From 551f79936972accf06c7c06ba76ca693b292cb96 Mon Sep 17 00:00:00 2001 From: Kim Pohas Date: Sun, 23 Jun 2024 12:19:38 -0700 Subject: [PATCH 1/4] /docs/integrations headers --- docs/integrations/amazon-aws/s3-audit.md | 2 +- docs/integrations/app-development/jenkins.md | 2 +- .../integrations/app-development/jfrog-xray.md | 2 +- .../windows.md | 2 +- docs/integrations/databases/mongodb-atlas.md | 2 +- docs/integrations/google/cloud-iam.md | 18 ++++++++---------- .../microsoft-azure/windows-json.md | 2 +- docs/integrations/saas-cloud/asana.md | 2 +- docs/integrations/saas-cloud/dropbox.md | 2 +- docs/integrations/saas-cloud/miro.md | 2 +- .../symantec-web-security-service.md | 2 +- docs/integrations/saas-cloud/workday.md | 2 +- docs/integrations/saml/onelogin.md | 2 +- .../evident-security-platform.md | 2 +- .../security-threat-detection/f5-big-ip-ltm.md | 2 +- .../security-threat-detection/netskope.md | 2 +- .../security-threat-detection/twistlock.md | 2 +- docs/integrations/webhooks/hasura.md | 2 +- docs/integrations/webhooks/ilert.md | 2 +- docs/integrations/webhooks/mailgun.md | 2 +- docs/integrations/webhooks/neoload.md | 2 +- docs/integrations/webhooks/netlify.md | 2 +- docs/integrations/webhooks/postman.md | 2 +- docs/integrations/webhooks/sentry.md | 2 +- docs/integrations/webhooks/split.md | 2 +- docs/integrations/webhooks/squadcast.md | 2 +- docs/integrations/webhooks/stripe.md | 2 +- .../installed-collectors/configuration.md | 6 +++--- 28 files changed, 37 insertions(+), 39 deletions(-) diff --git a/docs/integrations/amazon-aws/s3-audit.md b/docs/integrations/amazon-aws/s3-audit.md index 6c2a037125..8cfaabe097 100644 --- a/docs/integrations/amazon-aws/s3-audit.md +++ b/docs/integrations/amazon-aws/s3-audit.md @@ -22,7 +22,7 @@ The server access log files consist of a sequence of new-line delimited log reco 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be mybucket [06/Feb/2014:00:00:38 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be 3E57427F3EXAMPLE REST.GET.VERSIONING - "GET /mybucket?versioning HTTP/1.1" 200 - 113 - 7 - "-" "S3Console/0.4" - 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be mybucket [06/Feb/2014:00:00:38 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be 891CE47D2EXAMPLE REST.GET.LOGGING_STATUS - "GET /mybucket?logging HTTP/1.1" 200 - 242 - 11 - "-" "S3Console/0.4" - 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be mybucket [06/Feb/2014:00:00:38 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be A1206F460EXAMPLE REST.GET.BUCKETPOLICY - "GET /mybucket?policy HTTP/1.1" 404 NoSuchBucketPolicy 297 - 38 - "-" "S3Console/0.4" - 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be mybucket [06/Feb/2014:00:01:00 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be 7B4A0FABBEXAMPLE REST.GET.VERSIONING - "GET /mybucket?versioning HTTP/1.1" 200 - 113 - 33 - "-" "S3Console/0.4" - 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be mybucket [06/Feb/2014:00:01:57 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be DD6CC733AEXAMPLE REST.PUT.OBJECT s3-dg.pdf "PUT /mybucket/s3-dg.pdf HTTP/1.1" 200 - - 4406583 41754 28 "-" "S3Console/0.4" - 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be mybucket [06/Feb/2014:00:03:21 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be BC3C074D0EXAMPLE REST.GET.VERSIONING - "GET /mybucket?versioning HTTP/1.1" 200 - 113 - 28 - "-" "S3Console/0.4" - ``` -### Sample query +### Sample queries ```sql | parse "* * [*] * * * * * \"* HTTP/1.1\" * * * * * * * \"*\" *" as bucket_owner, bucket, time, remoteIP, requester, request_ID, operation, key, request_URI, status_code, error_code, bytes_sent, object_size, total_time, turn_time, referrer, user_agent, version_ID diff --git a/docs/integrations/app-development/jenkins.md b/docs/integrations/app-development/jenkins.md index 85b3f4a3e8..9020059fa1 100644 --- a/docs/integrations/app-development/jenkins.md +++ b/docs/integrations/app-development/jenkins.md @@ -262,7 +262,7 @@ The Jenkins app uses the following log types: -### Sample query +### Sample queries This sample query is from the **Jobs in Progress** panel of the **Jenkins - Job Overview** dashboard. diff --git a/docs/integrations/app-development/jfrog-xray.md b/docs/integrations/app-development/jfrog-xray.md index d23ee9e25f..2102dd70c1 100644 --- a/docs/integrations/app-development/jfrog-xray.md +++ b/docs/integrations/app-development/jfrog-xray.md @@ -73,7 +73,7 @@ The JFrog Xray app uses the following log types: -### Query Sample +### Sample queries The sample query is from Watches Invoked panel of the **JFrog Xray - Overview** dashboard. diff --git a/docs/integrations/cloud-security-monitoring-analytics/windows.md b/docs/integrations/cloud-security-monitoring-analytics/windows.md index 5c59045bf7..2ae9dcec07 100644 --- a/docs/integrations/cloud-security-monitoring-analytics/windows.md +++ b/docs/integrations/cloud-security-monitoring-analytics/windows.md @@ -57,7 +57,7 @@ The Windows - Cloud Security Monitoring and Analytics app uses Windows Security } ``` -### Sample query +### Sample queries The sample query is from the **Recent Policy Changes** panel from **Windows - Overview** dashboard. diff --git a/docs/integrations/databases/mongodb-atlas.md b/docs/integrations/databases/mongodb-atlas.md index 600682199d..5707b28706 100644 --- a/docs/integrations/databases/mongodb-atlas.md +++ b/docs/integrations/databases/mongodb-atlas.md @@ -221,7 +221,7 @@ For more information, see [https://docs.atlas.mongodb.com/refer...-measurements/ -### Sample query +### Sample queries This sample query is from the MongoDB Atlas Audit dashboard > Recent Audit Events panel. diff --git a/docs/integrations/google/cloud-iam.md b/docs/integrations/google/cloud-iam.md index f8aadec2d6..80896ec984 100644 --- a/docs/integrations/google/cloud-iam.md +++ b/docs/integrations/google/cloud-iam.md @@ -82,11 +82,9 @@ The Google Cloud IAM App uses [Google Cloud Audit Logs](https://cloud.google.com -### Query sample +### Sample queries -**Added roles over time** - -```sql +```sql title="Added roles over time" _collector="HTTP Source for GCP Pub/Sub" logName resource timestamp | json "message.data.resource.type" as type | parse regex "\s+\"logName\":\"(?\S+)\"" @@ -112,7 +110,7 @@ The GCP service generates logs which are exported and published to a Google Pub/ Google integrations -### Configuring collection for GCP uses the following process: +### Configuring collection for GCP uses the following process 1. Configure a GCP source on a hosted collector. You'll obtain the **HTTP URL for the source**. 2. Create a topic in Google Pub/Sub and subscribe the GCP source URL to that topic. @@ -139,13 +137,13 @@ This Source will be a Google Pub/Sub-only Source, which means that it will only 1. In the main Sumo Logic menu, select **Manage Data > Collection > Collection**. 2. Select an existing Hosted Collector upon which to add the Source. If you do not already have a Collector you'd like to use, create one, using the instructions on [Configure a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). 3. Click **Add Source** next to the Hosted Collector and click **Google Cloud Platform**. -4. Enter a **Name** to display for the Source. A **Description** is optional.
Google integrations +4. Enter a **Name** to display for the Source. A **Description** is optional.
Google integrations 5. **Source Host** (Optional). The Source Host value is tagged to each log and stored in a searchable [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field called _sourceHost. Avoid using spaces so you do not have to quote them in [keyword search expressions](/docs/search/get-started-with-search/build-search/keyword-search-expressions.md). This can be a maximum of 128 characters. 6. **Source Category** (Optional). The Source Category value is tagged to each log and stored in a searchable [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field called `_sourceCategory`. See our [Best Practices: Good Source Category, Bad Source Category](/docs/send-data/best-practices). Avoid using spaces so you do not have to quote them in [keyword search expressions](/docs/search/get-started-with-search/build-search/keyword-search-expressions.md). This can be a maximum of 1,024 characters. 7. **Fields**. Click the **+Add Field** link to add custom log metadata [Fields](/docs/manage/fields), then define the fields you want to associate. Each field needs a name (key) and value. Look for one of the following icons and act accordingly: - * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) If an orange triangle with an exclamation point is shown, use the option to automatically add or enable the nonexistent fields before proceeding to the next step. The orange icon indicates that the field doesn't exist, or is disabled, in the Fields table schema. If a field is sent to Sumo that does not exist in the Fields schema or is disabled it is ignored, known as dropped. - * ![green check circle.png](/img/reuse/green-check-circle.png) If a green circle with a checkmark is shown, the field exists and is already enabled in the Fields table schema. Proceed to the next step. -8. **Advanced Options for Logs**.
Google integrations + * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) If an orange triangle with an exclamation point is shown, use the option to automatically add or enable the nonexistent fields before proceeding to the next step. The orange icon indicates that the field doesn't exist, or is disabled, in the Fields table schema. If a field is sent to Sumo that does not exist in the Fields schema or is disabled it is ignored, known as dropped. + * ![green check circle.png](/img/reuse/green-check-circle.png) If a green circle with a checkmark is shown, the field exists and is already enabled in the Fields table schema. Proceed to the next step. +8. **Advanced Options for Logs**.
Google integrations * **Timestamp Parsing**. This option is selected by default. If it's deselected, no timestamp information is parsed at all. * **Time Zone**. There are two options for Time Zone. You can use the time zone present in your log files, and then choose an option in case time zone information is missing from a log message. Or, you can have Sumo Logic completely disregard any time zone information present in logs by forcing a time zone. It's very important to have the proper time zone set, no matter which option you choose. If the time zone of logs cannot be determined, Sumo Logic assigns logs UTC; if the rest of your logs are from another time zone your search results will be affected. * **Timestamp Format**. By default, Sumo Logic will automatically detect the timestamp format of your logs. However, you can manually specify a timestamp format for a Source. See [Timestamps, Time Zones, Time Ranges, and Date Formats](/docs/send-data/reference-information/time-reference) for more information. @@ -183,7 +181,7 @@ We recommend the following: In this step you export logs to the Pub/Sub topic you created in the previous step. -1. Go to **Logging** and click **Logs Router**.
Google integrations +1. Go to **Logging** and click **Logs Router**.
Google integrations 2. Click **Create Sink**.
