Merge pull request #1791 from splunk/urbiz-DG24717-logs-fixes

[DG24717]: LOC edits

Author: aurbiztondo-splunk

logs/scp.rst

@@ -11,18 +11,32 @@ Set up Log Observer Connect by integrating Log Observer with Splunk Cloud Platfo
 
 When you set up Log Observer Connect, your logs data remains in your Splunk Cloud Platform instance and is accessible only to Log Observer Connect. Log Observer Connect does not store or index your logs data. There is no additional charge for Log Observer Connect.
 
+.. note:: You can collect data using both the Splunk Distribution of the OpenTelemetry Collector and the Universal Forwarder without submitting any duplicated telemetry data. See :ref:`collector-with-the-uf` to learn how.
+
 Region and version availability
 ==============================================================
 
-Splunk Log Observer Connect is available in the following Splunk Observability realms: us0, us1, us2, eu0, jp0, and au0. Splunk Log Observer Connect is compatible with Splunk Cloud Platform versions 8.2 and higher. Splunk Log Observer Connect is not available for Splunk Cloud Platform trials and is not supported in GovCloud regions. 
+Splunk Log Observer Connect is available in the following Splunk Observability realms: us0, us1, us2, eu0, jp0, and au0. It's not available for Splunk Cloud Platform trials and is not supported in GovCloud regions.  
 
-.. note:: You can collect data using both the Splunk Distribution of OpenTelemetry Collector and the universal forwarder without submitting any duplicate telemetry data. See :ref:`collector-with-the-uf` to learn how.
+Splunk Log Observer Connect is compatible with Splunk Cloud Platform versions 8.2 and higher. 
 
 Prerequisites
 ==============================================================
-Ensure that token authentication is enabled for your Log Observer Connect service account in your Splunk Cloud Platform instance. See :new-page:`Securing Splunk Cloud Platform: Enable or disable token authentication token <https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/EnableTokenAuth>` to learn how. 
+
 To configure the Splunk Cloud service account user in the following section you must have the sc_admin role.
 
+Ensure the following configuration in your Splunk Cloud instance:
+
+* Token authentication is enabled for your Log Observer Connect service account in your Splunk Cloud Platform instance. See :new-page:`Securing Splunk Cloud Platform: Enable or disable token authentication token <https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/EnableTokenAuth>` to learn how. 
+
+* Allow these IPs:
+
+  - us0: ``34.199.200.84``, ``52.20.177.252``, ``52.201.67.203``, ``54.89.1.85``
+  - us1: ``44.230.152.35``, ``44.231.27.66``, ``44.225.234.52``, ``44.230.82.104``
+  - eu0: ``108.128.26.145``, ``34.250.243.212``, ``54.171.237.247``
+  - jp0: ``35.78.47.79``, ``35.77.252.198``, ``35.75.200.181``
+  - au0: ``13.54.193.47``, ``13.55.9.109``, ``54.153.190.59``
+
 Set up Log Observer Connect
 ==============================================================
 To set up Log Observer Connect for Splunk Cloud Platform without help from the Support team, follow these steps:

logs/set-up-logconnect.rst

@@ -11,14 +11,16 @@ Set up Log Observer Connect by integrating Log Observer with Splunk Enterprise.
 
 When you set up Log Observer Connect, your Splunk Enterprise logs data remains in Splunk Enterprise. Log Observer Connect does not store or index your logs data. There is no additional charge for Log Observer Connect.
 
+.. note:: You can collect data using both the Splunk Distribution of the OpenTelemetry Collector and the Universal Forwarder without submitting any duplicated telemetry data. See :ref:`collector-with-the-uf` to learn how.
+
 Region and version compatibility
 ==============================================================
-Splunk Log Observer Connect is available in the AWS regions us0, us1, eu0, jp0, and au0. Splunk Log Observer Connect is compatible with Splunk Enterprise 8.2 and higher. 
 
-.. note:: You can collect data using both the Splunk Distribution of OpenTelemetry Collector and the Universal Forwarder without submitting any duplicate telemetry data. See :ref:`collector-with-the-uf` to learn how.
+Splunk Log Observer Connect is available in the AWS regions us0, us1, eu0, jp0, and au0, and is compatible with Splunk Enterprise 8.2 and higher. 
 
 Prerequisites
 ==============================================================
+
 To set up Log Observer Connect for Splunk Enterprise, you must have an administrator role in Splunk Observability Cloud. You must also be an administrator in Splunk Enterprise.
 
 Ensure the following configuration in your Splunk Enterprise instance:
@@ -35,7 +37,6 @@ Ensure the following configuration in your Splunk Enterprise instance:
 
 * Expose port ``8089`` to all the IPs of the realms you're using. Log Observer Connect needs to be able to access the search head on port ``8089``. It doesn't need to directly access the deployer or indexers. For example, if you have a search head cluster with load balancer in front of the members of the search head cluster, you would allow the incoming traffic to the load balancer.
 
-
 .. caution:: Check with your security team before you add these IPs to the allow list of your firewall rules or to your security groups in AWS.
 
 Set up Log Observer Connect