From 84d1718cfc36fb2a9bb68b97b965956457df8518 Mon Sep 17 00:00:00 2001 From: Kim Pohas Date: Mon, 7 Jul 2025 15:15:56 -0400 Subject: [PATCH 1/3] Removed hard-coded docs site links --- blog-csoar/2024/12-31.md | 2 +- blog-service/2021/12-31.md | 18 +++++++++--------- blog-service/2025-05-05-alerts.md | 2 +- docs/api/service-accounts.md | 2 +- .../amazon-aws/amazon-elastic-block-store.md | 2 +- .../saas-cloud/trend-micro-vision-one.md | 10 +++++----- .../deploy-with-aws-cloudformation/index.md | 5 ++--- .../integrations/sumo-logic-cloud-siem.md | 2 +- .../integrations/sumo-logic-log-analytics.md | 2 +- docs/reuse/apps/app-install-index-option.md | 2 +- 10 files changed, 23 insertions(+), 24 deletions(-) diff --git a/blog-csoar/2024/12-31.md b/blog-csoar/2024/12-31.md index 9db409a584..1ef33c7c56 100644 --- a/blog-csoar/2024/12-31.md +++ b/blog-csoar/2024/12-31.md @@ -25,7 +25,7 @@ Effective today, **December 31, 2024**, Sumo Logic’s on-premises SOAR solution We [previously announced](/release-notes-csoar/2023/12/31/#november-1-2023---application-update) that as of November 15, 2023, Sumo Logic's on-premises SOAR solution no longer received updates, and Sumo Logic Engineering no longer developed, repaired, maintained, or tested the software as of that date. -To upgrade to Sumo Logic’s [Cloud SOAR](https://help.sumologic.com/docs/cloud-soar/) offering, reach out to your Sumo Logic representative. +To upgrade to Sumo Logic’s [Cloud SOAR](/docs/cloud-soar/) offering, reach out to your Sumo Logic representative. --- ### November 20, 2024 - Content Release diff --git a/blog-service/2021/12-31.md b/blog-service/2021/12-31.md index 83612a2e3c..5285c40a35 100644 --- a/blog-service/2021/12-31.md +++ b/blog-service/2021/12-31.md @@ -257,9 +257,9 @@ New - We have a new [ServiceNow connection](/docs/alerts/webhook-connections/s --- ## August 9, 2021 (Apps) -New - We are excited to release the Sumo Logic [Memcached](/docs/integrations/databases/memcached "https://help.sumologic.com/integrations/databases/Memcached") app. The Memcached app is a unified logs and metrics app that helps you monitor the availability, performance, health, and resource utilization of your Memcached clusters. Preconfigured dashboards provide insight into uptime, cache hits/misses, resource utilization, errors, and commands executed. +New - We are excited to release the Sumo Logic [Memcached](/docs/integrations/databases/memcached) app. The Memcached app is a unified logs and metrics app that helps you monitor the availability, performance, health, and resource utilization of your Memcached clusters. Preconfigured dashboards provide insight into uptime, cache hits/misses, resource utilization, errors, and commands executed. -Update - We have updated the Sumo Logic [Varnish](/docs/integrations/web-servers/varnish "https://help.sumologic.com/integrations/app-development/Varnish") app. The Varnish app provides dashboards that help you analyze log and metric events generated by Varnish servers. This app allows you to identify traffic sources, monitor and improve application and website workflows, and understand how customers use your product. +Update - We have updated the Sumo Logic [Varnish](/docs/integrations/web-servers/varnish) app. The Varnish app provides dashboards that help you analyze log and metric events generated by Varnish servers. This app allows you to identify traffic sources, monitor and improve application and website workflows, and understand how customers use your product. --- ## August 9, 2021 (Manage) @@ -274,12 +274,12 @@ New - The [Search Query Language](/docs/search/search-query-language "Search Q --- ## August 1, 2021 (Apps) -New - We are pleased to announce the release of the [Elasticsearch](/docs/integrations/databases/elasticsearch "https://help.sumologic.com/integrations/web-servers/Elasticsearch") app. The Elasticsearch app is a unified logs and metrics app that helps you monitor the availability, performance, health, and resource utilization of your Elasticsearch clusters. Preconfigured dashboards provide insight into cluster health, resource utilization, sharding, search, and