Google integrations 3. As part of **Create logs routing sink**, add the following information. 1. Enter a Sink Name. For example, "gce-vm-instance". diff --git a/docs/integrations/microsoft-azure/windows-json.md b/docs/integrations/microsoft-azure/windows-json.md index 5a59453b7f..27cb192de6 100644 --- a/docs/integrations/microsoft-azure/windows-json.md +++ b/docs/integrations/microsoft-azure/windows-json.md @@ -64,7 +64,7 @@ Custom event channels, such as PowerShell or Internet Explorer are also supporte } ``` -### Sample query +### Sample queries The sample query is from the **Recent Policy Changes** panel from **Windows - Overview** dashboard. diff --git a/docs/integrations/saas-cloud/asana.md b/docs/integrations/saas-cloud/asana.md index 9c42b46aba..52f947cbd2 100644 --- a/docs/integrations/saas-cloud/asana.md +++ b/docs/integrations/saas-cloud/asana.md @@ -53,7 +53,7 @@ This app uses Asana Source to collect [Audit Logs](https://developers.asana.com/ } ``` -### Sample query +### Sample queries ```sql title="Events by App Authorization" _sourceCategory="asana-app" diff --git a/docs/integrations/saas-cloud/dropbox.md b/docs/integrations/saas-cloud/dropbox.md index 9b97e3675a..549c28bdea 100644 --- a/docs/integrations/saas-cloud/dropbox.md +++ b/docs/integrations/saas-cloud/dropbox.md @@ -92,7 +92,7 @@ The Dropbox App for Sumo Logic uses [Team events from Dropbox](https://www.dropb } ``` -### Sample query +### Sample queries ```sql title="Active Team Members" _sourceCategory="dropboxSource" diff --git a/docs/integrations/saas-cloud/miro.md b/docs/integrations/saas-cloud/miro.md index 6d9d2c7ca7..0879e3e3fb 100644 --- a/docs/integrations/saas-cloud/miro.md +++ b/docs/integrations/saas-cloud/miro.md @@ -54,7 +54,7 @@ This App uses Sumo Logic’s Miro Source to collect [Audit Logs](https://develop "id": "450256789" } ``` -## Sample query +## Sample queries ```sql title="Total Phishing Security Tests" _sourceCategory=miro diff --git a/docs/integrations/saas-cloud/symantec-web-security-service.md b/docs/integrations/saas-cloud/symantec-web-security-service.md index 98ee2913d8..c2d989926c 100644 --- a/docs/integrations/saas-cloud/symantec-web-security-service.md +++ b/docs/integrations/saas-cloud/symantec-web-security-service.md @@ -51,7 +51,7 @@ This app uses [Symantec Web Security Service](/docs/send-data/hosted-collectors/ ] } ``` -## Sample query +## Sample queries ```sql title="Unique Inbound Domains" _sourceCategory=swssDev diff --git a/docs/integrations/saas-cloud/workday.md b/docs/integrations/saas-cloud/workday.md index 4085111f26..9560b25e62 100644 --- a/docs/integrations/saas-cloud/workday.md +++ b/docs/integrations/saas-cloud/workday.md @@ -58,7 +58,7 @@ Workday app logs are all in JSON format. The Workday app uses two types of logs } ``` -### Sample query +### Sample queries The query sample provided in this section is from the **Failed Login Reasons** panel of the **Workday - Login Activity** dashboard. diff --git a/docs/integrations/saml/onelogin.md b/docs/integrations/saml/onelogin.md index 27a00cb720..db7b8120f2 100644 --- a/docs/integrations/saml/onelogin.md +++ b/docs/integrations/saml/onelogin.md @@ -109,7 +109,7 @@ Each event is a single-line JSON, containing information such as: } ``` -## Sample query +## Sample queries ```sql title="Name - Events by User" _sourceCategory=onelogin diff --git a/docs/integrations/security-threat-detection/evident-security-platform.md b/docs/integrations/security-threat-detection/evident-security-platform.md index f520578f96..63aa74c71b 100644 --- a/docs/integrations/security-threat-detection/evident-security-platform.md +++ b/docs/integrations/security-threat-detection/evident-security-platform.md @@ -181,7 +181,7 @@ For details on the log format and definitions, refer to Evident.io documentation -### Sample query +### Sample queries ```sql title="Alerts by Status" _sourceCategory=security_evident diff --git a/docs/integrations/security-threat-detection/f5-big-ip-ltm.md b/docs/integrations/security-threat-detection/f5-big-ip-ltm.md index fbd4e27b30..07f041020e 100644 --- a/docs/integrations/security-threat-detection/f5-big-ip-ltm.md +++ b/docs/integrations/security-threat-detection/f5-big-ip-ltm.md @@ -35,7 +35,7 @@ The F5 - BIG-IP Local Traffic Manager (LTM) app uses event logs with payloads, a } ``` -### Sample query +### Sample queries The following query sample is from the **F5 - BIG-IP LTM - Overview** Dashboard, **Pool Status** panel. diff --git a/docs/integrations/security-threat-detection/netskope.md b/docs/integrations/security-threat-detection/netskope.md index f8800509b8..588f5bb404 100644 --- a/docs/integrations/security-threat-detection/netskope.md +++ b/docs/integrations/security-threat-detection/netskope.md @@ -83,7 +83,7 @@ To collect logs from the Netskope platform, use the [new Cloud-to-Cloud Integrat -### Sample query +### Sample queries The following query sample was is from the Total Sessions panel of the Application Overview Dashboard. diff --git a/docs/integrations/security-threat-detection/twistlock.md b/docs/integrations/security-threat-detection/twistlock.md index 1e591c14e2..1a1ff590d3 100644 --- a/docs/integrations/security-threat-detection/twistlock.md +++ b/docs/integrations/security-threat-detection/twistlock.md @@ -84,7 +84,7 @@ image_name="registry-auth.twistlock.com/tw_blm0yiaqqwvgimnirx1x0iczg9xoslag/twis compliance="0" ``` -### Sample query +### Sample queries The following query sample is from the **Vulnerability Scan Events by Severity** panel in the **Twistlock - Overview** dashboard. diff --git a/docs/integrations/webhooks/hasura.md b/docs/integrations/webhooks/hasura.md index 0f4177a100..a1f246ea9d 100644 --- a/docs/integrations/webhooks/hasura.md +++ b/docs/integrations/webhooks/hasura.md @@ -56,7 +56,7 @@ The Sumo Logic integration for Hasura ingests events into Sumo Logic through an } } ``` -### Sample query +### Sample queries ```sql _sourceCategory="webhook/hasura" diff --git a/docs/integrations/webhooks/ilert.md b/docs/integrations/webhooks/ilert.md index 9e9256c0e1..43a0be07ad 100644 --- a/docs/integrations/webhooks/ilert.md +++ b/docs/integrations/webhooks/ilert.md @@ -65,7 +65,7 @@ The Sumo Logic integration for iLert ingests alert events into Sumo Logic throug } ``` -### Sample query +### Sample queries ```sql _sourceCategory="webhook/ilert" diff --git a/docs/integrations/webhooks/mailgun.md b/docs/integrations/webhooks/mailgun.md index 5ba0795af2..c97ead14e7 100644 --- a/docs/integrations/webhooks/mailgun.md +++ b/docs/integrations/webhooks/mailgun.md @@ -65,7 +65,7 @@ The Sumo Logic integration for Mailgun ingests email events into Sumo Logic thro } ``` -### Sample query +### Sample queries ```sql _sourceCategory="webhook/mailgun" diff --git a/docs/integrations/webhooks/neoload.md b/docs/integrations/webhooks/neoload.md index 093f384129..799517b4bc 100644 --- a/docs/integrations/webhooks/neoload.md +++ b/docs/integrations/webhooks/neoload.md @@ -42,7 +42,7 @@ The Sumo Logic integration for NeoLoad ingests web events into Sumo Logic throug } ``` -### Sample query +### Sample queries ```sql _sourceCategory="webhook/neoload" diff --git a/docs/integrations/webhooks/netlify.md b/docs/integrations/webhooks/netlify.md index cfc4d55f05..cb9d320b6c 100644 --- a/docs/integrations/webhooks/netlify.md +++ b/docs/integrations/webhooks/netlify.md @@ -114,7 +114,7 @@ The Sumo Logic app for Netlify ingests site deployment events into Sumo Logic th ``` -### Sample query +### Sample queries ```sql _sourceCategory="webhook/netlify" "name" diff --git a/docs/integrations/webhooks/postman.md b/docs/integrations/webhooks/postman.md index e6f3c91eb8..fce71ca4a2 100644 --- a/docs/integrations/webhooks/postman.md +++ b/docs/integrations/webhooks/postman.md @@ -67,7 +67,7 @@ The Sumo Logic app for Postman ingests Postman events into Sumo Logic through an } ``` -### Sample query +### Sample queries ```sql _sourceCategory=webhook/postman "collection" "_postman_id" diff --git a/docs/integrations/webhooks/sentry.md b/docs/integrations/webhooks/sentry.md index a0816ae84f..9f8b34747f 100644 --- a/docs/integrations/webhooks/sentry.md +++ b/docs/integrations/webhooks/sentry.md @@ -511,7 +511,7 @@ The Sumo Logic app for Sentry ingests Sentry events into Sumo Logic through an o ``` -### Sample query +### Sample queries ```sql _sourceCategory="webhook/sentry" "project_slug" diff --git a/docs/integrations/webhooks/split.md b/docs/integrations/webhooks/split.md index ba52a26b7f..ecdf775457 100644 --- a/docs/integrations/webhooks/split.md +++ b/docs/integrations/webhooks/split.md @@ -87,7 +87,7 @@ The Sumo Logic app for Split ingests Split events into Sumo Logic through an out ``` -### Sample query +### Sample queries ```sql _sourceCategory=webhook/split type auditLogType diff --git a/docs/integrations/webhooks/squadcast.md b/docs/integrations/webhooks/squadcast.md index ba53115373..29093b3d41 100644 --- a/docs/integrations/webhooks/squadcast.md +++ b/docs/integrations/webhooks/squadcast.md @@ -147,7 +147,7 @@ The Sumo Logic app for Squadcast ingests events into Sumo Logic through an outgo ``` -### Sample query +### Sample queries ```sql _sourceCategory=webhook/squadcast type "incident.triggered" diff --git a/docs/integrations/webhooks/stripe.md b/docs/integrations/webhooks/stripe.md index 665a6a6f18..e838768a50 100644 --- a/docs/integrations/webhooks/stripe.md +++ b/docs/integrations/webhooks/stripe.md @@ -53,7 +53,7 @@ The Sumo Logic app for Stripe ingests Stripe events into Sumo Logic through an o } ``` -### Sample query +### Sample queries ```sql _sourcecategory=webhook/stripe object diff --git a/docs/send-data/installed-collectors/configuration.md b/docs/send-data/installed-collectors/configuration.md index 3ab55cf007..6b76690fde 100644 --- a/docs/send-data/installed-collectors/configuration.md +++ b/docs/send-data/installed-collectors/configuration.md @@ -1,7 +1,7 @@ --- id: configuration -title: Installed Collector Configuration -description: Learn how to install and configure Collectors to gather data to send to Sumo Logic, and read about deployment options and volume limitations. +title: Configure an Installed Collector +description: Learn how to install and configure an Installed Collector to gather data to send to Sumo Logic, and read about deployment options and volume limitations. --- An Installed Collector is a Java agent that