Merge branch 'main' into docs-836-left-nav-reorg

Author: jpipkin1

blog-service/2025-08-29-apps.md

@@ -0,0 +1,12 @@
+---
+title: Zimperium (Apps)
+image: https://help.sumologic.com/img/reuse/rss-image.jpg
+keywords:
+  - apps
+  - zimperium
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're excited to introduce the new Zimperium app for Sumo Logic. This app provides visibility into mobile threats by centralizing threat intelligence and device telemetry, and collects threat logs for analysis in Sumo Logic. [Learn more](/docs/integrations/saas-cloud/zimperium/).

cid-redirects.json

@@ -574,6 +574,8 @@
   "/Search/Search-Query-Language": "/docs/search/search-query-language",
   "/docs/search/search-syntax": "/docs/search/search-query-language",
   "/docs/search/search-query-language/operators/eval": "/docs/metrics/metrics-operators/eval",
+  "/docs/search/search-query-language/search-operators/eval": "/docs/metrics/metrics-operators/eval",
+  "/docs/search/search-query-language/search-operators/eval-operator": "/docs/metrics/metrics-operators/eval",
   "/Search/Search-Query-Language/Search-Operators/join": "/docs/search/search-query-language/search-operators/join",
   "/05Search/Search-Query-Language/Search-Operators/length": "/docs/search/search-query-language/search-operators/length",
   "/05Search/Search-Query-Language/Search-Operators/limit": "/docs/search/search-query-language/search-operators/limit",
@@ -1416,7 +1418,8 @@
   "/Send_Data": "/docs/send-data",
   "/Send_Data/Collector_Management_API/Sumo_Logic_Endpoints": "/docs/api/collector-management",
   "/Send_Data/Collector_Management_API/About_the_Collector_Management_API": "/docs/api/collector-management",
-  "/Send_Data/Collector_FAQs/How_to_Ingest_Old_or_Historical_Data": "/docs/send-data/opentelemetry-collector/faq",
+  "/Send_Data/Collector_FAQs/How_to_Ingest_Old_or_Historical_Data": "/docs/send-data/collector-faq",
+  "/Send_Data/Collector_FAQs/How_to_tell_which_version_of_the_Collector_is_installed": "/docs/send-data/collector-faq",
   "/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security": "/docs/api/about-apis/getting-started",
   "/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security": "/docs/api/about-apis/getting-started",
   "/APIs/Partition_Management_API": "/docs/api/partition-management",
@@ -1466,6 +1469,7 @@
   "/Dashboards-and-Alerts/Dashboards/Chart-Panel-Types": "/docs/dashboards/panels",
   "/Dashboards-and-Alerts/Dashboards/Chart-Panel-Types/Area-Charts": "/docs/dashboards/panels/area-charts",
   "/Dashboards_and_Alerts/Dashboards/Chart_Panel_Types/Line_Charts": "/docs/dashboards/panels/line-charts",
+  "/Dashboards_and_Alerts/Dashboards/Troubleshoot_Dashboards/Why_can't_I_view_a_search_from_a_Dashboard": "/docs/dashboards",
   "/Dashboards-and-Alerts/Dashboards/Edit-Dashboards-and-Panels/Change-Gridlines-on-the-Y-Axis": "/docs/dashboards/panels",
   "/Dashboards-and-Alerts/Dashboards/Edit-Dashboards-and-Panels/Change-the-Color-of-a-Chart-by-Value-Range-on-the-Search-Page": "/docs/dashboards",
   "/Dashboards-and-Alerts/Dashboards/Edit-Dashboards-and-Panels/Change-the-Color-of-a-Chart": "/docs/dashboards",
@@ -2081,6 +2085,7 @@
   "/cid/22674": "/docs/integrations/google/cloud-functions",
   "/cid/22675": "/docs/integrations/google/cloud-sql",
   "/cid/23233": "/docs/integrations/saas-cloud/zendesk",
+  "/cid/23234": "/docs/integrations/saas-cloud/zimperium",
   "/cid/2323": "/docs/integrations/saas-cloud/zoom",
   "/cid/23239": "/docs/integrations/saas-cloud/lastpass",
   "/cid/2324": "/docs/integrations/saas-cloud/workday",
@@ -3050,6 +3055,7 @@
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/00Insight_Generation_Process": "/docs/cse/get-started-with-cloud-siem/insight-generation-process",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/05Set_Insight_Generation_Window_and_Threshold": "/docs/cse/records-signals-entities-insights/set-insight-generation-window-threshold",
   "/docs/cse/records-signals-entities-insights/signal-index-migration-faq": "/docs/cse/records-signals-entities-insights/search-cse-records-in-sumo",
