})
+
+### Step 3: Create an action group
+
+Refer to [Create an action group in the Azure portal](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/action-groups#create-an-action-group-in-the-azure-portal) to create an action group for the Azure Advisor alert in step 2.
+
+Sumo Logic recommends you to select the **Action type** as **Webhook** and then provide the Sumo Logic HTTP Source URL that you collected from step 1.
+})
+
+## Installing the Azure Security - Advisor app
+
+This section shows you how to install the Azure Security - Advisor app for Sumo Logic.
+
+import AppInstall from '../../reuse/apps/app-install.md';
+
+})
+
+### Advisor Cost Recommendations
+
+The **Azure Security - Advisor Cost Recommendations** dashboard provides security analysts with cost optimization strategies for Azure, helping identify idle and underutilized resources to reduce cloud spending. It categorizes recommendations by impact level, highlighting priority areas for cost-saving actions. The Affected Resources panel identifies services, such as compute disks, that may benefit from resizing or deallocation. A timeline visualization tracks cost recommendations over time to monitor trends and assess optimization effectiveness. The Cost Recommendation Summary details recommendations, their impact, and associated resources, aiding informed decision-making. This dashboard helps maintain financial efficiency while ensuring optimal resource utilization in Azure.})
+
+### Advisor Reliability Recommendations
+
+The **Azure Security - Advisor Reliability Recommendations** dashboard provides security analysts with insights into reliability risks affecting business-critical applications. It categorizes recommendations by severity (high, medium, low) to help prioritize reliability concerns. The dashboard highlights affected resource types and assets for quick identification of infrastructure issues. A timeline visualization tracks recommendation trends, offering insights into recurring risks. The Top Action Plan section lists prioritized recommendations with timestamps and affected resources for efficient remediation. Additionally, the Security Recommendation Summary provides an overview of reliability risks across Azure services. This dashboard helps security teams enhance system resilience, minimize downtime, and ensure optimal application performance. })
+
+### Advisor Operational Excellence Recommendations
+
+The **Azure Security - Advisor Operational Excellence Recommendations** dashboard provides security analysts with insights into optimizing process workflows, enhancing resource manageability, and enforcing deployment best practices. It categorizes recommendations by impact (medium and low) to help prioritize improvements for streamlining cloud operations. The Affected Resources panel highlights impacted services, with a focus on Azure Kubernetes Service (AKS) clusters. A timeline visualization tracks trends in recommendations over time, offering a historical perspective on operational issues. The Recommendation Summary details specific recommendations and associated resources for targeted action. This dashboard helps security teams improve system reliability and maintain efficient cloud operations.})
+
+## Create monitors for the Azure Security - Advisor app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+A guide to the Sumo Logic integration for Azure Relay.
+
+
+ })
+
+
+ Azure Security - Advisor
+A guide to the Sumo Logic integration for Azure Security - Advisor.
+})
Azure Security - Defender for Cloud
diff --git a/docs/integrations/product-list/product-list-a-l.md b/docs/integrations/product-list/product-list-a-l.md index 7162bb329e..0f37c18c15 100644 --- a/docs/integrations/product-list/product-list-a-l.md +++ b/docs/integrations/product-list/product-list-a-l.md @@ -119,7 +119,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ |}){kind=logo}
