Merge branch 'main' into sumo_264003

Author: kimsauce

.clabot

@@ -184,7 +184,8 @@
     "dlindelof-sumologic",
     "snyk-bot",
     "stephenthedev",
-    "Apoorvkudesia-sumologic"
+    "Apoorvkudesia-sumologic",
+    "ntanwar-sumo"
   ],
   "message": "Thank you for your contribution! As this is an open source project, we require contributors to sign our Contributor License Agreement and do not have yours on file. To proceed with your PR, please [sign your name here](https://forms.gle/YgLddrckeJaCdZYA6) and we will add you to our approved list of contributors.",
   "label": "cla-signed",

.github/workflows/pr.yml

@@ -44,5 +44,5 @@ jobs:
         name: Check spelling
         with:
           skip: "*.svg,*.js,*.map,*.css,*.scss"
-          ignore_words_list: "aks,atleast,cros,ddress,fiel,ist,nd,ot,pullrequest,ser,shttp,wast,fo,seldomly,delt,cruzer,plack,secur,te,nginx,Nginx,notin"
+          ignore_words_list: "aks,atleast,cros,ddress,delink,fiel,ist,nd,ot,pullrequest,ser,shttp,wast,fo,seldomly,delt,cruzer,plack,secur,te,nginx,Nginx,notin"
           path: docs

blog-cse/2025-06-26-content.md

@@ -0,0 +1,41 @@
+---
+title: June 26, 2025 - Content Release
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - log mappers
+  - parsers
+hide_table_of_contents: true    
+---
+
+
+This content release includes:
+- Device support for AWS VPN and VMware Avi Load Balancer.
+- Updates to Cisco ASA and Umbrella parsers to support additional log pattern variations.
+- Bug fix for year timestamp parsing with the potential of creating incorrect timestamps around the new year for records.
+
+## Log Mappers
+- [New] AWS VPN
+- [New] VMware Avi Load Balancer Catch All
+
+## Parsers
+- [New] /Parsers/System/AWS/AWS VPN
+- [New] /Parsers/System/VMware/VMware Avi Load Balancer
+- [Updated] /Parsers/System/Atlassian/Atlassian Audit Events
+- [Updated] /Parsers/System/Microsoft/Azure Storage Analytics
+- [Updated] /Parsers/System/Cisco/Cisco ASA
+- [Updated] /Parsers/System/Cisco/Cisco Umbrella CSV
+- [Updated] /Parsers/System/Cylance/Cylance Syslog
+- [Updated] /Parsers/System/Cylance/Cylance Threat JSON
+- [Updated] /Parsers/System/JumpCloud/JumpCloud Directory Insights
+- [Updated] /Parsers/System/Miro/Miro Audit C2C
+- [Updated] /Parsers/System/Palo Alto/PAN Firewall LEEF
+- [Updated] /Parsers/System/Pulse Secure/Pulse Secure Appliance
+- [Updated] /Parsers/System/RSA/RSA SecurID SinglePoint
+- [Updated] /Parsers/System/Symantec/Symantec Endpoint Protection/Symantec Endpoint Protection-Syslog
+- [Updated] /Parsers/System/Tanium/Tanium CEF
+- [Updated] /Parsers/System/Trellix/Trellix MVision EPO
+- [Updated] /Parsers/System/Twistlock/Twistlock
+- [Updated] /Parsers/System/Zeek/Zeek
+- [Updated] /Parsers/System/Zscaler/Zscaler Nanolog Streaming Service/Zscaler Nanolog Streaming Service-CEF
+- [Updated] /Parsers/System/Zscaler/Zscaler Nanolog Streaming Service/Zscaler Nanolog Streaming Service-JSON
+- [Updated] /Parsers/System/Zscaler/Zscaler Nanolog Streaming Service/Zscaler Nanolog Streaming Service-LEEF

blog-service/2025-06-16-apps.md

@@ -11,7 +11,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 AWS is streamlining [CloudTrail](https://aws.amazon.com/cloudtrail/) events for [IAM Identity Center](https://aws.amazon.com/iam/identity-center/) to retain only the essential fields needed for audit and incident response workflows. These changes improve user identification and integration with directories like Okta and Microsoft Active Directory, and do not impact CloudTrail events from other AWS services.
 
