Merge branch 'main' into Varonis-(C2C-source)

Author: amee-sumo

CONTRIBUTING.md

@@ -1,3 +1,3 @@
 # Contributing
 
-Please see the [Contributor Guidelines](https://help.sumologic.com/docs/contributing) published on our docs site.
+Please see the [Contributor Guidelines](https://www.sumologic.com/help/docs/contributing) published on our docs site.

README.md

@@ -1,11 +1,11 @@
-<img src="https://help.sumologic.com/img/reuse/sumo-docs-readme.png" width="400"/>
+<img src="https://www.sumologic.com/help/img/reuse/sumo-docs-readme.png" width="400"/>
 
 <p>
   <a href="https://github.com/SumoLogic/sumologic-documentation/blob/main/.github/workflows/production.yml"><img src="https://github.com/SumoLogic/sumologic-documentation/actions/workflows/production.yml/badge.svg" alt="GitHub Actions status"></a>
-  <a href="https://help.sumologic.com/docs/contributing"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg" alt="PRs Welcome"></a>
+  <a href="https://www.sumologic.com/help/docs/contributing"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg" alt="PRs Welcome"></a>
   <a href="LICENSE"><img src="https://img.shields.io/github/license/sourcerer-io/hall-of-fame.svg?colorB=ff0000"></a>
   <a href="https://x.com/SumoLogic"><img src="https://img.shields.io/twitter/follow/sumologic.svg?style=social" alt="Twitter Follow" /></a>
-  <a href="https://help.sumologic.com/release-notes-service"><img src="https://img.shields.io/badge/RSS-FFA500?style=for-the-badge&logo=rss&logoColor=white" alt="RSS Follow" width="50"/></a>
+  <a href="https://www.sumologic.com/help/release-notes-service"><img src="https://img.shields.io/badge/RSS-FFA500?style=for-the-badge&logo=rss&logoColor=white" alt="RSS Follow" width="50"/></a>
 </p>
 
 Sumo Docs is the open-source documentation site for Sumo Logic, an all-in-one cloud data analytics platform built to support security, operations, and business intelligence use cases. Sumo Logic empowers users to monitor, analyze, troubleshoot, and visualize data from their applications and network environments in real time. Its elastic processing capabilities enable seamless log data collection and management from various sources, regardless of type, volume, or location. Learn more at [sumologic.com](https://www.sumologic.com).
@@ -55,14 +55,14 @@ To contribute to Sumo Docs, ensure you have the following tools installed:
 
 ## Apply your changes
 
-Make edits using [Markdown syntax](https://help.sumologic.com/docs/contributing/style-guide/#markdown). Keep contributions concise, informative, and aligned with our guidelines.
+Make edits using [Markdown syntax](https://www.sumologic.com/help/docs/contributing/style-guide/#markdown). Keep contributions concise, informative, and aligned with our guidelines.
 
-Refer to our [Contributor Guidelines](https://help.sumologic.com/docs/contributing/create-edit-doc/#edit-a-doc) for more information on:
+Refer to our [Contributor Guidelines](https://www.sumologic.com/help/docs/contributing/create-edit-doc/#edit-a-doc) for more information on:
 - Markdown editing
 - Proposing bug fixes
 - Testing your changes
 
-All contributions must follow our [Style Guide](https://help.sumologic.com/docs/contributing/style-guide/).
+All contributions must follow our [Style Guide](https://www.sumologic.com/help/docs/contributing/style-guide/).
 
 ## Building locally
 

blog-collector/2025-09-09-otel.md

@@ -1,6 +1,6 @@
 ---
 title: Remote Management for OpenTelemetry Collector (OpenTelemetry Collector)
-image: https://help.sumologic.com/img/reuse/rss-image.jpg
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
 keywords:
   - collection
   - opentelemetry
@@ -12,4 +12,4 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 We're happy to announce that Sumo Logic now enables you to add the collector timezone for OpenTelemetry collectors through the UI in the OpenTelemetry collector create flow. You can select the timezone of your choice while creating the collector. If you do not make a selection, the timezone will be set to `(UTC) Etc/UTC` by default.
 
