Merge branch 'main' into update-log-leve-info

Author: JV0812

.clabot

@@ -174,7 +174,8 @@
     "darshan-sumo",
     "mahendrak-sumo",
     "chvik",
-    "Apoorvkudesia-sumologic"
+    "Apoorvkudesia-sumologic",
+    "akesle"
   ],
   "message": "Thank you for your contribution! As this is an open source project, we require contributors to sign our Contributor License Agreement and do not have yours on file. To proceed with your PR, please [sign your name here](https://forms.gle/YgLddrckeJaCdZYA6) and we will add you to our approved list of contributors.",
   "label": "cla-signed",

cid-redirects.json

@@ -1764,7 +1764,10 @@
   "/cid/10321": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/windows",
   "/cid/10322": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/docker",
   "/cid/10323": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/nginx",
-  "/cid/10324": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/kafka",
+  "/cid/10340": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/kafka",
+  "/cid/10341": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/postgresql",
+  "/cid/10342": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/mysql",
+  "/cid/10343": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/elasticsearch",
   "/cid/10325": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/apache/changelog",
   "/cid/10326": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/linux/changelog",
   "/cid/10327": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/localfile/changelog",
@@ -1776,6 +1779,10 @@
   "/cid/10337": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/docker/changelog",
   "/cid/10338": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/nginx/changelog",
   "/cid/10339": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/kafka/changelog",
+  "/cid/10344": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/postgresql/changelog",
+  "/cid/10345": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/mysql/changelog",
+  "/cid/10346": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/elasticsearch/changelog",
+  "/cid/10347": "/docs/send-data/opentelemetry-collector/remote-management/source-templates/st-with-secrets",
   "/cid/10822": "/docs/manage/manage-subscription/create-manage-orgs-flex",
   "/cid/10817": "/docs/integrations/sumo-apps/cse",
   "/cid/10818": "/docs/integrations/sumo-apps/cse",

docs/integrations/databases/opentelemetry/postgresql-opentelemetry.md

@@ -19,7 +19,7 @@ This app supports PostgreSQL version 9.6+.
 
 We use the OpenTelemetry collector for PostgreSQL metric collection and for collecting PostgreSQL logs.
 
-The diagram below illustrates the components of the PostgreSQL collection for each database server. OpenTelemetry collector runs on the same host as PostgreSQL, and uses the [PostgreSQL receiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/postgresqlreceiver) to obtain PostgreSQL metrics, and the [Sumo Logic OpenTelemetry Exporter](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/exporter/sumologicexporter) to send the metrics to Sumo Logic. MySQL logs are sent to Sumo Logic through a [filelog receiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/filelogreceiver).
+The diagram below illustrates the components of the PostgreSQL collection for each database server. OpenTelemetry collector runs on the same host as PostgreSQL, and uses the [PostgreSQL receiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/postgresqlreceiver) to obtain PostgreSQL metrics, and the [Sumo Logic OpenTelemetry Exporter](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/exporter/sumologicexporter) to send the metrics to Sumo Logic. PostgreSQL logs are sent to Sumo Logic through a [filelog receiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/filelogreceiver).
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Postgresql-OpenTelemetry/PostgreSQL-Schematics.png' alt="Schematics" />
 
@@ -107,7 +107,7 @@ import SetupColl from '../../../reuse/apps/opentelemetry/set-up-collector.md';
 
 ### Step 2: Configure integration
 
-In this step, you will configure the yaml file required for Mysql collection.
+In this step, you will configure the yaml file required for PostgreSQL collection.
 