-To support this update, Sumo Logic has revised several AWS apps and Cloud SIEM parsers. If you use CloudTrail data in saved searches, dashboards, or detection rules, you may need to reinstall affected apps or update custom content before AWS enforces the changes on July 14, 2025.
+- To support this AWS update, Sumo Logic has revised several AWS apps and Cloud SIEM parsers. You are requested to reinstall the affected apps.
+- If you use CloudTrail data in the saved searches, dashboards, or detection rules, you are required to update your custom content before AWS enforces the changes on July 14, 2025.
 
 To learn more, see [Important changes to CloudTrail events for AWS IAM Identity Center](https://aws.amazon.com/blogs/security/modifications-to-aws-cloudtrail-event-data-of-iam-identity-center/).
 

blog-service/2025-06-20-apps.md

@@ -0,0 +1,13 @@
+---
+title: New SaaS and Cloud Apps Release (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - snowflake-logs
+  - akamai-cpc
+hide_table_of_contents: true    
+---
+
+- **Akamai CPC**.We're excited to introduce the new Akamai CPC app for Sumo Logic. This app enables you to monitor threats and respond to them in real time, enforcing compliance for client-side web applications using rich dashboards and Akamai CPC data. [Learn more](/docs/integrations/saas-cloud/akamai-cpc).
+
+- **Snowflake Logs**. We're excited to introduce the new Snowflake Logs app for Sumo Logic. This app enables you to gain real-time insights into key metrics, query performance, and overall health of the Snowflake environments to optimize operations, support informed decisions, and maximize Snowflake's potential. [Learn more](/docs/integrations/saas-cloud/snowflake-logs).

blog-service/2025-06-20-manage.md

@@ -0,0 +1,15 @@
+---
+title: Deactivate and Delink the Child Orgs (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - child-org
+  - deactivate-and-delink
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're happy to introduce the deactivate and delink option to child orgs, this helps you to deactivate the child org when it is no longer needed and eventually delink it after the 48 hours cooling-off period.
+
+[Learn more](/docs/manage/manage-subscription/create-and-manage-orgs/).

blog-service/2025-06-27-manage.md

@@ -0,0 +1,19 @@
+---
+title: Manage Libraries for MSSPs - Beta (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - organizations
+  - mssps
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We are excited to announce the ability to manage library content on the new **Manage Content** tab. Now MSSP administrators can conveniently push content in the **Library** folder to multiple child organizations at once, including dashboards, saved searches, and scheduled searches. [Learn more](/docs/manage/manage-subscription/create-and-manage-orgs/manage-orgs-for-mssps/).
+
+:::note
+This feature is in Beta. To participate, contact your Sumo Logic account executive or our Support Team.
+:::
+
+<img src={useBaseUrl('img/manage/subscriptions/mssp-orgs-sync-selected-items.png')} alt="Update Selected Items button" style={{border: '1px solid gray'}} width="800"/>

