Merge branch 'main' into v1v2migration-db-apps-doc-updates

Author: kimsauce

blog-service/2023/12-31.md

@@ -57,7 +57,7 @@ Here are some of the key features the new solution offers:
 * **Misconfigurations**. See areas in your environment that need to be addressed because they fail best practice security controls.
 * **Suspicious activity assessment**. See suspicious activity across users, web interactions, networks, and Identity Access Management (IAM).
 
-To learn how you can set up and use Cloud Infrastructure Security for AWS, and for preview limitations, check out our technical documentation [here](/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
+To learn how you can set up and use Cloud Infrastructure Security for AWS, and for preview limitations, check out our technical documentation [here](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
 
 :::note
 To use the solution, you are required to sign up and activate Amazon GuardDuty and AWS Security Hub.

blog-service/2024/12-31.md

@@ -401,7 +401,7 @@ You can now more easily configure sources on a simplified screen, allowing you t
 
 <img src={useBaseUrl('img/integrations/amazon-aws/cis-for-aws-install-0.png')} alt="Configure Sources screen" style={{border: '1px solid gray'}} width="700"/>
 
-[Learn more](/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
+[Learn more](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
 
 ### October 21, 2024 (Apps)
 
@@ -807,7 +807,7 @@ We're excited to announce increased visibility into your AWS Cloud environment w
 
 This functionality is in preview. To participate, reach out to your Sumo Logic account executive.
 
-[Learn more](/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
+[Learn more](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
 
 :::note
 As part of the preview, you can use CloudQuery logs with Cloud Infrastructure Security for AWS. To use the logs, configure the CloudQuery source when you deploy the solution.
@@ -1077,7 +1077,7 @@ Here are some of the key features the new solution offers:
 * **Misconfigurations**. See areas in your environment that need to be addressed because they fail best practice security controls.
 * **Suspicious activity assessment**. See suspicious activity across users, web interactions, networks, and Identity Access Management (IAM).
 
-To learn how you can set up and use Cloud Infrastructure Security for AWS, check out our [technical documentation](/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
+To learn how you can set up and use Cloud Infrastructure Security for AWS, check out our [technical documentation](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/).
 
 
 :::note Action Required

cid-redirects.json

@@ -1794,7 +1794,7 @@
   "/cid/1094": "/docs/dashboards/share-dashboard-outside-org",
   "/cid/1095": "/docs/integrations/amazon-aws/cis-aws-foundations-benchmark",
   "/cid/1096": "/docs/dashboards/explore-view",
-  "/cid/1097": "/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws",
+  "/cid/1097": "/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws",
   "/cid/1100": "/docs/integrations/amazon-aws/vpc-flow-logs-pci-compliance",
   "/cid/1101": "/docs/search/search-query-language/math-expressions/floor",
   "/cid/1102": "/docs/search/search-query-language/math-expressions/ceil",
@@ -4152,15 +4152,18 @@
   "/cid/-1": "/",
   "/docs/api/beta": "/docs/api",
   "/docs/api/dashboard-data": "/docs/api/dashboard",
-  "/docs/cloud-security-analytics": "/docs/security/cloud-infrastructure-security",
-  "/docs/cloud-security-analytics/introduction-to-cloud-security-analytics": "/docs/security/cloud-infrastructure-security/introduction",
+  "/docs/cloud-security-analytics": "/docs/security/additional-security-features/cloud-infrastructure-security",
+  "/docs/cloud-security-analytics/introduction-to-cloud-security-analytics": "/docs/security/additional-security-features/cloud-infrastructure-security/introduction",
   "/docs/cloud-security-analytics/data-lake": "/docs/security/additional-security-features/data-lake",
   "/docs/cloud-security-analytics/audit-and-compliance": "/docs/security/additional-security-features/audit-and-compliance",
   "/docs/cloud-security-analytics/threat-detection-and-investigation": "/docs/security/additional-security-features/threat-detection-and-investigation",
   "/docs/cloud-security-analytics/application-security": "/docs/security/additional-security-features/application-security",
-  "/docs/integrations/amazon-aws/cloud-infrastructure-security-for-aws": "/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws",
-  "/docs/cloud-infrastructure-security": "/docs/security/cloud-infrastructure-security",
-  "/docs/cloud-infrastructure-security/introduction-to-cloud-infrastructure-security": "/docs/security/cloud-infrastructure-security/introduction",
+  "/docs/integrations/amazon-aws/cloud-infrastructure-security-for-aws": "/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws",
+  "/docs/cloud-infrastructure-security": "/docs/security/additional-security-features/cloud-infrastructure-security",
+  "/docs/cloud-infrastructure-security/introduction-to-cloud-infrastructure-security": "/docs/security/additional-security-features/cloud-infrastructure-security/introduction",
+  "/docs/security/cloud-infrastructure-security": "/docs/security/additional-security-features/cloud-infrastructure-security",
+  "/docs/security/cloud-infrastructure-security/introduction": "/docs/security/additional-security-features/cloud-infrastructure-security/introduction",
+  "/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws": "/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws",
   "/docs/cloud-infrastructure-security/data-lake": "/docs/security/additional-security-features/data-lake",
   "/docs/cloud-infrastructure-security/audit-and-compliance": "/docs/security/additional-security-features/audit-and-compliance",
   "/docs/cloud-infrastructure-security/threat-detection-and-investigation": "/docs/security/additional-security-features/threat-detection-and-investigation",

