SumoLogic
diff --git a/‎blog-service/2025-03-31-apps.md‎
Lines changed: 2 additions & 2 deletions b/‎blog-service/2025-03-31-apps.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎blog-service/2025-04-08-security.md‎
Lines changed: 0 additions & 4 deletions b/‎blog-service/2025-04-08-security.md‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎blog-service/2025-04-09-manage.md‎
Lines changed: 16 additions & 0 deletions b/‎blog-service/2025-04-09-manage.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎cid-redirects.json‎
Lines changed: 6 additions & 1 deletion b/‎cid-redirects.json‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎docs/get-started/quickstart.md‎
Lines changed: 7 additions & 17 deletions b/‎docs/get-started/quickstart.md‎
Lines changed: 7 additions & 17 deletions
diff --git a/‎docs/integrations/amazon-aws/waf.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/integrations/amazon-aws/waf.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/integrations/microsoft-azure/azure-key-vault.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/integrations/microsoft-azure/azure-key-vault.md‎
Lines changed: 1 addition & 1 deletion
@@ -13,15 +13,15 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 We’re excited to announce the release of the new Azure Key Vault and AWS Auto scaling apps for Sumo Logic.
 
-- **Azure Key Vault**. Azure Key Vault is a managed service, hosted in the cloud that acts as a central message hub for communication between an IoT application and its attached devices. This integration helps in comprehensive monitoring of your key vaults requests, performance, failures, and latency. [Learn more](/docs/integrations/microsoft-azure/azure-key-vault/).
+- **Azure Key Vault**. Azure Key Vault is a cloud service that helps you securely store and manage secrets, keys, and certificates. You can use it to protect data for cloud apps and services. This integration helps in comprehensive monitoring of your Key Vault operations, requests, failures, and latency. [Learn more](/docs/integrations/microsoft-azure/azure-key-vault/).
 - **AWS Auto scaling**. Amazon EC2 Auto Scaling helps you maintain application availability and lets you automatically add or remove EC2 instances using scaling policies that you define. Dynamic or predictive scaling policies let you add or remove EC2 instance capacity to service established or real-time demand patterns. [Learn more](/docs/integrations/amazon-aws/amazon-ec2-auto-scaling/).
 
 ### Enhancements
 
 - **Added metrics collection capability for OpenTelemetry collectors**. [RabbitMQ](/docs/send-data/opentelemetry-collector/remote-management/source-templates/rabbitmq/#for-metrics-collection) and [Redis](/docs/send-data/opentelemetry-collector/remote-management/source-templates/redis/#for-metrics-collection).
 - **Added use cases to monitor EBS volume and snapshots in AWS EC2 apps**. [AWS EC2](/docs/integrations/amazon-aws/ec2-cloudwatch-metrics/#events).
 - **Updated the metric collection and dashboard for Google apps**. [Google BigQuery](/docs/integrations/google/bigquery/) and [Google Cloud Load Balancing](/docs/integrations/google/cloud-load-balancing/).
-- Added new dashboards to the [Sumo Logic Kickstart Data(Beta)](/docs/integrations/sumo-apps/kickstart-data/) app.
+- Added new dashboards to the [Sumo Logic Kickstart Data (Beta)](/docs/integrations/sumo-apps/kickstart-data/) app.
 - **Updated the queries to accommodate the new threat intel feed**. [Apache - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/apache-opentelemetry/), [Apache Tomcat - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry/), [HAProxy - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/haproxy-opentelemetry/), [IIS 10 - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/iis-10-opentelemetry/), [Ngin - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/nginx-opentelemetry/), [PostgreSQL - OpenTelemetry](/docs/integrations/databases/opentelemetry/postgresql-opentelemetry/), [Varnish - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/varnish-opentelemetry/), [Acquia](/docs/integrations/saas-cloud/acquia/), [Azure Web Apps](/docs/integrations/microsoft-azure/web-apps/), [JFrog Xray](/docs/integrations/app-development/jfrog-xray/), and [MongoDB Atlas 6](/docs/integrations/databases/mongodb-atlas/).
 - Updated Azure integration from` Node.js v18` to `Node.js v20`. [Learn more](https://github.com/SumoLogic/sumologic-azure-function/releases/tag/v4.1.6).
 
 
@@ -11,10 +11,6 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 We’re excited to announce a new `SumoLogic_ThreatIntel` source incorporating Indicators of Compromise (IoC) from [Intel 471](https://intel471.com/). Analysts can use this out-of-the-box default source of threat indicators to aid in security analysis.
 
