SumoLogic
diff --git a/‎blog-service/2025-08-29-apps.md‎
Lines changed: 12 additions & 0 deletions b/‎blog-service/2025-08-29-apps.md‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎blog-service/2025-08-31-apps.md‎
Lines changed: 35 additions & 0 deletions b/‎blog-service/2025-08-31-apps.md‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎cid-redirects.json‎
Lines changed: 16 additions & 1 deletion b/‎cid-redirects.json‎
Lines changed: 16 additions & 1 deletion
diff --git a/‎docs/cse/rules/about-cse-rules.md‎
Lines changed: 38 additions & 4 deletions b/‎docs/cse/rules/about-cse-rules.md‎
Lines changed: 38 additions & 4 deletions
@@ -0,0 +1,12 @@
+---
+title: Zimperium (Apps)
+image: https://help.sumologic.com/img/reuse/rss-image.jpg
+keywords:
+  - apps
+  - zimperium
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're excited to introduce the new Zimperium app for Sumo Logic. This app provides visibility into mobile threats by centralizing threat intelligence and device telemetry, and collects threat logs for analysis in Sumo Logic. [Learn more](/docs/integrations/saas-cloud/zimperium/).
@@ -0,0 +1,35 @@
+---
+title: Apps, Solutions, and Collection Integrations - August Release 
+image: https://help.sumologic.com/img/reuse/rss-image.jpg
+keywords:
+  - apps
+  - august-release
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+
+
+### New release
+
+We’re excited to announce the release of the new Azure Event Hubs app and OpenTelemetry Collector Insights app for Sumo Logic.
+
+- **Azure Event Hubs**. The Azure Event Hubs app helps monitor data plane operations, such as sending or receiving events, and tracks performance metrics, including consumer lag, throughput, and active connections. [Learn more](/docs/integrations/microsoft-azure/azure-event-hubs/).
+- **OpenTelemetry Collector Insights**. The OpenTelemetry Collector Insights app provides end-to-end monitoring for your OpenTelemetry Collector instances, enabling you to track performance, data flow, and resource utilization. Use preconfigured dashboards and alerts to troubleshoot issues and ensure your telemetry pipeline runs smoothly and efficiently. [Learn more](/docs/integrations/sumo-apps/opentelemetry-collector-insights/).
+
+### Enhancements
+
+- **Azure Virtual Machine**. Automated Metric Rule creation during app install. [Learn more](/docs/integrations/microsoft-azure/azure-virtual-machine/#installing-the-azure-virtual-machine-app).
+- **CircleCI Integration**. Updated the CircleCI integration to handle the BLOCKED job state.
+- **AWS Serverless Application Model (SAM)**. Released the following SAM:
+    - `sumologic-app-utils` - SemanticVersion 2.0.21
+    - `sumologic-s3-logging-auto-enable` - SemanticVersion 1.0.18
+    - `sumologic-guardduty-benchmark` - SemanticVersion 1.0.18
+    - `sumologic-aws-cloudtrail-benchmark` - SemanticVersion 1.0.21
+- **Windows ST**. A flag to prevent the collector from shutting down when it fails to open the event log channel; instead, it logs a warning.
+
+### Bug Fixes
+
+- **Groovy script of Jenkins plugin**. The Groovy script used in the Jenkins plugin has been updated to automate input handling with the correct data type.
+- **Jenkins plugin**. Released with dependency upgrades and vulnerability fixes.
