Merge branch 'main' into CSOAR-3221

Author: mahendrak-sumo

.clabot

@@ -182,7 +182,8 @@
     "Deklin",
     "justrelax19",
     "dlindelof-sumologic",
-    "snyk-bot"
+    "snyk-bot",
+    "stephenthedev"
   ],
   "message": "Thank you for your contribution! As this is an open source project, we require contributors to sign our Contributor License Agreement and do not have yours on file. To proceed with your PR, please [sign your name here](https://forms.gle/YgLddrckeJaCdZYA6) and we will add you to our approved list of contributors.",
   "label": "cla-signed",

.github/workflows/build_and_deploy.yml

@@ -28,7 +28,7 @@ on:
 
 jobs:
   build-and-deploy:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     environment:
       name: ${{ inputs.environment }}
       url: ${{ inputs.hostname }}${{ inputs.base_url }}

.github/workflows/delete-review.yml

@@ -4,7 +4,7 @@ on: delete
 
 jobs:
   delete-branch-environment:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     environment:
       name: review/${{ github.ref_name }}
     env:

.github/workflows/pr.yml

@@ -10,7 +10,7 @@ on:
 
 jobs:
     build-and-deploy:
-      runs-on: ubuntu-22.04
+      runs-on: ubuntu-latest
       env:
           CI: true
           NODE_ENV: production

blog-service/2021/12-31.md

@@ -618,13 +618,13 @@ Update - [Scheduled View](/docs/manage/scheduled-views "Scheduled Views") quer
 ---
 ## March 16, 2021 (Alerts)
 
-Update - We have resolved a discrepancy in the notification payload of [Real Time Scheduled Searches](/docs/alerts/scheduled-searches/create-real-time-alert).
+Update - We have resolved a discrepancy in the notification payload of Real-Time Scheduled Searches.
 
 Previously, the payload for subsequent real time alerts in a given time range would incrementally report the results and omit the records that were already present in the previous alert.
 
 For example, if the Scheduled Search initially returned 10 records, the first alert notification would contain 10 records in the payload. If the next run contained the same 10 records plus 1 additional, the notification payload would only contain the single new record.
 
-Going forward, we will ensure that the records sent in the notification payload will always contain all the records returned in the Scheduled Search. Following the above example, the next run of the Real Time Scheduled Search would return 11 records. This change ensures that the payload will always match the results of the search in Sumo Logic.
+Going forward, we will ensure that the records sent in the notification payload will always contain all the records returned in the Scheduled Search. Following the above example, the next run of the Real-Time Scheduled Search would return 11 records. This change ensures that the payload will always match the results of the search in Sumo Logic.
 
 ---
 ## March 12, 2021-12 (Collection)

blog-service/2024/12-31.md

@@ -827,7 +827,7 @@ For information, see [Metrics Explorer](/docs/metrics/metrics-queries/metrics-ex
 
 As part of our ongoing evaluation of the Sumo Logic service, we have decided to deprecate [Real-Time Scheduled Searches](/docs/alerts/scheduled-searches/create-real-time-alert). In particular, we will remove the option to create new Real-Time Scheduled Searches on May 15, 2024. Existing Real-Time Scheduled Searches will continue to function until May 15, 2025. We believe many use cases for Real-Time Scheduled Searches can be met by [Monitors](/docs/alerts/monitors/overview). Any remaining use cases can be met by executing these searches at 15m intervals.
 
-In 2020, Sumo Logic released Monitors, which provided a new framework to trigger alerts on both metrics and log data in real time and send notifications. Real-Time Scheduled Searches provided a much more limited version of this functionality. Monitors will continue to be the focus area for our Product and Engineering Teams for features and enhancements regarding alerting. Learn more [here](/docs/alerts/scheduled-searches/deprecation).
+In 2020, Sumo Logic released Monitors, which provided a new framework to trigger alerts on both metrics and log data in real time and send notifications. Real-Time Scheduled Searches provided a much more limited version of this functionality. Monitors will continue to be the focus area for our Product and Engineering Teams for features and enhancements regarding alerting.
 