| [AWS Simple Notification Service](https://aws.amazon.com/sns/) | Automation integration: [AWS Simple Notification Service](/docs/platform-services/automation-service/app-central/integrations/aws-simple-notification-service/) |
| })
| [AWS WAF](https://aws.amazon.com/waf/) | Apps: - [AWS WAF](/docs/integrations/amazon-aws/waf/)
- [AWS WAF Cloud Security Monitoring and Analytics](/docs/integrations/cloud-security-monitoring-analytics/aws-waf/)
Automation integration: [AWS WAF](/docs/platform-services/automation-service/app-central/integrations/aws-waf/)
Cloud SIEM integration: [Amazon AWS - Web Application Firewall (WAF)](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/products/072b85a2-1765-45c2-911d-b0509880326e.md) | |
})
| [Axonius](https://www.axonius.com/) | Automation integration: [Axonius](/docs/platform-services/automation-service/app-central/integrations/axonius/) |
-| }){kind=logo}
| [Azure](https://azure.microsoft.com/en-us) | Apps: - [Azure Analysis Services](/docs/integrations/microsoft-azure/azure-analysis-services/)
- [Azure API Management](/docs/integrations/microsoft-azure/azure-api-management/)
- [Azure App Configuration](/docs/integrations/microsoft-azure/azure-app-configuration/)
- [Azure Application Gateway](/docs/integrations/microsoft-azure/azure-application-gateway/)
- [Azure App Service Environment](/docs/integrations/microsoft-azure/azure-app-service-environment/)
- [Azure App Service Plan](/docs/integrations/microsoft-azure/azure-app-service-plan/)
- [Azure Audit](/docs/integrations/microsoft-azure/audit/)
- [Azure Automation](/docs/integrations/microsoft-azure/azure-automation/)
- [Azure Backup](/docs/integrations/microsoft-azure/azure-backup/)
- [Azure Batch](/docs/integrations/microsoft-azure/azure-batch/)
- [Azure Cache for Redis](/docs/integrations/microsoft-azure/azure-cache-for-redis/)
- [Azure Cognitive Search](/docs/integrations/microsoft-azure/azure-cognitive-search/)
- [Azure Cosmos DB](/docs/integrations/microsoft-azure/azure-cosmos-db/)
- [Azure Cosmos DB for PostgreSQL](/docs/integrations/microsoft-azure/azure-cosmos-db-for-postgresql/)
- [Azure Data Explorer](/docs/integrations/microsoft-azure/azure-data-explorer/)
- [Azure Data Factory](/docs/integrations/microsoft-azure/azure-data-factory/)
- [Azure Database for MariaDB](/docs/integrations/microsoft-azure/azure-database-for-mariadb/)
- [Azure Database for MySQL](/docs/integrations/microsoft-azure/azure-database-for-mysql/)
- [Azure Database for PostgreSQL](/docs/integrations/microsoft-azure/azure-database-for-postgresql/)
- [Azure Event Grid](/docs/integrations/microsoft-azure/azure-event-grid/)
- [Azure Event Hubs](/docs/integrations/microsoft-azure/azure-event-hubs/)
- [Azure Front Door](/docs/integrations/microsoft-azure/azure-front-door/)
- [Azure Functions](/docs/integrations/microsoft-azure/azure-functions/)
- [Azure HDInsight](/docs/integrations/microsoft-azure/azure-hdinsight/)
- [Azure IoT Hub](/docs/integrations/microsoft-azure/azure-iot-hub/)
- [Azure Key Vault](/docs/integrations/microsoft-azure/azure-key-vault/)
- [Azure Kubernetes Service (AKS) - Control Plane](/docs/integrations/microsoft-azure/kubernetes/)
- [Azure Load Balancer](/docs/integrations/microsoft-azure/azure-load-balancer/)
- [Azure Logic App](/docs/integrations/microsoft-azure/azure-logic-app/)
- [Azure Machine Learning](/docs/integrations/microsoft-azure/azure-machine-learning/)
- [Azure Monitor Logs](/docs/send-data/collect-from-other-data-sources/azure-monitoring/ms-azure-event-hubs-source)
- [Azure Monitor Metrics](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/)
- [Azure Monitoring](/docs/send-data/collect-from-other-data-sources/azure-monitoring/)
- [Azure Network Interface](/docs/integrations/microsoft-azure/azure-network-interface/)
- [Azure Network Watcher](/docs/integrations/microsoft-azure/network-watcher/)
- [Azure Notification Hubs](/docs/integrations/microsoft-azure/azure-notification-hubs/)
- [Azure Public IP Addresses](/docs/integrations/microsoft-azure/azure-public-ipAddress/)