docs/cse/get-started-with-cloud-siem/about-cse-insight-ui.md

@@ -76,11 +76,11 @@ You can use the **Filters** area near the top of the page to narrow down the ins
 
 ### Multi-insights list page
 
-We offer an insights list page where you can see a list of all insights across multiple child organizations. This is useful if your company is a large enterprise with many organizations or is a Managed Security Service Provider (MSSP), and you'd like to see all insights across all areas in a single page.
+If you are logged in to a parent organization with child organizations that also use Cloud SIEM, the insights list page shows all insights across all your child organizations. This is useful if your company is a large enterprise with many organizations or is a Managed Security Service Provider (MSSP), and you'd like to see all insights across all areas in a single page.
 
-This multi-insights list page (also known as a "federated" page) shows insights just as in a normal [insights list page](#insights-list-page). However, when you click an insight on the page, it opens the insight's details in the child organization's UI. You can use also use the [board view](#board-view) on the multi-insights page to move insights to different statuses.
+This multi-insights list page (also known as a "federated" page) shows insights just as in a normal [insights list page](#insights-list-page). However, when you click an insight on the page, it opens the insight's details in the child organization's UI. You can also use the [board view](#board-view) on the multi-insights page to move insights to different statuses.
 
-The multi-insights list page requires a special environment be set up for it. To have a multi-insights list page set up for your company, contact your Sumo Logic account representative, or contact [Sumo Logic Support](https://support.sumologic.com/support/s/).
+To be able to see insights in child organizations, [add child organizations](/docs/manage/manage-subscription/create-manage-orgs/) that use Cloud SIEM. Then when the parent organization user goes to their Cloud SIEM insights list page, all the child organizations' insights appear in the list. 
 
 ## Insight details page
 

docs/integrations/amazon-aws/index.md

@@ -379,5 +379,12 @@ This guide has documentation for all of the apps that Sumo provides for Amazon a
     <h4><a href="/docs/integrations/amazon-aws/threat-intel">AWS Foundations Benchmark App</a></h4>
     <p>A guide to the Sumo Logic app for AWS Threat Intel.</p>
 </div>    
+</div>
+  <div className="box smallbox card">
+    <div className="container">
+    <img src={useBaseUrl('img/integrations/amazon-aws/cis-for-aws-logo.png')} alt="Thumbnail icon" width="50"/>
+    <h4><a href="/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws">Cloud Infrastructure Security for AWS</a></h4>
+    <p>A guide to our Cloud Infrastructure Security for AWS app.</p>
+  </div>    
 </div>
 </div>