@@ -574,6 +574,8 @@
   "/Search/Search-Query-Language": "/docs/search/search-query-language",
   "/docs/search/search-syntax": "/docs/search/search-query-language",
   "/docs/search/search-query-language/operators/eval": "/docs/metrics/metrics-operators/eval",
+  "/docs/search/search-query-language/search-operators/eval": "/docs/metrics/metrics-operators/eval",
+  "/docs/search/search-query-language/search-operators/eval-operator": "/docs/metrics/metrics-operators/eval",
   "/Search/Search-Query-Language/Search-Operators/join": "/docs/search/search-query-language/search-operators/join",
   "/05Search/Search-Query-Language/Search-Operators/length": "/docs/search/search-query-language/search-operators/length",
   "/05Search/Search-Query-Language/Search-Operators/limit": "/docs/search/search-query-language/search-operators/limit",
@@ -1416,7 +1418,8 @@
   "/Send_Data": "/docs/send-data",
   "/Send_Data/Collector_Management_API/Sumo_Logic_Endpoints": "/docs/api/collector-management",
   "/Send_Data/Collector_Management_API/About_the_Collector_Management_API": "/docs/api/collector-management",
-  "/Send_Data/Collector_FAQs/How_to_Ingest_Old_or_Historical_Data": "/docs/send-data/opentelemetry-collector/faq",
+  "/Send_Data/Collector_FAQs/How_to_Ingest_Old_or_Historical_Data": "/docs/send-data/collector-faq",
+  "/Send_Data/Collector_FAQs/How_to_tell_which_version_of_the_Collector_is_installed": "/docs/send-data/collector-faq",
   "/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security": "/docs/api/about-apis/getting-started",
   "/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security": "/docs/api/about-apis/getting-started",
   "/APIs/Partition_Management_API": "/docs/api/partition-management",
@@ -1466,6 +1469,7 @@
   "/Dashboards-and-Alerts/Dashboards/Chart-Panel-Types": "/docs/dashboards/panels",
   "/Dashboards-and-Alerts/Dashboards/Chart-Panel-Types/Area-Charts": "/docs/dashboards/panels/area-charts",
   "/Dashboards_and_Alerts/Dashboards/Chart_Panel_Types/Line_Charts": "/docs/dashboards/panels/line-charts",
+  "/Dashboards_and_Alerts/Dashboards/Troubleshoot_Dashboards/Why_can't_I_view_a_search_from_a_Dashboard": "/docs/dashboards",
   "/Dashboards-and-Alerts/Dashboards/Edit-Dashboards-and-Panels/Change-Gridlines-on-the-Y-Axis": "/docs/dashboards/panels",
   "/Dashboards-and-Alerts/Dashboards/Edit-Dashboards-and-Panels/Change-the-Color-of-a-Chart-by-Value-Range-on-the-Search-Page": "/docs/dashboards",
   "/Dashboards-and-Alerts/Dashboards/Edit-Dashboards-and-Panels/Change-the-Color-of-a-Chart": "/docs/dashboards",
@@ -2081,6 +2085,7 @@
   "/cid/22674": "/docs/integrations/google/cloud-functions",
   "/cid/22675": "/docs/integrations/google/cloud-sql",
   "/cid/23233": "/docs/integrations/saas-cloud/zendesk",
+  "/cid/23234": "/docs/integrations/saas-cloud/zimperium",
   "/cid/2323": "/docs/integrations/saas-cloud/zoom",
   "/cid/23239": "/docs/integrations/saas-cloud/lastpass",
   "/cid/2324": "/docs/integrations/saas-cloud/workday",
@@ -3051,6 +3056,7 @@
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/00Insight_Generation_Process": "/docs/cse/get-started-with-cloud-siem/insight-generation-process",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/05Set_Insight_Generation_Window_and_Threshold": "/docs/cse/records-signals-entities-insights/set-insight-generation-window-threshold",
   "/docs/cse/records-signals-entities-insights/signal-index-migration-faq": "/docs/cse/records-signals-entities-insights/search-cse-records-in-sumo",
+  "/docs/cse/records-signals-entities-insights/signals-overview": "/docs/cse/records-signals-entities-insights",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/07Entity_Criticality": "/docs/cse/records-signals-entities-insights/entity-criticality",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/11Create_a_Custom_Entity_Type": "/docs/cse/records-signals-entities-insights/create-custom-entity-type",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/13Using_Tags_with_Insights%2C_Signals%2C_Entities%2C_and_Rules": "/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules",