- [Azure Relay](/docs/integrations/microsoft-azure/azure-relay/)
- [Azure Security - Defender for Cloud](/docs/integrations/microsoft-azure/azure-security-defender-for-cloud/)
- [Azure Service Bus](/docs/integrations/microsoft-azure/azure-service-bus/)
- [Azure SQL](/docs/integrations/microsoft-azure/sql/)
- [Azure SQL Elastic Pool](/docs/integrations/microsoft-azure/azure-sql-elastic-pool/)
- [Azure SQL Managed Instance](/docs/integrations/microsoft-azure/azure-sql-managed-instance/)
- [Azure Storage](/docs/integrations/microsoft-azure/azure-storage/)
- [Azure Stream Analytics](/docs/integrations/microsoft-azure/azure-stream-analytics/)
- [Azure Synapse Analytics](/docs/integrations/microsoft-azure/azure-synapse-analytics/)
- [Azure Virtual Network](/docs/integrations/microsoft-azure/azure-virtual-network/)
- [Azure Web Apps](/docs/integrations/microsoft-azure/web-apps/)
Automation integration: [Azure AD](/docs/platform-services/automation-service/app-central/integrations/azure-ad/)
Collectors:
- [Azure Blob Storage](/docs/send-data/collect-from-other-data-sources/azure-blob-storage/block-blob/collect-logs)
- [Azure Event Hubs Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/)
- [Migrating to Azure Event Hubs Cloud-to-Cloud Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/azure-event-hubs-source-migration)
Webhook: [Webhook Connection for Microsoft Azure Functions](/docs/alerts/webhook-connections/microsoft-azure-functions/) | +|
| [Azure](https://azure.microsoft.com/en-us) | Apps: - [Azure Analysis Services](/docs/integrations/microsoft-azure/azure-analysis-services/)
- [Azure API Management](/docs/integrations/microsoft-azure/azure-api-management/)
- [Azure App Configuration](/docs/integrations/microsoft-azure/azure-app-configuration/)
- [Azure Application Gateway](/docs/integrations/microsoft-azure/azure-application-gateway/)
- [Azure App Service Environment](/docs/integrations/microsoft-azure/azure-app-service-environment/)
- [Azure App Service Plan](/docs/integrations/microsoft-azure/azure-app-service-plan/)
- [Azure Audit](/docs/integrations/microsoft-azure/audit/)
- [Azure Automation](/docs/integrations/microsoft-azure/azure-automation/)
- [Azure Backup](/docs/integrations/microsoft-azure/azure-backup/)
- [Azure Batch](/docs/integrations/microsoft-azure/azure-batch/)
- [Azure Cache for Redis](/docs/integrations/microsoft-azure/azure-cache-for-redis/)
- [Azure Cognitive Search](/docs/integrations/microsoft-azure/azure-cognitive-search/)
- [Azure Cosmos DB](/docs/integrations/microsoft-azure/azure-cosmos-db/)
- [Azure Cosmos DB for PostgreSQL](/docs/integrations/microsoft-azure/azure-cosmos-db-for-postgresql/)
- [Azure Data Explorer](/docs/integrations/microsoft-azure/azure-data-explorer/)
- [Azure Data Factory](/docs/integrations/microsoft-azure/azure-data-factory/)
- [Azure Database for MariaDB](/docs/integrations/microsoft-azure/azure-database-for-mariadb/)
- [Azure Database for MySQL](/docs/integrations/microsoft-azure/azure-database-for-mysql/)
- [Azure Database for PostgreSQL](/docs/integrations/microsoft-azure/azure-database-for-postgresql/)
- [Azure Event Grid](/docs/integrations/microsoft-azure/azure-event-grid/)
- [Azure Event Hubs](/docs/integrations/microsoft-azure/azure-event-hubs/)
- [Azure Front Door](/docs/integrations/microsoft-azure/azure-front-door/)
- [Azure Functions](/docs/integrations/microsoft-azure/azure-functions/)
- [Azure HDInsight](/docs/integrations/microsoft-azure/azure-hdinsight/)
- [Azure IoT Hub](/docs/integrations/microsoft-azure/azure-iot-hub/)
- [Azure Key Vault](/docs/integrations/microsoft-azure/azure-key-vault/)
- [Azure Kubernetes Service (AKS) - Control Plane](/docs/integrations/microsoft-azure/kubernetes/)
- [Azure Load Balancer](/docs/integrations/microsoft-azure/azure-load-balancer/)
- [Azure Logic App](/docs/integrations/microsoft-azure/azure-logic-app/)
- [Azure Machine Learning](/docs/integrations/microsoft-azure/azure-machine-learning/)