index performance. +New - We are pleased to announce the release of the [Elasticsearch](/docs/integrations/databases/elasticsearch) app. The Elasticsearch app is a unified logs and metrics app that helps you monitor the availability, performance, health, and resource utilization of your Elasticsearch clusters. Preconfigured dashboards provide insight into cluster health, resource utilization, sharding, search, and index performance. --- ## July 21, 2021 (Apps) -Update - We've updated the [Apache Tomcat](/docs/integrations/web-servers/apache-tomcat "https://help.sumologic.com/integrations/web-servers/Apache_Tomcat") app. The Apache Tomcat app is a unified logs and metrics app that helps you monitor the availability, performance, health and resource utilization of your Apache Tomcat servers. Preconfigured dashboards provide insight into visitor locations, traffic patterns, errors, resource utilization, garbage collection, web server operations and access from known malicious sources. +Update - We've updated the [Apache Tomcat](/docs/integrations/web-servers/apache-tomcat) app. The Apache Tomcat app is a unified logs and metrics app that helps you monitor the availability, performance, health and resource utilization of your Apache Tomcat servers. Preconfigured dashboards provide insight into visitor locations, traffic patterns, errors, resource utilization, garbage collection, web server operations and access from known malicious sources. --- ## July 3, 2021 (Apps) @@ -376,9 +376,9 @@ New - Our [Cloud-to-Cloud Integration Framework](/docs/send-data/hosted-collec --- ## June 7, 2021 (Apps) -New - We are excited to announce the launch of the [Nginx Plus](/docs/integrations/web-servers/nginx-plus "https://help.sumologic.com/integrations/web-servers/nginx-plus") web server App. The app is an unified logs and metrics app that helps you monitor the availability, performance, health and resource utilization of your Nginx Plus web servers. Preconfigured dashboards and searches provide insight into server status, location zones, server zones, upstreams, resolvers, visitor locations, visitor access types, traffic patterns, errors, web server operations and access from known malicious sources. +New - We are excited to announce the launch of the [Nginx Plus](/docs/integrations/web-servers/nginx-plus) web server App. The app is an unified logs and metrics app that helps you monitor the availability, performance, health and resource utilization of your Nginx Plus web servers. Preconfigured dashboards and searches provide insight into server status, location zones, server zones, upstreams, resolvers, visitor locations, visitor access types, traffic patterns, errors, web server operations and access from known malicious sources. -Update - There is a new release for the [Microsoft SQL Server](/docs/integrations/microsoft-azure/sql-server "https://help.sumologic.com/integrations/microsoft-azure/Microsoft_SQL_Server") app. The is an unified logs and metrics app that provides insight into your SQL server performance metrics and errors. The App consists of predefined Dashboards, providing visibility into your environment for real-time or historical analysis on backup, latency, performance counter, restore, mirroring, database monitoring, general health and operations of your system. +Update - There is a new release for the [Microsoft SQL Server](/docs/integrations/microsoft-azure/sql-server) app. The is an unified logs and metrics app that provides insight into your SQL server performance metrics and errors. The App consists of predefined Dashboards, providing visibility into your environment for real-time or historical analysis on backup, latency, performance counter, restore, mirroring, database monitoring, general health and operations of your system. --- ## June 3, 2021 (Search) @@ -395,7 +395,7 @@ Update - You can use a [Windows Event Source to collect forwarded events](/docs --- ## June 2, 2021 (Apps) -Update - There is a new release for the [MongoDB](/docs/integrations/databases/mongodb "https://help.sumologic.com/integrations/databases/mongodb") app.The app now provides insight into