docs/integrations/product-list/product-list-a-l.md

@@ -81,7 +81,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 |  <img src={useBaseUrl('img/integrations/misc/automation-anywhere-logo.png')} alt="Thumbnail icon" width="50"/>   | [Automation Anywhere](https://www.automationanywhere.com/)  | 	Partner integration: [Automation Anywhere](https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/control-room/administration/settings/setting-up-sumo-logic.html)	 |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/automox.png')} alt="Thumbnail icon" width="100"/>  | [Automox](https://www.automox.com/) | Automation integration: [Automox](/docs/platform-services/automation-service/app-central/integrations/automox/) <br/>Collector: [Automox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source) |
 |  <img src={useBaseUrl('img/integrations/saml/auth0.png')} alt="Thumbnail icon" width="50"/>   | [Auth0](https://auth0.com/)  | 	App: [Auth0](/docs/integrations/saml/auth0/)	<br/>Cloud SIEM integration: [Auth0](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/f002a19c-876e-4a33-8be0-ed3b922d19bc.md) <br/>Collector: [Auth0 - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/auth0/) <br/>Partner integration: [Auth0](https://auth0.com/docs/customize/log-streams/sumo-logic-dashboard) |
-|  <img src={useBaseUrl('https://upload.wikimedia.org/wikipedia/commons/9/93/Amazon_Web_Services_Logo.svg')} alt="Thumbnail icon" width="50"/>   | [AWS](https://aws.amazon.com/)  | Apps: <br/>- [Cloud Infrastructure Security for AWS](/docs/security/cloud-infrastructure-security/cloud-infrastructure-security-for-aws) <br/>- [Threat Intel for AWS](/docs/integrations/amazon-aws/threat-intel/) <br/>Cloud SIEM integration: [Amazon AWS - Trusted Advisor](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/products/99d21ed4-c3fb-452e-8e4a-a10ff4b94fe0.md) <br/>Community app: [Sumo Logic for AWS Health Events](https://github.com/SumoLogic/sumologic-content/tree/master/Amazon_Web_Services/AWS_Health) <br/>Also see [AWS Observability](/docs/observability/aws/). |
+|  <img src={useBaseUrl('https://upload.wikimedia.org/wikipedia/commons/9/93/Amazon_Web_Services_Logo.svg')} alt="Thumbnail icon" width="50"/>   | [AWS](https://aws.amazon.com/)  | Apps: <br/>- [Cloud Infrastructure Security for AWS](/docs/security/additional-security-features/cloud-infrastructure-security/cloud-infrastructure-security-for-aws/) <br/>- [Threat Intel for AWS](/docs/integrations/amazon-aws/threat-intel/) <br/>Cloud SIEM integration: [Amazon AWS - Trusted Advisor](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/products/99d21ed4-c3fb-452e-8e4a-a10ff4b94fe0.md) <br/>Community app: [Sumo Logic for AWS Health Events](https://github.com/SumoLogic/sumologic-content/tree/master/Amazon_Web_Services/AWS_Health) <br/>Also see [AWS Observability](/docs/observability/aws/). |
 |  <img src={useBaseUrl('img/integrations/amazon-aws/aws-amplify-logo.png')} alt="Thumbnail icon" width="50"/>   | [AWS Amplify](https://aws.amazon.com/amplify/)  | App:	[AWS Amplify](/docs/integrations/amazon-aws/aws-amplify/)	 |
 |  <img src={useBaseUrl('img/integrations/amazon-aws/AWS_API_Gateway.png')} alt="Thumbnail icon" width="50"/>   | [AWS API Gateway](https://aws.amazon.com/api-gateway/)  | 	App: [AWS API Gateway](/docs/integrations/amazon-aws/api-gateway/)	<br/>Cloud SIEM integration: [Amazon AWS - API Gateway](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/products/9f76f1fd-fbb0-42d2-9bf5-0f4fd2c1ab82.md) |
 |  <img src={useBaseUrl('img/integrations/amazon-aws/aws-apprunner-logo.png')} alt="Thumbnail icon" width="50"/>   | [AWS App Runner](https://aws.amazon.com/apprunner/)  | 	App: [AWS App Runner](/docs/integrations/amazon-aws/aws-apprunner/)	 |

docs/integrations/security-threat-detection/f5-big-ip-ltm.md

@@ -112,6 +112,24 @@ Now, using telemetry, we will define a [Sumo Logic sink](https://clouddocs.f5.co
 ```bash
 curl -k --user admin:<BIGIP PWD> -H "Accept: application/json" -H "Content-Type:application/json" -X POST [email protected] https://<BIG-IP IP>:<PORT>3/mgmt/shared/telemetry/declare | python -m json.tool
 ```
+:::note
+Contact F5 support team if the above curl commands return an error.
+:::
+
+To begin collecting telemetry, the logging profiles (LTM and ASM) created by AS3 in [step 2](#step-2-use-as3-declarative-language-to-define-a-logging-profile-on-big-ip) need to be assigned to the BIG-IP virtual server(s).
+
+Follow the below steps to associate LTM logging profile:
+
+1. From the BIG-IP console UI, navigate to **Local Traffic** > **Virtual Servers** > **Virtual Server List**.<br/> <img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/F5+BIG-IP+Local+Traffic+Manager/step1.png')} alt="console UI" style={{border: '1px solid gray'}} width="500" />
+1. Select and open the virtual server(s) to update their properties. In the **Configuration** dropdown, change the virtual server configuration setting from **Basic** to **Advanced** to expose the logging properties.<br/> <img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/F5+BIG-IP+Local+Traffic+Manager/step2.png')} alt="server config" style={{border: '1px solid gray'}} width="500" />
+1. In the **Request Logging Profile**, select the previously created LTM logging profile to the virtual server(s).<br/> <img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/F5+BIG-IP+Local+Traffic+Manager/step3.png')} alt="assign LTM logging profile" style={{border: '1px solid gray'}} width="500" />
+1. Click **Update** to save the changes.
+
+Follow the below steps to associate ASM logging profile:
+
+1. After assigning the LTM logging profile to the virtual server, navigate to the **Security** tab and select **Policies** to access the virtual server’s security policy settings.<br/> <img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/F5+BIG-IP+Local+Traffic+Manager/step5.png')} alt="security" style={{border: '1px solid gray'}} width="500" />
+1. In the **Log Profile**, enable logging and assign the previously created ASM logging profile. <br/> <img src={useBaseUrl('https://sumologic-app-data-v2.s3.us-east-1.amazonaws.com/dashboards/F5+BIG-IP+Local+Traffic+Manager/step6.png')} alt="assign ASM logging profil" style={{border: '1px solid gray'}} width="500" />
+1. Click **Update** to save the configuration changes.
 