 Below is the required input:
 

docs/integrations/saas-cloud/fastly.md

@@ -69,39 +69,39 @@ When you configure the Sumo Logic endpoint in Fastly:
      "protocol": "%{req.proto}V",
      "host": "%{req.http.Fastly-Orig-Host}V",
      "origin_host": "%{req.http.Host}V",
-     "url": "%{cstr_escape(req.url)}V",
+     "url": "%{json.escape(req.url)}V",
      "is_ipv6": "%{if(req.is_ipv6, \"true\", \"false\")}V",
      "is_tls": "%{if(req.is_ssl, \"true\", \"false\")}V",
-     "tls_client_protocol": "%{cstr_escape(tls.client.protocol)}V",
-     "tls_client_servername": "%{cstr_escape(tls.client.servername)}V",
-     "tls_client_cipher": "%{cstr_escape(tls.client.cipher)}V",
-     "tls_client_cipher_sha": "%{cstr_escape(tls.client.ciphers_sha)}V",
-     "tls_client_tlsexts_sha": "%{cstr_escape(tls.client.tlsexts_sha)}V",
+     "tls_client_protocol": "%{json.escape(tls.client.protocol)}V",
+     "tls_client_servername": "%{json.escape(tls.client.servername)}V",
+     "tls_client_cipher": "%{json.escape(tls.client.cipher)}V",
+     "tls_client_cipher_sha": "%{json.escape(tls.client.ciphers_sha)}V",
+     "tls_client_tlsexts_sha": "%{json.escape(tls.client.tlsexts_sha)}V",
      "is_h2": "%{if(fastly_info.is_h2, \"true\", \"false\")}V",
      "is_h2_push": "%{if(fastly_info.h2.is_push, \"true\", \"false\")}V",
      "h2_stream_id": "%{fastly_info.h2.stream_id}V",
-     "request_referer": "%{cstr_escape(req.http.Referer)}V",
-     "request_user_agent": "%{cstr_escape(req.http.User-Agent)}V",
-     "request_accept_content": "%{cstr_escape(req.http.Accept)}V",
-     "request_accept_language": "%{cstr_escape(req.http.Accept-Language)}V",
-     "request_accept_encoding": "%{cstr_escape(req.http.Accept-Encoding)}V",
-     "request_accept_charset": "%{cstr_escape(req.http.Accept-Charset)}V",
-     "request_connection": "%{cstr_escape(req.http.Connection)}V",
-     "request_dnt": "%{cstr_escape(req.http.DNT)}V",
-     "request_forwarded": "%{cstr_escape(req.http.Forwarded)}V",
-     "request_via": "%{cstr_escape(req.http.Via)}V",
-     "request_cache_control": "%{cstr_escape(req.http.Cache-Control)}V",
-     "request_x_requested_with": "%{cstr_escape(req.http.X-Requested-With)}V",
-     "request_x_forwarded_for": "%{cstr_escape(req.http.X-Forwarded-For)}V",
+     "request_referer": "%{json.escape(req.http.Referer)}V",
+     "request_user_agent": "%{json.escape(req.http.User-Agent)}V",
+     "request_accept_content": "%{json.escape(req.http.Accept)}V",
+     "request_accept_language": "%{json.escape(req.http.Accept-Language)}V",
+     "request_accept_encoding": "%{json.escape(req.http.Accept-Encoding)}V",
+     "request_accept_charset": "%{json.escape(req.http.Accept-Charset)}V",
+     "request_connection": "%{json.escape(req.http.Connection)}V",
+     "request_dnt": "%{json.escape(req.http.DNT)}V",
+     "request_forwarded": "%{json.escape(req.http.Forwarded)}V",
+     "request_via": "%{json.escape(req.http.Via)}V",
+     "request_cache_control": "%{json.escape(req.http.Cache-Control)}V",
+     "request_x_requested_with": "%{json.escape(req.http.X-Requested-With)}V",
+     "request_x_forwarded_for": "%{json.escape(req.http.X-Forwarded-For)}V",
      "status": "%{resp.status}V",
-     "content_type": "%{cstr_escape(resp.http.Content-Type)}V",
+     "content_type": "%{json.escape(resp.http.Content-Type)}V",
      "cache_status": "%{regsub(fastly_info.state, \"^(HIT-(SYNTH)|(HITPASS|HIT|MISS|PASS|ERROR|PIPE)).*\", \"\\2\\3\")}V",
