `terraform init`. This will initialize Terraform and will download the required components.
-    2. Run `terraform plan` to view the monitors which will be created/modified by Terraform.
-    3. Run `terraform apply`.
-7. **Post Installation** If you haven’t enabled alerts and/or configured notifications through the Terraform procedure outlined above, we highly recommend enabling alerts of interest and configuring each enabled alert to send notifications to other users or services. This is detailed in Step 4 of [this document](/docs/alerts/monitors/create-monitor).
-
+4. **FER to normalize the fields in Kubernetes environments**. Labels created in Kubernetes environments automatically are prefixed with `pod_labels`. To normalize these for our app to work, we will have a Field Extraction Rule automatically created for Nginx Application Components named as **AppObservabilityNginxIngressWebserverFER**
 
 ## Installing the Nginx Ingress app
 
@@ -327,6 +219,20 @@ Use this dashboard to:
 
 <img src={useBaseUrl('img/integrations/web-servers/Nginx-Ingress-Controller-Metrics.png')} alt="Nginx-Ingress-Controller-Metrics" />
 
+## Installing Nginx Ingress Monitors
+
+After [setting up collection](/docs/integrations/web-servers/nginx), you can proceed to installing the Nginx Ingress monitors, app, and view examples of each of dashboard.
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+:::note permissions required
+To install these alerts, you need to have the [Manage Monitors role capability](/docs/manage/users-roles/roles/role-capabilities/#alerting).
+:::
+
+:::note
+There are limits to how many alerts can be enabled. For more information, see [Monitors](/docs/alerts/monitors/overview/#rules) for details.
+:::
+
 ## Nginx Ingress Alerts
 
 Sumo Logic has provided out-of-the-box alerts available via [Sumo Logic monitors](/docs/alerts/monitors) to help you quickly determine if the Nginx server is available and performing as expected. These alerts are built based on logs and metrics datasets and have preset thresholds based on industry best practices and recommendations. They are as follows:
 
@@ -118,80 +118,6 @@ Use the following Parse Expression:
 
 To install these alerts, you need to have the[ Manage Monitors](/docs/manage/users-roles/roles/role-capabilities) role capability.
 
