Copilot fixes (#4791)

* Copilot GA

* add article ref

* Edits per BA

* edits per BA

* expand on glossary

* add more best practices

* minor fix

* Update docs/search/copilot.md

* Delete blog-service/2024-12-02-search-copilot.md

* Update docs/search/copilot.md

* sidebar

* add back preview

* Copilot fixes

* imgs

* note fix

* More edits per BA

* add opt out info

Author: kimsauce

docs/search/copilot.md

@@ -68,13 +68,15 @@ In this section, you'll learn the recommended workflow for using Copilot effecti
 
 To start using Copilot:
 
-From the [**Classic UI**](/docs/get-started/sumo-logic-ui-classic), navigate to the **Copilot** tab.<br/><img src={useBaseUrl('img/search/copilot/copilot-tab.png')} alt="Copilot tab" style={{border: '1px solid gray'}} width="200" />
+From the [**Classic UI**](/docs/get-started/sumo-logic-ui-classic), navigate to the **Copilot** tab.<br/><img src={useBaseUrl('img/search/copilot/copilot-tab.png')} alt="Copilot tab" style={{border: '1px solid gray'}} width="250" />
 
-From the [**New UI**](/docs/get-started/sumo-logic-ui), click **Copilot** in the left nav.<br/><img src={useBaseUrl('img/search/copilot/copilot-tab-new.png')} alt="Copilot tab" style={{border: '1px solid gray'}} width="200" />
+From the [**New UI**](/docs/get-started/sumo-logic-ui), click **Copilot** in the left nav.<br/><img src={useBaseUrl('img/search/copilot/copilot-tab-new.png')} alt="Copilot tab" style={{border: '1px solid gray'}} width="250" />
 
 ### Step 2: Review the auto-selected source
 
-Review the auto-selected **Source Category** and adjust it if needed. The source category is selected based on Copilot’s assessment of user intent. You can also type a source expression in the box. In either approach, you are defining the scope of your exploration. In this example, we'll select a source for AWS WAF. For indexes, type `_index=<index name>`.
+Review the auto-selected **Source Category** and adjust it if needed. The source category is selected based on Copilot’s assessment of user intent. You can also type a source expression in the box. In either approach, you are defining the scope of your exploration.
+
+In this example, we'll select a source for AWS WAF. For indexes, type `_index=<index name>`. Autocompletion is supported for sources; type a few words, view source suggestions and pick one.
 
 <img src={useBaseUrl('img/search/copilot/source-category.png')} alt="Copilot source category" style={{border: '1px solid gray'}} width="600" />
 
@@ -86,9 +88,9 @@ In this example, we'll click `Count the number of log entries by the collector I
 
 <img src={useBaseUrl('img/search/copilot/suggestions.png')} alt="Copilot time period" style={{border: '1px solid gray'}} width="600" />
 
-#### Ask a question
+### Step 4: Ask a question
 
-In the **Ask Something...** field, you can manually enter a natural language prompt similar to the prebuilt ones under **Suggestions**. In addition, use autocompletions if appropriate. Type a work in the search bar to trigger completions based on the keyword.
+In the **Ask Something...** field, you can manually enter a natural language prompt similar to the prebuilt ones under **Suggestions**. In addition, use autocompletions if appropriate. Type a word in the search bar to trigger completions based on the keyword.
 
 <!-- TO DO BA to upload to YouTube DEMO: https://drive.google.com/file/d/10XUn4DQD3K91V3Qf5heCizkHJneTaBJ7/view?usp=sharing
 -->
@@ -104,16 +106,22 @@ Break your questions into smaller, specific requirements to help Copilot provide
 see https://drive.google.com/file/d/10XUn4DQD3K91V3Qf5heCizkHJneTaBJ7/view?usp=sharing
 --->
 
-Copilot is built on [Sumo Logic search query language](/docs/search/search-query-language). Below are key functions you can call using natural language prompts:
+##### Tips and tricks
 
