SumoLogic
diff --git a/‎blog-service/2024-11-28-apps.md‎
Lines changed: 0 additions & 4 deletions b/‎blog-service/2024-11-28-apps.md‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎blog-service/2024-12-02-apps.md‎
Lines changed: 16 additions & 0 deletions b/‎blog-service/2024-12-02-apps.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎blog-service/2024-12-02-apps2.md‎
Lines changed: 22 additions & 0 deletions b/‎blog-service/2024-12-02-apps2.md‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎blog-service/2024-12-02-copilot.md‎
Lines changed: 25 additions & 0 deletions b/‎blog-service/2024-12-02-copilot.md‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎cid-redirects.json‎
Lines changed: 3 additions & 0 deletions b/‎cid-redirects.json‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎docs/cse/introduction-to-cloud-siem.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/cse/introduction-to-cloud-siem.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/cse/rules/cse-rules-syntax.md‎
Lines changed: 7 additions & 2 deletions b/‎docs/cse/rules/cse-rules-syntax.md‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎docs/integrations/microsoft-azure/index.md‎
Lines changed: 6 additions & 0 deletions b/‎docs/integrations/microsoft-azure/index.md‎
Lines changed: 6 additions & 0 deletions
@@ -33,10 +33,6 @@ We're excited to announce the release of the enhancements listed below for the S
 - **Added CloudTrail Audit dashboard**. The CloudTrail Audit dashboard is added to the [AWS Application Load Balancer](/docs/integrations/amazon-aws/application-load-balancer/#cloudtrail-audit), [AWS Classic Load Balancer](/docs/integrations/amazon-aws/classic-load-balancer/#cloudtrail-audit), and [AWS Network Load Balancer](/docs/integrations/amazon-aws/network-load-balancer/#cloudtrail-audit) apps. This dashboard helps you to visualize the successful and failed events globally, event trends, error details, and user activities, offering insights into load balancer performance, security, and usage patterns. 
 - **Amazon RDS**. Added **Oracle Logs - Alert Logs Analysis**, **Oracle Logs - Audit Logs Analysis**, and **Oracle Logs - Listener Troubleshooting** dashboards. These CloudTrail and CloudWatch Logs dashboard provide monitoring for error logs and essential infrastructure details. [Learn more](/docs/integrations/amazon-aws/rds/#oracle-logs---alert-logs-analysis).
 - **MongoDB Atlas**. New version of the [MongoDB Atlas collection](/docs/integrations/databases/mongodb-atlas/#collecting-logs-and-metrics-for-the-mongodb-atlas-app) was released with `v.1.0.11` in [Pypi](https://pypi.org/project/sumologic-mongodb-atlas/) and `v1.0.18` in [AWS Serverless Repository](https://serverlessrepo.aws.amazon.com/applications/us-east-1/956882708938/sumologic-mongodb-atlas). [Learn more](https://github.com/SumoLogic/sumologic-mongodb-atlas/releases/tag/v2.0.1)
-- Source Template enhancements:
-  - Updated log and metric section feature on 11 Source templates (OTRM).
-  - Updated and maintained the UI uniformity across all Source templates.
-  - Released masking feature for the Windows Source Template. [Learn more](/docs/send-data/opentelemetry-collector/data-transformations/#masking-examples).
 