 ### April 26, 2024 (Apps)
 
@@ -1119,4 +1119,4 @@ For more information, see our documentation on how to [monitor credits allocatio
 
 #### Index Field
 
-We're excited to include the **Index** field as metadata at the bottom of every message row, along with other metadata. This allows you to modify the search query by clicking the index name or view surrounding messages by clicking on the dropdown. [Learn more](/docs/search/get-started-with-search/search-basics/built-in-metadata). <br/><img src={useBaseUrl('img/search/get-started-search/search-page/index-filter.png')} alt="index-filter" width="800" style={{border: '1px solid gray'}}/>
+We're excited to include the **Index** field as metadata at the bottom of every message row, along with other metadata. This allows you to modify the search query by clicking the index name or view surrounding messages by clicking on the dropdown. [Learn more](/docs/search/get-started-with-search/search-basics/built-in-metadata). <br/><img src={useBaseUrl('img/search/get-started-search/search-page/index-filter.png')} alt="index-filter" width="800" style={{border: '1px solid gray'}}/>

blog-service/2025-04-28-manage.md

@@ -0,0 +1,17 @@
+---
+title: Content Sharing for Apps (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - apps
+  - content sharing
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We are happy to announce that authorized users can now control the visibility of  installed app content. This update allows content administrators and the installing user to configure the roles and users who should be allowed to view the dashboards and log searches that are installed with an app.
+
+For more information about sharing apps, see [Content Sharing in Sumo Logic](/docs/manage/content-sharing/).
+
+<img src={useBaseUrl('img/content-sharing/grant-app-access-to-org.png')} alt="<your image description>" style={{border: '1px solid gray'}} width="<insert-pixel-number>" />