-* `Count logs by` [field(s)]
-* `Group logs by` [field(s)]
+* **Start with a broad query**. Begin with a query like `Show me the most recent logs` to understand the structure and available fields in your logs.  
+* **Disambiguate field names**. If fields have similar names and cause confusion, explicitly specify the field (e.g., `<field_name>`) to improve accuracy.  
+* **Experiment with phrasing**. Try multiple variations of a query to provide context and receive more relevant suggestions.  
+* **Include time or variations to add `timeslice` as a dimension**. When timeslicing data, include the term `time` in your query. For example: `Count requests, every 1m, different code challenges and user used during login attempts by time`.
+
+Below are examples of how you can phrase queries if the autocompletions and contextual suggestions are not relevant to you:
+
+* `Count logs by` [field(s)] and `Group logs by` [field(s)] produce the same result
 * `Sort by` [field(s)] [in descending order]
-* `Percentage breakdown in` [field] `values`
+* `Percentage by` [field] `values`
 * `Find` [stat] `for` [field] (max, min, standard deviation, etc.)
 * `Filter by` [field] `contains` [keyword]
    :::note
-   Keyword searches are case-sensitive
+   Keyword searches are case-sensitive.
    :::
 * `Apply logreduce to logs`
 
@@ -122,13 +130,6 @@ Additional prompts can trigger more advanced activities (e.g., mapping network a
 * `Analyze risk and severity of network activity`
 * `Identify top application categories accessed`
 
-##### Tips and tricks
-
-* **Start with a broad query**. Begin with a query like `Show me the most recent logs` to understand the structure and available fields in your logs.  
-* **Clarify field names**. If fields have similar names and cause confusion, explicitly specify the field (e.g., `<field_name>`) to improve accuracy.  
-* **Experiment with phrasing**. Try multiple variations of a query to provide context and receive more relevant suggestions.  
-* **Include time for timeslicing**. When timeslicing data, include the term `time` in your query. For example: `Count requests, every 1m, different code challenges and user used during login attempts by time`.
-
 #### Time range
 
 By default, Copilot searches run with a 15-minute time range. If your search returns no results, consider expanding the time range.
@@ -197,7 +198,7 @@ Second, you can resume from a specific query in a conversation by clicking on th
 To start a fresh exploration, click **New Conversation**. This clears your current session and allows you to begin with a clean slate.<br/><img src={useBaseUrl('img/search/copilot/new-conversation.png')} alt="Copilot new conversation" style={{border: '1px solid gray'}} width="700" />
 
 
-### Step 4: Open in Log Search
+### Step 5: Open in Log Search
 
 Click the **Open in Log Search** icon, which will copy your query from Copilot over to a new log search, allowing you to utilize all of Sumo Logic's search functionality. You can continue investigating, save the search, and remediate.
 
@@ -264,7 +265,7 @@ To summarize, you conclude there is malicious activity originating from certain
 
 ## Role Based Access Control
 
-Role Based Access Control is not supported for contextual suggestions and autocompletions. It is possible for a user who is blocked by [log search RBAC](/docs/manage/users-roles/roles/construct-search-filter-for-role/) to view suggestions or completions for unpermitted source expressions. However, they will not be executed by the search and will see the error: `""`.
+Role Based Access Control is not supported for contextual suggestions and autocompletions. It is possible for a user who is blocked by [log search RBAC](/docs/manage/users-roles/roles/construct-search-filter-for-role/) to view suggestions or completions for unpermitted source expressions. However, they will not be executed by the search.
 
 ## Feedback
 
@@ -275,3 +276,7 @@ We want your feedback! Let us know what you think by clicking the thumbs up or t
 You can also leave feedback on errors.
 
 <img src={useBaseUrl('img/search/copilot/feedback-error.png')} alt="Copilot feedback icons" style={{border: '1px solid gray'}} width="800" />
+
+## Opt out
+
+To opt out of Copilot, contact our [support team](https://support.sumologic.com/support/s/).