@@ -3632,11 +3638,13 @@
   "/Send_Data/Sources": "/docs/send-data",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Preconfigure_a_Machine_to_Collect_Remote_Windows_Events": "/docs/send-data/installed-collectors/sources/preconfigure-machine-collect-remote-windows-events",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Script_Action": "/docs/send-data/installed-collectors/sources/script-action",
+  "/Send_Data/Sources/01Sources_for_Installed_Collectors/Script_Source/Calling_PowerShell_from_a_Sumo_Logic_Script_Source": "/docs/send-data/installed-collectors/sources/script-source",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Syslog_Source": "/docs/send-data/hosted-collectors/cloud-syslog-source",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Local_File_Source": "/docs/send-data/installed-collectors/sources/local-file-source",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Local_File_Source/Define_Boundary_Regex_for_Multiline_Messages": "/docs/send-data/installed-collectors/sources/define-boundary-regex-multiline-messages",
   "/Search/Search-FAQs/Compare-Log-Messages-by-Day-of-the-Week": "/docs/search/faq",
   "/Search/Search-FAQs/Export-the-Results-of-a-Saved-File": "/docs/search/faq",
+  "/Search/Search_FAQs/How_to_reference_a_field_name_that_contains_a_special_character": "/docs/search/faq",
   "/Search/Search_Cheat_Sheets/Search-Operators-Cheat-Sheet": "/docs/search/search-cheat-sheets",
   "/Search/Search_Cheat_Sheets/Search_Operators_Cheat_Sheet": "/docs/search/search-cheat-sheets",
   "/Search/Search_Job_API/Search_Job_API": "/docs/api/search-job",
@@ -3894,6 +3902,7 @@
   "/Beta": "/docs/beta",
   "/Beta/APIs": "/docs/api",
   "/Beta/APIs/APIs": "/docs/api",
+  "/Beta/Audit_Event_Index": "/docs/manage/security/audit-indexes/audit-event-index",
   "/Beta/AWS_Kinesis_Firehose_for_Logs_Source": "/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-logs-source",
   "/Beta/AWS_Lambda_-_Python_function_instrumentation_with_Sumo_Logic_tracing": "/docs/apm/traces/get-started-transaction-tracing/opentelemetry-instrumentation/python",
   "/Beta/AWS_Lambda_-_Java_function_instrumentation_with_Sumo_Logic_tracing": "/docs/apm/traces/get-started-transaction-tracing/opentelemetry-instrumentation/aws-lambda/java",
@@ -3929,6 +3938,7 @@
   "/Beta/Saved_beta_content/Beta---Library/Apps_in_Sumo_Logic/01_Sumo_Logic_Apps": "/docs/integrations",
   "/Beta/SLO_Reliability_Management": "/docs/observability/reliability-management-slo",
   "/Beta/SLO_Reliability_Management/Access_and_Create_SLOs": "/docs/observability/reliability-management-slo",
+  "/Beta/Traces/HTTP_Traces_Source": "/docs/send-data/hosted-collectors/http-source/traces",
   "/Beta/Workday/Collect_Logs_for_the_Workday_App": "/docs/integrations/saas-cloud/workday",
   "/docs/beta/search-log-level": "/docs/search/get-started-with-search/search-page/log-level",
   "/docs/search/get-started-with-search/search-page/event-analytics/": "/docs/search/get-started-with-search/search-page",
@@ -4017,15 +4027,18 @@
   "/Search/Search-Query-Language/Search-Operators/format": "/docs/search/search-query-language/search-operators/formatdate",
   "/Search/Search_Query_Language/Search_Operators/Geo_Lookup": "/docs/search/search-query-language/search-operators/geo-lookup-map",
   "/Search/Search-Query-Language/Search-Operators/Geo-Lookup-(Map)": "/docs/search/search-query-language/search-operators/geo-lookup-map",
+  "/Search/Search_Query_Language/Search_Operators/ipv4ToNumber": "/docs/search/search-query-language/search-operators/ipv4tonumber",
   "/Search/Search_Query_Language/Search_Operators/num": "/docs/search/search-query-language/search-operators/num",
   "/Search/Search-Query-Language/Search-Operators/sessionize": "/docs/search/search-query-language/search-operators/sessionize",
