Merge branch 'main' into hpal_cosmosdb_docs

Author: himanshu219

blog-collector/2024-10-31.md

@@ -0,0 +1,21 @@
+---
+title: Version 19.514-1
+hide_table_of_contents: true
+image: https://help.sumologic.com/img/sumo-square.png
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-collector/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+In this release, we've enhanced the security and stability of the Collector with added support for security patches and bug fixes.
+
+### Security Fixes
+
+- Upgraded `com.fasterxml.jackson.core` to version 2.15.4 to address jackson-core vulnerability (CVE-2023-0067).
+- Upgraded `org.apache.avro:avro` to version 1.11.4 to address ion-java vulnerability (CVE-2024-47561).
+
+### Bug Fix
+
+- Fixed the intermittent collector crash issue for AD source.
+

blog-cse/2024-10-31-content.md

@@ -17,7 +17,7 @@ We're excited to announce that when you create a role, you can select **Index Ac
 This feature was [previously only available to participants in our beta program](/release-notes-service/2023/12/31/#october-27-2023-manage-account). It is now available for general use.
 
 :::note
-These changes are rolling out across deployments incrementally and will be available on all deployments by October 25, 2024.
+These changes are rolling out across deployments incrementally and will be available on all deployments by November 15, 2024.
 :::
 
 [Learn more](/docs/manage/users-roles/roles/create-manage-roles/#create-a-role).

blog-service/2024-10-14-manage.md

@@ -14,7 +14,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
 
 <a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
 
-We're excited to announce the general availability of AI-driven alerts for metrics anomalies, extending our AI-driven alerting to metrics-based monitors. This release helps reduce alert fatigue and enables faster incident resolution with automated playbooks.
+We're excited to announce the preview of AI-driven alerts for metrics anomalies, extending our AI-driven alerting to metrics-based monitors. This preview release helps reduce alert fatigue and enables faster incident resolution with automated playbooks.
 
 ### Key Features
 

blog-service/2024-10-22-alerts.md

@@ -0,0 +1,16 @@
+---
+title: CrowdStrike Spotlight (Apps)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - crowdstrike-spotlight
+  - apps
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to introduce the new CrowdStrike Spotlight app for Sumo Logic. This app leverages the Sumo Logic Cloud-to-Cloud CrowdStrike Spotlight source to collect vulnerability logs through the CrowdStrike Spotlight API, helping you to obtain real-time visibility into vulnerabilities across your organization's assets to the security teams.
+
+Explore our technical documentation [here](/docs/integrations/saas-cloud/crowdstrike-spotlight/) to learn how to set up and use the CrowdStrike Spotlight app for Sumo Logic.

blog-service/2024-10-29-apps.md

@@ -0,0 +1,22 @@
+---
+title: Scan Budgets (Manage) 
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - scan-budgets
+  - manage
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We are happy to introduce our new **Usage Management** tab under the **Accounts** section. This feature allows you to define query spending limits, helping prevent unexpected charges and manage Sumo Logic credits, particularly in pay-per-use scenarios by limiting search volume.
+
+Key features include:
+
+- **Org-wide query budget**. Set a budget for queries that applies to all users in the organization.
+- **User level and role level query budget**. Set limits on query data volume at the user level and role level.
+- **Flexible actions**. Choose what happens when the budget limit is reached. Options include **Display a warning to the user** or **Restrict queries to background scans only**.
+
+Explore our technical documentation [here](/docs/manage/manage-subscription/usage-management/) to learn how to set up and use Scan Budgets.

blog-service/2024-10-29-manage.md

@@ -0,0 +1,14 @@
+---
+title: Deprecation Notice - Root Cause Explorer (Observability)
+image: https://www.sumologic.com/img/logo.svg
+keywords:
+  - observability
+  - root cause explorer
+hide_table_of_contents: true
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+As part of our ongoing evaluation of the Sumo Logic service, our product team is deprecating [Root Cause Explorer](/docs/observability/root-cause-explorer), and it will no longer be available as of 30 April 2025.
+
+Learn more [here](/docs/observability/root-cause-explorer-deprecation).

blog-service/2024-11-01-observability.md

@@ -0,0 +1,23 @@
+---
+title: AI-Driven Alerts for Metrics Anomalies (Monitors)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - metrics
+  - monitors
+  - alerts
+  - anomalies
+  - ai
+hide_table_of_contents: true  
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to announce the general availability of AI-driven alerts for metrics anomalies, extending our AI-driven alerting capabilities to include metrics-based monitors. This new feature aims to reduce alert fatigue and accelerate incident resolution through the use of automated playbooks. [Learn more](/docs/alerts/monitors/create-monitor).
+
+### Key features
+
+* **Advanced anomaly detection**. Leverages 30 days of historical metrics data to establish baselines and identify critical anomalies.
+* **Customizable detection**. Allows configuration based on specific criteria, such as detecting multiple anomalies within a defined time window.
+* **Playbook integration**. Streamlines diagnosis and recovery by automating responses through integrated playbooks.