      "is_cacheable": "%{if(fastly_info.state~\"^(HIT|MISS)$\", \"true\", \"false\")}V",
-     "response_age": "%{cstr_escape(resp.http.Age)}V",
-     "response_cache_control": "%{cstr_escape(resp.http.Cache-Control)}V",
-     "response_expires": "%{cstr_escape(resp.http.Expires)}V",
-     "response_last_modified": "%{cstr_escape(resp.http.Last-Modified)}V",
-     "response_tsv": "%{cstr_escape(resp.http.TSV)}V",
+     "response_age": "%{json.escape(resp.http.Age)}V",
+     "response_cache_control": "%{json.escape(resp.http.Cache-Control)}V",
+     "response_expires": "%{json.escape(resp.http.Expires)}V",
+     "response_last_modified": "%{json.escape(resp.http.Last-Modified)}V",
+     "response_tsv": "%{json.escape(resp.http.TSV)}V",
      "geo_datacenter": "%{server.datacenter}V",
      "geo_city": "%{client.geo.city}V",
      "geo_country_code": "%{client.geo.country_code}V",
@@ -152,39 +152,39 @@ If you have Fastly's Web Application Firewall (WAF), perform these steps to upda
     "protocol": "%{req.proto}V",
     "host": "%{req.http.Fastly-Orig-Host}V",
     "origin_host": "%{req.http.Host}V",
-    "url": "%{cstr_escape(req.url)}V",
+    "url": "%{json.escape(req.url)}V",
     "is_ipv6": "%{if(req.is_ipv6, \"true\", \"false\")}V",
     "is_tls": "%{if(req.is_ssl, \"true\", \"false\")}V",
-    "tls_client_protocol": "%{cstr_escape(tls.client.protocol)}V",
-    "tls_client_servername": "%{cstr_escape(tls.client.servername)}V",
-    "tls_client_cipher": "%{cstr_escape(tls.client.cipher)}V",
-    "tls_client_cipher_sha": "%{cstr_escape(tls.client.ciphers_sha)}V",
-    "tls_client_tlsexts_sha": "%{cstr_escape(tls.client.tlsexts_sha)}V",
+    "tls_client_protocol": "%{json.escape(tls.client.protocol)}V",
+    "tls_client_servername": "%{json.escape(tls.client.servername)}V",
+    "tls_client_cipher": "%{json.escape(tls.client.cipher)}V",
+    "tls_client_cipher_sha": "%{json.escape(tls.client.ciphers_sha)}V",
+    "tls_client_tlsexts_sha": "%{json.escape(tls.client.tlsexts_sha)}V",
     "is_h2": "%{if(fastly_info.is_h2, \"true\", \"false\")}V",
     "is_h2_push": "%{if(fastly_info.h2.is_push, \"true\", \"false\")}V",
     "h2_stream_id": "%{fastly_info.h2.stream_id}V",
-    "request_referer": "%{cstr_escape(req.http.Referer)}V",
-    "request_user_agent": "%{cstr_escape(req.http.User-Agent)}V",
-    "request_accept_content": "%{cstr_escape(req.http.Accept)}V",
-    "request_accept_language": "%{cstr_escape(req.http.Accept-Language)}V",
-    "request_accept_encoding": "%{cstr_escape(req.http.Accept-Encoding)}V",
-    "request_accept_charset": "%{cstr_escape(req.http.Accept-Charset)}V",
-    "request_connection": "%{cstr_escape(req.http.Connection)}V",
-    "request_dnt": "%{cstr_escape(req.http.DNT)}V",
-    "request_forwarded": "%{cstr_escape(req.http.Forwarded)}V",
-    "request_via": "%{cstr_escape(req.http.Via)}V",
-    "request_cache_control": "%{cstr_escape(req.http.Cache-Control)}V",
-    "request_x_requested_with": "%{cstr_escape(req.http.X-Requested-With)}V",
-    "request_x_forwarded_for": "%{cstr_escape(req.http.X-Forwarded-For)}V",
+    "request_referer": "%{json.escape(req.http.Referer)}V",
+    "request_user_agent": "%{json.escape(req.http.User-Agent)}V",
+    "request_accept_content": "%{json.escape(req.http.Accept)}V",
+    "request_accept_language": "%{json.escape(req.http.Accept-Language)}V",
+    "request_accept_encoding": "%{json.escape(req.http.Accept-Encoding)}V",
+    "request_accept_charset": "%{json.escape(req.http.Accept-Charset)}V",
