SUMO-252275: Adding monitor's information to OTEL Apps Set3 (#4912)

* SUMO-252275: Adding monitor's information to OTEL Apps Set3

* Update jfrog-artifactory-opentelemetry.md

* Update vmware-opentelemetry.md

* Update jfrog-artifactory-opentelemetry.md

* Update active-directory-json-opentelemetry.md

* Update jfrog-artifactory-opentelemetry.md

* release note updated

* minor fix

---------

Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com>
Co-authored-by: Himanshu Pal <hp.iiita@gmail.com>

Author: 3 people

blog-service/2024-12-31-apps.md

@@ -26,22 +26,8 @@ We’re excited to announce the release of new Azure Service Bus, Azure API Mana
 
 ### Enhancements 
 
-- We're excited to announce the release of the enhancements listed below for the Sumo Logic apps:
-    - **Cassandra - OpenTelemetry**. Added 9 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/cassandra-opentelemetry/#cassandra-alerts).
-    - **Couchbase - OpenTelemetry**. Added 6 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/couchbase-opentelemetry/#couchbase-alerts).
-    - **HAProxy - OpenTelemetry**. Added 5 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/web-servers/opentelemetry/haproxy-opentelemetry/#haproxy-alerts).
-    - **IIS - OpenTelemetry**. Added 10 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/web-servers/iis-10).
-    - **Linux - OpenTelemetry**. Added 7 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry/#sql-server-linux-alerts).
-    - **MariaDB - OpenTelemetry**. Added 5 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/mariadb-opentelemetry/#mariadb-alerts).
-    - **Memcached - OpenTelemetry**. Added 5 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/memcached-opentelemetry/#memcached-alerts).
-    - **MongoDB - OpenTelemetry**. Added 12 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/mongodb-opentelemetry/#mongodb-alerts).
-    - **Oracle - OpenTelemetry**. Added 12 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/oracle-opentelemetry/#oracle-alerts).
-    - **RabbitMQ - OpenTelemetry**. Added 6 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/containers-orchestration/opentelemetry/rabbitmq-opentelemetry/#rabbitmq-alerts).
-    - **Redis - OpenTelemetry**. Added 6 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/databases/opentelemetry/redis-opentelemetry/#redis-alerts).
-    - **Squid Proxy - OpenTelemetry**. Added 4 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/web-servers/opentelemetry/squid-proxy-opentelemetry/#squidproxy-alerts).
-    - **Varnish - OpenTelemetry**. Added 3 new monitors that will be triggered for different pre-defined conditions. [Learn more](/docs/integrations/web-servers/opentelemetry/varnish-opentelemetry/#varnish-alerts).
-     
-- **Block Blob**. Updated the Block Blob collection to support collection for Network Flow logs. The Network Security Group (NSG) flow logs will be removed on 30 September 2027. **From 30 June 2025, you will no longer be able to generate new NSG flow logs as part of this retirement**. For more details, refer to the Azure [documentation](https://learn.microsoft.com/en-us/azure/network-watcher/flow-logs-read?tabs=nsg).
+- **Added Monitors**. We have added new pre-configured monitors to the [Cassandra - OpenTelemetry](/docs/integrations/databases/opentelemetry/cassandra-opentelemetry/#cassandra-alerts), [Couchbase - OpenTelemetry](/docs/integrations/databases/opentelemetry/couchbase-opentelemetry/#couchbase-alerts), [HAProxy - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/haproxy-opentelemetry/#haproxy-alerts), [IIS - OpenTelemetry](/docs/integrations/web-servers/iis-10), [Linux - OpenTelemetry](/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry/#sql-server-linux-alerts), [MariaDB - OpenTelemetry](/docs/integrations/databases/opentelemetry/mariadb-opentelemetry/#mariadb-alerts), [Memcached - OpenTelemetry](/docs/integrations/databases/opentelemetry/memcached-opentelemetry/#memcached-alerts), [MongoDB - OpenTelemetry](/docs/integrations/databases/opentelemetry/mongodb-opentelemetry/#mongodb-alerts), [Oracle - OpenTelemetry](/docs/integrations/databases/opentelemetry/oracle-opentelemetry/#oracle-alerts), [RabbitMQ - OpenTelemetry](/docs/integrations/containers-orchestration/opentelemetry/rabbitmq-opentelemetry/#rabbitmq-alerts), [Redis - OpenTelemetry](/docs/integrations/databases/opentelemetry/redis-opentelemetry/#redis-alerts), [Squid Proxy - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/squid-proxy-opentelemetry/#squidproxy-alerts), [Varnish - OpenTelemetry](/docs/integrations/web-servers/opentelemetry/varnish-opentelemetry/#varnish-alerts), [JFrog Artifactory - OpenTelemetry](/docs/integrations/app-development/opentelemetry/jfrog-artifactory-opentelemetry), [VMWare - OpenTelemetry](/docs/integrations/containers-orchestration/opentelemetry/vmware-opentelemetry), and [Active Directory JSON - OpenTelemetry](/docs/integrations/microsoft-azure/opentelemetry/active-directory-json-opentelemetry) apps.     
+- **Azure Blob Storage (block blobs) Collection**. Updated the Block Blob collection to support collection for Network Flow logs. The Network Security Group (NSG) flow logs will be removed on 30 September 2027. **From 30 June 2025, you will no longer be able to generate new NSG flow logs as part of this retirement**. For more details, refer to the Azure [documentation](https://learn.microsoft.com/en-us/azure/network-watcher/flow-logs-read?tabs=nsg).
 - The apps listed below have been updated, and as part of the app installation flow, you can now create Cloud-to-Cloud sources:
     - [1Password](/docs/integrations/saas-cloud/1password/#collection-configuration-and-app-installation)
     - [Abnormal Security](/docs/integrations/saas-cloud/abnormal-security/#collection-configuration-and-app-installation)