your MongoDB environment, allowing you to track overall system health, queries, logins and connections, errors and warnings, replication, and sharding. +Update - There is a new release for the [MongoDB](/docs/integrations/databases/mongodb) app.The app now provides insight into your MongoDB environment, allowing you to track overall system health, queries, logins and connections, errors and warnings, replication, and sharding. --- ## June 1, 2021 (Search) @@ -452,11 +452,11 @@ New - The [CatchPoint](/docs/integrations/partner-ecosystem-apps) App for Sum **Cybereason** -New -  The [Cybereason](/docs/integrations/partner-ecosystem-apps "https://help.sumologic.com/integrations/partner-ecosystem-apps") App for Sumo Logic enables Security Operations teams to leverage the Cybereason Malop™ to detect and end attacks faster.  +New -  The [Cybereason](/docs/integrations/partner-ecosystem-apps) App for Sumo Logic enables Security Operations teams to leverage the Cybereason Malop™ to detect and end attacks faster.  **Nucleon** -New - [Nucleon](/docs/integrations/partner-ecosystem-apps "https://help.sumologic.com/integrations/partner-ecosystem-apps") is a distributed, high-performance invisible, and non-invasive platform that is tailored to secure environments from different common threats such as professional hacking groups, APTs, and others. The Nucleon App for Sumo Logic helps in identifying the overall number of threats, their sources by country, and their targeted segments(critical_infrastructure, energy, fintech, governments, health_care, municipality, general, telecom). +New - [Nucleon](/docs/integrations/partner-ecosystem-apps) is a distributed, high-performance invisible, and non-invasive platform that is tailored to secure environments from different common threats such as professional hacking groups, APTs, and others. The Nucleon App for Sumo Logic helps in identifying the overall number of threats, their sources by country, and their targeted segments(critical_infrastructure, energy, fintech, governments, health_care, municipality, general, telecom). **Workday App and Workday C2C source** diff --git a/blog-service/2025-05-05-alerts.md b/blog-service/2025-05-05-alerts.md index a68e80b176..eaf4d38700 100644 --- a/blog-service/2025-05-05-alerts.md +++ b/blog-service/2025-05-05-alerts.md @@ -12,6 +12,6 @@ The [previously announced](/release-notes-service/2024/12/31/#deprecation-notice - Existing Real-Time Scheduled Searches will continue to operate as-is. - Creating new Real-Time Scheduled Searches remains disabled (since May 29, 2024). -- For new real-time alerting use cases, we recommend using [Monitors](https://help.sumologic.com/docs/alerts/monitors/overview). +- For new real-time alerting use cases, we recommend using [Monitors](/docs/alerts/monitors/overview). [Learn more](/docs/alerts/scheduled-searches/create-real-time-alert). diff --git a/docs/api/service-accounts.md b/docs/api/service-accounts.md index 42479cfdb7..94d40e8841 100644 --- a/docs/api/service-accounts.md +++ b/docs/api/service-accounts.md @@ -36,4 +36,4 @@ The Service Accounts API allows you to manage service accounts. [Service account * User Management (all role capabilities) -Only administrators can create service accounts. If you are unsure whether you are an administrator, you can view your role in **Preferences** (see [Onboarding Checklists](https://help.sumologic.com/docs/get-started/onboarding-checklists/)). \ No newline at end of file +Only administrators can create service accounts. If you are unsure whether you are an administrator, you can view your role in **Preferences** (see [Onboarding Checklists](/docs/get-started/onboarding-checklists/)). diff --git a/docs/integrations/amazon-aws/amazon-elastic-block-store.md b/docs/integrations/amazon-aws/amazon-elastic-block-store.md index 416491a7b9..b722bf0df2 100644 --- a/docs/integrations/amazon-aws/amazon-elastic-block-store.md +++ b/docs/integrations/amazon-aws/amazon-elastic-block-store.md @@ -16,7 +16,7 @@ Amazon EBS is recommended for data that must be quickly accessible and requires * [CloudWatch