receives logs and metrics from its Sources and then encrypts, compresses, and sends the data to the Sumo service. @@ -10,7 +10,7 @@ As the name implies, an Installed Collector is installed in your environment, as A Sumo Source is an object configured for a specific Collector that sends data to Sumo Logic. There are a number of Source types that work with Installed Collectors. For a list of all Sources supported by Installed Collectors, see [Sources for Installed Collectors](/docs/send-data/installed-collectors/sources). -See [How to choose a collector](/docs/send-data/choose-collector-source) for guidance on when to use a single or multiple Installed Collectors. +See [How to Choose a Collector](/docs/send-data/choose-collector-source) for guidance on when to use a single or multiple Installed Collectors. :::note The maximum number of Collectors allowed per organization is 10,000. From 28fab5373f677373769ec5321ac699fe948ec345 Mon Sep 17 00:00:00 2001 From: Kim Pohas Date: Sun, 30 Jun 2024 23:04:26 -0700 Subject: [PATCH 2/4] Fix headers --- docs/contributing/templates/partner-app.md | 2 +- .../amazon-aws/application-load-balancer.md | 2 +- .../cis-aws-foundations-benchmark.md | 2 +- .../amazon-aws/classic-load-balancer.md | 2 +- docs/integrations/amazon-aws/cloudfront.md | 2 +- .../amazon-aws/cloudtrail-pci-compliance.md | 2 +- docs/integrations/amazon-aws/cloudtrail.md | 2 +- docs/integrations/amazon-aws/config.md | 2 +- docs/integrations/amazon-aws/cost-explorer.md | 4 +- .../amazon-aws/ec2-cloudwatch-metrics.md | 4 +- .../amazon-aws/eks-control-plane.md | 2 +- .../amazon-aws/elastic-load-balancing.md | 2 +- .../global-intelligence-cloudtrail-devops.md | 2 +- .../global-intelligence-cloudtrail-secops.md | 2 +- docs/integrations/amazon-aws/guardduty.md | 2 +- .../amazon-aws/kinesis-streams.md | 2 +- docs/integrations/amazon-aws/lambda.md | 2 +- .../amazon-aws/network-firewall.md | 2 +- docs/integrations/amazon-aws/rds.md | 2 +- docs/integrations/amazon-aws/s3-audit.md | 4 +- docs/integrations/amazon-aws/security-hub.md | 2 +- docs/integrations/amazon-aws/sns.md | 2 +- docs/integrations/amazon-aws/sqs.md | 2 +- docs/integrations/amazon-aws/waf.md | 2 +- .../integrations/app-development/bitbucket.md | 6 +-- docs/integrations/app-development/github.md | 4 +- docs/integrations/app-development/gitlab.md | 6 +-- .../app-development/jfrog-artifactory.md | 2 +- .../app-development/jfrog-xray.md | 2 +- .../app-development/jira-cloud.md | 2 +- docs/integrations/app-development/jira.md | 2 +- .../amazon-guardduty.md | 2 +- .../aws-cloudtrail.md | 2 +- .../aws-waf.md | 2 +- .../palo-alto-firewall-10.md | 2 +- .../windows.md | 2 +- .../containers-orchestration/activemq.md | 2 +- .../containers-orchestration/kafka.md | 4 +- .../kubernetes-control-plane.md | 2 +- .../opentelemetry/docker-opentelemetry.md | 2 +- .../containers-orchestration/rabbitmq.md | 2 +- .../containers-orchestration/strimzi-kafka.md | 4 +- docs/integrations/databases/cassandra.md | 2 +- docs/integrations/databases/couchbase.md | 2 +- docs/integrations/databases/elasticsearch.md | 2 +- docs/integrations/databases/mariadb.md | 2 +- docs/integrations/databases/memcached.md | 2 +- docs/integrations/databases/mongodb.md | 2 +- docs/integrations/databases/mysql.md | 4 +- .../opentelemetry/cassandra-opentelemetry.md | 2 +- .../opentelemetry/couchbase-opentelemetry.md | 2 +- .../opentelemetry/mysql-opentelemetry.md | 2 +- .../opentelemetry/postgresql-opentelemetry.md | 2 +- docs/integrations/databases/postgresql.md | 8 +-- docs/integrations/databases/redis.md | 2 +- .../global-intelligence/apache-tomcat.md | 2 +- .../global-intelligence/kubernetes-devops.md | 2 +- docs/integrations/google/cloud-audit.md | 2 +- docs/integrations/google/cloud-storage.md | 2 +- docs/integrations/google/cloud-vpc.md | 2 +- docs/integrations/google/kubernetes-engine.md | 2 +- docs/integrations/microsoft-azure/iis-7.md | 2 +- .../microsoft-azure/kubernetes.md | 2 +- .../microsoft-graph-identity-protection.md | 2 +- .../microsoft-azure/office-365.md | 2 +- .../sql-server-linux-opentelemetry.md | 2 +- .../opentelemetry/sql-server-opentelemetry.md | 2 +- .../microsoft-azure/performance.md | 2 +- .../microsoft-azure/sql-server.md | 2 +- docs/integrations/microsoft-azure/sql.md | 2 +- docs/integrations/microsoft-azure/teams.md | 2 +- docs/integrations/microsoft-azure/web-apps.md | 2 +- .../microsoft-azure/windows-json.md | 2 +- .../windows-json-opentelemetry.md | 2 +- docs/integrations/saas-cloud/acquia.md | 2 +- docs/integrations/saas-cloud/armis.md | 2 +- docs/integrations/saas-cloud/citrix-cloud.md | 2 +- docs/integrations/saas-cloud/dropbox.md | 2 +- .../saas-cloud/gmail-tracelogs.md | 4 +- docs/integrations/saas-cloud/istio.md | 2 +- docs/integrations/saas-cloud/miro.md | 2 +- docs/integrations/saas-cloud/opsgenie.md | 2 +- docs/integrations/saas-cloud/pagerduty-v2.md | 6 +-- docs/integrations/saas-cloud/pagerduty-v3.md | 4 +- docs/integrations/saml/auth0.md | 2 +- docs/integrations/saml/okta.md | 2 +- docs/integrations/saml/onelogin.md | 2 +- .../akamai-security-events.md | 2 +- .../barracuda-waf.md | 2 +- .../security-threat-detection/cisco-asa.md | 2 +- .../cloudpassage-halo.md | 2 +- .../crowdstrike-falcon-endpoint-protection.md | 4 +- .../security-threat-detection/cylance.md | 2 +- .../security-threat-detection/duo-security.md | 2 +- .../evident-security-platform.md | 4 +- .../f5-big-ip-ltm.md | 4 +- .../palo-alto-networks-9.md | 2 +- .../sumo-apps/enterprise-audit.md | 54 +++++++++---------- .../integrations/web-servers/apache-tomcat.md | 2 +- docs/integrations/web-servers/apache.md | 2 +- docs/integrations/web-servers/haproxy.md | 2 +- docs/integrations/web-servers/heroku.md | 2 +- docs/integrations/web-servers/iis-10.md | 2 +- .../integrations/web-servers/nginx-ingress.md | 2 +- .../web-servers/nginx-plus-ingress.md | 2 +- docs/integrations/web-servers/nginx-plus.md | 2 +- docs/integrations/web-servers/nginx.md | 2 +- docs/integrations/web-servers/squid-proxy.md | 2 +- docs/integrations/web-servers/varnish.md | 2 +- docs/integrations/webhooks/netlify.md | 2 +- docs/integrations/webhooks/postman.md | 2 +- docs/integrations/webhooks/sentry.md | 2 +- docs/integrations/webhooks/split.md | 2 +- docs/integrations/webhooks/squadcast.md | 2 +- docs/integrations/webhooks/stripe.md | 2 +- 115 files changed, 163 insertions(+), 161 deletions(-) diff --git a/docs/contributing/templates/partner-app.md b/docs/contributing/templates/partner-app.md index 508899bb7e..efa96bfa3a 100644 --- a/docs/contributing/templates/partner-app.md +++ b/docs/contributing/templates/partner-app.md @@ -27,7 +27,7 @@ The `{AppName}` App uses... \Enter a list of log types, usually hyperlinked to vendor docs.\ -## Sample Log and Metrics messages +## Sample log and metrics messages ### Log message diff --git a/docs/integrations/amazon-aws/application-load-balancer.md b/docs/integrations/amazon-aws/application-load-balancer.md index db49a036f4..3374292232 100644 --- a/docs/integrations/amazon-aws/application-load-balancer.md +++ b/docs/integrations/amazon-aws/application-load-balancer.md @@ -62,7 +62,7 @@ account="account" region="region" namespace="AWS/ApplicationELB" account="account" region="region" Namespace="AWS/ApplicationELB" loadbalancer="loadbalancer" AvailabilityZone=* TargetGroup=* metric=HTTPCode_Target_5XX_Count Statistic=Sum | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, TargetGroup, AvailabilityZone ``` -## Collecting Logs and Metrics for the AWS Application Load Balancer +## Collecting logs and metrics for the AWS Application Load Balancer ### Collecting Metrics diff --git a/docs/integrations/amazon-aws/cis-aws-foundations-benchmark.md b/docs/integrations/amazon-aws/cis-aws-foundations-benchmark.md index c9dabfd64b..712d2b4aec 100644 --- a/docs/integrations/amazon-aws/cis-aws-foundations-benchmark.md +++ b/docs/integrations/amazon-aws/cis-aws-foundations-benchmark.md @@ -19,7 +19,7 @@ The Sumo Logic for CIS AWS Foundations Benchmark App maps to Section 3 (Monitori The Sumo Logic App for CIS AWS Foundations Benchmark uses [CloudTrail](/docs/integrations/amazon-aws/cloudtrail.md) logs. For details on the specifics of which attributes are used, refer to Section 3 (Monitoring) of the [CIS AWS Benchmarks Foundation](https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf). -## Collecting Logs for the CIS AWS Foundation Benchmark App +## Collecting logs for the CIS AWS Foundation Benchmark App ### Configure Collector and Source diff --git a/docs/integrations/amazon-aws/classic-load-balancer.md b/docs/integrations/amazon-aws/classic-load-balancer.md index 54f197fdce..6af89f3f5b 100644 --- a/docs/integrations/amazon-aws/classic-load-balancer.md +++ b/docs/integrations/amazon-aws/classic-load-balancer.md @@ -63,7 +63,7 @@ Statistic=Sum | sum by account, region, namespace, loadbalancername ``` -## Collecting Logs and Metrics for the AWS Classic Load Balancer +## Collecting logs and metrics for the AWS Classic Load Balancer ### Collect Metrics for AWS Classic Load Balancer diff --git a/docs/integrations/amazon-aws/cloudfront.md b/docs/integrations/amazon-aws/cloudfront.md index 5f547b5f4d..6aa56260d0 100644 --- a/docs/integrations/amazon-aws/cloudfront.md +++ b/docs/integrations/amazon-aws/cloudfront.md @@ -28,7 +28,7 @@ _sourceCategory= aws/cf | parse "*\t*\t*\t*\t*\t*\t*\t*\t*\t*\t*\t*\t*\t*\t*" as | sort by count ``` -## Collecting Logs for the Amazon CloudFront app +## Collecting logs for the Amazon CloudFront app ### Prerequisites diff --git a/docs/integrations/amazon-aws/cloudtrail-pci-compliance.md b/docs/integrations/amazon-aws/cloudtrail-pci-compliance.md index b555703583..3464602ce3 100644 --- a/docs/integrations/amazon-aws/cloudtrail-pci-compliance.md +++ b/docs/integrations/amazon-aws/cloudtrail-pci-compliance.md @@ -12,7 +12,7 @@ The Sumo Logic App for Payment Card Industry (PCI) Compliance for AWS CloudTrail -## Collecting Logs for the PCI Compliance for AWS CloudTrail App +## Collecting logs for the PCI Compliance for AWS CloudTrail App This section provides instructions for collecting logs for the the PCI Compliance for AWS CloudTrail App. diff --git a/docs/integrations/amazon-aws/cloudtrail.md b/docs/integrations/amazon-aws/cloudtrail.md index 2bbece9936..3f9aa49bb8 100644 --- a/docs/integrations/amazon-aws/cloudtrail.md +++ b/docs/integrations/amazon-aws/cloudtrail.md @@ -64,7 +64,7 @@ Before you begin, you must configure AWS CloudTrail logging to an S3 bucket in y 2. Confirm that logs are being delivered to the Amazon S3 bucket. -## Collecting Logs for the AWS CloudTrail App +## Collecting logs for the AWS CloudTrail App This section has instructions for configuring log collection for the AWS CloudTrail app. If you have more than one environment that generates CloudTrail data (such as ops, dev, and so on) you’ll need to configure a separate S3 Source for each environment. Learn more [here](#configuring-the-aws-cloudtrail-app-in-multiple-environments). diff --git a/docs/integrations/amazon-aws/config.md b/docs/integrations/amazon-aws/config.md index c2fc57e4e9..3012351c6b 100644 --- a/docs/integrations/amazon-aws/config.md +++ b/docs/integrations/amazon-aws/config.md @@ -71,7 +71,7 @@ _sourceCategory=AWS_Config Notification ConfigurationItemChangeNotification | sort _count ``` -## Collecting Logs for the AWS Config App +## Collecting logs for the AWS Config App ### Prerequisites diff --git a/docs/integrations/amazon-aws/cost-explorer.md b/docs/integrations/amazon-aws/cost-explorer.md index 1855e4e4fb..05b8a9ac52 100644 --- a/docs/integrations/amazon-aws/cost-explorer.md +++ b/docs/integrations/amazon-aws/cost-explorer.md @@ -16,7 +16,7 @@ The Sumo Logic App for AWS Cost Explorer lets you visualize, understand, and man The **AWS Cost Explorer** App uses the JSON formatted logs collected using **AWS Cost Explorer** source. -### Sample Log +### Sample log messages ```json { @@ -56,7 +56,7 @@ When you create an AWS Cost Explorer collector Source, you add it to an existing ## Field-in-Field Schema 1. In the main Sumo Logic menu, select **Manage Data > Logs > Fields**. -1. Search for the **account** and **linkedaccount** field. +1. Search for the **account** and **linkedaccount** field. 1. If not present, create it. Learn how to create and manage fields [here](/docs/manage/fields#manage-fields). ## Field Extraction Rules diff --git a/docs/integrations/amazon-aws/ec2-cloudwatch-metrics.md b/docs/integrations/amazon-aws/ec2-cloudwatch-metrics.md index 13d2ad1359..e80bc14e4d 100644 --- a/docs/integrations/amazon-aws/ec2-cloudwatch-metrics.md +++ b/docs/integrations/amazon-aws/ec2-cloudwatch-metrics.md @@ -21,7 +21,7 @@ This section describes the AWS EC2 app's data sources and instructions for setti For details on the metrics of AWS EC2, see [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html). -### Sample log +### Sample log messages ```json title="Sample CloudTrail Log" { @@ -155,7 +155,7 @@ To configure a CloudTrail Source, perform these steps: ### Field in Field Schema 1. In the main Sumo Logic menu, select **Manage Data > Logs > Fields**. -1. Search for the “**instanceid**” field. +1. Search for the “**instanceid**” field. 1. If not present, create it. Learn how to create and manage fields [here](/docs/manage/fields.md#manage-fields). diff --git a/docs/integrations/amazon-aws/eks-control-plane.md b/docs/integrations/amazon-aws/eks-control-plane.md index 03a18fe928..3008d2c54a 100644 --- a/docs/integrations/amazon-aws/eks-control-plane.md +++ b/docs/integrations/amazon-aws/eks-control-plane.md @@ -124,7 +124,7 @@ and _sourceName = kube-apiserver-audit* | limit 10 ``` -## Collecting Logs and Metrics for the Amazon EKS - Control Plane app +## Collecting logs and metrics for the Amazon EKS - Control Plane app This section has instructions for collecting logs and metrics for the Sumo app for Amazon EKS - Control Plane. This is a two step process: * Setting up collection and installing the Sumo Logic Kubernetes app. diff --git a/docs/integrations/amazon-aws/elastic-load-balancing.md b/docs/integrations/amazon-aws/elastic-load-balancing.md index 99a4f34028..78673f5fba 100644 --- a/docs/integrations/amazon-aws/elastic-load-balancing.md +++ b/docs/integrations/amazon-aws/elastic-load-balancing.md @@ -47,7 +47,7 @@ _sourceCategory=elb* ``` -## Collecting Logs for the AWS Elastic Load Balancing App +## Collecting logs for the AWS Elastic Load Balancing App This procedure documents how to enable access to your Amazon Web Services (AWS) Elastic Load Balancing (ELB) logs and ingest them into Sumo Logic. diff --git a/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops.md b/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops.md index 990cb7a128..d707cea328 100644 --- a/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops.md +++ b/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops.md @@ -146,7 +146,7 @@ on t1.denomGroup = t2.denomGroup -## Collecting Logs for the Global Intelligence for AWS CloudTrail DevOps App +## Collecting logs for the Global Intelligence for AWS CloudTrail DevOps App If you already have AWS CloudTrail logs flowing into Sumo Logic, you can skip the steps in this section and go to [Installing the App](#installing-the-global-intelligence-for-aws-cloudtrail-devops-app). diff --git a/docs/integrations/amazon-aws/global-intelligence-cloudtrail-secops.md b/docs/integrations/amazon-aws/global-intelligence-cloudtrail-secops.md index e74e557a18..e5e0ef9de6 100644 --- a/docs/integrations/amazon-aws/global-intelligence-cloudtrail-secops.md +++ b/docs/integrations/amazon-aws/global-intelligence-cloudtrail-secops.md @@ -355,7 +355,7 @@ _sourceCategory=Labs/AWS/CloudTrail/Analytics In some cases, your query results may show `"HIDDEN_DUE_TO_SECURITY_REASONS"` as the value of the `userName` field. That's because AWS does not log the user name that was entered when a sign-in failure is caused by an incorrect user name. -## Collecting Logs for the GI for AWS CloudTrail SecOps App +## Collecting logs for the GI for AWS CloudTrail SecOps App This section provides an overview of the log collection process and instructions for configuring log collection for the Sumo Logic App for Gl CloudTrail. diff --git a/docs/integrations/amazon-aws/guardduty.md b/docs/integrations/amazon-aws/guardduty.md index 7d450e0d88..bb9281f975 100644 --- a/docs/integrations/amazon-aws/guardduty.md +++ b/docs/integrations/amazon-aws/guardduty.md @@ -176,7 +176,7 @@ _sourceCategory=aws/guardduty -## Collecting Logs for the Amazon GuardDuty App +## Collecting logs for the Amazon GuardDuty App This section has instructions for collecting logs for the Amazon GuardDuty App. diff --git a/docs/integrations/amazon-aws/kinesis-streams.md b/docs/integrations/amazon-aws/kinesis-streams.md index df8d41018d..d7d27121f2 100644 --- a/docs/integrations/amazon-aws/kinesis-streams.md +++ b/docs/integrations/amazon-aws/kinesis-streams.md @@ -64,7 +64,7 @@ _sourceCategory=aws/kinesis* "kinesis.amazonaws.com" errorCode | count by error_code, error_msg, eventName, userName, sourceIPAddress ``` -## Collecting Logs and Metrics for the Amazon Kinesis - Streams app +## Collecting logs and metrics for the Amazon Kinesis - Streams app ### Collecting Metrics diff --git a/docs/integrations/amazon-aws/lambda.md b/docs/integrations/amazon-aws/lambda.md index 6ad909f7e3..d1d6aa573d 100644 --- a/docs/integrations/amazon-aws/lambda.md +++ b/docs/integrations/amazon-aws/lambda.md @@ -137,7 +137,7 @@ account={{account}} region={{region}} Namespace={{namespace}} namespace=aws/lambda metric=Errors statistic=Sum account=* region=* functionname=* Resource=* | su ``` -## Collecting Logs for the AWS Lambda App +## Collecting logs for the AWS Lambda App This section provides instructions for setting up log and metric collection. diff --git a/docs/integrations/amazon-aws/network-firewall.md b/docs/integrations/amazon-aws/network-firewall.md index b96bac1c31..d976e83cf8 100644 --- a/docs/integrations/amazon-aws/network-firewall.md +++ b/docs/integrations/amazon-aws/network-firewall.md @@ -24,7 +24,7 @@ Before you begin, you must: 3. [Grant Sumo Logic Access to the Amazon S3 Bucket](/docs/send-data/hosted-collectors/amazon-aws/grant-access-aws-product). -## Collecting Logs for AWS Network Firewall +## Collecting logs for AWS Network Firewall This section has instructions for collecting logs for the Sumo Logic App for AWS Network Firewall Logs. diff --git a/docs/integrations/amazon-aws/rds.md b/docs/integrations/amazon-aws/rds.md index 1a81298efb..45c5ea187e 100644 --- a/docs/integrations/amazon-aws/rds.md +++ b/docs/integrations/amazon-aws/rds.md @@ -270,7 +270,7 @@ account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error | sort by _timeslice ``` -## Collecting Logs and Metrics for the Amazon RDS app +## Collecting logs and metrics for the Amazon RDS app Sumo Logic supports collecting metrics using two source types: * Configure an [AWS Kinesis Firehose for Metrics Source](/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-metrics-source) (Recommended); or diff --git a/docs/integrations/amazon-aws/s3-audit.md b/docs/integrations/amazon-aws/s3-audit.md index 8cfaabe097..f92cffe217 100644 --- a/docs/integrations/amazon-aws/s3-audit.md +++ b/docs/integrations/amazon-aws/s3-audit.md @@ -14,7 +14,7 @@ Amazon Simple Storage Service (S3) provides a simple web services interface that Amazon S3 Audit uses Server Access Logs (activity logs). For more information, see [Amazon S3 server access log format](http://docs.aws.amazon.com/AmazonS3/latest/dev/LogFormat.html). -### Sample log message +### Sample log messages The server access log files consist of a sequence of new-line delimited log records. Each log record represents one request and consists of space delimited fields. The following is an example log consisting of six log records. @@ -30,7 +30,7 @@ The server access log files consist of a sequence of new-line delimited log reco | count by operation ``` -## Collecting Logs for the Amazon S3 Audit app +## Collecting logs for the Amazon S3 Audit app Amazon Simple Storage Service (S3) provides a simple web services interface that can be used to store and retrieve any amount of data from anywhere on the web. diff --git a/docs/integrations/amazon-aws/security-hub.md b/docs/integrations/amazon-aws/security-hub.md index d838cbb9c5..7548991adf 100644 --- a/docs/integrations/amazon-aws/security-hub.md +++ b/docs/integrations/amazon-aws/security-hub.md @@ -212,7 +212,7 @@ To deploy an AWS Security Hub App collector: 6. Scroll to the bottom of the window and click **Deploy**. -### Sample Log +### Sample log messages ```json title="AWS Security Hub log" { diff --git a/docs/integrations/amazon-aws/sns.md b/docs/integrations/amazon-aws/sns.md