cid-redirects.json

@@ -1649,6 +1649,8 @@
   "/cid/6028": "/docs/integrations/saas-cloud/bitwarden",
   "/cid/6029": "/docs/integrations/saas-cloud/kaltura",
   "/cid/6030": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/snowflake-logs-source",
+  "/cid/6031": "/docs/integrations/saas-cloud/snowflake-logs",
+  "/cid/6032": "/docs/integrations/saas-cloud/akamai-cpc",
   "/cid/10112": "/docs/integrations/app-development/jfrog-xray",
   "/cid/10113": "/docs/observability/root-cause-explorer-deprecation",
   "/cid/10116": "/docs/manage/fields",
@@ -3171,6 +3173,7 @@
   "/docs/dashboards-new/faq": "/docs/dashboards/faq",
   "/docs/dashboards-new/dashboards-migration": "/docs/dashboards/dashboards-migration",
   "/docs/dashboards-new/dashboards-migration/steps-to-migrate": "/docs/dashboards/dashboards-migration/steps-to-migrate",
+  "/docs/dashboards/dashboard-variables": "/docs/dashboards/filter-template-variables",
   "/docs/dashboards-new/dashboards-migration/changes-after-migration": "/docs/dashboards/dashboards-migration/changes-after-migration",
   "/docs/dashboards-new/panels": "/docs/dashboards/panels",
   "/docs/dashboards-new/panels/modify-chart": "/docs/dashboards/panels/modify-chart",
@@ -3376,6 +3379,7 @@
   "/Manage/Users-and-Roles/Manage-Users/Multi-account-Access": "/docs/manage/users-roles/users/multi-account-access",
   "/Manage/Users-and-Roles/Manage-Users/Secure-Third-Party-Service-Access": "/docs/manage/users-roles/users/secure-third-party-service-access",
   "/Metrics": "/docs/metrics",
+  "/Metrics/03-Metric-Charts": "/docs/metrics/metrics-queries",
   "/Metrics/03-Metric-Charts/01-Create-a-Metrics-Visualization": "/docs/metrics/metrics-queries/metrics-explorer",
   "/Metrics/03-Metric-Charts/05-Create_and_Tailor_Single_Value_Metric_Charts": "/docs/metrics/metrics-queries/metrics-explorer",
   "/Metrics/03-Metric-Charts/06-Interacting_with_Metric_Charts": "/docs/metrics/metrics-queries/share-metric-query",
@@ -3408,13 +3412,15 @@
   "/Metrics/Metric-Queries-and-Alerts/03Metric_Query_Autocomplete": "/docs/metrics/metrics-queries/metric-query-autocomplete",
   "/Metrics/Metric-Queries-and-Alerts/03Metrics_Operators": "/docs/metrics/metrics-operators",
   "/Metrics/Metric-Queries-and-Alerts/03Metrics_Operators/accum": "/docs/metrics/metrics-operators/accum",
+  "/Metrics/Metric-Queries-and-Alerts/03Metrics_Operators/max": "/docs/metrics/metrics-operators/max",
   "/Metrics/Metric-Queries-and-Alerts/05Metrics_Explorer_FAQs": "/docs/metrics/metrics-queries/metrics-explorer",
   "/Metrics/Metric-Queries-and-Alerts/07Metrics_Operators": "/docs/metrics/metrics-operators",
   "/Metrics/Metric-Queries-and-Alerts/07Metrics_Operators/histogram_quantile": "/docs/metrics/metrics-operators/histogram-quantile",
   "/Metrics/Metric-Queries-and-Alerts/10Share_a_Metric_Query": "/docs/metrics/metrics-queries/share-metric-query",
   "/Metrics/Metric-Queries-and-Alerts/11Metrics-Queries": "/docs/metrics/metrics-queries",
   "/Metrics/Metrics_Transformation_Rules": "/docs/metrics/metrics-transformation-rules",
   "/docs/metrics/metrics-visualization/aggregation-operators": "/docs/metrics/metrics-operators",
+  "/docs/observability/ai-driven-investigations": "/docs/get-started/ai-machine-learning",
   "/Metrics/Understand_and_Manage_Metric_Volume/Blacklisted_Metrics_Sources": "/docs/metrics/manage-metric-volume/disabled-metrics-sources",
   "/Metrics/Understand_and_Manage_Metric_Volume/Disabled_Metrics_Sources": "/docs/metrics/manage-metric-volume/disabled-metrics-sources",
   "/Metrics/Understand_and_Manage_Metric_Volume": "/docs/metrics/manage-metric-volume",
@@ -3859,6 +3865,7 @@
   "/Apps/Preview_Apps/Azure_Audit+App": "/docs/integrations/microsoft-azure/audit",
   "/Apps/Windows_App/Windows_App_Dashboards": "/docs/integrations/microsoft-azure",
   "/Beta": "/docs/beta",
+  "/Beta/APIs": "/docs/api",
   "/Beta/APIs/APIs": "/docs/api",
   "/Beta/AWS_Kinesis_Firehose_for_Logs_Source": "/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-logs-source",
   "/Beta/AWS_Lambda_-_Python_function_instrumentation_with_Sumo_Logic_tracing": "/docs/apm/traces/get-started-transaction-tracing/opentelemetry-instrumentation/python",

docs/alerts/monitors/alert-response.md

@@ -33,19 +33,6 @@ Learn how to use alert response.
   allowfullscreen
 />
 
-<!-- old
-<Iframe url="https://www.youtube.com/embed/3FHomBuFyV8?rel=0"
-        width="854px"
-        height="480px"
-        id="myId"
-        className="video-container"
-        display="initial"
-        position="relative"
-        allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-        allowfullscreen
-        />
--->
-
 :::
 
 ## Setting up alert response

docs/alerts/monitors/create-monitor.md

@@ -112,18 +112,6 @@ Learn about AI-driven alerting.
   allowfullscreen
 />
 
-<!-- old
-<Iframe url="https://www.youtube.com/embed/nMRoYb1YCfg?rel=0"
-        width="854px"
-        height="480px"
-        id="myId"
-        className="video-container"
-        display="initial"
-        position="relative"
-        allow="accelerometer; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-        allowfullscreen
-        />
--->
 :::
 
 **Use Outlier**