Add release note

jpipkin1 · jpipkin1 · commit ece1780b6a0b · 2025-07-28T15:13:38.000-05:00
diff --git a/blog-service/2025-08-12-collection.md b/blog-service/2025-08-12-collection.md
@@ -0,0 +1,23 @@
+---
+title: Cloud Syslog Source Certificate Transition to ACM (Collection)
+image: https://help.sumologic.com/img/reuse/rss-image.jpg
+keywords:
+  - certificates
+  - Cloud Syslog Source
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're excited to announce that we are transitioning to AWS Certificate Manager (ACM) certificates for Transport Layer Security (TLS) communication between your cloud syslog sources and Sumo Logic.
+
+Currently, Sumo Logic uses a DigiCert ALB certificate to secure communication with your cloud syslog sources. This certificate is set to expire in October 2025. At that time, Sumo Logic will transition to the ACM root certificate because it offers the following benefits:
+* **Automated certificate renewal and deployment**. This change will eliminate the need for future manual renewals, reducing your administrative burden.
+* **Simplified infrastructure management for AWS customers**. ACM is deeply integrated into the AWS ecosystem, streamlining your overall infrastructure management. 
+
+If you use cloud syslog sources to send data to Sumo Logic, in preparation for the certificate transition we ask that you download and configure ACM certificates on your system. For more information, see:
+* [Cloud Syslog Source](/docs/send-data/hosted-collectors/cloud-syslog-source/)
+* [rsyslog](/docs/send-data/hosted-collectors/cloud-syslog-source/rsyslog)
+* [syslog-ng](/docs/send-data/hosted-collectors/cloud-syslog-source/syslog-ng/)
+* [Collect Logs for SentinelOne](/docs/send-data/collect-from-other-data-sources/collect-logs-sentinelone/)
+* [Acquia](/docs/integrations/saas-cloud/acquia/#step-2-configure-a-source)
diff --git a/docs/send-data/hosted-collectors/cloud-syslog-source/index.md b/docs/send-data/hosted-collectors/cloud-syslog-source/index.md
@@ -25,7 +25,9 @@ where `YOUR_DEPLOYMENT` is `au`, `ca`, `de`, `eu`, `fed`, `jp`, `kr`, `us1`,
 FIPS 140-2 compliance is not available for Cloud Syslog in the FedRAMP deployment. It is with great emphasis that you must recognize and understand that the responsibility to mitigate information spillage is solely yours. We have no insight into your data or how it is classified.
 :::
 
-In the procedure below, you configure a Cloud Syslog Source. This will generate a Sumo Logic token and the endpoint hostname. Then you set up TLS by downloading a cert to your server. Download the DigiCert and AWS Certificate Manager (ACM) certificates from the following locations:
+In the procedure below, you configure a Cloud Syslog Source. This will generate a Sumo Logic token and the endpoint hostname. 
+
+Then you set up TLS by downloading a cert to your server (see procedures for [rsyslog](/docs/send-data/hosted-collectors/cloud-syslog-source/rsyslog/#setup-tls) and [syslog-ng](/docs/send-data/hosted-collectors/cloud-syslog-source/syslog-ng/#setup-tls)). Download the DigiCert and AWS Certificate Manager (ACM) certificates from the following locations:
 * https://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt
 * https://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt.pem
 * https://www.amazontrust.com/repository/AmazonRootCA1.cer
diff --git a/docs/send-data/hosted-collectors/cloud-syslog-source/rsyslog.md b/docs/send-data/hosted-collectors/cloud-syslog-source/rsyslog.md
@@ -12,11 +12,13 @@ Sumo Logic supports syslog clients such as rsyslog. This document has instructi
 
 Set up Transport Layer Security (TLS).
 
-Download the DigiCert and ACM certificates from https://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt and
+Download DigiCert and AWS Certificate Manager (ACM) certificates from https://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt and
 https://www.amazontrust.com/repository/AmazonRootCA1.cer.
 
 ### rsyslog
 
+For rsyslog, concatenate the ACM root CA with the DigiCert certificate.
+
 To set up your DigiCert and AWS Certificate Manager (ACM) certificate, follow these steps:
 
 ```bash
diff --git a/docs/send-data/hosted-collectors/cloud-syslog-source/syslog-ng.md b/docs/send-data/hosted-collectors/cloud-syslog-source/syslog-ng.md
@@ -10,37 +10,33 @@ Sumo Logic supports syslog clients such as syslog-ng. This document has instruc
 
 ## Set up TLS
 
-Set up Transport Layer Security (TLS).
+Set up Transport Layer Security (TLS). 
 
 Download the DigiCert and AWS Certificate Manager (ACM) certificates from https://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt and 
-https://www.amazontrust.com/repository/AmazonRootCA1.cer.
+https://www.amazontrust.com/repository/AmazonRootCA1.cer. 
 
 ### syslog-ng
 
-For syslog-ng place the certificates in the configuration directory and the syslog-ng client will pick up the certificates working from that directory. 
+For syslog-ng, place both certificates in the configuration directory, allowing the syslog-ng client to automatically select the appropriate certificate.
 
 To set up your DigiCert and AWS Certificate Manager (AWS) certificates, follow these steps:
 
-Check if you have the directory `/etc/syslog-ng/ca.d`.
-
-If you don’t, create it with this command:
-
-```bash
-$ $ sudo mkdir -pv /etc/syslog-ng/ca.d
-```
-
-Then run:
-
-```bash
-$ cd /etc/syslog-ng/ca.d
-$ sudo wget -O digicert_ca.der https://www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt
-$ sudo openssl x509 -inform der -in digicert_ca.der -out digicert_ca.crt
-$ sudo ln -s digicert_ca.crt `openssl x509 -noout -hash -in digicert_ca.crt`.0
-$ wget -O acm_ca.der https://www.amazontrust.com/repository/AmazonRootCA1.cer
-$ openssl x509 -inform der -in acm_ca.der -out acm_ca.crt
-$ ln -s acm_ca.crt `openssl x509 -noout -hash -in acm_ca.crt`.0
-$ sudo /etc/init.d/syslog-ng restart
-```
+1. Check if you have the directory `/etc/syslog-ng/ca.d`.
+1. If you don’t, create it with this command:
+    ```bash
+    $ sudo mkdir -pv /etc/syslog-ng/ca.d
+    ```
+1. Then run:
+    ```bash
+    $ cd /etc/syslog-ng/ca.d
+    $ sudo wget -O digicert_ca.der https://www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt
+    $ sudo openssl x509 -inform der -in digicert_ca.der -out digicert_ca.crt
+    $ sudo ln -s digicert_ca.crt `openssl x509 -noout -hash -in digicert_ca.crt`.0
+    $ wget -O acm_ca.der https://www.amazontrust.com/repository/AmazonRootCA1.cer
+    $ openssl x509 -inform der -in acm_ca.der -out acm_ca.crt
+    $ ln -s acm_ca.crt `openssl x509 -noout -hash -in acm_ca.crt`.0
+    $ sudo /etc/init.d/syslog-ng restart
+    ```
 
 ### Send data to a Cloud Syslog Source with syslog-ng
 