+  "/docs/cse/records-signals-entities-insights/signals-overview": "/docs/cse/records-signals-entities-insights",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/07Entity_Criticality": "/docs/cse/records-signals-entities-insights/entity-criticality",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/11Create_a_Custom_Entity_Type": "/docs/cse/records-signals-entities-insights/create-custom-entity-type",
   "/Cloud_SIEM_Enterprise/Records%2C_Signals%2C_Entities%2C_and_Insights/13Using_Tags_with_Insights%2C_Signals%2C_Entities%2C_and_Rules": "/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules",
@@ -3631,11 +3637,13 @@
   "/Send_Data/Sources": "/docs/send-data",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Preconfigure_a_Machine_to_Collect_Remote_Windows_Events": "/docs/send-data/installed-collectors/sources/preconfigure-machine-collect-remote-windows-events",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Script_Action": "/docs/send-data/installed-collectors/sources/script-action",
+  "/Send_Data/Sources/01Sources_for_Installed_Collectors/Script_Source/Calling_PowerShell_from_a_Sumo_Logic_Script_Source": "/docs/send-data/installed-collectors/sources/script-source",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Syslog_Source": "/docs/send-data/hosted-collectors/cloud-syslog-source",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Local_File_Source": "/docs/send-data/installed-collectors/sources/local-file-source",
   "/Send_Data/Sources/01Sources_for_Installed_Collectors/Local_File_Source/Define_Boundary_Regex_for_Multiline_Messages": "/docs/send-data/installed-collectors/sources/define-boundary-regex-multiline-messages",
   "/Search/Search-FAQs/Compare-Log-Messages-by-Day-of-the-Week": "/docs/search/faq",
   "/Search/Search-FAQs/Export-the-Results-of-a-Saved-File": "/docs/search/faq",
+  "/Search/Search_FAQs/How_to_reference_a_field_name_that_contains_a_special_character": "/docs/search/faq",
   "/Search/Search_Cheat_Sheets/Search-Operators-Cheat-Sheet": "/docs/search/search-cheat-sheets",
   "/Search/Search_Cheat_Sheets/Search_Operators_Cheat_Sheet": "/docs/search/search-cheat-sheets",
   "/Search/Search_Job_API/Search_Job_API": "/docs/api/search-job",
@@ -3893,6 +3901,7 @@
   "/Beta": "/docs/beta",
   "/Beta/APIs": "/docs/api",
   "/Beta/APIs/APIs": "/docs/api",
+  "/Beta/Audit_Event_Index": "/docs/manage/security/audit-indexes/audit-event-index",
   "/Beta/AWS_Kinesis_Firehose_for_Logs_Source": "/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-logs-source",
   "/Beta/AWS_Lambda_-_Python_function_instrumentation_with_Sumo_Logic_tracing": "/docs/apm/traces/get-started-transaction-tracing/opentelemetry-instrumentation/python",
   "/Beta/AWS_Lambda_-_Java_function_instrumentation_with_Sumo_Logic_tracing": "/docs/apm/traces/get-started-transaction-tracing/opentelemetry-instrumentation/aws-lambda/java",
@@ -3928,6 +3937,7 @@
   "/Beta/Saved_beta_content/Beta---Library/Apps_in_Sumo_Logic/01_Sumo_Logic_Apps": "/docs/integrations",
   "/Beta/SLO_Reliability_Management": "/docs/observability/reliability-management-slo",
   "/Beta/SLO_Reliability_Management/Access_and_Create_SLOs": "/docs/observability/reliability-management-slo",
+  "/Beta/Traces/HTTP_Traces_Source": "/docs/send-data/hosted-collectors/http-source/traces",
   "/Beta/Workday/Collect_Logs_for_the_Workday_App": "/docs/integrations/saas-cloud/workday",
   "/docs/beta/search-log-level": "/docs/search/get-started-with-search/search-page/log-level",
   "/docs/search/get-started-with-search/search-page/event-analytics/": "/docs/search/get-started-with-search/search-page",
@@ -4016,15 +4026,18 @@
   "/Search/Search-Query-Language/Search-Operators/format": "/docs/search/search-query-language/search-operators/formatdate",
   "/Search/Search_Query_Language/Search_Operators/Geo_Lookup": "/docs/search/search-query-language/search-operators/geo-lookup-map",
   "/Search/Search-Query-Language/Search-Operators/Geo-Lookup-(Map)": "/docs/search/search-query-language/search-operators/geo-lookup-map",
