Merge branch 'main' into docs-91-playbook-payloads

Author: jpipkin1

.clabot

@@ -170,7 +170,9 @@
     "ishaanahuja29",
     "raunakmandaokar",
     "bradtho",
-    "Misterjohnson87"
+    "Misterjohnson87",
+    "lol3909",
+    "Hellfire4959"
   ],
   "message": "Thank you for your contribution! As this is an open source project, we require contributors to sign our Contributor License Agreement and do not have yours on file. To proceed with your PR, please [sign your name here](https://forms.gle/YgLddrckeJaCdZYA6) and we'll add you to our approved list of contributors.",
   "label": "cla-signed",

blog-service/2024-10-15-collection.md

@@ -0,0 +1,14 @@
+---
+title: Kandji C2C Source (Collection)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - collection
+  - kandji
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to announce the release of our new cloud-to-cloud source for Kandji. This source helps you to collect threat details, device lists, activity logs, and device information from the Kandji platform, and ingest them into Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/kandji-source).

cid-redirects.json

@@ -2616,6 +2616,7 @@
   "/cid/19878": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/airtable-source",
   "/cid/19879": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/knowbe4-api-source",
   "/cid/16323": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source",
+  "/cid/13428": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/kandji-source",
   "/cid/17343": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/automox-source",
   "/cid/20172": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cisco-vulnerability-management-source",
   "/cid/19880": "/docs/metrics/metrics-operators/predict",

docs/integrations/product-list/product-list-a-l.md

@@ -312,7 +312,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 | :-- | :-- | :-- |
 |  <img src={useBaseUrl('/img/integrations/containers-orchestration/kafka.png')} alt="Thumbnail icon" width="75"/>   |  [Kafka](https://kafka.apache.org/) | Apps: <br/>- [Kafka](/docs/integrations/containers-orchestration/kafka/)	<br/>- [Kafka - OpenTelemetry](/docs/integrations/containers-orchestration/opentelemetry/kafka-opentelemetry/)	 |
 |  <img src={useBaseUrl('/img/send-data/kaltura-logo.png')} alt="Thumbnail icon" width="75"/>   |  [Kaltura](https://corp.kaltura.com/) | Cloud SIEM integration: [Kaltura](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c65f8f5f-ea11-4b41-858b-99731d306f81.md) <br/>Collector: [Kaltura - Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/kaltura-source/)	 |
-| <img src={useBaseUrl('/img/integrations/misc/kandji.png')} alt="Thumbnail icon" width="75"/> | [Kandji](https://www.kandji.io/) | Community app: [Kandji API Data Streamer](https://github.com/SumoLogic/sumologic-content/tree/master/Kandji) |
+| <img src={useBaseUrl('/img/integrations/misc/kandji.png')} alt="Thumbnail icon" width="75"/> | [Kandji](https://www.kandji.io/) | Collector: [Kandji - Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/kandji-source/)<br/>Community app: [Kandji API Data Streamer](https://github.com/SumoLogic/sumologic-content/tree/master/Kandji) |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/kaspersky-cybertrace.png')} alt="Thumbnail icon" width="75"/> | [Kaspersky](https://usa.kaspersky.com/) | Automation integrations: <br/>- [Kaspersky CyberTrace](/docs/platform-services/automation-service/app-central/integrations/kaspersky-cybertrace/) <br/>- [Kaspersky TIP](/docs/platform-services/automation-service/app-central/integrations/kaspersky-tip/) <br/>Cloud SIEM integration: [KasperskyLab](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/8011e6fe-1e65-4603-aa2e-15c9b33cb0fd.md) |
 |  <img src={useBaseUrl('img/integrations/security-threat-detection/keeper.png')} alt="Thumbnail icon" width="75"/>   |  [Keeper Security](https://www.keepersecurity.com/) | Partner integration: [Keeper Security](https://docs.keeper.io/en/v/enterprise-guide/event-reporting/sumo-logic)	 |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/kela-darkbeast.png')} alt="Thumbnail icon" width="50"/> | [Kela](https://www.kelacyber.com/) | Automation integrations: <br/>- [Kela Darkbeast](/docs/platform-services/automation-service/app-central/integrations/kela-darkbeast/) <br/>- [Kela RaDark](/docs/platform-services/automation-service/app-central/integrations/kela-radark/) |