index 70260b5cee..6887f70fe1 100644 --- a/docs/integrations/amazon-aws/sns.md +++ b/docs/integrations/amazon-aws/sns.md @@ -73,7 +73,7 @@ account={{account}} region={{region}} namespace={{namespace}} "\"eventsource\":\ account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfMessagesPublished Statistic=Sum | sum ``` -## Collecting Logs and Metrics for the Amazon SNS app +## Collecting logs and metrics for the Amazon SNS app ### Collecting Metrics for Amazon SNS diff --git a/docs/integrations/amazon-aws/sqs.md b/docs/integrations/amazon-aws/sqs.md index c29cf4a74d..2ed836e886 100644 --- a/docs/integrations/amazon-aws/sqs.md +++ b/docs/integrations/amazon-aws/sqs.md @@ -90,7 +90,7 @@ account=* region=* namespace=aws/sqs eventname eventsource "sqs.amazonaws.com" | top 10 username by event_count, username asc ``` -## Collecting Logs and Metrics for the Amazon SQS app +## Collecting logs and metrics for the Amazon SQS app ### Collect Metrics for AmazonSQS diff --git a/docs/integrations/amazon-aws/waf.md b/docs/integrations/amazon-aws/waf.md index bf92a72852..617a6f3f0d 100644 --- a/docs/integrations/amazon-aws/waf.md +++ b/docs/integrations/amazon-aws/waf.md @@ -62,7 +62,7 @@ _sourceCategory=AWS/WAF {{client_ip}} | lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=clientip ``` -## Collecting Logs for the AWS WAF app +## Collecting logs for the AWS WAF app Follow the "Before you begin" section in the "Collect Logs" help page and then use the in-product instructions in Sumo Logic to set up the app. diff --git a/docs/integrations/app-development/bitbucket.md b/docs/integrations/app-development/bitbucket.md index 2cf94c7a55..572bb5a3dc 100644 --- a/docs/integrations/app-development/bitbucket.md +++ b/docs/integrations/app-development/bitbucket.md @@ -14,7 +14,7 @@ The Sumo Logic App for Bitbucket provides insights to development teams into how The Bitbucket App supports only Bitbucket Cloud. -## Event Types +## Event types Sumo Logic analyzes the following required types of logs for more efficient monitoring. @@ -41,7 +41,7 @@ Refer to the [event documentation](https://confluence.atlassian.com/bitbucket/ev For log samples, refer to [Bitbucket Event Documentation](https://confluence.atlassian.com/bitbucket/event-payloads-740262817.html) -### Sample Log +### Sample log messages **Deploy Events** are triggered whenever code is pushed to test, staging, or production environments. * Success Code Deploys @@ -98,7 +98,7 @@ _sourceCategory="bitbucket" production deploymentEnvironment pipe_result_link d ``` -## Collecting Logs for Bitbucket App +## Collecting logs for Bitbucket App This section provides instructions for configuring log collection for the Bitbucket App. Configuring log collection consists of the following tasks: diff --git a/docs/integrations/app-development/github.md b/docs/integrations/app-development/github.md index fab5bfb228..d9c10c71e7 100644 --- a/docs/integrations/app-development/github.md +++ b/docs/integrations/app-development/github.md @@ -22,7 +22,7 @@ Make sure not to select the same webhook event type at multiple levels (i.e., en This app includes dashboards for GHAS, but to be able to ingest GHAS events you must have a separate GHAS license. -## Event Types +## Event types The Sumo Logic App for GitHub ingests GitHub events via a webhook. Sumo Logic ingests all events, but only uses the following events in the Dashboards: * Fork @@ -116,7 +116,7 @@ GitHub sends all fields in the payload, documented according to [Event Type](htt ``` -## Collecting Logs for GitHub +## Collecting logs for GitHub The Sumo Logic App for GitHub connects to your GitHub repository at the Organization or Repository level and ingests GitHub events via a webhook. These events populate the preconfigured dashboards to give you a complete overview of your GitHub’s branch, issues, pull requests, user activity, and security events. diff --git a/docs/integrations/app-development/gitlab.md b/docs/integrations/app-development/gitlab.md index 3cc3c3ba27..a742b16295 100644 --- a/docs/integrations/app-development/gitlab.md +++ b/docs/integrations/app-development/gitlab.md @@ -12,7 +12,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; The Sumo Logic App for GitLab provides you a complete overview of your GitLab’s builds, deployments, pipelines, issues, merge requests, and commits. The integration listens for GitLab events and uses the event data to populate the pre-configured Dashboards. -## Event Types +## Event types The Sumo Logic App for GitLab ingests GitLab events using a webhook. Sumo Logic ingests all events, but only uses the following events in the Dashboards: @@ -26,7 +26,7 @@ The Sumo Logic App for GitLab ingests GitLab events using a webhook. Sumo Logic For information on GitLab events, refer to [GitLab documentation](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html). For troubleshooting, see the [GitLab Troubleshooting](#troubleshooting) section. -### Sample Logs +### Sample log messages For more information about log messages, see [GitLab documentation](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html). @@ -47,7 +47,7 @@ _sourceCategory="sumo/GitLab" and _collector="GitLab" %"x-GitLab-event"="Merge R ``` -## Collecting Logs for the GitLab App +## Collecting logs for the GitLab App This guide provides instructions for collecting logs for the Sumo Logic App for GitLab. diff --git a/docs/integrations/app-development/jfrog-artifactory.md b/docs/integrations/app-development/jfrog-artifactory.md index aa55055f37..72aee61807 100644 --- a/docs/integrations/app-development/jfrog-artifactory.md +++ b/docs/integrations/app-development/jfrog-artifactory.md @@ -37,7 +37,7 @@ For each JFrog service, you will find its active log files in the `$JFROG_HOME/< For more information, see JFrog's [Artifactory Log Files](https://www.jfrog.com/confluence/display/JFROG/Logging) and [Access Logs](https://www.jfrog.com/confluence/display/JFROG/Access+Log) documentation. -### Sample logs +### Sample log messages ```json title="Traffic" 20201322001341|d29f485ce89ehh3i|0|DOWNLOAD|167.208.229.190 diff --git a/docs/integrations/app-development/jfrog-xray.md b/docs/integrations/app-development/jfrog-xray.md index 2102dd70c1..632f218cc3 100644 --- a/docs/integrations/app-development/jfrog-xray.md +++ b/docs/integrations/app-development/jfrog-xray.md @@ -90,7 +90,7 @@ _sourceCategory = Labs/jfrog/xray | count_distinct(WatchName) as %"Number of Watches" ``` -## Collecting Logs for JFrog Xray +## Collecting logs for JFrog Xray This section explains how to collect logs from JFrog Xray and ingest them into Sumo Logic for use with the JFrog Xray pre-defined dashboards and searches. To get the most of out this app, we recommend you also collect logs from Artifactory as well as Kubernetes. diff --git a/docs/integrations/app-development/jira-cloud.md b/docs/integrations/app-development/jira-cloud.md index 4abe9cb638..765d7d5ae8 100644 --- a/docs/integrations/app-development/jira-cloud.md +++ b/docs/integrations/app-development/jira-cloud.md @@ -60,7 +60,7 @@ _sourceCategory="jira_cloud" *issue* ``` -## Collecting Logs for the Jira Cloud App +## Collecting logs for the Jira Cloud App This section provides instructions for configuring log collection for the Jira Cloud App. diff --git a/docs/integrations/app-development/jira.md b/docs/integrations/app-development/jira.md index df0127df25..bf83ffdf66 100644 --- a/docs/integrations/app-development/jira.md +++ b/docs/integrations/app-development/jira.md @@ -378,7 +378,7 @@ _sourceCategory=Jira/events (user_created or user_deleted or user_updated) -## Collecting Logs for the Jira app +## Collecting logs for the Jira app This section has instructions for collecting logs from Jira for the Sumo app for Jira. diff --git a/docs/integrations/cloud-security-monitoring-analytics/amazon-guardduty.md b/docs/integrations/cloud-security-monitoring-analytics/amazon-guardduty.md index 4aa8fe93ba..621052c9d8 100644 --- a/docs/integrations/cloud-security-monitoring-analytics/amazon-guardduty.md +++ b/docs/integrations/cloud-security-monitoring-analytics/amazon-guardduty.md @@ -11,7 +11,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; The focus of GuardDuty is on protecting AWS accounts, workloads, and data with intelligent threat detection. The corresponding Sumo Logic dashboards are designed to surface the most relevant security insights from that data to yield actionable processes to tackle specific security concerns within your AWS infrastructure. Utilizing this app allows you to stay ahead of changing attack surfaces in a repeatable way via cloud security monitoring and analytics dashboards that provide operational security awareness for Amazon GuardDuty data sources. -## Collecting Logs +## Collecting logs See [Collecting Logs for the Amazon GuardDuty App](/docs/integrations/amazon-aws/guardduty#collecting-logs-for-the-amazon-guardduty-app). diff --git a/docs/integrations/cloud-security-monitoring-analytics/aws-cloudtrail.md b/docs/integrations/cloud-security-monitoring-analytics/aws-cloudtrail.md index b6c8b7e535..621b8bf4f3 100644 --- a/docs/integrations/cloud-security-monitoring-analytics/aws-cloudtrail.md +++ b/docs/integrations/cloud-security-monitoring-analytics/aws-cloudtrail.md @@ -12,7 +12,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; This set of CloudTrail monitoring and analytics dashboards provide one dashboard for the most critical analytics. Think of this bundle of dashboards as a good starting place to see trends and outliers on specific aspects of your CloudTrail data -- including access monitoring, login activity, system monitoring, privileged activity, and threat intelligence. -## Collecting Logs for the AWS CloudTrail PCI Compliance App +## Collecting logs for the AWS CloudTrail PCI Compliance App This section has instructions for configuring log collection for the AWS CloudTrail app. diff --git a/docs/integrations/cloud-security-monitoring-analytics/aws-waf.md b/docs/integrations/cloud-security-monitoring-analytics/aws-waf.md index 00ff67cc3f..bbda927ea2 100644 --- a/docs/integrations/cloud-security-monitoring-analytics/aws-waf.md +++ b/docs/integrations/cloud-security-monitoring-analytics/aws-waf.md @@ -11,7 +11,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; AWS WAF (web application firewall) data is a rich source of security findings, as