 ### Bug fixes
 
 
@@ -0,0 +1,16 @@
+---
+title: Digital Guardian ARC (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - digital-guardian-arc
+  - apps
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce the new Digital Guardian ARC app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud Digital Guardian source that provides data protection through analytics, reporting, and workflows. This integration helps to improve real-time activity monitoring, pre-configure alerts for different events, analyze policy enforcements, provide geolocation insights to support targeted threat investigation and response, and identify potential tampering by closely monitoring digital signatures for files and applications.
+
+Explore our technical documentation [here](/docs/integrations/saas-cloud/digital-guardian-arc/) to learn how to set up and use the Digital Guardian ARC app for Sumo Logic.
@@ -0,0 +1,22 @@
+---
+title: Microsoft Defender for Cloud (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - microsoft-defender-for-cloud
+  - apps
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce the new Microsoft Defender for Cloud app for Sumo Logic. This app helps you to collect the alerts, security recommendation, and regulatory compliance logs using the Sumo Logic Cloud-to-Cloud Azure Event Hub Source and by configuring the continuous export using the Event Hub instance details in the Azure portal. Key features of the Microsoft Defender for Cloud app include:
+
+- Gain real-time visibility into security alerts across your Azure environment, categorized by severity (High, Medium, Low, and Informational).
+- Monitor trends in alert activity over time to identify spikes and recurring threats.
+- Leverage detailed alert summaries and remediation steps for effective threat mitigation.
+- Track compliance performance across critical standards, including FedRAMP, PCI DSS 4, CIS Azure Foundations, and Microsoft Cloud Security Benchmark.
+- Analyze threats by categories like data exfiltration, unauthorized access, and account breaches.
+
+Explore our technical documentation [here](/docs/integrations/microsoft-azure/microsoft-defender-for-cloud/) to learn how to set up and use the Microsoft Defender for Cloud  app for Sumo Logic.
@@ -0,0 +1,25 @@
+---
+title: Sumo Logic Copilot (Search)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - copilot
+  - artificial intelligence
+  - ai
+  - machine learning
+  - ml
+hide_table_of_contents: true  
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce Copilot, an AI-powered assistant that accelerates log investigations and troubleshooting. With natural language query capabilities and contextual suggestions, Copilot helps security first responders and on-call engineers resolve incidents quickly and efficiently. [Learn more](/docs/search/copilot).
+
+* Ask questions in plain English to generate actionable log insights.
+* Get tailored suggestions relevant to your troubleshooting and investigation context.
+* Leverage conversation history to save and resume sessions without losing context.
+* Auto-visualize charts from search results and add them directly to dashboards.
+* Use auto-complete for natural language queries to access insights faster.
+
+<img src={useBaseUrl('img/search/copilot/ga-releasenote.png')} alt="Copilot UI with the query Analyze the geographic distribution of requests by source IP" style={{border: '1px solid gray'}} width="800" />
@@ -1573,6 +1573,7 @@
   "/cid/10110": "/docs/integrations/app-development/jfrog-xray",
   "/cid/10111": "/docs/integrations/app-development/jfrog-xray",
   "/cid/10188": "/docs/integrations/saas-cloud/miro",
+  "/cid/10187": "/docs/integrations/saas-cloud/digital-guardian-arc",
   "/cid/10208": "/docs/integrations/saas-cloud/cisco-meraki-c2c",
   "/cid/10209": "/docs/integrations/security-threat-detection/cisco-meraki",
   "/cid/10210": "/docs/integrations/saas-cloud/proofpoint-tap",
@@ -1824,6 +1825,7 @@
   "/cid/1963": "/docs/integrations/sumo-apps/enterprise-audit",
   "/cid/1964": "/docs/integrations/security-threat-detection/f5-big-ip-ltm",
   "/cid/1965": "/docs/integrations/security-threat-detection/netskope",
+  "/cid/19665": "/docs/integrations/microsoft-azure/microsoft-defender-for-cloud",
   "/cid/1966": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/carbon-black-cloud-source",
   "/cid/1987": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source",
   "/cid/1257": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/atlassian-source",
@@ -2021,6 +2023,7 @@
   "/cid/10226": "/docs/integrations/containers-orchestration/opentelemetry/activemq-opentelemetry",
   "/cid/25631": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/tenable-source",
   "/cid/25632": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/workday-source",
+  "/cid/25633": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source",
   "/cid/25634": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source",
   "/cid/25635": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-azure-ad-reporting-source",
   "/cid/25636": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-identity-protection-source",
 
@@ -7,7 +7,7 @@ description: Learn basic concepts about Cloud SIEM.
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
 
-Cloud SIEM, also known as Cloud SIEM, is a cloud-based, enterprise-grade security information and event management (SIEM) system. Cloud SIEM leverages Sumo Logic's core functionality, including data collection, ingestion, storage, and threat intelligence. Cloud SIEM is a purchased add-on with an ever-expanding library of content designed for security operations.
+Cloud SIEM is a cloud-based enterprise-grade security information and event management (SIEM) system. Cloud SIEM leverages Sumo Logic's core functionality, including data collection, ingestion, storage, and threat intelligence. Cloud SIEM is a purchased add-on with an ever-expanding library of content designed for security operations.
 
 Watch the following micro lesson to learn how to get started using Cloud SIEM for threat investigation.
 
 
@@ -1394,7 +1394,12 @@ Filters results based on the value of a boolean expression.
 
 `... | where <boolean expression>`
 
-**Example**
+**Examples**
 
-`| where jsonArrayContains(field, “vuln_scanner”)`  
+* `| where jsonArrayContains(field, “vuln_scanner”)`
 
+* `| where` can be used at the beginning of an expression, as well as on subsequent lines after another syntax element has been used to start a preceding line. For example:
+   ```
+   | json field=fields "foo" as alias
+   | where toInt(alias) > 5
+   ```
@@ -317,6 +317,12 @@ This guide has documentation for all of the apps that Sumo Logic provides for Mi
       <p>A guide to the Sumo Logic app for Azure Kubernetes Service Control Plane.</p>
       </div>
     </div>
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/integrations/microsoft-azure/microsoft-defender-for-cloud"><img src={useBaseUrl('img/integrations/microsoft-azure/microsoft-defender-for-cloud.png')} alt="thumbnail icon" width="75"/><h4>Microsoft Defender for Cloud</h4></a>
+  <p>Learn about the Sumo Logic collection process for the Microsoft Defender for Cloud service.</p>
+  </div>
+</div>
     <div className="box smallbox card">
       <div className="container">
       <img src={useBaseUrl('img/integrations/microsoft-azure/network-watcher.png')} alt="Thumbnail icon" width="50"/>