+  "/Search/Search_Query_Language/Search_Operators/ipv4ToNumber": "/docs/search/search-query-language/search-operators/ipv4tonumber",
   "/Search/Search_Query_Language/Search_Operators/num": "/docs/search/search-query-language/search-operators/num",
   "/Search/Search-Query-Language/Search-Operators/sessionize": "/docs/search/search-query-language/search-operators/sessionize",
   "/Search/Search_Query_Language/Search_Operators/outlier": "/docs/search/search-query-language/search-operators/outlier",
   "/Search/Search_Query_Language/Search_Operators/where": "/docs/search/search-query-language/search-operators/where",
   "/Search/Search_Query_Language/Transaction_Analytics": "/docs/search/search-query-language/transaction-analytics",
+  "/Search/Search_Query_Language/Transaction_Analytics/Merge_Operator": "/docs/search/search-query-language/transaction-analytics/merge-operator",
   "/Search/Search_Query_Language/Search_Operators/join": "/docs/search/search-query-language/search-operators/join",
   "/Search/Search_Query_Language/Search_Operators/lookup": "/docs/search/search-query-language/search-operators/lookup",
   "/Search/Search_Query_Language/Search_Operators/smooth": "/docs/search/search-query-language/search-operators/smooth",
   "/Search/Search_Query_Language/Search_Operators/toLowerCase_and_toUpperCase": "/docs/search/search-query-language/search-operators/tolowercase-touppercase",
+  "/Search/Search_Query_Language/Search_Operators/timeslice": "/docs/search/search-query-language/search-operators/timeslice",
   "/Search/Search-Cheat-Sheets/General-Search-Examples-Cheat-Sheet": "/docs/search/search-cheat-sheets/general-search-examples",
   "/Search/Search-Cheat-Sheets/Log-Operators-Cheat-Sheet": "/docs/search/search-cheat-sheets/log-operators",
   "/Search/Search-Query-Language/01-Parse-Operators": "/docs/search/search-query-language/parse-operators",
@@ -4035,6 +4048,7 @@
   "/Search/Search-Query-Language/01-Parse-Operators/07-Parse-XML-Formatted-Logs": "/docs/search/search-query-language/parse-operators/parse-xml-formatted-logs",
   "/Search/Search-Query-Language/aaGroup/count,-count-distinct,-and-count-frequent": "/docs/search/search-query-language/group-aggregate-operators/count-count-distinct-and-count-frequent",
   "/Search/Search-Query-Language/aaGroup/fillmissing": "/docs/search/search-query-language/search-operators/fillmissing",
+  "/Search/Search-Query-Language/aaGroup/standard-deviation": "/docs/search/search-query-language/group-aggregate-operators/stddev",
   "/Search/Search-Query-Language/aaGroup/sum": "/docs/search/search-query-language/group-aggregate-operators/sum",
   "/Search/Search-Query-Language/Search-Operators": "/docs/search/search-query-language/search-operators",
   "/Search/Search-Query-Language/Search-Operators/lookup": "/docs/search/search-query-language/search-operators/lookup",
@@ -4109,6 +4123,7 @@
   "/Send-Data/Applications-and-Other-Data-Sources/AWS-Lambda": "/docs/integrations/amazon-aws/lambda",
   "/Send-Data/Applications-and-Other-Data-Sources/AWS-CloudTrail/04-Set-Up-Admin-Access-for-CloudTrail": "/docs/integrations/amazon-aws/cloudtrail",
   "/Send-Data/Applications-and-Other-Data-Sources/AWS-Elastic-Load-Balancing-ULM-Application/Collect-Logs-and-Metrics-for-AWS-Elastic-Load-Balancing-ULM-Application": "/docs/integrations/amazon-aws/classic-load-balancer",
+  "/Send-Data/Applications-and-Other-Data-Sources/AWS-Elastic-Load-Balancing-ULM-CLB/Collect-Logs-and-Metrics-for-AWS-Elastic-Load-Balancing-ULM-CLB": "/docs/integrations/amazon-aws/classic-load-balancer",
   "/Send-Data/Applications-and-Other-Data-Sources/Azure_Active_Directory": "/docs/integrations/microsoft-azure/active-directory-azure",
   "/Send-Data/Applications-and-Other-Data-Sources/Azure_Active_Directory/Collect_Logs_for_Azure_Active_Directory": "/docs/integrations/microsoft-azure/active-directory-azure",
   "/Send-Data/Applications-and-Other-Data-Sources/Azure_Active_Directory/Install_the_Azure_Active_Directory_App_and_View_the_Dashboards": "/docs/integrations/microsoft-azure/active-directory-azure",