-Alerts can be installed by either importing them via a JSON or via a Terraform script.
-
-### Method A: Importing a JSON file
-
-1. Download [this JSON file](https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/blob/main/monitor_packages/nginx-plus-ingress/nginxplusingress.json) describing all the monitors.
-2. Replace **$$logs_data_source** with logs data source.
-    * For example, `_sourceCategory=Labs/NginxIngress/Logs`
-3. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Monitoring > Monitors**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the main Sumo Logic menu, select **Alerts > Monitors**. You can also click the **Go To...** menu at the top of the screen and select **Monitors**. 
-4. Click **Add**.
-1. Click **Import** to import monitors from the JSON above.
-
-The monitors are disabled by default. Once you have installed the alerts via this method, navigate to the **Nginx** **Ingress** folder under **Monitors** to configure them. See [Add a Monitor](/docs/alerts/monitors/create-monitor) to enable monitors, to configure each monitor, to send notifications to teams or connections.
-
-### Method B: Using a Terraform script
-
-1. Generate a Sumo Logic [access key](/docs/manage/security/access-keys#from-the-preferences-page) and access ID for a user that has the[ Manage Monitors](/docs/manage/users-roles/roles/role-capabilities) role capability in Sumo Logic using these instructions. Please identify your Sumo Logic[ deployment](/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security).
-2. [Download and install Terraform 0.13](https://www.terraform.io/downloads.html) or later.
-3. Download the Sumo Logic Terraform package for Nginx Ingress alerts: The alerts package is available in the [Sumo Logic GitHub repository](https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/nginx-plus-ingress). You can either download it via the `git clone` command or as a zip file.
-4. Alert Configuration: After the package has been extracted, navigate to the package directory **terraform-sumologic-sumo-logic-monitor/monitor_packages/nginx-plus-ingress/**. Edit the **nginxplusingress.auto.tfvars** file as per below instructions:
-   1. Add the Sumo Logic Access Key, Access Id, Deployment from Step 1.
-   ```sh
-   access_id   = "<YOUR SUMO ACCESS ID>"
-   access_key  = "<YOUR SUMO ACCESS KEY>"
-   environment = "<DEPLOYMENT>"
-   ```
-   2. Add `Logs_data_source` as the Sumo Logic data source for logs.
-   3. All monitors are disabled by default on installation, if you would like to enable all the monitors, set the parameter **monitors_disabled** to **false**.
-   4. All monitors are configured in a monitor folder called “**Nginx Plus Ingress**”, if you would like to change the name of the folder, update the parameter **folder**.
-5. Email and Connection Notification Configuration Examples: Modify the file **nginxplusingress.auto.tfvars** and populate `connection_notifications` and `email_notifications` as per below examples.
-
-```bash title="Pagerduty Connection Example"
-connection_notifications = [
-    {
-      connection_type       = "PagerDuty",
-      connection_id         = "<CONNECTION_ID>",
-      payload_override      = "{\"service_key\": \"your_pagerduty_api_integration_key\",\"event_type\": \"trigger\",\"description\": \"Alert: Triggered {{TriggerType}} for Monitor {{Name}}\",\"client\": \"Sumo Logic\",\"client_url\": \"{{QueryUrl}}\"}",
-      run_for_trigger_types = ["Critical", "ResolvedCritical"]
-    },
-    {
-      connection_type       = "Webhook",
-      connection_id         = "<CONNECTION_ID>",
-      payload_override      = "",
-      run_for_trigger_types = ["Critical", "ResolvedCritical"]
-    }
-  ]
-```
-
-Replace `<CONNECTION_ID>` with the connection id of the webhook connection. The webhook connection id can be retrieved via calling the [Monitors API](https://api.sumologic.com/docs/#operation/listConnections).
-
-For overriding payload for different connection types, refer to [this document](/docs/alerts/webhook-connections/set-up-webhook-connections).
-
-```bash title="Email Notifications Example:"
-email_notifications = [
-    {
-      connection_type       = "Email",
-      recipients            = ["[email protected]"],
-      subject               = "Monitor Alert: {{TriggerType}} on {{Name}}",
-      time_zone             = "PST",
-      message_body          = "Triggered {{TriggerType}} Alert on {{Name}}: {{QueryURL}}",
-      run_for_trigger_types = ["Critical", "ResolvedCritical"]
-    }
-  ]
-}
-```
-
-6. Install the Alerts:
-   1. Navigate to the package directory **terraform-sumologic-sumo-logic-monitor/monitor_packages/nginx-plus-ingress/** and run `terraform init`. This will initialize Terraform and will download the required components.
-   2. Run `terraform plan` to view the monitors resources which will be created/modified by Terraform.
-   3. Run `terraform apply`.
-7. Post Installation steps: If you haven’t enabled alerts and/or configured notifications via the terraform procedure outlined above, we highly recommend enabling alerts of interest and configuring each enabled alert to send notifications to other people or services. This is detailed in [Step 4](/docs/alerts/monitors/create-monitor).
-
-There are limits to how many alerts can be enabled. See the [Alerts FAQ](/docs/alerts/monitors/monitor-faq.md).
-
-
 ## Installing the Nginx Plus Ingress app
 
 import AppInstall from '../../reuse/apps/app-install.md';
@@ -375,6 +301,20 @@ Use this dashboard to:
 
 <img src={useBaseUrl('img/integrations/web-servers/Nginx-Plus-Ingress-TCP-UDP-Zones.png')} alt="Nginx Plus Ingress" />
 
+## Installing Nginx Plus Monitors
+
+To install these alerts, you need to have the [Manage Monitors](/docs/manage/users-roles/roles/role-capabilities) role capability.
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+:::note permissions required
+To install these alerts, you need to have the [Manage Monitors role capability](/docs/manage/users-roles/roles/role-capabilities/#alerting).
+:::
+
+:::note
+There are limits to how many alerts can be enabled. For more information, see [Monitors](/docs/alerts/monitors/overview/#rules) for details.
+:::
+
 ## Nginx Plus Ingress Alerts
 
 Sumo Logic has provided out-of-the-box alerts available via [Sumo Logic monitors](/docs/alerts/monitors) to help you quickly determine if the Nginx server is available and performing as expected. These alerts are built based on logs and metrics datasets and have preset thresholds based on industry best practices and recommendations.