   "/Search/Search_Query_Language/Search_Operators/outlier": "/docs/search/search-query-language/search-operators/outlier",
   "/Search/Search_Query_Language/Search_Operators/where": "/docs/search/search-query-language/search-operators/where",
   "/Search/Search_Query_Language/Transaction_Analytics": "/docs/search/search-query-language/transaction-analytics",
+  "/Search/Search_Query_Language/Transaction_Analytics/Merge_Operator": "/docs/search/search-query-language/transaction-analytics/merge-operator",
   "/Search/Search_Query_Language/Search_Operators/join": "/docs/search/search-query-language/search-operators/join",
   "/Search/Search_Query_Language/Search_Operators/lookup": "/docs/search/search-query-language/search-operators/lookup",
   "/Search/Search_Query_Language/Search_Operators/smooth": "/docs/search/search-query-language/search-operators/smooth",
   "/Search/Search_Query_Language/Search_Operators/toLowerCase_and_toUpperCase": "/docs/search/search-query-language/search-operators/tolowercase-touppercase",
+  "/Search/Search_Query_Language/Search_Operators/timeslice": "/docs/search/search-query-language/search-operators/timeslice",
   "/Search/Search-Cheat-Sheets/General-Search-Examples-Cheat-Sheet": "/docs/search/search-cheat-sheets/general-search-examples",
   "/Search/Search-Cheat-Sheets/Log-Operators-Cheat-Sheet": "/docs/search/search-cheat-sheets/log-operators",
   "/Search/Search-Query-Language/01-Parse-Operators": "/docs/search/search-query-language/parse-operators",
@@ -4036,6 +4049,7 @@
   "/Search/Search-Query-Language/01-Parse-Operators/07-Parse-XML-Formatted-Logs": "/docs/search/search-query-language/parse-operators/parse-xml-formatted-logs",
   "/Search/Search-Query-Language/aaGroup/count,-count-distinct,-and-count-frequent": "/docs/search/search-query-language/group-aggregate-operators/count-count-distinct-and-count-frequent",
   "/Search/Search-Query-Language/aaGroup/fillmissing": "/docs/search/search-query-language/search-operators/fillmissing",
+  "/Search/Search-Query-Language/aaGroup/standard-deviation": "/docs/search/search-query-language/group-aggregate-operators/stddev",
   "/Search/Search-Query-Language/aaGroup/sum": "/docs/search/search-query-language/group-aggregate-operators/sum",
   "/Search/Search-Query-Language/Search-Operators": "/docs/search/search-query-language/search-operators",
   "/Search/Search-Query-Language/Search-Operators/lookup": "/docs/search/search-query-language/search-operators/lookup",
@@ -4110,6 +4124,7 @@
   "/Send-Data/Applications-and-Other-Data-Sources/AWS-Lambda": "/docs/integrations/amazon-aws/lambda",
   "/Send-Data/Applications-and-Other-Data-Sources/AWS-CloudTrail/04-Set-Up-Admin-Access-for-CloudTrail": "/docs/integrations/amazon-aws/cloudtrail",
   "/Send-Data/Applications-and-Other-Data-Sources/AWS-Elastic-Load-Balancing-ULM-Application/Collect-Logs-and-Metrics-for-AWS-Elastic-Load-Balancing-ULM-Application": "/docs/integrations/amazon-aws/classic-load-balancer",
+  "/Send-Data/Applications-and-Other-Data-Sources/AWS-Elastic-Load-Balancing-ULM-CLB/Collect-Logs-and-Metrics-for-AWS-Elastic-Load-Balancing-ULM-CLB": "/docs/integrations/amazon-aws/classic-load-balancer",
   "/Send-Data/Applications-and-Other-Data-Sources/Azure_Active_Directory": "/docs/integrations/microsoft-azure/active-directory-azure",
   "/Send-Data/Applications-and-Other-Data-Sources/Azure_Active_Directory/Collect_Logs_for_Azure_Active_Directory": "/docs/integrations/microsoft-azure/active-directory-azure",
   "/Send-Data/Applications-and-Other-Data-Sources/Azure_Active_Directory/Install_the_Azure_Active_Directory_App_and_View_the_Dashboards": "/docs/integrations/microsoft-azure/active-directory-azure",
 
@@ -9,10 +9,6 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 import Iframe from 'react-iframe'; 
 
 A Cloud SIEM rule is logic that fires based on information in incoming records. When a rule fires, it creates a signal.