Metrics](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using_cloudwatch_ebs.html) :::note -For [CloudTrail log](https://docs.aws.amazon.com/ebs/latest/userguide/logging-ebs-apis-using-cloudtrail.html), Amazon EBS and Amazon EC2 are tightly integrated services. Most EBS-related events are captured and reflected as part of EC2 events, since EBS volumes are typically attached to EC2 instances for storage and compute operations. See the [Amazon EC2 app](https://help.sumologic.com/docs/integrations/amazon-aws/ec2-cloudwatch-metrics/#events) for EBS related captured events. +For [CloudTrail log](https://docs.aws.amazon.com/ebs/latest/userguide/logging-ebs-apis-using-cloudtrail.html), Amazon EBS and Amazon EC2 are tightly integrated services. Most EBS-related events are captured and reflected as part of EC2 events, since EBS volumes are typically attached to EC2 instances for storage and compute operations. See the [Amazon EC2 app](/docs/integrations/amazon-aws/ec2-cloudwatch-metrics/#events) for EBS related captured events. ::: ## Setup diff --git a/docs/integrations/saas-cloud/trend-micro-vision-one.md b/docs/integrations/saas-cloud/trend-micro-vision-one.md index dc56c67b75..6c46ebf2e2 100644 --- a/docs/integrations/saas-cloud/trend-micro-vision-one.md +++ b/docs/integrations/saas-cloud/trend-micro-vision-one.md @@ -17,13 +17,13 @@ This app includes [built-in monitors](#trend-micro-vision-one-monitors). For det ## Log types -This app uses Sumo Logic’s Trend Micro Vision One Source to collect [alert logs](https://help.sumologic.com/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/trend-micro-source/) from the Trend Micro platform. +This app uses Sumo Logic’s Trend Micro Vision One Source to collect [alert logs](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/trend-micro-source/) from the Trend Micro platform. ## Sample log message
Alert Log - + ```json { "schemaVersion": "1.15", @@ -193,7 +193,7 @@ This app uses Sumo Logic’s Trend Micro Vision One Source to collect [alert log } ```
- + ## Sample queries ```sql title="Total Alerts" @@ -258,7 +258,7 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md'; ### Overview -The **Trend Micro Vision One - Overview** dashboard provides details on security alerts, their severity, status, and distribution across different categories and time periods. +The **Trend Micro Vision One - Overview** dashboard provides details on security alerts, their severity, status, and distribution across different categories and time periods. Use this dashboard to: @@ -278,7 +278,7 @@ import CreateMonitors from '../../reuse/apps/create-monitors.md'; The Trend Micro Vision One monitors serve as a security tool, concentrating on observing essential operations and unusual occurrences within the Trend Micro Platform. These notifications offer instantaneous insight into significant events, allowing security personnel to swiftly react to deviations or breaches. -| Name | Description | Trigger Type (Critical / Warning / MissingData) | Alert Condition | +| Name | Description | Trigger Type (Critical / Warning / MissingData) | Alert Condition | |:--|:--|:--|:--| | `Trend Micro Vision One - Credential Dumping Detection` | This alert is triggered if techniques aligned with MITRE ATT&CK `T1003` (Credential Dumping) is detected. Helps for early detection of compromised credentials. | Critical | Count > 0 | | `Trend Micro Vision One - Critical Severity Alerts` | This alert is triggered if critical and high-severity alerts are detected that need urgent attention. | Critical | Count > 0| diff --git a/docs/observability/aws/deploy-use-aws-observability/deploy-with-aws-cloudformation/index.md b/docs/observability/aws/deploy-use-aws-observability/deploy-with-aws-cloudformation/index.md index 1dd88786d9..17471e88ab 100644 --- a/docs/observability/aws/deploy-use-aws-observability/deploy-with-aws-cloudformation/index.md +++ b/docs/observability/aws/deploy-use-aws-observability/deploy-with-aws-cloudformation/index.md @@ -130,8 +130,8 @@ The table below displays the response for each text box in this section. | Existing Sumo Logic Lambda CloudWatch Logs Source API URL | Required you already collect AWS Lambda CloudWatch logs. Provide the existing Sumo Logic AWS Lambda CloudWatch Source API URL. The account, region and namespace fields will be added to the Source. For information on how to determine the URL, see [View or Download Source JSON Configuration](/docs/send-data/use-json-configure-sources/local-configuration-file-management/view-download-source-json-configuration.md). | | Subscribe log groups to destination (lambda or kinesis firehose delivery stream) | | | Regex for AWS Log Groups | Default Value: **aws/(lambda\|apigateway\|rds)**