 ## Installing the F5 - BIG-IP LTM app
 
@@ -188,4 +206,4 @@ import AppUpdate from '../../reuse/apps/app-update.md';
 
 import AppUninstall from '../../reuse/apps/app-uninstall.md';
 
-<AppUninstall/>
+<AppUninstall/>

docs/manage/manage-subscription/fedramp-capabilities.md

@@ -20,7 +20,7 @@ The following table shows the capabilities included with Sumo Logic’s FedRAMP
 | Abilities - Platform | [Training: Learn and certification](/docs/get-started/training-certification-faq/) |![check](/img/reuse/check.png)|![check](/img/reuse/check.png)|
 | Abilities - Solutions | [Application observability](/docs/observability/application-components/) |![check](/img/reuse/check.png)|![x](/img/reuse/x.png)|
 | Abilities - Solutions | [AWS observability](/docs/observability/aws/) |![check](/img/reuse/check.png)|![x](/img/reuse/x.png)|
-| Abilities - Solutions | [Cloud Infrastructure Security](/docs/security/cloud-infrastructure-security) |![check](/img/reuse/check.png)|![check](/img/reuse/check.png)|
+| Abilities - Solutions | [Logs for Security](/docs/security/additional-security-features/) |![check](/img/reuse/check.png)|![check](/img/reuse/check.png)|
 | Abilities - Solutions | [Cloud SIEM](/docs/cse/) |![check](/img/reuse/check.png)|![check](/img/reuse/check.png)|
 | Abilities - Solutions | [Cloud SOAR](/docs/cloud-soar/) / [Automation Service](/docs/platform-services/automation-service/) |![check](/img/reuse/check.png)|![x](/img/reuse/x.png)
 | Abilities - Solutions | [Software Development Optimization](/docs/observability/sdo/) |![check](/img/reuse/check.png)|![x](/img/reuse/x.png)|

docs/reuse/cis-note.md

@@ -1,3 +1,3 @@
 :::tip
-To enable apps to perform security monitoring of your cloud infrastructure, see [Cloud Infrastructure Security](/docs/security/cloud-infrastructure-security/).
+To enable apps to perform security monitoring of your cloud infrastructure, see [Cloud Infrastructure Security](/docs/security/additional-security-features/cloud-infrastructure-security/).
 :::

docs/search/copilot.md

@@ -22,16 +22,21 @@ Sumo Logic Copilot is our AI-powered assistant that accelerates investigations a
 
 With its intuitive interface, Copilot automatically generates log searches from natural language queries, helping you quickly investigate performance issues, anomalies, and security threats. It also guides you through investigations step-by-step with AI-driven suggestions to refine your results for faster, more accurate resolutions. Overall, Copilot enhances incident resolution with expert level insights.
 
-<Iframe url="https://www.youtube.com/embed/yaeepHSaNKk?rel=0"
-     width="854px"
-     height="480px"
-     id="myId"
-     className="video-container"
-     display="initial"
-     position="relative"
-     allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-     allowfullscreen
-     />
+:::sumo Micro Lesson
+Watch this micro lesson to learn about Copilot.
+
+<Iframe url="https://fast.wistia.net/embed/iframe/o9uftxw012?web_component=true&seo=true&videoFoam=false"
+  width="854px"
+  height="480px"
+  id="wistiaVideo"
+  className="video-container"
+  display="initial"
+  position="relative"
+  allow="autoplay; fullscreen"
+  allowfullscreen
+/>
+
+:::
 
 
 ## Key features