docs/integrations/app-development/opentelemetry/jfrog-artifactory-opentelemetry.md

@@ -15,11 +15,15 @@ The Sumo Logic app for Artifactory provides insight into your [JFrog Artifactory
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Artifactory-OpenTelemetry/Artifactory-Schematics.png' alt="Artifactory-Schematics" />
 
+:::info
+This app includes [built-in monitors](#jfrog-artifactory-alerts). For details on creating custom monitors, refer to the [Create monitors for JFrog Artifactory app](#create-monitors-for-jfrog-artifactory-app).
+:::
+
 ## Fields creation in Sumo Logic for Artifactory
 
 Following are the Tags which will be created as part of Artifactory app install if not already present.
 
-* `sumo.datasource`. Has fixed value of **artifactory**
+* `sumo.datasource`. Has fixed value of **artifactory**.
 
 ## Prerequisites
 
@@ -244,3 +248,21 @@ import JfrogReq from '../../../reuse/apps/jfrog/artifactory-request-access.md';
 import JfrogTr from '../../../reuse/apps/jfrog/artifactory-traffic.md';
 
 <JfrogTr/>
+
+## Create monitors for JFrog Artifactory app
+
+import CreateMonitors from '../../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### JFrog Artifactory alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:--|:--|:--|:--|
+| `Artifactory - Excessive Denied Login Attempts` | This alert is triggered when there are multiple denied login attempts from the same IP or user. | Count `>` 5 | Count `<=` 5 |
+| `Artifactory - High 4xx Status Codes` | This alert is triggered when there's a high number of HTTP 4xx error responses. | Count `>` 10 | Count `<=` 10 |
+| `Artifactory - High 5xx Status Codes` | This alert is triggered when there's a high number of HTTP 5xx error responses. | Count `>` 10 | Count `<=` 10 |
+| `Artifactory - High Denied Deploys to Cached Repos` | This alert is triggered when there's a high number of denied deploy attempts to cached repositories. | Count `>` 5 | Count `<=` 5 |
+| `Artifactory - High Denied Deploys to Non-Cached Repos` | This alert is triggered when there's a spike in denied deploy attempts to non-cached repositories. | Count `>` 5 | Count `<=` 5 |
+| `Artifactory - High Denied Downloads` | This alert is triggered when there's a high number of denied download attempts. | Count `>` 5 | Count `<=` 5 |
+| `Artifactory - Slow HTTP Response Times` | This alert is triggered when Artifactory response times are high. | Count `>` 5 | Count `<=` 5 |

docs/integrations/containers-orchestration/opentelemetry/vmware-opentelemetry.md

@@ -21,7 +21,12 @@ See the [vSphere product page](https://www.vmware.com/products/vsphere.html) for
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/VMWare-OpenTelemetry/VMWare-Schematics.png' alt="Schematics" />
 
+:::info
+This app includes [built-in monitors](#vmware-alerts). For details on creating custom monitors, refer to the [Create monitors for JFrog Artifactory app](#create-monitors-for-vmware-app).
+:::
+
 ## Prerequisites
+
 VMWare metrics are collected through the [vCenter Receiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/vcenterreceiver) of OpenTelemetry.
 