blog-service/2024-11-05-alerts.md

@@ -104,6 +104,7 @@
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon_MSK_Prometheus_metrics_collection": "/docs/send-data/collect-from-other-data-sources/amazon-msk-prometheus-metrics-collection",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
   "/Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
+  "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-Web-Services": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs/Collect_Amazon_CloudWatch_Logs_using_a_Lambda_Function": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs/collect-with-lambda-function",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs/Collect_CloudWatch_Logs_using_a_CloudFormation_Template_with_secured_Sumo_Endpoint": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs/collect-with-cloudformation-template",
   "/03Send-Data/Collect-from-Other-Data-Sources/Amazon-CloudWatch-Logs/Collect-Amazon-CloudWatch-Logs-using-a-Collector-Script": "/docs/send-data/collect-from-other-data-sources/amazon-cloudwatch-logs",
@@ -219,6 +220,7 @@
   "/03Send-Data/Installed-Collectors/05Reference-Information-for-Collector-Installation/Verify-Authenticity-of-Collector-Downloads": "/docs/send-data/reference-information",
   "/03Send-Data/Setup-Wizard": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Upload-Static-Files-with-the-Setup-Wizard": "/docs/send-data/setup-wizard",
+  "/03Send-Data/Setup-Wizard/About-Streaming-Data-Collection": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Collect-from-Custom-Apps": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Collect-from-Custom-Apps/Collect_Streaming_Data_from_HTTP": "/docs/send-data/setup-wizard",
   "/03Send-Data/Setup-Wizard/Collect-from-Custom-Apps/Collect-Streaming-Data-from-a-Local-File": "/docs/send-data/setup-wizard",
@@ -1377,6 +1379,7 @@
   "/APIs/General_API_Information/API_Authentication": "/docs/api/getting-started",
   "/APIs/General_API_Information/Sumo_Logic_Endpoints": "/docs/api/getting-started",
   "/APIs/General_API_Information/Sumo_Logic_Endpoints_and_Firewall_Security": "/docs/api/getting-started",
+  "/Send_Data": "/docs/send-data",
   "/Send_Data/Collector_Management_API/Sumo_Logic_Endpoints": "/docs/api/collector-management",
   "/Send_Data/Collector_FAQs/How_to_Ingest_Old_or_Historical_Data": "/docs/send-data/opentelemetry-collector/faq",
   "/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security": "/docs/api/getting-started",
@@ -2066,6 +2069,7 @@
   "/cid/4018": "/docs/send-data/installed-collectors",
   "/cid/4019": "/docs/send-data/installed-collectors/sources/script-action",
   "/cid/4412": "/docs/integrations/saas-cloud/crowdstrike-fdr-host-inventory",
+  "/cid/44122": "/docs/integrations/saas-cloud/crowdstrike-spotlight",
   "/cid/4020": "/docs/search/logreduce",
   "/cid/4021": "/docs/search/search-query-language/search-operators/accum",
   "/cid/4022": "/docs/search/search-query-language/search-operators/fields",
@@ -3440,6 +3444,7 @@
   "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Save_to_Index": "/docs/alerts/scheduled-searches/save-to-index",
   "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Schedule_a_Search": "/docs/alerts/scheduled-searches/schedule-search",
   "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Scheduled_Search_FAQs": "/docs/alerts/scheduled-searches/schedule-search",
+  "/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Scheduled_Search_FAQs/How-to-Prevent-your-Scheduled-Search-from-Timing-Out": "/docs/alerts/scheduled-searches/schedule-search",
   "/Visualizations-and-Alerts/Dashboard_(New)": "/docs/dashboards",
   "/Visualizations-and-Alerts/Dashboard_(New)/About_Dashboard_(New)": "/docs/dashboards/about",
   "/Visualizations-and-Alerts/Dashboard_(New)/Create_a_Dashboard_(New)": "/docs/dashboards/create-dashboard-new",
@@ -3565,6 +3570,7 @@
   "/07Sumo-Logic-Apps/01Amazon_and_AWS": "/docs/integrations/amazon-aws",
   "/07Sumo_Logic_Apps/01Amazon_and_AWS/Amazon_RDS_Metrics/Amazon-RDS-Metrics-App-Dashboards": "/docs/observability/aws/integrations/amazon-rds",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/Amazon_Security_Quick_Start": "/docs/integrations/amazon-aws/security-quickstart",
+  "/docs/integrations/amazon-aws/amazon-opensearch-service": "/docs/integrations/amazon-aws/amazon-opensearch",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/Global_Intelligence_for_CloudTrail_DevOps": "/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops",
   "/07Sumo-Logic-Apps/01Amazon_and_AWS/Global_Intelligence_for_AWS_CloudTrail/Install_the_GI_CloudTrail_App_and_view_the_Dashboards": "/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops",
   "/07Sumo_Logic_Apps/06Google/Google_Cloud_VPC/Install-the-Google-Cloud-VPC-App-and-view-the-Dashboards": "/docs/integrations/google/cloud-vpc",
@@ -4040,6 +4046,7 @@
   "/docs/cse/automation-service/automation-service-integration-framework": "/docs/platform-services/automation-service/automation-service-integration-framework",
   "/docs/cloud-soar/cloud-soar-integration-framework": "/docs/platform-services/automation-service/automation-service-integration-framework",
   "/docs/send-data/collect-from-other-data-sources/kubernetes": "/docs/send-data/kubernetes",
+  "/docs/send-data/kubernetes/v4": "/docs/send-data/kubernetes",
   "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/collect-logs-azure-blob-storage": "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/block-blob/collect-logs",
   "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/troubleshoot-azure-blob-storage-log-collection": "/docs/send-data/collect-from-other-data-sources/azure-blob-storage/troubleshoot-log-collection",
   "/docs/cloud-soar/mssp": "/docs/cloud-soar/legacy/legacy-cloud-soar-mssp",