docs/cse/rules/about-cse-rules.md

@@ -9,10 +9,6 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 import Iframe from 'react-iframe'; 
 
 A Cloud SIEM rule is logic that fires based on information in incoming records. When a rule fires, it creates a signal.
-
-[**Classic UI**](/docs/get-started/sumo-logic-ui-classic). To view rules, in the top menu select **Content > Rules**. 
-
-[**New UI**](/docs/get-started/sumo-logic-ui). To view rules, in the main Sumo Logic menu select **Cloud SIEM > Rules**. You can also click the **Go To...** menu at the top of the screen and select **Rules**. 
 
 :::tip
 For a complete list of out-of-the-box rules, see [Rules](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/rules/README.md) in the [Cloud SIEM Content Catalog](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/README.md).
@@ -36,6 +32,44 @@ Watch this micro lesson to learn more about rules.
 
 :::
 
+## Rules list view
+
+[**Classic UI**](/docs/get-started/sumo-logic-ui-classic). To view rules, in the top menu select **Content > Rules**. 
+
+[**New UI**](/docs/get-started/sumo-logic-ui). To view rules, in the main Sumo Logic menu select **Cloud SIEM > Rules**. You can also click the **Go To...** menu at the top of the screen and select **Rules**. 
+
+<img src={useBaseUrl('img/cse/rules-list-page.png')} alt="Rules list page" style={{border: '1px solid gray'}} width="800" />
+
+| Letter | Description |
+|:--|:--|
+| a | **Rules count**. The total number of rules in the list. |
+| b | **Filters**. Filter the list of rules by different parameters, such as name, type, severity, and so on. |
+| c | **Sort**. Sort rules by name, enabled, severity, created, updated, or signal count updated the past 7 days or 24 hours.  |
+| d | **Updated**. When the rule was last updated. |
+| e | **Status - Type**. The [rule status](/docs/cse/rules/rules-status/) and [rule type](/docs/cse/rules/about-cse-rules/#rule-types).  |
+| f | **Severity**. The rule's severity, an estimate of the criticality of the detected activity, from 1 (lowest) to 10 (highest). |
+| g | **Signals Fired**. The number of signals that the rule fired in the last 24 hours as well as 7 days. |
+| h | **Export as JSON**. Export the rule information as a JSON file. |
+| i | **Tags**. Metadata [tags](/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules/) that add context for the rule. Click a tag to see rules with that tag. |
+
+## Rules details view
+
+When you click a rule on the **Rules** page, a details page for the rule appears.
+
+<img src={useBaseUrl('img/cse/rule-details.png')} alt="Rules details page" style={{border: '1px solid gray'}} width="800" />
+
+| Letter | Description |
+|:--|:--|
+| a | **Rule ID**. The ID for the rule. |
+| b | **Rule name**. The name of the rule. |
+| c | **Dates**. When the rule was created, updated, and fired its most recent signal.  |
+| d | [**Status**](/docs/cse/rules/rules-status/), [**Rule Type**](/docs/cse/rules/about-cse-rules/#rule-types), **Severity**, and number of [**Tuning Expressions**](#about-tuning-expressions).  |
+| e | **Signal Suppression**. When [signal suppression](/docs/cse/records-signals-entities-insights/about-signal-suppression/) occurred. Click a square on the calendar to see the number of signals suppressed on that day. |
+| f | **Rule Editor**. Click in fields to edit the rule. For information about the fields, see articles for the [rule types](#rule-types). |
+| g | **Prototype Rule**. Select the checkbox to [save the rule a prototype](/docs/cse/rules/write-chain-rule/#save-as-prototype).  |
+| h | **History**. Change events for the rule, including who made the change and the type of change event. |
+| i | **Insights**. The [insights](/docs/cse/get-started-with-cloud-siem/about-cse-insight-ui/) that resulted from the rule's firing.  |
+
 ## About rule expressions
 