- [Azure Monitor Logs](/docs/send-data/collect-from-other-data-sources/azure-monitoring/ms-azure-event-hubs-source)
- [Azure Monitor Metrics](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/)
- [Azure Monitoring](/docs/send-data/collect-from-other-data-sources/azure-monitoring/)
- [Azure Network Interface](/docs/integrations/microsoft-azure/azure-network-interface/)
- [Azure Network Watcher](/docs/integrations/microsoft-azure/network-watcher/)
- [Azure Notification Hubs](/docs/integrations/microsoft-azure/azure-notification-hubs/)
- [Azure Public IP Addresses](/docs/integrations/microsoft-azure/azure-public-ipAddress/)
- [Azure Relay](/docs/integrations/microsoft-azure/azure-relay/)
- [Azure Security -Advisor](/docs/integrations/microsoft-azure/azure-security-advisor/)
- [Azure Security - Defender for Cloud](/docs/integrations/microsoft-azure/azure-security-defender-for-cloud/)
- [Azure Service Bus](/docs/integrations/microsoft-azure/azure-service-bus/)
- [Azure SQL](/docs/integrations/microsoft-azure/sql/)
- [Azure SQL Elastic Pool](/docs/integrations/microsoft-azure/azure-sql-elastic-pool/)
- [Azure SQL Managed Instance](/docs/integrations/microsoft-azure/azure-sql-managed-instance/)
- [Azure Storage](/docs/integrations/microsoft-azure/azure-storage/)
- [Azure Stream Analytics](/docs/integrations/microsoft-azure/azure-stream-analytics/)
- [Azure Synapse Analytics](/docs/integrations/microsoft-azure/azure-synapse-analytics/)
- [Azure Virtual Network](/docs/integrations/microsoft-azure/azure-virtual-network/)
- [Azure Web Apps](/docs/integrations/microsoft-azure/web-apps/)
Automation integration: [Azure AD](/docs/platform-services/automation-service/app-central/integrations/azure-ad/)
Collectors:
- [Azure Blob Storage](/docs/send-data/collect-from-other-data-sources/azure-blob-storage/block-blob/collect-logs)
- [Azure Event Hubs Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/)
- [Migrating to Azure Event Hubs Cloud-to-Cloud Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/azure-event-hubs-source-migration)
Webhook: [Webhook Connection for Microsoft Azure Functions](/docs/alerts/webhook-connections/microsoft-azure-functions/) | ## B diff --git a/sidebars.ts b/sidebars.ts index fea2006422..caaf4e558f 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -2198,6 +2198,7 @@ integrations: [ 'integrations/microsoft-azure/azure-notification-hubs', 'integrations/microsoft-azure/azure-public-ipAddress', 'integrations/microsoft-azure/azure-relay', + 'integrations/microsoft-azure/azure-security-advisor', 'integrations/microsoft-azure/azure-service-bus', 'integrations/microsoft-azure/azure-sql-elastic-pool', 'integrations/microsoft-azure/azure-sql-managed-instance', @@ -2206,6 +2207,7 @@ integrations: [ 'integrations/microsoft-azure/azure-synapse-analytics', 'integrations/microsoft-azure/azure-virtual-network', 'integrations/microsoft-azure/kubernetes', + 'integrations/microsoft-azure/azure-security-advisor', 'integrations/microsoft-azure/azure-security-defender-for-cloud', 'integrations/microsoft-azure/microsoft-dynamics365-customer-insights', 'integrations/microsoft-azure/network-watcher', diff --git a/static/img/integrations/microsoft-azure/azure-security-advisor.png b/static/img/integrations/microsoft-azure/azure-security-advisor.png new file mode 100644 index 0000000000..f660f77078 Binary files /dev/null and b/static/img/integrations/microsoft-azure/azure-security-advisor.png differ diff --git a/static/img/integrations/microsoft-azure/create-action-group.png b/static/img/integrations/microsoft-azure/create-action-group.png new file mode 100644 index 0000000000..41e4586300 Binary files /dev/null and b/static/img/integrations/microsoft-azure/create-action-group.png differ diff --git a/static/img/integrations/microsoft-azure/create-advisor-alert.png b/static/img/integrations/microsoft-azure/create-advisor-alert.png new file mode 100644 index 0000000000..574c2d765f Binary files /dev/null and b/static/img/integrations/microsoft-azure/create-advisor-alert.png differ