Next set

Author: jpipkin1

docs/cse/get-started-with-cloud-siem/about-cse-insight-ui.md

@@ -6,6 +6,7 @@ description: Learn about the contents of the insights UI in Cloud SIEM.
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe'; 
 
 This topic describes the Cloud SIEM UI for working with insights. 
 
@@ -231,8 +232,23 @@ In addition, the following can appear in the graph:
 * **Threat indicators**. Any entity with a threat indicator will have an additional icon in the upper right. If the threat indicator is Malicious or Suspicious, the entity will be highlighted in red or yellow accordingly.
 * **Hover**. If you hover over an entity, it and all connections to it will be highlighted in blue. If its value is not fully visible by default, the full value will be displayed.
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn more about the entity relationship graph.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/7kpacy65bq?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Cloud SIEM Entity Timeline &amp; Relationship Graph Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/GTTwjB8y_5k?rel=0"
         width="854px"
         height="480px"
@@ -243,8 +259,9 @@ Watch this micro lesson to learn more about the entity relationship graph.
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe'; 
+:::
 
 #### Entity details in the right pane
 

docs/cse/get-started-with-cloud-siem/insight-generation-process.md

@@ -6,13 +6,28 @@ description: Learn how Cloud SIEM correlates signals by entity to create insight
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe'; 
 
 This page explains Cloud SIEM's insight generation process. 
 
 The concept of an *entity* is central to the process Cloud SIEM uses to correlate signals and create insights. So, what is an entity? In Cloud SIEM, an entity is a actor, for example, a  hostname, username, or MAC address encountered in an incoming message. For more information about entities and entity types, see [View and Manage Entities](/docs/cse/records-signals-entities-insights/view-manage-entities).
 
+:::sumo Micro Lesson
 Watch this micro lesson to learn how insights are created.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/5un1z2hwoe?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: How are Insights Created? Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/MjzJlozR6mE?rel=0"
         width="854px"
         height="480px"
@@ -23,9 +38,9 @@ Watch this micro lesson to learn how insights are created.
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe'; 
-
+:::
 
 ## Entities in messages are mapped to entity-type schema attributes
 

docs/cse/ingestion/sumo-logic-ingest-mapping.md

@@ -6,15 +6,31 @@ description: Learn how to configure Sumo Logic and Cloud SIEM to enable Sumo Log
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe'; 
 
 This topic has instructions for creating a Cloud SIEM ingest mapping for a data source. An ingest mapping gives Cloud SIEM the information it needs in order to map message fields to record attributes. These are referred to as mapping hints, and include: Format, Vendor, Product, and Event ID Pattern.
 
 :::note
 The use of ingest mappings is recommended only if there is no Sumo Logic parser or Cloud-to-Cloud connector for the target data source. For more information, see [Cloud SIEM Ingestion Best Practices](/docs/cse/ingestion/cse-ingestion-best-practices/).
 :::
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn more about ingest mapping for Cloud SIEM:
 
+<Iframe url="https://fast.wistia.net/embed/iframe/vv7p1hquqj?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Preprocessing Data for Ingestion into Cloud SIEM Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/luPl_IB9b8A?rel=0"
         width="854px"
         height="480px"
@@ -25,11 +41,24 @@ Watch this micro lesson to learn more about ingest mapping for Cloud SIEM:
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe'; 
 
 Watch this micro lesson to learn about forwarding ingested data to Cloud SIEM:
 
+<Iframe url="https://fast.wistia.net/embed/iframe/krg64dumyv?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Forward data from Sumo Logic to Cloud SIEM Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/XCcu-YU9B5U?rel=0"
         width="854px"
         height="480px"
@@ -40,7 +69,9 @@ Watch this micro lesson to learn about forwarding ingested data to Cloud SIEM:
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
+:::
 
 ## Before you start
 

docs/cse/records-signals-entities-insights/global-intelligence-security-insights.md

@@ -5,11 +5,27 @@ description: Insight Confidence scores, predicted by Sumo Logic’s Global Intel
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe';
 
 This page describes Global Intelligence for security insights, implemented in Cloud SIEM as Global Confidence scores. This feature helps security analysts triage and prioritize insights.
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn more about Global Intelligence for insights.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/d5ue1hgvdw?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Cloud SIEM Global Intelligence for Security Insights Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/toAvKsfVbHc?rel=0"
      width="854px"
      height="480px"
@@ -20,8 +36,9 @@ Watch this micro lesson to learn more about Global Intelligence for insights.
      allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
      allowfullscreen
      />
+-->
 
-import Iframe from 'react-iframe';
+:::
 
 ## What is a Global Confidence score?
 An insight’s Global Confidence score represents a level of confidence, predicted by Sumo Logic’s Global Intelligence machine learning model, that the insight is actionable. 

docs/cse/records-signals-entities-insights/view-manage-entities.md

@@ -9,15 +9,31 @@ keywords:
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe'; 
 
 This topic has information about the **Entities** page in Cloud SIEM UI, which lists all of the entities in Cloud SIEM and their activity scores, and the **Entities > Details** page, which presents information about a particular entity, including signals and insights associated with the entity.
 