-:::warning
-On April 30, 2025, we will discontinue our legacy `_sumo_global_feed_cs` source. If you have rules that explicitly point to this source, update them to use the new `SumoLogic_ThreatIntel` source.
-:::
-
 [Learn more](/docs/security/threat-intelligence/about-threat-intelligence/#sumo-logic-threat-intelligence-sources).
 
 <img src={useBaseUrl('img/security/threat-intelligence-tab-example.png')} alt="Threat Intelligence tab" style={{border: '1px solid gray'}} width="800" />
@@ -0,0 +1,16 @@
+---
+title: Kickstart Data Onboarding (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - onboarding
+  - trial
+hide_table_of_contents: true    
+---
+
+We’re excited to announce the general availability of Kickstart Data, a streamlined onboarding experience that includes sample data and prebuilt dashboards. Whether you're starting a free trial or simply spinning up a new account, Kickstart Data makes it easy to understand Sumo Logic's capabilities without needing to ingest your own data first.
+
+* **Instant insights**. Preloaded data and dashboards show platform value right away.
+* **No setup required**. Skip config steps like firewalls or security permissions.
+* **Easy handoff**. Start using your own data anytime—Kickstart deactivates automatically.
+
+[Learn more](/docs/get-started/quickstart/#getting-started-with-kickstart-data-in-your-trial).
@@ -438,8 +438,10 @@
   "/05Search/Get-Started-with-Search/Visualizations/Group-By-Operator": "/docs/search/search-query-language/search-operators",
   "/05Search/Live-Tail": "/docs/search/live-tail",
   "/05Search/Live-Tail/About-Live-Tail": "/docs/search/live-tail/about-live-tail",
+  "/Search/Anomaly_Detection": "/docs/alerts/monitors/create-monitor",
   "/Search/Live-Tail": "/docs/search/live-tail/about-live-tail",
   "/Search/Live-Tail/About-Live-Tail": "/docs/search/live-tail/about-live-tail",
+  "/Search/Live_Tail/Live_Tail_CLI": "/docs/search/live-tail/live-tail-cli",
   "/05Search/Live-Tail/Filter-Live-Tail": "/docs/search/live-tail/filter-live-tail",
   "/05Search/Live-Tail/Live-Tail-CLI": "/docs/search/live-tail/live-tail-cli",
   "/05Search/Live-Tail/Live-Tail-Highlighting": "/docs/search/live-tail/live-tail-highlighting",
@@ -1563,7 +1565,6 @@
   "/cid/0100": "/docs/manage/security/installation-tokens",
   "/cid/0020": "/docs/manage/health-events",
   "/cid/0020001": "/docs/security/threat-intelligence/upload-formats",
-  "/cid/20002": "/docs/search/search-query-language/search-operators/threatlookup",
   "/cid/0020003": "/docs/security/threat-intelligence",
   "/cid/0523": "/docs/manage/manage-subscription/upgrade-account/upgrade-sumo-logic-flex-account",
   "/cid/0524": "/docs/manage/manage-subscription/cloud-flex-legacy-accounts",
@@ -3034,6 +3035,7 @@
   "/Knowledge_Base/APIs": "/docs/api",
   "/Knowledge_Base/Apps": "/docs/integrations",
   "/Knowledge_Base/Parsing/Using_line_breaks_as_an_anchor_within_parse": "/docs/search/search-query-language/parse-operators/parse-predictable-patterns-using-an-anchor",
+  "/Knowledge_Base/Search": "/docs/search",
   "/Knowledge_Base/Search/How_to_Prevent_your_Scheduled_Search_from_Timing_Out": "/docs/alerts/scheduled-searches/faq",
   "/Limited_Availability/Lookup_Tables": "/docs/search/search-query-language/search-operators/lookupcontains",
   "/Limited_Availability/Lookup_Tables/lookupContains_Operator": "/docs/search/search-query-language/search-operators/lookupcontains",
@@ -3047,6 +3049,7 @@
   "/Manage/01Manage_Subscription/03Upgrade_a_Cloud_Flex_Credits_Account": "/docs/manage/manage-subscription/upgrade-account/upgrade-sumo-logic-flex-account",
   "/Manage/01Manage_Subscription/04Upgrade_Your_Account": "/docs/manage/manage-subscription/upgrade-account/upgrade-cloud-flex-legacy-account",
   "/Manage/01Manage_Subscription/05Manage_Organization": "/docs/manage/manage-subscription/create-and-manage-orgs/manage-org-settings",
+  "/Manage/01Manage_Subscription/05Manage_Organizational_Settings": "/docs/manage/manage-subscription/create-and-manage-orgs/manage-org-settings",
   "/docs/manage/manage-subscription/upgrade-cloud-flex-account": "/docs/manage/manage-subscription/upgrade-account/upgrade-cloud-flex-legacy-account",
   "/Manage/01Manage_Subscription/06Manage_Billing_Information": "/docs/manage/manage-subscription/manage-billing-information",
   "/Manage/01Manage_Subscription/08Create_and_Manage_Orgs": "/docs/manage/manage-subscription/create-and-manage-orgs/create-manage-orgs",
@@ -4091,6 +4094,7 @@
   "/Send-Data/Sources/04Reference-Information-for-Sources/Collecting_Multiline_Logs": "/docs/send-data/reference-information/collect-multiline-logs",
   "/Solutions/AWS_Observability_Solution/01_About_the_AWS_Observability_Solution": "/docs/observability/aws/about",
   "/Solutions/AWS_Observability_Solution/05_Monitor_Control_Tower-Managed_Accounts": "/docs/observability/aws/other-configurations-tools/integrate-control-tower-accounts",
+  "/Solutions/AWS_Observability_Solution/AWS_Observability_Application_Load_Balancer": "/docs/observability/aws/integrations/aws-application-load-balancer",
   "/Solutions/AWS_Observability_Solution/View_AWS_Observability_Solution_Dashboards": "/docs/observability/aws/deploy-use-aws-observability/view-dashboards",
   "/Solutions/AWS_Observability_Solution/Root_Cause_Explorer": "/docs/observability/root-cause-explorer",
   "/Solutions/AWS_Observability_Solution/03_Set_Up_the_AWS_Observability_Solution": "/docs/observability/aws/about",
@@ -4211,6 +4215,7 @@
   "/docs/dashboards/chart-panel-types/string-single-value-charts": "/docs/dashboards/panels/single-value-charts",
   "/docs/dashboards/get-started": "/docs/dashboards",
   "/docs/dashboards/get-started/add-links-text-panels": "/docs/dashboards/about",
+  "/docs/dashboards/get-started/dashboard-optimization": "/docs/dashboards/advanced",
   "/docs/dashboards/get-started/launch-search-data-panel": "/docs/dashboards/about",
   "/docs/dashboards/get-started/markdown-syntax": "/docs/dashboards/panels/markdown-syntax",
   "/docs/dashboards/get-started/move-panel-dashboard": "/docs/dashboards/about",
 