+    "request_connection": "%{json.escape(req.http.Connection)}V",
+    "request_dnt": "%{json.escape(req.http.DNT)}V",
+    "request_forwarded": "%{json.escape(req.http.Forwarded)}V",
+    "request_via": "%{json.escape(req.http.Via)}V",
+    "request_cache_control": "%{json.escape(req.http.Cache-Control)}V",
+    "request_x_requested_with": "%{json.escape(req.http.X-Requested-With)}V",
+    "request_x_forwarded_for": "%{json.escape(req.http.X-Forwarded-For)}V",
     "status": "%{resp.status}V",
-    "content_type": "%{cstr_escape(resp.http.Content-Type)}V",
+    "content_type": "%{json.escape(resp.http.Content-Type)}V",
     "cache_status": "%{regsub(fastly_info.state, \"^(HIT-(SYNTH)|(HITPASS|HIT|MISS|PASS|ERROR|PIPE)).*\", \"\\2\\3\")}V",
     "is_cacheable": "%{if(fastly_info.state~\"^(HIT|MISS)$\", \"true\", \"false\")}V",
-    "response_age": "%{cstr_escape(resp.http.Age)}V",
-    "response_cache_control": "%{cstr_escape(resp.http.Cache-Control)}V",
-    "response_expires": "%{cstr_escape(resp.http.Expires)}V",
-    "response_last_modified": "%{cstr_escape(resp.http.Last-Modified)}V",
-    "response_tsv": "%{cstr_escape(resp.http.TSV)}V",
+    "response_age": "%{json.escape(resp.http.Age)}V",
+    "response_cache_control": "%{json.escape(resp.http.Cache-Control)}V",
+    "response_expires": "%{json.escape(resp.http.Expires)}V",
+    "response_last_modified": "%{json.escape(resp.http.Last-Modified)}V",
+    "response_tsv": "%{json.escape(resp.http.TSV)}V",
     "geo_datacenter": "%{server.datacenter}V",
     "geo_city": "%{client.geo.city}V",
     "geo_country_code": "%{client.geo.country_code}V",
@@ -214,7 +214,7 @@ If you have Fastly's Web Application Firewall (WAF), perform these steps to upda
     "waf_rule_id": "%{waf.rule_id}V",
     "waf_severity": "%{waf.severity}V",
     "waf_passed": "%{waf.passed}V",
-    "waf_logdata": "%{cstr_escape(waf.logdata)}V",
+    "waf_logdata": "%{json.escape(waf.logdata)}V",
     "waf_executed": "%{waf.executed}V",
     "waf_anomaly_score": "%{waf.anomaly_score}V",
     "waf_sql_score": "%{waf.sql_injection_score}V",
@@ -225,7 +225,7 @@ If you have Fastly's Web Application Firewall (WAF), perform these steps to upda
     "waf_php_score": "%{waf.php_injection_score}V",
     "waf_rce_score": "%{waf.rce_score}V",
     "waf_session_fixation_score": "%{waf.session_fixation_score}V",
-    "waf_message": "%{cstr_escape(waf.message)}V"
+    "waf_message": "%{json.escape(waf.message)}V"
     }
     ```
     </details>
@@ -251,10 +251,10 @@ If you have Fastly's Web Application Firewall (WAF), perform these steps to add
     "request": "%{req.request}V",
     "protocol": "%{req.proto}V",
     "origin_host": "%{req.http.Host}V",
-    "url": "%{cstr_escape(req.url)}V",
-    "request_referer": "%{cstr_escape(req.http.Referer)}V",
-    "request_user_agent": "%{cstr_escape(req.http.User-Agent)}V",
-    "request_accept_content": "%{cstr_escape(req.http.Accept)}V",
+    "url": "%{json.escape(req.url)}V",
+    "request_referer": "%{json.escape(req.http.Referer)}V",
+    "request_user_agent": "%{json.escape(req.http.User-Agent)}V",
+    "request_accept_content": "%{json.escape(req.http.Accept)}V",
     "cache_status": "%{regsub(fastly_info.state, \"^(HIT-(SYNTH)|(HITPASS|HIT|MISS|PASS|ERROR|PIPE|NONE)).*\", \"\\2\\3\")}V",
     "geo_datacenter": "%{server.datacenter}V",
     "geo_city": "%{client.geo.city}V",
@@ -268,7 +268,7 @@ If you have Fastly's Web Application Firewall (WAF), perform these steps to add