it allows you to monitor the HTTP and HTTPS requests that are forwarded to CloudFront and let you control overall access to your content. Each dashboard within this application takes a different lens on AWS WAF data, from traffic patterns to threat intelligence, allowing you to truly identify the needles in the haystack that drives critical security concerns within your AWS infrastructure. -## Collecting Logs for AWS WAF Security Analytics +## Collecting logs for AWS WAF Security Analytics To configure Collection for AWS WAF App, follow the instructions from [Collecting Logs for the AWS WAF App](/docs/integrations/amazon-aws/waf#collecting-logs-for-the-aws-waf-app). diff --git a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-firewall-10.md b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-firewall-10.md index 9679e27ce3..1a365bcf26 100644 --- a/docs/integrations/cloud-security-monitoring-analytics/palo-alto-firewall-10.md +++ b/docs/integrations/cloud-security-monitoring-analytics/palo-alto-firewall-10.md @@ -43,7 +43,7 @@ _sourceCategory = Labs/PaloAltoNetworksv10 TRAFFIC You must have Palo Alto Networks Web administrative user permissions to successfully complete these tasks. -## Collecting Logs for Palo Alto Firewall 10 +## Collecting logs for Palo Alto Firewall 10 This section provides instructions for configuring log collection for the Sumo Logic App for Palo Alto Firewall 10, as well as sample log messages and a query example from an app dashboard. diff --git a/docs/integrations/cloud-security-monitoring-analytics/windows.md b/docs/integrations/cloud-security-monitoring-analytics/windows.md index 2ae9dcec07..7045acfb46 100644 --- a/docs/integrations/cloud-security-monitoring-analytics/windows.md +++ b/docs/integrations/cloud-security-monitoring-analytics/windows.md @@ -17,7 +17,7 @@ This section provides instructions for configuring log collection for the Window The Windows - Cloud Security Monitoring and Analytics app uses Windows Security Event and System Event logs. It does not work with third-party logs. -### Sample log message +### Sample log messages ```json { diff --git a/docs/integrations/containers-orchestration/activemq.md b/docs/integrations/containers-orchestration/activemq.md index 15fbd87a44..fe75c75b13 100644 --- a/docs/integrations/containers-orchestration/activemq.md +++ b/docs/integrations/containers-orchestration/activemq.md @@ -46,7 +46,7 @@ Host: broker-3-activemq Name: /opt/activemq/data/activemq.log Category:logfile -## Collecting Logs and Metrics for ActiveMQ +## Collecting logs and metrics for ActiveMQ This App has been tested with following ActiveMQ versions: * 5.16.2. diff --git a/docs/integrations/containers-orchestration/kafka.md b/docs/integrations/containers-orchestration/kafka.md index 564400e3b6..40df905fcc 100644 --- a/docs/integrations/containers-orchestration/kafka.md +++ b/docs/integrations/containers-orchestration/kafka.md @@ -19,7 +19,7 @@ This App has been tested with following Kafka versions: * 2.6.0 * 2.7.0 -## Sample Logs +## Sample log messages -## Sample Log and Metrics messages +## Sample log and metrics messages ### Log message diff --git a/docs/integrations/containers-orchestration/rabbitmq.md b/docs/integrations/containers-orchestration/rabbitmq.md index 6c111472b4..80cfa7ba9e 100644 --- a/docs/integrations/containers-orchestration/rabbitmq.md +++ b/docs/integrations/containers-orchestration/rabbitmq.md @@ -46,7 +46,7 @@ Host: broker-1 Name: /var/log/rabbitmq/rabbit.log Category: logfile -## Collecting Logs and Metrics for RabbitMQ +## Collecting logs and metrics for RabbitMQ This section provides instructions for configuring log and metric collection for the Sumo Logic App for RabbitMQ. diff --git a/docs/integrations/containers-orchestration/strimzi-kafka.md b/docs/integrations/containers-orchestration/strimzi-kafka.md index dbf4c9408f..8d40792da1 100644 --- a/docs/integrations/containers-orchestration/strimzi-kafka.md +++ b/docs/integrations/containers-orchestration/strimzi-kafka.md @@ -22,7 +22,7 @@ This App has been tested with following Kafka versions: * 3.4.0 -## Sample Logs +## Sample log messages ```json { @@ -49,7 +49,7 @@ messaging_cluster=* messaging_system="kafka" \ The list of metrics collected can be found [here](/docs/integrations/containers-orchestration/kafka/#kafka-metrics). -## Collecting Logs and Metrics for Strimzi Kafka Pods +## Collecting logs and metrics for Strimzi Kafka Pods Collection architecture is similar to Kafka and described [here](/docs/integrations/containers-orchestration/strimzi-kafka/#collecting-logs-and-metrics-for-strimzi-kafka-pods). diff --git a/docs/integrations/databases/cassandra.md b/docs/integrations/databases/cassandra.md index c87baa56db..f79070a6f2 100644 --- a/docs/integrations/databases/cassandra.md +++ b/docs/integrations/databases/cassandra.md @@ -23,7 +23,7 @@ These logs by default live in `${CASSANDRA_HOME}/logs`, but most Linux distribut The Sumo Logic app for Cassandra supports metrics generated by the [Jolokia2 plugin for Telegraf](https://github.com/influxdata/telegraf/tree/master/plugins/inputs/jolokia2). The app assumes prometheus format Metrics. -## Collecting Logs and Metrics for Cassandra +## Collecting logs and metrics for Cassandra This section provides instructions for configuring log and metric collection for the Sumo Logic app for Cassandra. diff --git a/docs/integrations/databases/couchbase.md b/docs/integrations/databases/couchbase.md index 94944b1db7..9db4720cd3 100644 --- a/docs/integrations/databases/couchbase.md +++ b/docs/integrations/databases/couchbase.md @@ -23,7 +23,7 @@ This app has been tested with the following Couchbase with Telegraf versions: Telegraf 1.14 default of Kubernetes Collection will not work. ::: -## Collecting Logs and Metrics for the Couchbase app +## Collecting logs and metrics for the Couchbase app This section provides instructions for configuring log and metric collection for the Sumo Logic app for Couchbase. diff --git a/docs/integrations/databases/elasticsearch.md b/docs/integrations/databases/elasticsearch.md index 9d090a2bc2..53bac709cd 100644 --- a/docs/integrations/databases/elasticsearch.md +++ b/docs/integrations/databases/elasticsearch.md @@ -58,7 +58,7 @@ The Elasticsearch app is a unified logs and metrics app that helps you monitor t -## Collecting Logs and Metrics for the Elasticsearch app +## Collecting logs and metrics for the Elasticsearch app Configuring log and metric collection for the Elasticsearch app includes the following tasks. diff --git a/docs/integrations/databases/mariadb.md b/docs/integrations/databases/mariadb.md index 11ab80bc41..48c06d4cb7 100644 --- a/docs/integrations/databases/mariadb.md +++ b/docs/integrations/databases/mariadb.md @@ -18,7 +18,7 @@ This app is tested with the following MariaDB versions: * Kubernetes: MariaDB - Version 10.5.11 * Non-Kubernetes: MariaDB - Version 10.7.1 -## Collecting Logs and Metrics for the MariaDB app +## Collecting logs and metrics for the MariaDB app Configuring log and metric collection for the MariaDB app includes the following tasks. diff --git a/docs/integrations/databases/memcached.md b/docs/integrations/databases/memcached.md index 81368e864b..9b51f5c9f9 100644 --- a/docs/integrations/databases/memcached.md +++ b/docs/integrations/databases/memcached.md @@ -48,7 +48,7 @@ Jun 23 07:35:01 node03 memcached: \ -## Collecting Logs and Metrics for Memcached +## Collecting logs and metrics for Memcached Configuring log and metric collection for the Memcached app includes the following tasks. diff --git a/docs/integrations/databases/mongodb.md b/docs/integrations/databases/mongodb.md index 57fb19f3bb..ca047d0541 100644 --- a/docs/integrations/databases/mongodb.md +++ b/docs/integrations/databases/mongodb.md @@ -67,7 +67,7 @@ environment=* db_cluster=* db_system=mongodb | json "log" as _rawlog nodrop | count by component ``` -## Collecting Logs and Metrics for MongoDB +## Collecting logs and metrics for MongoDB This section provides instructions for configuring log and metric collection for the Sumo Logic app for MongoDB. diff --git a/docs/integrations/databases/mysql.md b/docs/integrations/databases/mysql.md index 8a40eaf814..cdd76ee6c1 100644 --- a/docs/integrations/databases/mysql.md +++ b/docs/integrations/databases/mysql.md @@ -49,7 +49,7 @@ The Sumo Logic app for MySQL assumes the default MySQL Error log file format for The MySQL app dashboards dependent on error logs are based on the message types ERROR, NOTE, Warning, and Info. For more details on the MySQL log file format, see [http://dev.mysql.com/doc/refman/5.5/en/server-logs.html](http://dev.mysql.com/doc/refman/5.5/en/server-logs.html). -### Sample Logs +### Sample log messages -## Collecting Logs and Metrics for MySQL +## Collecting logs and metrics for MySQL Configuring log and metric collection for the MySQL app includes the following tasks. diff --git a/docs/integrations/databases/opentelemetry/cassandra-opentelemetry.md b/docs/integrations/databases/opentelemetry/cassandra-opentelemetry.md index eb6ae0ad30..bad7a0d63e 100644 --- a/docs/integrations/databases/opentelemetry/cassandra-opentelemetry.md +++ b/docs/integrations/databases/opentelemetry/cassandra-opentelemetry.md @@ -116,7 +116,7 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; -## Sample Log +## Sample log messages ```sql INFO [ScheduledTasks:1] 2023-01-08 09:18:47,347 StatusLogger.java:101 - system.schema_aggregates diff --git a/docs/integrations/databases/opentelemetry/couchbase-opentelemetry.md b/docs/integrations/databases/opentelemetry/couchbase-opentelemetry.md index 64b402ac4c..3b77df72c0 100644 --- a/docs/integrations/databases/opentelemetry/couchbase-opentelemetry.md +++ b/docs/integrations/databases/opentelemetry/couchbase-opentelemetry.md @@ -162,7 +162,7 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; -## Sample Logs +## Sample log messages ``` _time=09/Jan/2023:04:50:03 +0000+07:00 _level=ERROR _msg=Failed to perform INSERT on key key1 for Keyspace default:beer-sample.inventory.hotel. Error - Duplicate Key key1 diff --git a/docs/integrations/databases/opentelemetry/mysql-opentelemetry.md b/docs/integrations/databases/opentelemetry/mysql-opentelemetry.md index 92d34a461c..6992e7805b 100644 --- a/docs/integrations/databases/opentelemetry/mysql-opentelemetry.md +++ b/docs/integrations/databases/opentelemetry/mysql-opentelemetry.md @@ -210,7 +210,7 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; -## Sample logs +## Sample log messages ```json { diff --git a/docs/integrations/databases/opentelemetry/postgresql-opentelemetry.md b/docs/integrations/databases/opentelemetry/postgresql-opentelemetry.md index 4671e8cbf2..04812623b5 100644 --- a/docs/integrations/databases/opentelemetry/postgresql-opentelemetry.md +++ b/docs/integrations/databases/opentelemetry/postgresql-opentelemetry.md @@ -196,7 +196,7 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; -## Sample logs +## Sample log messages ```sql 2021-04-01 08:30:20.002 UTC [11916] postgres@postgres LOG:  connection authorized: user=postgres database=postgres diff --git a/docs/integrations/databases/postgresql.md b/docs/integrations/databases/postgresql.md index f11c230287..9d7cb169e3 100644 --- a/docs/integrations/databases/postgresql.md +++ b/docs/integrations/databases/postgresql.md @@ -20,7 +20,7 @@ This guide provides an overview of the Sumo app for PostgreSQL features and Dash [PostgreSQL](https://www.postgresql.org/) is an open source object-relational database that extends the robustness SQL language to safely store and scale extensive data workloads. -## Sample Logs and Queries +## Sample log messages ```json title="Sample Kubernetes log message" { @@ -35,7 +35,9 @@ This guide provides an overview of the Sumo app for PostgreSQL features and Dash 2021-04-01 08:30:20.002 UTC [11916] postgres@postgres LOG: connection authorized: user=postgres database=postgres ``` -This sample Query is from the **Fatal Errors** panel of the **PostgreSQL - Overview** dashboard. +## Sample queries + +This sample query is from the **Fatal Errors** panel of the **PostgreSQL - Overview** dashboard. ```txt title="Query String" _sourceCategory=/PostgreSQL/* db_system=postgresql db_cluster={{db_cluster}} @@ -46,7 +48,7 @@ _sourceCategory=/PostgreSQL/* db_system=postgresql db_cluster={{db_cluster}} | count by date, time, severity, db, user, msg ``` -## Collecting Logs and Metrics from PostgreSQL +## Collecting logs and metrics from PostgreSQL This section provides instructions for configuring log and metric collection for the Sumo Logic app for PostgreSQL. This app works for PostgreSQL database clusters running on PostgreSQL versions 11.x or 12.x. diff --git a/docs/integrations/databases/redis.md b/docs/integrations/databases/redis.md index efc920284a..3fa28f8c3d 100644 --- a/docs/integrations/databases/redis.md +++ b/docs/integrations/databases/redis.md @@ -67,7 +67,7 @@ This sample Query is from the the **Redis - Logs** dashboard > **Logs** panel. | fields message ``` -## Collecting Logs and Metrics for Redis +## Collecting logs and metrics for Redis This section provides instructions for configuring log and metric collection for the Sumo Logic app for Redis. Configuring log and metric collection for the Redis ULM app includes the following tasks: diff --git a/docs/integrations/global-intelligence/apache-tomcat.md b/docs/integrations/global-intelligence/apache-tomcat.md index 305267c8ec..19e777ebcc 100644 --- a/docs/integrations/global-intelligence/apache-tomcat.md +++ b/docs/integrations/global-intelligence/apache-tomcat.md @@ -41,7 +41,7 @@ The following sample query is from the **Average Requests Per Second: My Server | sort by date asc ``` -## Collecting Logs for the Global Intelligence for Tomcat app +## Collecting logs for the Global Intelligence for Tomcat app The Sumo Global Intelligence for Tomcat app provides insights into your key Tomcat infrastructure indicators.  diff --git a/docs/integrations/global-intelligence/kubernetes-devops.md b/docs/integrations/global-intelligence/kubernetes-devops.md index d6fa7ee791..e377335760 100644 --- a/docs/integrations/global-intelligence/kubernetes-devops.md +++ b/docs/integrations/global-intelligence/kubernetes-devops.md @@ -74,7 +74,7 @@ The infrastructure tab of the [Entity Inspector](../../dashboards/drill-down-to- Deployment-container combinations that have no requests or limits set are not candidates for optimization. No recommendations are computed in these cases.  ::: -### Concepts, Definitions and Methodology +### Concepts, definitions and methodology It is relatively well known that DevOps staff concerned about Out of Memory (OOM) and CPU throttling may set high memory and CPU requests on their containers. This results in situations where Kubernetes clusters are over-provisioned compared to actual usage. Conversely, Kubernetes clusters may be underprovisioned, leading to risk of OOM and throttling and resulting downtime.  diff --git a/docs/integrations/google/cloud-audit.md b/docs/integrations/google/cloud-audit.md index c99173f84b..6185c95fe5 100644 --- a/docs/integrations/google/cloud-audit.md +++ b/docs/integrations/google/cloud-audit.md @@ -92,7 +92,7 @@ _collector="HTTP Source for GCP Pub/Sub" logName methodName principalEmail reque ``` -## Collecting Logs for Google Cloud Audit +## Collecting logs for Google Cloud Audit This section describes the Sumo pipeline for ingesting logs from Google Cloud Platform (GCP) services, and provides instructions for collecting logs from Google Cloud Audit. diff --git a/docs/integrations/google/cloud-storage.md b/docs/integrations/google/cloud-storage.md index eb6f41ca75..be69511217 100644 --- a/docs/integrations/google/cloud-storage.md +++ b/docs/integrations/google/cloud-storage.md @@ -36,7 +36,7 @@ _sourceCategory=*gcp* data logName resource "\"type\":\"gcs_bucket\"" ``` -## Collecting Logs for Google Cloud Storage +## Collecting logs for Google Cloud Storage This page describes the Sumo pipeline for ingesting logs from Google Cloud Platform (GCP) services, and provides instructions for collecting logs from Google Cloud Storage. diff --git a/docs/integrations/google/cloud-vpc.md b/docs/integrations/google/cloud-vpc.md index a7b8f053ba..61dc5abc73 100644 --- a/docs/integrations/google/cloud-vpc.md +++ b/docs/integrations/google/cloud-vpc.md @@ -102,7 +102,7 @@ _collector="HTTP Source for GCP Pub/Sub" logName resource timestamp ``` -## Collecting Logs for Google Cloud VPC +## Collecting logs for Google Cloud VPC This page describes the Sumo pipeline for ingesting logs from Google Cloud Platform (GCP) services, and provides instructions for collecting logs from Google Cloud VPC. diff --git a/docs/integrations/google/kubernetes-engine.md b/docs/integrations/google/kubernetes-engine.md index 05968d35eb..881d56ce04 100644 --- a/docs/integrations/google/kubernetes-engine.md +++ b/docs/integrations/google/kubernetes-engine.md @@ -206,7 +206,7 @@ _sourceCategory = "GKE Cloud Logs" logName reason host "\"type\":\"gke_cluster\" | fillmissing timeslice(1h) ``` -## Collecting Logs and Metrics for GKE - Control Plane app +## Collecting logs and metrics for GKE - Control Plane app This section has instructions for configuring log and metric collection for the Sumo Logic app for GKE - Control Plane. diff --git a/docs/integrations/microsoft-azure/iis-7.md b/docs/integrations/microsoft-azure/iis-7.md index 05ece3de22..f110969045 100644 --- a/docs/integrations/microsoft-azure/iis-7.md +++ b/docs/integrations/microsoft-azure/iis-7.md @@ -94,7 +94,7 @@ if (agent matches "Dolphin*","Dolphin", Browser) as Browser ``` -## Collecting Logs for IIS 7 +## Collecting logs for IIS 7 This procedure explains how to enable logging from Microsoft Internet Information Services (IIS) on your Windows server and ingest the logs into Sumo Logic. diff --git a/docs/integrations/microsoft-azure/kubernetes.md b/docs/integrations/microsoft-azure/kubernetes.md index cdff3fd2ee..b12dc8360c 100644 --- a/docs/integrations/microsoft-azure/kubernetes.md +++ b/docs/integrations/microsoft-azure/kubernetes.md @@ -128,7 +128,7 @@ _sourceCategory="azure/aks" "kube-scheduler" | fillmissing timeslice(1h) ``` -## Collecting Logs for the Kubernetes and AKS - Control Plane +## Collecting logs for the Kubernetes and AKS - Control Plane The Sumo Logic [Kubernetes app](/docs/integrations/containers-orchestration/kubernetes) works in conjunction with the AKS - Control Plane app and allows you to monitor worker node logs, as well as metrics for the Azure monitor and worker nodes. diff --git a/docs/integrations/microsoft-azure/microsoft-graph-identity-protection.md b/docs/integrations/microsoft-azure/microsoft-graph-identity-protection.md index 414791c578..d021b40670 100644 --- a/docs/integrations/microsoft-azure/microsoft-graph-identity-protection.md +++ b/docs/integrations/microsoft-azure/microsoft-graph-identity-protection.md @@ -121,7 +121,7 @@ _sourceCategory=msgip-app-src riskEventType | sort by _count ``` -## Collecting Logs for Microsoft Graph Identity Protection API +## Collecting logs for Microsoft Graph Identity Protection API This section explains how to collect logs from Microsoft Graph Identity Protection API and ingest them into Sumo Logic. For details, see [Cloud-to-Cloud-Integration for Microsoft Graph Identity Protection Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-identity-protection-source/) to create the source and use the same source category while installing the app. diff --git a/docs/integrations/microsoft-azure/office-365.md b/docs/integrations/microsoft-azure/office-365.md index 87ecfcb3da..48889e4043 100644 --- a/docs/integrations/microsoft-azure/office-365.md +++ b/docs/integrations/microsoft-azure/office-365.md @@ -95,7 +95,7 @@ _sourceCategory=O365* Workload Operation "ResultStatus" fail* | transpose row _timeslice column workload ``` -## Collecting Logs for the Office 365 App +## Collecting logs for the Office 365 App This section provides instructions for configuring log collection for the Microsoft Office 365 App, as well as providing sample log messages and queries. diff --git a/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry.md b/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry.md index 4bf195bb8d..8afb1a434c 100644 --- a/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry.md +++ b/docs/integrations/microsoft-azure/opentelemetry/sql-server-linux-opentelemetry.md @@ -121,7 +121,7 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; -## Sample log +## Sample log messages ``` 2023-01-09 13:23:31.276 Logon Login succeeded for user 'NT SERVICE\SQLSERVERAGENT'. Connection made using Windows authentication. [CLIENT: ] diff --git a/docs/integrations/microsoft-azure/opentelemetry/sql-server-opentelemetry.md