Merge branch 'main' into app+c2c-installation-flow-update-(Apps)

Author: amee-sumo

blog-csoar/2025-02-06-application-update.md

@@ -0,0 +1,35 @@
+---
+title: February 6, 2025 - Application Update
+keywords:
+  - sumo logic
+  - cloud soar
+image: https://help.sumologic.com/img/sumo-square.png
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-csoar/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+### Changes and Enhancements
+
+#### Platform
+
+🚀 **New feature release: Autosave for playbooks**
+
+We’re excited to introduce [autosave for playbooks](/docs/platform-services/automation-service/automation-service-playbooks/#autosave), a feature designed to make workflow changes seamless by automatically saving your progress as draft and preventing accidental data loss. Here's what's new:
+* Playbooks now automatically save your changes, including node updates, connections, and position adjustments. 
+* Multiple changes made in quick succession are saved together to improve performance. 
+* Visual indicators display the saving status whether in progress, successfully saved, or failed. 
+* Warnings appear when users attempt to close or navigate away from a playbook with unsaved changes. 
+* Users can enable or disable auto-save as needed.
+
+##### AuditService:
+
+* Removed the `Body` field from the email audit log to enhance security and optimize log storage
+
+#### Bug Fixes
+
+* Playbooks:
+    * Fixed granular field path drill-down in textArea for arrays with array output fields. 
+    * Resolved issue where the Authorizer value in playbook action nodes was not persisting on the UI.

blog-csoar/2025-02-06-content.md

@@ -0,0 +1,23 @@
+---
+title: February 6, 2025 - Content Release
+hide_table_of_contents: true
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - automation service
+  - cloud soar
+  - soar
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-csoar/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+This release introduces new integrations, new playbooks, and several updates.
+
+### Integrations
+
+* [Updated] [Darktrace](/docs/platform-services/automation-service/app-central/integrations/darktrace)
+* [Updated] [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools)
+* [Updated] [ServiceNow V2](/docs/platform-services/automation-service/app-central/integrations/servicenow-v2)
+* [Updated] [Slack](/docs/platform-services/automation-service/app-central/integrations/slack)
+* [Updated] [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem)

blog-service/2025-02-04-apps.md

@@ -0,0 +1,14 @@
+---
+title: Code42 Incydr (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - code42-incydr
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce the new Code42 Incydr app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Code42 Incydr source that collects audits, file events, and user sessions data from the Code42 Incydr platform. This app helps security analysts monitor, detect, and respond to potential data threats across an organization. [Learn more](/docs/integrations/saas-cloud/code42-incydr/).

cid-redirects.json

@@ -1842,6 +1842,7 @@
   "/cid/21222": "/docs/integrations/saas-cloud/microsoft-exchange-trace-logs",
   "/cid/1961": "/docs/integrations/amazon-aws/elasticache",
   "/cid/1962": "/docs/integrations/saas-cloud/cloudflare",
+  "/cid/1995": "/docs/integrations/saas-cloud/code42-incydr",
   "/cid/1963": "/docs/integrations/sumo-apps/enterprise-audit",
   "/cid/1964": "/docs/integrations/security-threat-detection/f5-big-ip-ltm",
   "/cid/1965": "/docs/integrations/security-threat-detection/netskope",

docs/api/index.md

@@ -217,7 +217,7 @@ To connect with other Sumo Logic users, post feedback, or ask a question, visit
 </div>
 <div className="box smallbox card">
   <div className="container">
-  <a href="/docs/api/service-map"><img src={useBaseUrl('img/apm/traces/servicemap.png')} alt="Thumbnail icon" width="50"/><h4>Service Map</h4></a>
+  <a href="/docs/api/service-map"><img src={useBaseUrl('img/apm/services-map-icon.png')} alt="Thumbnail icon" width="50"/><h4>Service Map</h4></a>
   </div>
 </div>
 <div className="box smallbox card">

docs/api/service-map.md

@@ -10,7 +10,7 @@ import ApiErrors from '../reuse/api-errors.md';
 import ApiIntro from '../reuse/api-intro.md';
 import ApiRoles from '../reuse/api-roles.md';
 
-<img src={useBaseUrl('img/apm/traces/servicemap.png')} alt="Thumbnail icon" width="50"/>
+<img src={useBaseUrl('img/apm/services-map-icon.png')} alt="Thumbnail icon" width="50"/>
 
 The Service Map API allows you to fetch a graph representation of the Service Map, which is a high-level view of your application environment, automatically derived from tracing data. For more information, see [Service Map](/docs/apm/services-list-map).
 

docs/cse/administration/create-use-network-blocks.md

@@ -50,13 +50,14 @@ When Cloud SIEM looks for the network block address `10.128.0.1`, it will ret
 
 Follow these instructions to create a network block using the Cloud SIEM UI. For information about creating multiple network blocks by file upload, see [Upload a CSV file of network blocks](#upload-a-csv-file-of-network-blocks).
 