 This receiver has been built to support ESXi and vCenter versions:
@@ -276,3 +281,22 @@ The **VMWare - VM Details** dashboard provides a detailed analysis of VM metrics
 - **Top 25 VMs Network Packet Rate**. Top 25 VMs Network transmitted/received packet rate.
 - **Top 25 VMs Network Packet Drop Rate**. Top 25 VMs Network transmitted/received packet drop rate.
 - **Top 25 VMs Memory Swapped**. Top 25 VMs Memory swapped.
+
+## Create monitors for VMWare app
+
+import CreateMonitors from '../../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### VMWare alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:--|:--|:--|:--|
+| `VMware - Datastore High Utilization` | This alert is triggered when datastore usage is approaching capacity. | Count `>=` 90 | Count `<` 90 |
+| `VMware - High Virtual Disk Read Latency` | This alert gets triggered on high virtual datastore read latency indicating storage performance issues. | Count `>=` 20 | Count `<` 20 |
+| `VMware - High Virtual Disk Write Latency` | This alert gets triggered on high virtual datastore write latency indicating storage performance issues. | Count `>=` 20 | Count `<` 20 |
+| `VMware - Host CPU High Utilization` | This alert is triggered when host CPU utilization is consistently high, which may impact VM performance. | Count `>=` 90 | Count `<` 90 |
+| `VMware - Host Memory Utilization` | This alert is triggered when host memory utilization is consistently high. | Count `>=` 95 | Count `<` 95 |
+| `VMware - VM CPU Ready Time High` | This alert gets triggered when VMs are waiting too long for CPU resources, indicating CPU contention. | Count `>=` 10 | Count `<` 10 |
+| `VMware - VM Memory Balloon Pressure` | This alert gets triggered when VMs are experiencing significant memory ballooning. | Count `>=` 1024 | Count `<` 1024 |
+

docs/integrations/microsoft-azure/opentelemetry/active-directory-json-opentelemetry.md

@@ -17,11 +17,15 @@ We recommend using the Active Directory JSON app in combination with the Windows
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Active-Directory-OpenTelemetry/Active-Directory-Schematics.png' alt="Schematics" />
 
+:::info
+This app includes [built-in monitors](#active-directory-alerts). For details on creating custom monitors, refer to the [Create monitors for Active Directory app](#create-monitors-for-active-directory-app).
+:::
+
 ## Fields creation in Sumo Logic for Active Directory
 
 Following are the [fields](/docs/manage/fields/) which will be created as part of Active Directory App install if not already present.
 
-**`sumo.datasource`** - Has fixed value of **activeDirectory**
+**`sumo.datasource`** - Has fixed value of **activeDirectory**.
 
 ### Event logs used by Active Directory app
 
@@ -180,3 +184,20 @@ The **Active Directory Service Activity** dashboard provides insights into overa
 The **Active Directory Service Failures** dashboard provides an at-a-glance view of success, failures, and audit failures overtime.
 
 <img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Active-Directory-OpenTelemetry/Active-Directory-Service-Failures.png' alt="Service Failures" />
+
+## Create monitors for Active Directory app
+
+import CreateMonitors from '../../../reuse/apps/create-monitors.md';
+
+<CreateMonitors/>
+
+### Active Directory alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:--|:--|:--|:--|
+| `Active Directory - Account Lockouts Spike` | This alert is triggered when there are multiple account lockouts in a short time period, indicating potential brute force attempts. | Count `>=` 5 | Count `<` 5 |
+| `Active Directory - Directory Service Failures` | This alert is triggered when there are critical Directory Service failures that could impact AD functionality. | Count `>=` 3 | Count `<` 3 |
+| `Active Directory - Mass User Account Deletions` | This alert triggers when multiple user accounts are deleted in a short time period, which could indicate malicious activity. | Count `>` 5 | Count `<=` 5 |
+| `Active Directory - NTLM Authentication Failures` | This alert is triggered when there are multiple NTLM authentication failures, which could indicate credential theft attempts. | Count `>=` 5 | Count `<` 5 |
+| `Active Directory - Replication Failures` | This alert triggers when AD replication failures occur, which can impact directory synchronization. | Count `>` 0 | Count `<=` 0 |
+| `Active Directory - Schema Modifications` | This alert is triggered when changes are made to the AD schema, which are rare and potentially high-impact changes. | Count `>` 0 | Count `<=` 0 |