-
-[**Classic UI**](/docs/get-started/sumo-logic-ui-classic). To view rules, in the top menu select **Content > Rules**. 
-
-[**New UI**](/docs/get-started/sumo-logic-ui). To view rules, in the main Sumo Logic menu select **Cloud SIEM > Rules**. You can also click the **Go To...** menu at the top of the screen and select **Rules**. 
 
 :::tip
 For a complete list of out-of-the-box rules, see [Rules](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/rules/README.md) in the [Cloud SIEM Content Catalog](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/README.md).
@@ -36,6 +32,44 @@ Watch this micro lesson to learn more about rules.
 
 :::
 
+## Rules list view
+
+[**Classic UI**](/docs/get-started/sumo-logic-ui-classic). To view rules, in the top menu select **Content > Rules**. 
+
+[**New UI**](/docs/get-started/sumo-logic-ui). To view rules, in the main Sumo Logic menu select **Cloud SIEM > Rules**. You can also click the **Go To...** menu at the top of the screen and select **Rules**. 
+
+<img src={useBaseUrl('img/cse/rules-list-page.png')} alt="Rules list page" style={{border: '1px solid gray'}} width="800" />
+
+| Letter | Description |
+|:--|:--|
+| a | **Rules count**. The total number of rules in the list. |
+| b | **Filters**. Filter the list of rules by different parameters, such as name, type, severity, and so on. |
+| c | **Sort**. Sort rules by name, enabled, severity, created, updated, or signal count updated the past 7 days or 24 hours.  |
+| d | **Updated**. When the rule was last updated. |
+| e | **Status - Type**. The [rule status](/docs/cse/rules/rules-status/) and [rule type](/docs/cse/rules/about-cse-rules/#rule-types).  |
+| f | **Severity**. The rule's severity, an estimate of the criticality of the detected activity, from 1 (lowest) to 10 (highest). |
+| g | **Signals Fired**. The number of signals that the rule fired in the last 24 hours as well as 7 days. |
+| h | **Export as JSON**. Export the rule information as a JSON file. |
+| i | **Tags**. Metadata [tags](/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules/) that add context for the rule. Click a tag to see rules with that tag. |
+
+## Rules details view
+
+When you click a rule on the **Rules** page, a details page for the rule appears.
+
+<img src={useBaseUrl('img/cse/rule-details.png')} alt="Rules details page" style={{border: '1px solid gray'}} width="800" />
+
+| Letter | Description |
+|:--|:--|
+| a | **Rule ID**. The ID for the rule. |
+| b | **Rule name**. The name of the rule. |
+| c | **Dates**. When the rule was created, updated, and fired its most recent signal.  |
+| d | [**Status**](/docs/cse/rules/rules-status/), [**Rule Type**](/docs/cse/rules/about-cse-rules/#rule-types), **Severity**, and number of [**Tuning Expressions**](#about-tuning-expressions).  |
+| e | **Signal Suppression**. When [signal suppression](/docs/cse/records-signals-entities-insights/about-signal-suppression/) occurred. Click a square on the calendar to see the number of signals suppressed on that day. |
+| f | **Rule Editor**. Click in fields to edit the rule. For information about the fields, see articles for the [rule types](#rule-types). |
+| g | **Prototype Rule**. Select the checkbox to [save the rule a prototype](/docs/cse/rules/write-chain-rule/#save-as-prototype).  |
+| h | **History**. Change events for the rule, including who made the change and the type of change event. |
+| i | **Insights**. The [insights](/docs/cse/get-started-with-cloud-siem/about-cse-insight-ui/) that resulted from the rule's firing.  |
+
 ## About rule expressions
 
 The key element of a Cloud SIEM rule is a *rule expression*. A rule expression defines what conditions the rule will look for. A rule expression includes one or more equality statements, each of which evaluates a field value in incoming records, typically comparing it to a constant value, for example `description = 'CMS Domain Match'`. A simple rule expression might be a single equality expression, or multiple expressions combined with logical operators. A rule expression evaluates to a boolean value. When a rule’s conditions are met, it creates a signal.