blog-service/2025-04-30-apps.md

@@ -0,0 +1,44 @@
+---
+title: Apps, Solutions, and Collection Integrations - April Release 
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - april-release
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+### New release
+
+We’re excited to announce the release of the following apps for Sumo Logic:
+
+- **Amazon Elastic Block Store**. Amazon Elastic Block Store (EBS) offers block-level storage for EC2 instances, acting like unformatted hard drives that can be mounted, configured, and persist independently of the instance's lifecycle. It's ideal for applications needing fast, long-term storage such as file systems, databases, and workloads with frequent or large-scale data access. [Learn more](/docs/integrations/amazon-aws/amazon-elastic-block-store/).
+- **Azure Kubernetes Service (AKS) - Control Plane**. The AKS - Control Plane app collects logs from Azure Kubernetes Service to monitor and manage Kubernetes API activity, gain operational insights, support troubleshooting, and conduct security auditing. [Learn more](/docs/integrations/microsoft-azure/kubernetes/).
+- **Azure Virtual Machine**. The Azure Virtual Machine app collects VM instance metrics and presents them in predefined dashboards, offering insights into CPU, disk, network, cache, and memory performance, as well as audit events related to changes, errors, and user activities. [Learn more](/docs/integrations/microsoft-azure/azure-virtual-machine/).
+- **Google Cloud VPC**. The Google Cloud VPC app offers visibility into VPC activities and traffic, with dashboards detailing flow data, IP addresses, ports, protocols, threat intelligence, traffic direction, and related messages. [Learn more](/docs/integrations/google/cloud-vpc/).
+- **Google Cloud Storage**. The Google Cloud Storage app uses the Google Cloud Audit Logs and Cloud Storage metrics for comprehensive monitoring of logs and metrics, offering dashboards that provide insights into storage usage, request operations, data transfer, authentication, performance, and optimization. [Learn more](/docs/integrations/google/cloud-storage/).
+
+### AWS Observability Solution v2.12.0
+
+**Enhancements**:
+
+- Updated the SAM Lambda runtime from `Node.js v20.x` to `Node.js v22.x`.
+- Updated the Lambda runtime to `Node.js v22.x` in the CloudFormation template for AWS CloudWatch Logs with Dead Letter Queue Support.
+- Updated the [SecurityHub SAM Lambda](https://github.com/SumoLogic/sumologic-aws-lambda/releases) runtime from `Python v3.11` to `Python v3.13`.
+- Updated the Lambda runtime to `Python v3.13` in the CloudFormation template for Kinesis Metric Collection.
+- Updated the Sumo Logic terraform provider to `v3.x`.
+- Updated the [AWS EC2 app - Events (CloudTrail) dashboard](/docs/observability/aws/integrations/aws-ec2-metrics/#21-aws-ec2---events-cloudtrail).
+- Updated 9 apps and 4 monitors to accommodate new Threat Intel feed. [AWS Application Load Balancer](/docs/observability/aws/integrations/aws-application-load-balancer/#7-aws-application-load-balancer---threat-intel), [AWS API Gateway](/docs/observability/aws/integrations/aws-api-gateway/#audit-events), [AWS Classic Load Balancer](/docs/observability/aws/integrations/aws-classic-load-balancer/#7-aws-classic-load-balancer---threat-intel), [AWS DynamoDB](/docs/observability/aws/integrations/aws-dynamodb/#4-aws-dynamodb---threat-intel), [AWS EC2](/docs/observability/aws/integrations/aws-ec2-metrics/), [AWS Lambda](/docs/observability/aws/integrations/aws-lambda/#6-aws-lambda---threat-intel), [Amazon RDS](/docs/observability/aws/integrations/amazon-rds/#viewing-the-rds-dashboards), [Amazon SNS](/docs/observability/aws/integrations/amazon-sns/#amazon-sns---threat-intel), and [Amazon SQS](/docs/observability/aws/integrations/amazon-sqs/#threat-intel).
+
+**Deprecations**:
+
+- Deprecated support for Sumo Logic Mumbai deployment.
+- Deprecated the **Sumo Logic Root Cause Explorer Sources** section, which facilitates the installation of AWS X-Ray Source and AWS Inventory Source via CloudFormation and Terraform solutions.
+
+### Enhancements
+
+- **Updated the OpenTelemetry app queries to accommodate the new i471 Threat Intel feed**. [Apache - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/apache-opentelemetry/#threat-analysis), [Apache Tomcat - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry/#threat-intel), [HAProxy - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/haproxy-opentelemetry/#threat-analysis), [IIS 10 - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/iis-10-opentelemetry/#threat-analysis), [Nginx - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/nginx-opentelemetry/#threat-intel), [PostgreSQL - OpenTelemetry](/docs/integrations/databases/opentelemetry/postgresql-opentelemetry/), and [Varnish - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/varnish-opentelemetry/#threat-intel).
+- **Updated the app queries to accommodate the new i471 Threat Intel feed**. [AWS API Gateway](/docs/observability/aws/integrations/aws-api-gateway/), [AWS Application Load Balancer](/docs/integrations/amazon-aws/application-load-balancer/#threat-intel), [AWS Classic Load Balancer](/docs/observability/aws/integrations/aws-classic-load-balancer/#7-aws-classic-load-balancer---threat-intel), [AWS DynamoDB](/docs/observability/aws/integrations/aws-dynamodb/#4-aws-dynamodb---threat-intel), [AWS EC2](/docs/observability/aws/integrations/aws-ec2-metrics/), [AWS Lambda](/docs/observability/aws/integrations/aws-lambda/#6-aws-lambda---threat-intel), [Amazon RDS](/docs/integrations/amazon-aws/rds/), [Amazon SNS](/docs/observability/aws/integrations/amazon-sns/#amazon-sns---threat-intel), and [Amazon SQS](/docs/integrations/amazon-aws/sqs/#threat-intel).
+- **Classic Apps to Next-Gen Apps Migration**. [BitBucket](/docs/integrations/app-development/bitbucket/), [GitHub](/docs/integrations/app-development/github/), [Gitlab](/docs/integrations/app-development/gitlab/), [Jira Cloud](/docs/integrations/app-development/jira-cloud/), [Opsgenie](/docs/integrations/saas-cloud/opsgenie/), [PagerDuty V2](/docs/integrations/saas-cloud/pagerduty-v2/), [PagerDuty V3](/docs/integrations/saas-cloud/pagerduty-v3/), [Apache](/docs/integrations/web-servers/apache/), [Apache Tomcat](/docs/integrations/web-servers/apache-tomcat/), [HAProxy](/docs/integrations/web-servers/haproxy/), [IIS 10](/docs/integrations/web-servers/iis-10/), [Nginx](/docs/integrations/web-servers/nginx/), [Nginx Ingress](/docs/integrations/web-servers/nginx-ingress/), [Nginx Plus](/docs/integrations/web-servers/nginx-plus/), [Nginx Plus Ingress](/docs/integrations/web-servers/nginx-plus-ingress/), [Application Components Solution](/docs/observability/application-components/), [Cassandra](/docs/integrations/databases/cassandra/), [Couchbase](/docs/integrations/databases/couchbase/), [Elasticsearch](/docs/integrations/databases/elasticsearch/), [MariaDB](/docs/integrations/databases/mariadb/), [Memcached](/docs/integrations/databases/memcached/), [MongoDB](/docs/integrations/databases/mongodb/), [MySQL](/docs/integrations/databases/mysql/), [Oracle](/docs/integrations/databases/oracle/), [PostgreSQL](/docs/integrations/databases/postgresql/), [Redis](/docs/integrations/databases/redis/), [SQL Server](/docs/integrations/microsoft-azure/sql-server/), and CircleCI apps are migrated from [Classic Apps (Legacy)](/docs/get-started/apps-integrations/#classic-apps-legacy) to [Next-Gen Apps](/docs/get-started/apps-integrations/#next-gen-apps).
+- **Released FAQ section with 14 OTRM Source Templates**. [Windows Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/windows/), [Apache Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/apache/), [Linux Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/linux), [Mac Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/mac), [Local File Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/localfile), [Syslog Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/syslog), [Redis Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/redis), [RabbitMQ Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/rabbitmq), [Docker Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/docker), [Nginx Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/nginx), [Kafka Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/kafka), [PostgreSQL Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/postgresql), [MySQL Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/mysql), and [Elasticsearch Source Template](/docs/send-data/opentelemetry-collector/remote-management/source-templates/elasticsearch).