 The **Entities** page is useful for monitoring entities that are close to having an insight created. On the **Entities > Details** page, you can view signals and insights for an entity, and, as desired, manually create an insight from signals associated with the entity.
 
 You can also update the [tags](/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules/), [suppression](/docs/cse/records-signals-entities-insights/about-signal-suppression/) state, and [criticality](/docs/cse/records-signals-entities-insights/entity-criticality/) assigned to entities, as described below in the [Update multiple entities](#update-multiple-entities) section below. 
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn more about entities.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/jq0zuj302u?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Cloud SIEM Entities Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/cIpLaDQAOAw?rel=0"
         width="854px"
         height="480px"
@@ -28,8 +44,9 @@ Watch this micro lesson to learn more about entities.
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe'; 
+:::
 
 ## About entities
 

docs/cse/rules/about-cse-rules.md

@@ -6,6 +6,7 @@ description: Learn about Cloud SIEM rules, rules syntax, and how to write rules.
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe'; 
 
 A Cloud SIEM rule is logic that fires based on information in incoming records. When a rule fires, it creates a signal.
 
@@ -17,8 +18,23 @@ A Cloud SIEM rule is logic that fires based on information in incoming records.
 For a complete list of out-of-the-box rules, see [Rules](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/rules/README.md) in the [Cloud SIEM Content Catalog](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/README.md).
 :::
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn more about rules.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/p9g2m0c62a?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Understanding Cloud SIEM Rules Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/RVGk2dDeHmk?rel=0"
         width="854px"
         height="480px"
@@ -29,9 +45,9 @@ Watch this micro lesson to learn more about rules.
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe'; 
-
+:::
 
 ## About rule expressions
 

docs/cse/rules/insight-trainer.md

@@ -10,11 +10,27 @@ keywords:
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe';
 
 [Cloud SIEM - Insight Trainer](/docs/integrations/sumo-apps/cse#insight-trainer) is a dashboard in the Enterprise Audit - Cloud SIEM app. Insight Trainer offers suggestions for making adjustments to rules, such as writing rule tuning expressions and changing severities. Implementing the recommendations causes rules to be more effective at creating high-fidelity signals, resulting in generation of more meaningful insights. 
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn how to use the Insight Trainer dashboard.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/9t416emj4w?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Cloud SIEM Insight Trainer Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/I90Wsjp5XPA?rel=0"
         width="854px"
         height="480px"
@@ -25,8 +41,9 @@ Watch this micro lesson to learn how to use the Insight Trainer dashboard.
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe';
+:::
 
 ## About Insight Trainer
 

docs/cse/rules/rule-tuning-expressions.md

@@ -6,6 +6,7 @@ description: Rule tuning expressions allow you to tailor the logic of a built-in
 ---
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
+import Iframe from 'react-iframe'; 
 
 This topic has instructions for creating and using tuning expressions for rules.
 
@@ -41,8 +42,23 @@ Here’s what the example tuning expression looks like in the Cloud SIEM UI.
 
 Writing a tuning expression is just like writing a rule expression. A tuning expression can use metadata, record fields, and Cloud SIEM [rules language](/docs/cse/rules/cse-rules-syntax) functions. For more information, see [About rule expressions](/docs/cse/rules/about-cse-rules#about-rule-expressions).
 
+:::sumo Micro Lesson
+
 Watch this micro lesson to learn how to create a rule tuning expression.
 
+<Iframe url="https://fast.wistia.net/embed/iframe/ds88r31lqp?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  title="Micro Lesson: Rule Tuning in Cloud SIEM Video"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+<!-- old
 <Iframe url="https://www.youtube.com/embed/3BUKLtJtPI8?rel=0"
         width="854px"
         height="480px"
@@ -53,8 +69,9 @@ Watch this micro lesson to learn how to create a rule tuning expression.
         allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
         allowfullscreen
         />
+-->
 
-import Iframe from 'react-iframe'; 
+:::
 
 ## Create a tuning expression