With default value, log group names matching with lambda or rds will be subscribed and ingesting cloudwatch logs into sumo logic.
Enter a regex for matching log group names. For more information, see [Configuring parameters](/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters) in the *Auto-Subscribe ARN (Amazon Resource Name) Destination* topic. -| Tags for filtering CloudWatch Log Groups | Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed. Visit https://help.sumologic.com/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters | - +| Tags for filtering CloudWatch Log Groups | Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed. Visit [Configuring parameters](/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters). | + :::note * Don't use forward slashes (`/`) to encapsulate the regex. While normally they are needed for raw code, it's not necessary here. * Use regex `.*` for auto-subscribing all log groups. @@ -260,4 +260,3 @@ AWS Observability hierarchy is auto-populated based on the metrics ingested into ### Redeploying the AWS Observability CloudFormation template with existing Sumo Logic resources from a previous deployment **Ensure that you delete the Sumo Logic resources completely prior to redeployment.** If you have **Delete Sumo Logic Resources when stack is deleted** set to "True", then the Sumo Logic resources will automatically be removed while deleting the AWS Observability CloudFormation template. If you have **Delete Sumo Logic Resources when stack is deleted** set to "False", then the Sumo Logic resources **will not** be removed while deleting the AWS Observability CloudFormation template. If you do not delete the Sumo Logic resources prior to redeployment (that is, collectors and sources), then subsequent deployments may attempt to use the existing resources, which can result in collection issues. This is not recommended. - diff --git a/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem.md b/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem.md index 51a685aa27..9f4779775c 100644 --- a/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem.md +++ b/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem.md @@ -81,7 +81,7 @@ import AccessKey from '../../../../reuse/automation-service/access-key.md'; * * **Signals Daemon Query**. Enter the query to be executed in daemons. -* **API Rate Limit Sleep (s)**. Enter the API rate limit in seconds. If the API rate limit exceeded, wait for 1 second and then attempt a retry, with a maximum wait time of 10. more info at https://help.sumologic.com/docs/api/metrics/#rate-limiting. +* **API Rate Limit Sleep (s)**. Enter the API rate limit in seconds. If the API rate limit exceeded, wait for 1 second and then attempt a retry, with a maximum wait time of 10. More info at [Rate limiting](/docs/api/metrics/#rate-limiting). * **Custom Field Interval Name (Close Insight Trigger)**. This field is only used within the Close Insight Trigger as a custom field for insight ID in Cloud SOAR, for example, `opt_1`. diff --git a/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics.md b/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics.md index 51d0651b3a..a51e8ae87b 100644 --- a/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics.md +++ b/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics.md @@ -52,7 +52,7 @@ import AccessKey from '../../../../reuse/automation-service/access-key.md'; * **Daemon Query**. Enter the query to be executed in daemons. * * -* **API Rate Limit Sleep (s)**. Enter the API rate limit in seconds. If the API rate