SumoLogic
diff --git a/‎blog-cse/2025-03-24-content.md‎
Lines changed: 39 additions & 0 deletions b/‎blog-cse/2025-03-24-content.md‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎blog-service/2025-03-25-manage.md‎
Lines changed: 14 additions & 0 deletions b/‎blog-service/2025-03-25-manage.md‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎blog-service/2025-03-28-apps.md‎
Lines changed: 13 additions & 0 deletions b/‎blog-service/2025-03-28-apps.md‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎cid-redirects.json‎
Lines changed: 1 addition & 0 deletions b/‎cid-redirects.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docs/get-started/account-settings-preferences.md‎
Lines changed: 23 additions & 7 deletions b/‎docs/get-started/account-settings-preferences.md‎
Lines changed: 23 additions & 7 deletions
@@ -0,0 +1,39 @@
+---
+title: March 24, 2025 - Content Release
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - rules
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+This content release includes Threat Intelligence match rules that use the new [`hasThreatMatch`](/docs/cse/rules/cse-rules-syntax/#hasthreatmatch) operator to support both global and custom threat intelligence feeds.
+
+To reduce initial signal volume, basic inbound and outbound IP address threat match rules with a low or medium confidence level are disabled by default (see below). We highly recommend tuning these rules before enabling them to reduce signal volume, and therefore entity risk assignment, to manageable levels.
+
+### Rules
+* MATCH-S00999 Threat Intel - IMPHASH Match
+* MATCH-S01000 Threat Intel - MD5 Match
+* MATCH-S01001 Threat Intel - PEHASH Match
+* MATCH-S01002 Threat Intel - SSDEEP Match
+* MATCH-S01003 Threat Intel - SHA1 Match
+* MATCH-S01004 Threat Intel - SHA256 Match
+* MATCH-S01005 Threat Intel - Source Hostname
+* MATCH-S01006 Threat Intel - Device Hostname
+* MATCH-S01007 Threat Intel - Destination Device Hostname
+* MATCH-S01008 Threat Intel - HTTP Hostname
+* MATCH-S01009 Threat Intel - HTTP Referrer Hostname
+* MATCH-S01010 Threat Intel - DNS Query Domain
+* MATCH-S01011 Threat Intel - DNS Reply Domain
+* MATCH-S01012 Threat Intel - HTTP Referrer Domain
+* MATCH-S01013 Threat Intel - HTTP URL Root Domain
+* MATCH-S01014 Threat Intel - HTTP URL FQDN
+* MATCH-S01015 Threat Intel - HTTP URL
+* MATCH-S01025 Threat Intel - Inbound Traffic from Threat Feed IP (Low Confidence) - Disabled By Default
+* MATCH-S01026 Threat Intel - Destination IP Address (Low Confidence) - Disabled By Default
+* MATCH-S01027 Threat Intel - Inbound Traffic from Threat Feed IP (Medium Confidence) - Disabled By Default
+* MATCH-S01028 Threat Intel - Destination IP Address (Medium Confidence) - Disabled By Default
+* MATCH-S01023 Threat Intel - Inbound Traffic from Threat Feed IP (High Confidence)
+* MATCH-S01024 Threat Intel - Destination IP Address (High Confidence)
+* MATCH-S01018 Threat Intel - Successful Authentication from Threat Feed IP
@@ -0,0 +1,14 @@
+---
+title: Open Navigation Menu Items in New Browser Tabs by Default
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - preferences
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+A new preference setting allows you to open links from the left navigation menu in a new browser tab by default. This feature is available only in the New UI. [Learn more](/docs/get-started/account-settings-preferences/#navigation).
+
+<img src={useBaseUrl('img/get-started/open-in-new-tab-button.png')} alt="Open in New Tab button" style={{border: '1px solid gray'}} width="125" />
@@ -0,0 +1,13 @@
+---
+title: CyberArk Audit (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - apps
+  - cyberark-audit
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+
+We're excited to introduce the new CyberArk Audit app for Sumo Logic. By leveraging this app, security analysts can monitor, analyze, and visualize audit trails of user activities, security events, and anomalies to enhance security. [Learn more](/docs/integrations/saas-cloud/cyberark-audit).
@@ -2142,6 +2142,7 @@
   "/cid/4019": "/docs/send-data/installed-collectors/sources/script-action",
   "/cid/4412": "/docs/integrations/saas-cloud/crowdstrike-fdr-host-inventory",
   "/cid/44122": "/docs/integrations/saas-cloud/crowdstrike-spotlight",
+  "/cid/44124": "/docs/integrations/saas-cloud/cyberark-audit",
   "/cid/44123": "/docs/integrations/saas-cloud/crowdstrike-falcon-filevantage",
   "/cid/4020": "/docs/search/behavior-insights/logreduce",
   "/cid/4021": "/docs/search/search-query-language/search-operators/accum",
 