docs/integrations/product-list/product-list-m-z.md

@@ -17,7 +17,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 | :-- | :-- | :-- |
 |  <img src={useBaseUrl('img/integrations/hosts-operating-systems/mac-apple-icon.png')} alt="Thumbnail icon" width="50"/>   | [macOS](https://www.apple.com/macos)  | App: [macOS OpenTelemetry](/docs/integrations/hosts-operating-systems/opentelemetry/macos-opentelemetry/)	<br/>Collectors: <br/>- [Install a Collector on macOS](/docs/send-data/installed-collectors/macos/) <br/>- [Install OpenTelemetry Collector on macOS](/docs/send-data/opentelemetry-collector/install-collector/macos/) |
 |  <img src={useBaseUrl('img/integrations/webhooks/mailgun-logo.png')} alt="Thumbnail icon" width="50"/>   | [Mailgun](https://www.mailgun.com/)  | Webhook: [Mailgun](/docs/integrations/webhooks/mailgun/)	 |
-| <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/malwarebytes-nebula.png')} alt="Thumbnail icon" width="100"/> | [Malwarebytes](https://www.malwarebytes.com/) | Automation integration: [Malwarebytes Nebula](/docs/platform-services/automation-service/app-central/integrations/malwarebytes-nebula/) <br/>Cloud SIEM integration: [Malwarebytes](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2e08dea2-4048-4f0f-9af8-aa85881151ad.md) |
+| <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/malwarebytes-nebula.png')} alt="Thumbnail icon" width="100"/> | [Malwarebytes](https://www.malwarebytes.com/) | Automation integrations: <br/>- [Malwarebytes Nebula](/docs/platform-services/automation-service/app-central/integrations/malwarebytes-nebula/) <br/>- [Malwarebytes Oneview](/docs/platform-services/automation-service/app-central/integrations/malwarebytes-oneview/) <br/>Cloud SIEM integration: [Malwarebytes](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2e08dea2-4048-4f0f-9af8-aa85881151ad.md) |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/manage-engine-desktop-central.png')} alt="Thumbnail icon" width="100"/> | [ManageEngine](https://www.manageengine.com/) | Automation integration: [ManageEngine Desktop Central](/docs/platform-services/automation-service/app-central/integrations/manage-engine-desktop-central/) <br/>Cloud SIEM integration: [ManageEngine](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/e6417fdd-1aa1-436e-a659-38d71e51599f.md) |
 |  <img src={useBaseUrl('img/integrations/databases/mariadb.png')} alt="Thumbnail icon" width="50"/>   | [MariaDB](https://mariadb.org/)  | Apps: <br/>- [MariaDB](/docs/integrations/databases/mariadb/)	<br/>- [MariaDB - OpenTelemetry](/docs/integrations/databases/opentelemetry/mariadb-opentelemetry/) |
 | <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/material-security.png')} alt="Thumbnail icon" width="100"/> | [Material Security](https://material.security/) | Automation integration: [Material Security](/docs/platform-services/automation-service/app-central/integrations/material-security/) |

docs/observability/sdo/jenkins-plugin-build-deploy-events.md

@@ -8,7 +8,7 @@ description: Learn how to send build and deploy events to Sumo Logic from Jenkin
 ## Prerequisites
 
 Use the latest [Sumo Logic Jenkins Plugin](https://plugins.jenkins.io/sumologic-publisher/#documentation)
-version of the plugin. You will be using [SumoUpload](https://github.com/SumoLogic/sumologic-jenkins-plugin#sumoupload)
+version of the plugin. You will be using [SumoUpload](https://github.com/jenkinsci/sumologic-publisher-plugin#sumoupload)
 function to send an event to Sumo Logic from your DevOps pipeline.
 
 As an example: Upload a Key-Value map as JSON to Sumo Logic.

docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md

@@ -7,8 +7,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 <img src={useBaseUrl('/img/platform-services/automation-service/app-central/logos/crowdstrike-falcon.png')} alt="crowdstrike-falcon" width="100"/>
 
-***Version: 1.10
-Updated: July 8, 2024***
+***Version: 1.10  
+Updated: Oct 16, 2024***
 
 The CrowdStrike Falcon integration allows you to pull and update Detections/Incidents, and search Incidents/Devices/Detections.
 
@@ -53,6 +53,6 @@ EDR
 * March 21, 2023 (v1.5) - Logo updated
 * July 12, 2023 (v1.8) - Changed fields visibility
 * March 4, 2024 (v1.9) - Updated code for compatibility with Python 3.12
-* July 8, 2024 (v1.10) - Added new actions
+* October 16, 2024 (v1.10) - Added new actions
     + Create Indicators
     + Get Indicators

docs/platform-services/automation-service/app-central/integrations/malwarebytes-oneview.md