limit exceeded, wait for 1 second and then attempt a retry, with a maximum wait time of 10. more info at https://help.sumologic.com/docs/api/metrics/#rate-limiting. +* **API Rate Limit Sleep (s)**. Enter the API rate limit in seconds. If the API rate limit exceeded, wait for 1 second and then attempt a retry, with a maximum wait time of 10. More info at [Rate limiting](/docs/api/metrics/#rate-limiting). * * diff --git a/docs/reuse/apps/app-install-index-option.md b/docs/reuse/apps/app-install-index-option.md index 5b2ff0ecff..b3a4e665ca 100644 --- a/docs/reuse/apps/app-install-index-option.md +++ b/docs/reuse/apps/app-install-index-option.md @@ -10,7 +10,7 @@ To install the app, do the following: ::: 1. Click **Next** in the **Setup Data** section. 1. In the **Configure App** section of your respective app, complete the following field. - 1. **Index**. Specify value for _index if the collection is configured with custom partition. [Learn more](https://help.sumologic.com/docs/search/optimize-search-partitions). Default value is set to `sumologic_default` (default partition) + 1. **Index**. Specify value for _index if the collection is configured with custom partition. [Learn more](/docs/search/optimize-search-partitions). Default value is set to `sumologic_default` (default partition) 1. Click **Next**. You will be redirected to the **Preview & Done** section. **Post-installation** From 354181c50218acbecf5297b2b262022afd97def7 Mon Sep 17 00:00:00 2001 From: "Kim (Sumo Logic)" <56411016+kimsauce@users.noreply.github.com> Date: Tue, 8 Jul 2025 15:24:18 -0400 Subject: [PATCH 2/3] Update docs/integrations/saas-cloud/trend-micro-vision-one.md --- docs/integrations/saas-cloud/trend-micro-vision-one.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/saas-cloud/trend-micro-vision-one.md b/docs/integrations/saas-cloud/trend-micro-vision-one.md index 6c46ebf2e2..500a214d95 100644 --- a/docs/integrations/saas-cloud/trend-micro-vision-one.md +++ b/docs/integrations/saas-cloud/trend-micro-vision-one.md @@ -258,7 +258,7 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md'; ### Overview -The **Trend Micro Vision One - Overview** dashboard provides details on security alerts, their severity, status, and distribution across different categories and time periods. +The **Trend Micro Vision One - Overview** dashboard provides details on security alerts, their severity, status, and distribution across different categories and time periods. Use this dashboard to: From c60fd7832e561e75e21b11f2cd3e3622f3f51d4c Mon Sep 17 00:00:00 2001 From: "Kim (Sumo Logic)" <56411016+kimsauce@users.noreply.github.com> Date: Tue, 8 Jul 2025 15:24:26 -0400 Subject: [PATCH 3/3] Update docs/integrations/saas-cloud/trend-micro-vision-one.md --- docs/integrations/saas-cloud/trend-micro-vision-one.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/saas-cloud/trend-micro-vision-one.md b/docs/integrations/saas-cloud/trend-micro-vision-one.md index 500a214d95..6cf1468333 100644 --- a/docs/integrations/saas-cloud/trend-micro-vision-one.md +++ b/docs/integrations/saas-cloud/trend-micro-vision-one.md @@ -278,7 +278,7 @@ import CreateMonitors from '../../reuse/apps/create-monitors.md'; The Trend Micro Vision One monitors serve as a security tool, concentrating on observing essential operations and unusual occurrences within the Trend Micro Platform. These notifications offer instantaneous insight into significant events, allowing security personnel to swiftly react to deviations or breaches. -| Name | Description | Trigger Type (Critical / Warning / MissingData) | Alert Condition | +| Name | Description | Trigger Type (Critical / Warning / MissingData) | Alert Condition | |:--|:--|:--|:--| | `Trend Micro Vision One - Credential Dumping Detection` | This alert is triggered if techniques aligned with MITRE ATT&CK `T1003` (Credential Dumping) is detected. Helps for early detection of compromised credentials. | Critical | Count > 0 | | `Trend Micro Vision One - Critical Severity Alerts` | This alert is triggered if critical and high-severity alerts are detected that need urgent attention. | Critical | Count > 0|