@@ -13,8 +13,9 @@ You can review and update your personal account settings and login credentials a
 
 ## Accessing preferences
 
-1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select your username and then **Preferences**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu, select your username and then **Preferences**.
-1. Update your preferences as needed.
+[**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select your username and then **Preferences**. <br/>[**New UI**](/docs/get-started/sumo-logic-ui). In the top menu, select the person silhouette icon and then **Preferences**.
+
+<img src={useBaseUrl('img/get-started/acct-pref.png')} alt="Account Preferences" width="300"/>
 
 ## My Profile
 
@@ -27,7 +28,9 @@ Under **My Profile**, the following information is displayed:
 * **Organization ID**. Your Sumo Logic org ID.
 * **Roles**. The Sumo Logic [roles](/docs/manage/users-roles/roles/add-remove-users-role/) assigned to your user account.
 
-If you're an Administrator, you can [manage users/roles, change user passwords](/docs/manage/users-roles), and more.
+<img src={useBaseUrl('img/get-started/my-profile.png')} alt="preference settings" style={{border: '1px solid gray'}} width="500" />
+
+If you're an Administrator, you can [manage users](/docs/manage/users-roles/users/), [assign roles](/docs/manage/users-roles/roles), and more.
 
 ### Change email address
 
@@ -42,16 +45,16 @@ If you're an Administrator, you can [manage users/roles, change user passwords](
 1. Enter your current password, and then enter the new password twice to verify it.
 1. Click **OK** to finalize the change.
 
-Admins can [reset passwords](/docs/manage/users-roles/users/reset-user-password) on behalf of users in their org.
-
 You can also reset your from your login screen by clicking **Forgot your password?**.
 
+If you're an Administrator, you can [reset passwords](/docs/manage/users-roles/users/reset-user-password) for users in your org.
+
 ## My Security Settings
 
 This section allows you to enable 2-step verification and view backup codes.
 
 :::note
-This section appears only if an administrator has made 2-step verification mandatory for your organization. For more information, see [2-Step Verification for Administrators](/docs/manage/security/2-step-verification-admins/).
+The **My Security Settings** section is visible only if an administrator has made 2-step verification mandatory for your organization. For more details, see [2-Step Verification for Administrators](/docs/manage/security/2-step-verification-admins).
 :::
 
 To set up 2-Step Verification, you will need to install a Time-Based One-Time Password (TOTP) app, which will automatically generate an authentication code that changes after a certain period of time.
@@ -67,6 +70,8 @@ To set up 2-Step Verification, you will need to install a Time-Based One-Time Pa
 
 These settings apply only to your personal account and do not affect other users in your organization. Changes take effect the next time you sign in.
 
+<img src={useBaseUrl('img/get-started/my-preferences.png')} alt="preference settings" style={{border: '1px solid gray'}} width="600" />
+
 ### Timezone and Date Format
 
 #### Default Timezone
@@ -110,7 +115,18 @@ Keyboard shortcuts are disabled when typing in the [search text box](/docs/searc
 
 Choose how long your Sumo Logic session remains active before timing out. Options range from 5 minutes to 7 days.
 
-For details on web session timeouts and Multi-Account Access, see [Multi-Account Access](/docs/manage/users-roles/users/multi-account-access).
+For details on web session timeouts and multi-account access, see [Multi-Account Access](/docs/manage/users-roles/users/multi-account-access).
+
+
+### Navigation
+
+#### Open all navigation menu items in new browser tabs by default
+
+By default, selecting a menu link in the left navigation pane opens it in a new tab.<br/><img src={useBaseUrl('img/get-started/open-in-new-tab-button.png')} alt="Open in New Tab button" style={{border: '1px solid gray'}} width="125" />
+
+Enabling this preference hides the **Open in New Tab** button on navigation menu links.
+
+However, even when this preference is enabled, the **Open in New Tab** button remains visible for menu items with subfolders, allowing you to click the menu item to view its subfolders and open them in a new tab.<br/><img src={useBaseUrl('img/get-started/open-in-new-tab-button-on-folder.png')} alt="Open in New Tab button" style={{border: '1px solid gray'}} width="250" />
 
 ### Theme