-[Learn more](/docs/send-data/opentelemetry-collector/install-collector/linux).
+[Learn more](/docs/send-data/opentelemetry-collector/install-collector/linux).

blog-collector/2025-09-10-otel.md

@@ -1,6 +1,6 @@
 ---
 title: Remote Management for OpenTelemetry Collector (OpenTelemetry Collector)
-image: https://help.sumologic.com/img/reuse/rss-image.jpg
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
 keywords:
   - collection
   - opentelemetry

blog-collector/2025-10-13-installed.md

@@ -0,0 +1,11 @@
+---
+title: Version 19.533-5 (Installed Collector)
+hide_table_of_contents: true
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+Sumo Logic has been using Java 8 for its Installed Collectors until now. However, with Java 8 reaching its end of public updates in January 2019, and with newer Java versions offering significant improvements in both performance and security, we are upgrading our Installed Collectors to Java 17. This upgrade will provide enhanced functionality, better security patches, and overall improved system efficiency.
+
+If you're running a collector with your own custom JRE, ensure the JRE version is 17 or higher. If not, upgrade to Java 17 or a more recent version. [Learn more](/docs/send-data/collection/upgrade-collectors/#upgradecollectors-to-the-latest-build).

blog-cse/2025-09-22-application.md

@@ -1,6 +1,6 @@
 ---
 title: September 22, 2025 - Application Update
-image: https://help.sumologic.com/img/reuse/rss-image.jpg
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
 keywords:
   - insights
 hide_table_of_contents: true    

blog-cse/2025-10-10-content.md

@@ -0,0 +1,35 @@
+---
+title: October 10, 2025 - Content Release
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+keywords:
+  - log mappers
+hide_table_of_contents: true    
+---
+
+This content release includes:
+    - New and updated rules.
+    - Updated Threat Intelligence rules with match lists which can be populated with exclusions to prevent the generation of undesired signals.
+    - Mapping update.
+
+Changes are enumerated below.
+
+## Rules
+- [New] CHAIN-S00023 Administrative Remote Interactive Brute Force Login
+    <br/>This rule correlates a high number of failed authentication attempts with  a successful remote interactive login (such as via RDP) coming from the same source IP address and user account. 
+- [New] CHAIN-S00024 RDP Brute Force Login Attempt
+    <br/>This rule correlates a high number of failed authentication attempts with repeated inbound connections over port 3389 (the default RDP port).
+- [New] MATCH-S01056 Administrative Remote Interactive Login
+    <br/>This rule triggers on a successful remote interactive login (such as via RDP) of a privileged user.
+- [Updated] MATCH-S00139 Abnormal Parent-Child Process Combination
+    <br/>Updated to reduce false positive matches for certain parent-child process combinations.
+- [Updated] MATCH-S01024 Threat Intel - Destination IP Address (High Confidence)
+- [Updated] MATCH-S01026 Threat Intel - Destination IP Address (Low Confidence)
+- [Updated] MATCH-S01028 Threat Intel - Destination IP Address (Medium Confidence)
+- [Updated] MATCH-S01023 Threat Intel - Inbound Traffic from Threat Feed IP (High Confidence)
+- [Updated] MATCH-S01025 Threat Intel - Inbound Traffic from Threat Feed IP (Low Confidence)
+- [Updated] MATCH-S01027 Threat Intel - Inbound Traffic from Threat Feed IP (Medium Confidence)
+- [Updated] MATCH-S01018 Threat Intel - Successful Authentication from Threat Feed IP
+
+## Log Mappers
+- [Updated] Slack Anomaly Event
+    <br/>Updated to include `threat_name` mapping for improved context in alerts.

blog-csoar/2024/12-31.md

@@ -320,7 +320,7 @@ The Python upgrade impacts a total of 38 integrations. These integrations will r
 
 Please be aware that with this update, the output from certain actions may no longer be displayed as expected if they were customized in your current setup. This is an important consideration for your workflows, and we recommend reviewing any customizations you have in place.
 
-To facilitate a smooth transition, we have prepared a straightforward guide to assist you in updating your integrations. This guide outlines the steps you need to take to ensure your integrations work seamlessly with Python 3.12. <a href="/files/updating-app-central-integrations.pdf" target="_blank">Click here for the "Updating App Central Integrations" guide</a>.
+To facilitate a smooth transition, we have prepared a straightforward guide to assist you in updating your integrations. This guide outlines the steps you need to take to ensure your integrations work seamlessly with Python 3.12. <a href={useBaseUrl('files/updating-app-central-integrations.pdf')} target="_blank">Click here for the "Updating App Central Integrations" guide</a>.
 
 Below is the full list of integrations that will be affected by the Python upgrade. Please review this list to determine which integrations in your environment will require attention.
 

blog-csoar/2025-09-10-application-update.md

@@ -1,7 +1,7 @@
 ---
 title: September 10, 2025 - Application Update
 hide_table_of_contents: true
-image: https://help.sumologic.com/img/reuse/rss-image.jpg
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
 keywords:
   - automation service
   - cloud soar

blog-service/2025-07-14-apps.md

@@ -1,6 +1,6 @@
 ---
 title: Google Cloud Security Command Center (Apps)
-image: https://help.sumologic.com/img/sumo-square.png
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
 keywords:
   - apps
   - cloud-security-command-center