@@ -27,34 +27,24 @@ You'll need a Sumo Logic account. Sign up for a free trial [here](/docs/get-star
 
 ## Getting started with Kickstart Data in your trial
 
-With your [Sumo Logic trial](/docs/get-started/sign-up), you can access preloaded placeholder Kickstart Data to explore Sumo Logic instantly prior to setting up your own data. This feature helps trial users see immediate value and bypass setup barriers like firewall and security configurations.
-
-:::warning limitations
-* Your trial workflow—Kickstart Data or custom data—is automatically determined by marketing-based user profiling. Manual selection of a workflow is not currently supported.
-* This feature is only available to select trial users during the initial rollout phase.
-* Kickstart Data is available for a maximum of 7 days. After this period, you must begin ingesting your own data to continue using Sumo Logic.
-:::
-
-### Key benefits
+As part of your Sumo Logic trial, Kickstart Data provides preloaded sample data and dashboards, letting you explore the platform immediately—no setup or data ingestion required. This helps you quickly understand Sumo Logic’s value without dealing with firewall or security configurations. Following are some key benefits:
 
 * **Immediate insights**. Explore Sumo Logic right away, without initial data setup, to quickly see its value and decide if it’s a fit for you.
 * **Quick setup**. Kickstart Data removes technical hurdles, making onboarding faster and easier.
 * **Guided experience**. Access pre-built dashboards and reports that demonstrate real-world scenarios, helping you make the most of your trial.
 * **Safe exploration**. Evaluate our platform in a secure environment with no exposure of sensitive data.
 