@@ -0,0 +1,48 @@
+---
+title: Malwarebytes Oneview
+description: ''
+---
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<img src={useBaseUrl('/img/platform-services/automation-service/app-central/logos/malwarebytes-oneview.png')} alt="malwarebytes-oneview" width="100"/>
+
+***Version: 0.1  
+Updated: Oct 16, 2024***
+
+Malwarebytes OneView (MBOV) provides your business with a powerful and affordable security management platform that gives security teams maximum control. OneView streamlines endpoint security management by providing out-of-the-box security policies, scans, and remediation.
+
+:::note
+This is a beta version of the integration.
+:::
+
+## Actions
+
+* **Create Exclusion** *(Containment)* - Create Exclusion.
+* **Update Exclusion** *(Containment)* - Update Exclusion by ID.
+* **Delete Exclusion** *(Containment)* - Delete exclusion by ID.
+* **Get Exclusion** *(Enrichment)* - Get exclusion by ID.
+* **List Exclusions** *(Enrichment)* - Retrieve a list of exclusions.
+* **Create Policy** *(Containment)* - Create policy.
+* **Update Policy** *(Containment)* - Update policy.
+* **Delete Policy** *(Containment)* - Delete policy by ID.
+* **Get Policy** *(Enrichment)* - Get policy by ID.
+* **List Policies** *(Enrichment)* - Retrieve a list of policies.
+* **Get Endpoint** *(Enrichment)* - Retrieve a single ID by its universally unique identifier.
+* **Get Endpoint Status** *(Enrichment)* - Get the status of an endpoint.
+* **Get Suspicious Activity** *(Enrichment)* - Fetch suspicious activity of an endpoint.
+* **Remediate Activity** *(Containment)* - Remediate suspicious activity of an endpoint.
+* **Nebula Events Daemon** *(Daemon)* - Automatically retrieve events associated with your account.
+* **Issue Job** *(Containment)* - Issue a job (scan endpoint, restart endpoint, check for updates).
+* **Get Job Status** *(Enrichment)* - Get details about an issued job by ID.
+* **Search Endpoints** *(Enrichment)* - Search all endpoints, or search either the alias or the host name of a fully qualified host name.
+* **Check Job Status** *(Enrichment)* - Check if job status is completed and return details.
+* **List Vulnerabilities** *(Enrichment)* - Search CVE grouped by a specific field.
+* **List Detections** *(Enrichment)* - Search detections.
+
+## Category
+
+Threat Intelligence Reputation
+
+## Change Log
+
+* October 16, 2024 - First upload

docs/platform-services/automation-service/app-central/integrations/microsoft-sentinel.md

@@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 <img src={useBaseUrl('/img/platform-services/automation-service/app-central/logos/microsoft-sentinel.png')} alt="microsoft-sentinel" width="100"/>
 
-***Version: 1.3  
-Updated: Sep 04, 2023***
+***Version: 1.4  
+Updated: Oct 14, 2024***
 
 Microsoft Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise. 
 
@@ -36,3 +36,5 @@ Microsoft Sentinel is a cloud-native security information and event manager (SIE
 	+ renamed action Get Incidents to List Incidents
 	+ renamed action Incidents Daemon Sentinel to Microsoft Sentinel Incidents Daemon
 	+ added new action List Incident Alerts
+* October 14, 2024 (v1.4)
+	+ Updated the integration by adding two new fields (**API Root** and **Login Endpoint**) to the configuration

docs/send-data/collect-from-other-data-sources/sumo-logic-open-source-projects.md

@@ -39,7 +39,7 @@ The following open-source solutions are collected in Sumo Logic’s GitHub repos
 | [Docker](https://github.com/SumoLogic/sumologic-collector-docker) | This repository offers several variants of Docker images to run the Sumo Logic Collector. When images are run, the Collector automatically registers with the Sumo Logic service and create sources based on a sumo-sources.json file. The Collector is configured ephemeral. |
 | [FluentD](https://github.com/SumoLogic/fluentd-output-sumologic) | This plugin sends logs or metrics to Sumo Logic via an HTTP endpoint.  |
 | [JavaScript Logging SDK](https://github.com/SumoLogic/js-sumo-logger) | The JavaScript Logging SDK library enables you to send custom log messages to an HTTP Source without installing a Collector on your server. |
-| [Jenkins](https://github.com/SumoLogic/sumologic-jenkins-plugin) | A Sumo Logic Jenkins plugin. |
+| [Jenkins](https://github.com/jenkinsci/sumologic-publisher-plugin) | A Sumo Logic Jenkins plugin. |
 | [Kinesis](https://github.com/SumoLogic/sumologic-kinesis-connector) | The Kinesis-Sumologic Connector is a Java connector that acts as a pipeline between an Amazon Kinesis stream and a  Sumo Logic Collector. Data is fetched from the Kinesis Stream, transformed into a POJO, and then sent to the Sumologic Collection as JSON. For complete details, see Sumo Logic App for Amazon VPC Flow Logs using Kinesis. |
 | [Logback appender](https://github.com/SumoLogic/sumologic-logback-appender) | This solution is a Logback appender that sends straight to Sumo Logic. |
 | [Logstash](https://github.com/SumoLogic/logstash-output-sumologic) | This solution is a Logstash Sumo Logic output plugin.  |