blog-service/2025-05-01-manage.md

@@ -0,0 +1,17 @@
+---
+title: Service Accounts (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - access keys
+  - service accounts
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We are happy to announce that you can now create service accounts in Sumo Logic. Service accounts are a special type of account designed for automating processes that use Sumo Logic APIs, such as scripts, integrations, and infrastructure as code. Unlike user accounts, service accounts are not associated with an individual and do not allow for interactive logins.
+
+[Learn more](/docs/manage/security/service-accounts).
+
+<img src={useBaseUrl('/img/security/service-accounts-page.png')} alt="Service Accounts tab" style={{border: '1px solid gray'}} width="800"/>

blog-service/2025-05-05-alerts.md

@@ -0,0 +1,17 @@
+---
+title: Real-Time Scheduled Searches Deprecation (Alerts)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - alerts
+  - scheduled searches
+  - monitors
+hide_table_of_contents: true    
+---
+
+The [previously announced](/release-notes-service/2024/12/31/#deprecation-notice---real-time-scheduled-searches) automatic conversion of Real-Time Scheduled Searches to 15-minute scheduled searches will not take place.
+
+- Existing Real-Time Scheduled Searches will continue to operate as-is.
+- Creating new Real-Time Scheduled Searches remains disabled (since May 29, 2024).
+- For new real-time alerting use cases, we recommend using [Monitors](https://help.sumologic.com/docs/alerts/monitors/overview).
+
+[Learn more](/docs/alerts/scheduled-searches/create-real-time-alert).