 The key element of a Cloud SIEM rule is a *rule expression*. A rule expression defines what conditions the rule will look for. A rule expression includes one or more equality statements, each of which evaluates a field value in incoming records, typically comparing it to a constant value, for example `description = 'CMS Domain Match'`. A simple rule expression might be a single equality expression, or multiple expressions combined with logical operators. A rule expression evaluates to a boolean value. When a rule’s conditions are met, it creates a signal. 

docs/integrations/product-list/product-list-m-z.md

@@ -232,6 +232,6 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 |  <img src={useBaseUrl('img/integrations/webhooks/zenduty-logo.png')} alt="Thumbnail icon" width="50"/>   |  [Zenduty](https://www.zenduty.com/) | Webhook: [Zenduty](/docs/integrations/webhooks/zenduty/)	 |
 |  <img src={useBaseUrl('img/integrations/misc/zerofox-logo.png')} alt="Thumbnail icon" width="50"/>   | [ZeroFox](https://www.zerofox.com/) | Automation integration: [ZeroFox](/docs/platform-services/automation-service/app-central/integrations/zerofox/) <br/>Collector: [ZeroFox Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/zerofox-intel-source/)<br/> Partner integration: <a href="/files/zerofox-integrations.pdf" target="_blank">ZeroFox integration</a>	 |
 |  <img src={useBaseUrl('img/send-data/zero-networks-icon.png')} alt="Thumbnail icon" width="50"/>   |  [Zero Networks](https://zeronetworks.com/) | Cloud SIEM integration: [Zero Networks](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/3e3c8813-9644-4fd6-9d6f-78bb8ffc5f44.md) <br/>Collector: [Zero Networks Segment Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/zero-networks-segment-source/)	 |
-|  <img src={useBaseUrl('img/send-data/zimperium-mtd.png')} alt="Thumbnail icon" width="50"/>   | [Zimperium](https://zimperium.com/)  | 	Collector: [Zimperium MTD Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/zimperium-mtd-source) |
+|  <img src={useBaseUrl('img/send-data/zimperium-mtd.png')} alt="Thumbnail icon" width="50"/>   | [Zimperium](https://zimperium.com/)  | App: [Zimperium](/docs/integrations/saas-cloud/zimperium) <br/>Collector: [Zimperium MTD Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/zimperium-mtd-source) |
 |  <img src={useBaseUrl('img/integrations/saas-cloud/zoom.png')} alt="Thumbnail icon" width="50"/>   | [Zoom](https://zoom.us/)  | 	App: [Zoom](/docs/integrations/saas-cloud/zoom/) <br/>Automation integration: [Zoom](/docs/platform-services/automation-service/app-central/integrations/zoom/) <br/>Cloud SIEM integration: [Zoom](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/bda720cd-399c-4dcc-9289-19ad0c9cb221.md) <br/>Collector: [Zoom Source](/docs/send-data/hosted-collectors/webhook-sources/zoom/) |
 |  <img src={useBaseUrl('img/integrations/security-threat-detection/zscaler.png')} alt="Thumbnail icon" width="75"/>   | [Zscaler](https://www.zscaler.com/)  | 	Apps: <br/>- [Zscaler Internet Access](/docs/integrations/security-threat-detection/zscaler-internet-access/)	<br/>- [Zscaler Private Access](/docs/integrations/security-threat-detection/zscaler-private-access/) <br/>Automation integration: [Zscaler](/docs/platform-services/automation-service/app-central/integrations/zscaler/) <br/>Cloud SIEM integration: [Zscaler](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/9dfd2223-1656-4faf-a38a-5a91978fa15e.md) |