     "waf_rule_id": "%{waf.rule_id}V",
     "waf_severity": "%{waf.severity}V",
     "waf_passed": "%{waf.passed}V",
-    "waf_logdata": "%{cstr_escape(waf.logdata)}V",
+    "waf_logdata": "%{json.escape(waf.logdata)}V",
     "waf_executed": "%{waf.executed}V",
     "waf_anomaly_score": "%{waf.anomaly_score}V",
     "waf_sql_score": "%{waf.sql_injection_score}V",
@@ -279,7 +279,7 @@ If you have Fastly's Web Application Firewall (WAF), perform these steps to add
     "waf_php_score": "%{waf.php_injection_score}V",
     "waf_rce_score": "%{waf.rce_score}V",
     "waf_session_fixation_score": "%{waf.session_fixation_score}V",
-    "waf_message": "%{cstr_escape(waf.message)}V"
+    "waf_message": "%{json.escape(waf.message)}V"
   }
   ```
 

docs/manage/partitions/flex/faq.md

@@ -91,8 +91,9 @@ We recommend you configure partitions to have less than 5 TB per day flowing int
 
 Default scope allows you to include or exclude the partitions in the search query, helping you to optimize the search cost. For example, if a query needs to run through 10 partitions, which consumes about 10 GB of search data, narrowing the search query using the default scope can improve the query performance and reduce scan cost. You can modify the default scope by selecting or deselecting the **Include this partition in default scope** checkbox when creating/updating your partition. Let's say that out of 10 partitions, you excluded two partitions. Now, when you run a query that does not have `_index` / `_view` term referenced in the query, the search will only consider the included partitions, reducing the amount of data scanned and lowering the cost.
 
+If you do not specify a partition name using `_index` or `_view`, or if you do not use metadata fields in your query scope that correspond to the routing expression of a partition, you will be billed for all default scope partitions that are not explicitly excluded. This also includes the `sumologic_default` partition.
 
-When partitions are marked as included and `_index` or `_view` is not referenced in the query, all included partitions will be considered by default. Default scope is also useful when `AND` or `OR` conditions are used in the query with `_index`. For example, consider you have three partitions: Partition A (Excluded), Partition B (Included), and Partition C (Included). Below are some scenarios:
+When partitions are marked as included and `_index` or `_view` is not referenced in the query, all partitions part of default scope will be considered by default. Default scope is also useful when `AND` or `OR` conditions are used in the query with `_index`. For example, consider you have three partitions: Partition A (Excluded), Partition B (Included), and Partition C (Included). Below are some scenarios:
 
 - When you run the query without referring to `_index`, for example `error | count`, only Partition B and Partition C will be considered for the query, as Partition A is excluded from the default scope. 
 - When you run a query referring to an index term, for example `_index="Partition A"`, only Partition A will be considered for the query. 

docs/send-data/opentelemetry-collector/remote-management/source-templates/elasticsearch/changelog.md

@@ -0,0 +1,11 @@
+---
+id: changelog
+title: Changelog
+sidebar_label: Changelog
+description: Changelog for Elasticsearch source template for OpenTelemetry.
+---
+
+## [1.0.0] - 2025-01-30
+
+### Added
+- Initial version of Elasticsearch source template.