-1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Content > Network Blocks**.  <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the main Sumo Logic menu, select **Cloud SIEM > Network Blocks**. You can also click the **Go To...** menu at the top of the screen and select **Network Blocks**. 
-1. On the **Create Network Block** popup:
+1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu select **Content > Network Blocks**.  <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the main Sumo Logic menu, select **Cloud SIEM > Network Blocks**. You can also click the **Go To...** menu at the top of the screen and select **Network Blocks**.
+1. Click **Add Network Block**.
+1. On the **Add Network Block** popup:
     1. **Address Block**. Enter a CIDR block that identifies a contiguous range of IP addresses.
     1. **Label**. Enter a meaningful name for the network block.
     1. **Internal**. Leave the toggle switched to the right (green) if you want to mark IP addresses that match the network block as Internal. This allows you to filter on the IP addresses in rule expressions, as described below in [Using enrichment fields](#using-enrichment-fields), below.
     1. **Suppress Signals**. Leave the toggle switched to the left (red) if you do not want to suppress signals on IP addresses in the network block. Otherwise, switch the toggle to the right (green).
-    1. Click **Create**. <br/><img src={useBaseUrl('img/cse/create-network-block.png')} alt="Create network block" style={{border: '1px solid gray'}} width="400"/>
+    1. Click **Save**. <br/><img src={useBaseUrl('img/cse/create-network-block.png')} alt="Create network block" style={{border: '1px solid gray'}} width="400"/>
 
 ## Upload a CSV file of network blocks
 

docs/cse/administration/index.md

@@ -19,7 +19,7 @@ Learn about onboarding tasks and best practices for Cloud SIEM administrators. I
 <div className="box smallbox card">
   <div className="container">
   <a href="/docs/cse/administration/create-use-network-blocks"><img src={useBaseUrl('img/icons/operations/microservices.png')} alt="Network icon" width="40"/><h4>Network Blocks</h4></a>
-  <p>Learn about Network Blocks, their purpose, and instructions for setting them up and using them.</p>
+  <p>Learn about network blocks, their purpose, and instructions for setting them up and using them.</p>
   </div>
 </div>
 <div className="box smallbox card">

docs/cse/get-started-with-cloud-siem/intro-for-analysts.md

@@ -400,7 +400,7 @@ But what if you want to be alerted right away when a certain rule is triggered?
 You want to be alerted right away when your new custom match rule is triggered. Create a custom insight that looks for only this rule.
 
 1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the top menu, select **Content > Custom Insights**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the main Sumo Logic menu, select **Cloud SIEM > Custom Insights**. You can also click the **Go To...** menu at the top of the screen and select **Custom Insights**.
-1. Click **Create**.
+1. Click **Add Custom Insight**.
 1. Give your custom insight a name.
 1. Under **When Signals are created from the following** select **rules**.
 1. In **Type to add a rule**, search for the rule you created in [Write a match rule](#write-a-match-rule) and add it to your custom insight.

docs/cse/ingestion/cse-ingestion-best-practices.md

@@ -10,7 +10,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 This topic has information about sending log messages collected by a Sumo Logic Source or Cloud-to-Cloud Connector on to Cloud SIEM to be transformed into records. 
 
 :::note
-Cloud SIEM must be enabled in your Sumo Logic account in order to send data from Sumo Logic to Cloud SIEM. If it isn’t, contact your Sumo Logic Technical Account Manager or Sales Engineer.
+Cloud SIEM must be enabled in your Sumo Logic account in order to send data from Sumo Logic to Cloud SIEM. If it isn’t, contact your Sumo Logic Technical Account Engineer or Sales Engineer.
 :::
 
 The process consists of configuring a source or collector to forward messages to Cloud SIEM, and ensuring that the forwarded messages are correctly tagged with the information Cloud SIEM needs in order to map messages fields to record attributes. These are referred to as *mapping hints*, and include: Format, Vendor, Product, and an Event ID template.