cid-redirects.json

@@ -13,7 +13,7 @@ This topic has instructions for creating a custom tag schema in Cloud SIEM. 
 
 Tags are metadata you can attach to Insights, Signals, Entities, and Rules. Tags are useful for adding context to these Cloud SIEM items. You can also search for and filter items by tag. There are two types of tags: *keyword tags*, which are arbitrary, freeform strings; and *schema keys*, which are predefined key-value pairs. Cloud SIEM provides built-in schemas keys that display in the Cloud SIEM UI with a Sumo label, as shown in the example below. You can’t edit the built-in schemas.
 
-<img src={useBaseUrl('img/cse/built-in-tags.png')} alt="Built-in schema keys" style={{border: '1px solid gray'}} width="400"/>
+<img src={useBaseUrl('img/cse/built-in-tags.png')} alt="Built-in schema keys" style={{border: '1px solid gray'}} width="800"/>
 
 Schema tags can enforce specific tag values and prevent confusion from variations in tag values. For example, you might want to ensure the use of standard server identifiers, such as “FinanceServer”, rather than “Server-Finance” or “Finance_Server”. 
 
@@ -22,8 +22,8 @@ For more information about tags in Cloud SIEM, see [Using Tags with Insights, Si
 ## Define a custom tag schema
 
 1. [**Classic UI**](/docs/cse/introduction-to-cloud-siem/#classic-ui). In the top menu select **Configuration**, and then under **Workflow** select **Tag Schemas**.<br/>[**New UI**](/docs/cse/introduction-to-cloud-siem/#new-ui). In the top menu select **Configuration**, and then under **Cloud SIEM Workflow** select **Tag Schemas**. You can also click the **Go To...** menu at the top of the screen and select **Tag Schemas**. 
-1. On the **Tag Schemas** page, click **Create**. <br/><img src={useBaseUrl('img/cse/tag-schemas-page.png')} alt="Tag schemas page" style={{border: '1px solid gray'}} width="800"/>
-1. The **Tag Schema** popup appears. The screenshot below shows a previously configured tag schema.  <br/><img src={useBaseUrl('img/cse/tag-schema-filled-in.png')} alt="Example tag schema" style={{border: '1px solid gray'}} width="800"/>
+1. On the **Tag Schemas** page, click **Create**. <br/><img src={useBaseUrl('img/cse/tag-schema-empty.png')} alt="Create tag schema" style={{border: '1px solid gray'}} width="400"/>
+1. The **Tag Schema** popup appears. 
     1. **Key**. Enter an identifier for the tag you’re defining. It won’t appear in the UI for assigning tags to a content item, unless you leave the **Label** field blank.
     1. **Label**. Enter a label for the tag. If you supply a label, that’s what will appear in the UI for assigning tags to a content item.
     1. **Content Types**. Select the types that you want the tag to be
@@ -33,6 +33,7 @@ For more information about tags in Cloud SIEM, see [Using Tags with Insights, Si
         * **Entity** The options do not include **Signal** or **Insight**. Signals and Insights inherit tag values from the rule(s) or Custom Insight definition that triggered the Signal or Insight and involved Entities.
     1. **Allow Custom Values**. Check this box to allow users to add additional allowable values to the tag schema. Otherwise, when applying the tag users may only select one of the values you define in the **Value Options** section below.
     1. **Value Options**. If **Allow Custom Values** is not checked, you must define at least one value for the tag:
-        * **Value**. Enter an allowable value for the tag.
-        * **Label**. Enter a label for the value.
-        * **Link** (optional). Enter a URL for it to appear in the Actions menu of the tag in any content items to which it’s been applied. Cloud SIEM’s built-in schema tags are examples of schema tags that include a link. The screenshot below shows a link from the **Tactic:TA0002** to associated information on the MITRE site. <br/><img src={useBaseUrl('img/cse/mitre-link.png')} alt="Example MITRE link" style={{border: '1px solid gray'}} width="800"/>
+        * **Enter Value**. Enter an allowable value for the tag.
+        * **Enter Label**. Enter a label for the value.
+        * **Enter Link** (optional). Enter a URL for it to appear in the Actions menu of the tag in any content items to which it’s been applied. Cloud SIEM’s built-in schema tags are examples of schema tags that include a link. The screenshot below shows a link from the **Tactic:TA0002** to associated information on the MITRE site. <br/><img src={useBaseUrl('img/cse/mitre-link.png')} alt="Example MITRE link" style={{border: '1px solid gray'}} width="400"/>
+