diff --git a/cid-redirects.json b/cid-redirects.json index c7730f3ecb..ebaf205bae 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1518,6 +1518,7 @@ "/cid/0523": "/docs/manage/manage-subscription/upgrade-sumo-logic-credits-account", "/cid/0524": "/docs/manage/manage-subscription/cloud-flex-legacy-accounts", "/cid/1000": "/docs/send-data/installed-collectors/sources/local-file-source", + "/cid/100000": "/docs/manage/deletion-requests", "/cid/100001": "/docs/search/get-started-with-search/build-search/search-templates", "/cid/100004": "/docs/search/get-started-with-search/build-search/keyword-search-expressions", "/cid/100005": "/docs/get-started/sign-up", diff --git a/docs/manage/deletion-requests.md b/docs/manage/deletion-requests.md new file mode 100644 index 0000000000..54fc5cfc96 --- /dev/null +++ b/docs/manage/deletion-requests.md @@ -0,0 +1,73 @@ +--- +id: deletion-requests +title: Deletion Requests +description: Learn how to independently and efficiently control or remove your sensitive data from Sumo Logic. +--- + + + + + +

Beta

+ +import useBaseUrl from '@docusaurus/useBaseUrl'; + +Deletion requests allow you to quickly and easily request the removal of ingested data from Sumo Logic. This is particularly useful for removing inadvertently ingested sensitive data. + +You can independently and swiftly remove sensitive data, mitigating compliance issues and potential data exposure without needing to contact Sumo Logic support. + +Key features: + +- **User-friendly deletion**. Easily delete data. +- **Multiple datasets and time ranges**. Flexible data management. +- **Customizable filters**. Tailor deletion to your needs. +- **Robust auditing mechanisms**. Ensure thorough tracking. + +## Create a deletion request + +:::warning +Deletion requests result in the permanent deletion of data. Once deleted, the data cannot be recovered. Ensure that you have appropriately backed up any necessary data before submitting a deletion request. +::: + +You can create a data deletion request from either the **Logs** tab or any **Log Search**. + +### From the Logs tab + +1. Go to **Manage Data** > **Logs** > **Deletion Requests**. +1. Click **+ Create Deletion Request**. +1. Fill out the **Name**, **Reason**, and **Filter Expression** fields. + :::note + Use the **Filter Expression** field to specify the criteria for the log messages you want to delete. The expression should match the content of the messages. For example, if you enter `Hello World`, all messages containing that specific phrase will be deleted. + ::: +1. Select the **Time Range** when the data was ingested. +1. When you're done, click **Save**. +1. Your request will go to a Sumo Logic Customer Support Manager (CSM) for review and approval. You can check on your request in the **Status** column.
deletion request status + +### From a Log Search + +1. From a **Log Search**, click the cog icon, then in the dropdown, select **Create Deletion Request**.
deletion request +1. In the popup window, enter a **Name** and **Reason** for your data deletion request, then click **Create Request**. + +## Cancel a deletion request + +To cancel a data deletion request: + +1. Go to **Deletion Requests**. +1. Select your request. +1. Click **Cancel Request**. + +screenshot showing how to cancel a deletion request + +## Limitations + +### Handling future ingestion of sensitive data + +Customers must manage the future ingestion of sensitive data using [processing rules](/docs/send-data/collection/processing-rules). Deletion requests will only apply to data that has already been indexed, not to data that will be ingested in the future. + +### Deletion scope + +Deletion is restricted to partitions and the default view (sumologic_default) in Sumo Logic. Deletion is currently not supported for other view types, such as [Scheduled Views](/docs/manage/scheduled-views) or ad hoc views created using the save view operator. Sensitive data may still be present in these unsupported views. + +### Deletion request limit + +Each deletion request is limited to 100,000 messages. This means that any deletion operation can only target up to 100,000 messages at a time. diff --git a/docs/manage/index.md b/docs/manage/index.md index ef69c662eb..85311ffd28 100644 --- a/docs/manage/index.md +++ b/docs/manage/index.md @@ -75,6 +75,14 @@ This topic describes features and options that give you administration over acco

Learn how to manage the ingestion of data by Sumo Logic.

+
icon

Scheduled Views

 diff --git a/static/img/search/get-started-search/deletion-request-cancel.png b/static/img/search/get-started-search/deletion-request-cancel.png new file mode 100644 index 0000000000..ea9327e3d7 Binary files /dev/null and b/static/img/search/get-started-search/deletion-request-cancel.png differ diff --git a/static/img/search/get-started-search/deletion-request-status.png b/static/img/search/get-started-search/deletion-request-status.png new file mode 100644 index 0000000000..442f4a22e9 Binary files /dev/null and b/static/img/search/get-started-search/deletion-request-status.png differ diff --git a/static/img/search/get-started-search/deletion-request.png b/static/img/search/get-started-search/deletion-request.png new file mode 100644 index 0000000000..401c9c6451 Binary files /dev/null and b/static/img/search/get-started-search/deletion-request.png differ