-### How it works
+Here's how it works:
 
-1. **User assignment**. When you start your trial, you will be automatically assigned to either the Kickstart Data workflow or a custom data workflow, based on your user profile.
-2. **Sample dashboards**. If you are assigned the Kickstart Data option, sample data will be preloaded into the platform, along with dashboards and log searches tailored to your monitoring and troubleshooting use cases.
+1. **Sample dashboards**. When you first log in, you'll see sample data preloaded into Sumo Logic, tailored to your monitoring and troubleshooting use cases, along with log searches and the following dashboards:
    * **Application reliability**. Metrics like Homepage Load Time, Checkout Errors, and Internal Server Orders.
    * **Business KPIs**. Revenue Trends, Promo Performance, and Customer Feedback Metrics.
-3. **Onboarding checklist**. You will follow a guided checklist that helps you:
-    * Analyze sample data.
+   * **Security**. Security events and failed sign-in attempts across multiple geographical locations.
+1. **Onboarding checklist**. You will follow a guided checklist that helps you:
+    * Analyze the sample data.
     * Perform log searches.
     * Invite team members to join and explore the platform with you.
-4. **Seamless transition to real data**. Kickstart Data is available for only 7 days. After that, you must set up your own data ingestion while continuing to use the platform’s core features. When your trial ends, Kickstart Data is deactivated automatically.
-
-You can skip Kickstart Data anytime and begin ingesting your own data.
+1. **Transition to real data**. Kickstart Data is available for 7 days or until you start ingesting real data—whichever comes first. It deactivates automatically at the end of the trial, but can be skipped at any time.
 
 ## Step 1: Get your data into Sumo
 
 
@@ -60,7 +60,7 @@ _sourceCategory=AWS/WAF {{client_ip}}
 | parse "\"httpMethod\":\"*\"," as httpMethod,"\"httpVersion\":\"*\"," as httpVersion,"\"uri\":\"*\"," as uri, "{\"clientIp\":\"*\",\"country\":\"*\"" as clientIp,country, "\"action\":\"*\"" as action, "\"matchingNonTerminatingRules\":[*]" as matchingNonTerminatingRules, "\"rateBasedRuleList\":[*]" as rateBasedRuleList, "\"ruleGroupList\":[*]" as ruleGroupList, "\"httpSourceId\":\"*\"" as httpSourceId, "\"httpSourceName\":\"*\"" as httpSourceName, "\"terminatingRuleType\":\"*\"" as terminatingRuleType, "\"terminatingRuleId\":\"*\"" as terminatingRuleId, "\"webaclId\":\"*\"" as webaclId nodrop
 | lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=clientip
 ```
-<!-- Replace code example with this after `sumo://threat/i471` is replaced by `threatlookup`:
+<!-- Per DOCS-643, replace code example with this after `sumo://threat/cs` is replaced by `threatlookup`:
 ```sql title="Client IP Threat Info"
 _sourceCategory=AWS/WAF {{client_ip}}
 | parse "\"httpMethod\":\"*\"," as httpMethod,"\"httpVersion\":\"*\"," as httpVersion,"\"uri\":\"*\"," as uri, "{\"clientIp\":\"*\",\"country\":\"*\"" as clientIp,country, "\"action\":\"*\"" as action, "\"matchingNonTerminatingRules\":[*]" as matchingNonTerminatingRules, "\"rateBasedRuleList\":[*]" as rateBasedRuleList, "\"ruleGroupList\":[*]" as ruleGroupList, "\"httpSourceId\":\"*\"" as httpSourceId, "\"httpSourceName\":\"*\"" as httpSourceName, "\"terminatingRuleType\":\"*\"" as terminatingRuleType, "\"terminatingRuleId\":\"*\"" as terminatingRuleId, "\"webaclId\":\"*\"" as webaclId nodrop
 
@@ -8,7 +8,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 <img src={useBaseUrl('img/integrations/microsoft-azure/azure-key-vault.png')} alt="Thumbnail icon" width="50"/>
 
-[Azure Key Vault](https://learn.microsoft.com/en-us/azure/key-vault/general/overview) is a managed service hosted in the cloud that acts as a central message hub for communication between an IoT application and its attached devices. This integration helps in comprehensive monitoring of your key vaults requests, performance, failures, and latency.
+[Azure Key Vault](https://learn.microsoft.com/en-us/azure/key-vault/) is a cloud service that helps you securely store and manage secrets, keys, and certificates. You can use it to protect data for cloud apps and services. This integration helps in comprehensive monitoring of your Key Vault operations, requests, failures, and latency.
 
 ## Log and metric types