b/docs/integrations/microsoft-azure/opentelemetry/sql-server-opentelemetry.md index b057be1b3b..8fda842dec 100644 --- a/docs/integrations/microsoft-azure/opentelemetry/sql-server-opentelemetry.md +++ b/docs/integrations/microsoft-azure/opentelemetry/sql-server-opentelemetry.md @@ -145,7 +145,7 @@ import LogsOutro from '../../../reuse/apps/opentelemetry/send-logs-outro.md'; -## Sample log +## Sample log messages ``` 2023-01-09 13:23:31.276 Logon Login succeeded for user 'NT SERVICE\SQLSERVERAGENT'. Connection made using Windows authentication. [CLIENT: ] diff --git a/docs/integrations/microsoft-azure/performance.md b/docs/integrations/microsoft-azure/performance.md index 684b5a4609..c038c3d54f 100644 --- a/docs/integrations/microsoft-azure/performance.md +++ b/docs/integrations/microsoft-azure/performance.md @@ -117,7 +117,7 @@ _sourceCategory=OS/Windows "Win32_PerfFormattedData_PerfOS_Processor" "_Total" | avg(procTime) as AvgProcTime by host,_timeslice | sort - _timeslice | transpose row _timeslice column host ``` -## Collecting Logs for the Windows Performance app +## Collecting logs for the Windows Performance app This section provides instructions for configuring log collection for the Windows Performance app, as well as example log files and queries. diff --git a/docs/integrations/microsoft-azure/sql-server.md b/docs/integrations/microsoft-azure/sql-server.md index e84e86fc84..0c14a56f00 100644 --- a/docs/integrations/microsoft-azure/sql-server.md +++ b/docs/integrations/microsoft-azure/sql-server.md @@ -17,7 +17,7 @@ This App has been tested with following SQL Server versions: * Microsoft SQL Server 2012 -## Collecting Logs and Metrics for the Microsoft SQL Server App +## Collecting logs and metrics for the Microsoft SQL Server App This section provides instructions for configuring a local file source to collect SQL Server ERRORLOG data, and a script source to collect SQL Server performance metrics. A sample log message is also provided. diff --git a/docs/integrations/microsoft-azure/sql.md b/docs/integrations/microsoft-azure/sql.md index 7080b50bf9..8c01bb734d 100644 --- a/docs/integrations/microsoft-azure/sql.md +++ b/docs/integrations/microsoft-azure/sql.md @@ -83,7 +83,7 @@ _sourceCategory=Azure/DB/SQL/Logs ErrorEvent "\"operationName\":\"ErrorEvent\"" | top 10 message by eventCount, message asc ``` -## Collecting Logs and Metrics +## Collecting logs and metrics This section has instructions for collecting logs and metrics for the Azure SQL app, as well as a sample log message and a query sample. diff --git a/docs/integrations/microsoft-azure/teams.md b/docs/integrations/microsoft-azure/teams.md index 6597bef39e..87239e9722 100644 --- a/docs/integrations/microsoft-azure/teams.md +++ b/docs/integrations/microsoft-azure/teams.md @@ -49,7 +49,7 @@ _sourceCategory="O365/General" | count by operation ``` -## Collecting Logs +## Collecting logs This section has instructions for collecting logs for the Sumo App for Teams. diff --git a/docs/integrations/microsoft-azure/web-apps.md b/docs/integrations/microsoft-azure/web-apps.md index 30904db86d..7af8b0d9ca 100644 --- a/docs/integrations/microsoft-azure/web-apps.md +++ b/docs/integrations/microsoft-azure/web-apps.md @@ -39,7 +39,7 @@ _sourceCategory=Azure/Web-app | outlier _count ``` -## Collecting Logs for Azure Web Apps +## Collecting logs for Azure Web Apps In this step, you configure a pipeline for shipping logs from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) to an Event Hub. diff --git a/docs/integrations/microsoft-azure/windows-json.md b/docs/integrations/microsoft-azure/windows-json.md index 27cb192de6..989600fbf4 100644 --- a/docs/integrations/microsoft-azure/windows-json.md +++ b/docs/integrations/microsoft-azure/windows-json.md @@ -76,7 +76,7 @@ _sourceCategory=Labs/windows-jsonformat ( "Audit Policy Change" or "System audit | count by msg_summary | sort by _count, msg_summary asc ``` -## Collecting Logs for the Windows JSON app +## Collecting logs for the Windows JSON app This section provides instructions on configuring log collection for the Windows JSON App so that logs are collected from the Microsoft Windows Event Log and ingested into Sumo Logic. diff --git a/docs/integrations/pci-compliance/opentelemetry/windows-json-opentelemetry.md b/docs/integrations/pci-compliance/opentelemetry/windows-json-opentelemetry.md index 4428d8a826..4fc895031c 100644 --- a/docs/integrations/pci-compliance/opentelemetry/windows-json-opentelemetry.md +++ b/docs/integrations/pci-compliance/opentelemetry/windows-json-opentelemetry.md @@ -143,7 +143,7 @@ sumo.datasource=windows deployment.environment={{deployment.environment}} host.g | sort by _timeslice ``` -## Sample Logs +## Sample log messages ```json { diff --git a/docs/integrations/saas-cloud/acquia.md b/docs/integrations/saas-cloud/acquia.md index 1cf580a9d4..369467d353 100644 --- a/docs/integrations/saas-cloud/acquia.md +++ b/docs/integrations/saas-cloud/acquia.md @@ -137,7 +137,7 @@ request_id ``` -## Collecting Logs for the Acquia App +## Collecting logs for the Acquia App This section provides instructions for configuring log collection from Acquia and sending those logs to Sumo Logic for monitoring and analysis in the Acquia App predefined dashboards and searches. diff --git a/docs/integrations/saas-cloud/armis.md b/docs/integrations/saas-cloud/armis.md index f38842a34e..5be4d01a0c 100644 --- a/docs/integrations/saas-cloud/armis.md +++ b/docs/integrations/saas-cloud/armis.md @@ -183,7 +183,7 @@ _sourceCategory=ArmisDashboards id | count_distinct(id) ``` -## Collecting Logs for Armis API +## Collecting logs for Armis API This section explains how to collect logs from Armis API and ingest them into Sumo Logic. Refer to the [Armis API Cloud-to-Cloud Integration](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/armis-api-source/) to create the source and use the same source category while installing the app. diff --git a/docs/integrations/saas-cloud/citrix-cloud.md b/docs/integrations/saas-cloud/citrix-cloud.md index c4d8633254..a79b2576a0 100644 --- a/docs/integrations/saas-cloud/citrix-cloud.md +++ b/docs/integrations/saas-cloud/citrix-cloud.md @@ -15,7 +15,7 @@ The Citrix Cloud is a platform that manages and hosts various Citrix cloud servi This Citrix Cloud App uses [SystemLog](https://developer.cloud.com/citrix-cloud/citrix-cloud---systemlog/apis/Records/GetRecords) records from the Citrix Cloud. To learn about the Citrix Cloud API fields, see the [Event Data Fields](https://docs.citrix.com/en-us/citrix-cloud/citrix-cloud-management/system-log/events.html#event-data-descriptions#fields) documentation. -### Sample log +### Sample log messages ```json { diff --git a/docs/integrations/saas-cloud/dropbox.md b/docs/integrations/saas-cloud/dropbox.md index 549c28bdea..33f18a49af 100644 --- a/docs/integrations/saas-cloud/dropbox.md +++ b/docs/integrations/saas-cloud/dropbox.md @@ -112,7 +112,7 @@ _sourceCategory="dropboxSource" | sort by _timeslice ``` -## Collecting Logs for Dropbox app +## Collecting logs for Dropbox app This section provides instructions for setting up [Cloud-to-Cloud-Integration for Dropbox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dropbox-source) to create the source and use the same source category while installing the app. diff --git a/docs/integrations/saas-cloud/gmail-tracelogs.md b/docs/integrations/saas-cloud/gmail-tracelogs.md index 2034213050..200b14f2b8 100644 --- a/docs/integrations/saas-cloud/gmail-tracelogs.md +++ b/docs/integrations/saas-cloud/gmail-tracelogs.md @@ -19,7 +19,7 @@ The Sumo Logic App for Gmail Trace Logs uses [Gmail Logs via BigQuery](https://s For details, see the [Schema for Gmail logs in BigQuery](https://support.google.com/a/answer/7230050?hl=en&ref_topic=7233311). -### Sample Logs +### Sample log messages ```json { @@ -136,7 +136,7 @@ _sourceCategory=Labs/GmailTraceLogs | sort by _count ``` -## Collecting Logs for Gmail Trace Logs app +## Collecting logs for Gmail Trace Logs app This section provides instructions for setting up [Cloud-to-Cloud-Integration for Gmail Trace Logs App](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/gmail-tracelogs-source.md) to create the source and use the same source category while installing the app. diff --git a/docs/integrations/saas-cloud/istio.md b/docs/integrations/saas-cloud/istio.md index d73fbd255c..a61ad1cfac 100644 --- a/docs/integrations/saas-cloud/istio.md +++ b/docs/integrations/saas-cloud/istio.md @@ -34,7 +34,7 @@ namespace=istio-system cluster={{cluster}} | transpose row _timeslice column response_code ``` -## Collecting Logs and Metrics for the Istio App +## Collecting logs and metrics for the Istio App This section provides instructions for collecting logs and metrics for the Sumo App for Istio. Logs and metrics are collected with the [Sumo Logic Kubernetes Collection Helm Chart](https://github.com/SumoLogic/sumologic-kubernetes-collection). If you've not yet set up Kubernetes Collection, visit our [Kubernetes](/docs/observability/kubernetes) and [Kubernetes Quickstart](/docs/observability/kubernetes/quickstart) docs to learn how to install. diff --git a/docs/integrations/saas-cloud/miro.md b/docs/integrations/saas-cloud/miro.md index 0879e3e3fb..2e410ec775 100644 --- a/docs/integrations/saas-cloud/miro.md +++ b/docs/integrations/saas-cloud/miro.md @@ -19,7 +19,7 @@ With the Sumo Logic app for Miro, security teams can stay on top of potential se This App uses Sumo Logic’s Miro Source to collect [Audit Logs](https://developers.miro.com/v1.0/reference/get-logs) from Miro. -## Sample log message +## Sample log messages ```json title="Audit Log" { diff --git a/docs/integrations/saas-cloud/opsgenie.md b/docs/integrations/saas-cloud/opsgenie.md index 3829143d20..8f948f516c 100644 --- a/docs/integrations/saas-cloud/opsgenie.md +++ b/docs/integrations/saas-cloud/opsgenie.md @@ -50,7 +50,7 @@ description, message, action, team, priority, source, tags, recipients nodrop ``` -## Collecting Logs for Opsgenie +## Collecting logs for Opsgenie The Sumo Logic Opsgenie App is designed to effectively monitor Opsgenie alerts, team performances, detect any outliers, and track the team's Mean time to repair (MTTR) incidents. With Sumo Logic dashboards you can easily identify: diff --git a/docs/integrations/saas-cloud/pagerduty-v2.md b/docs/integrations/saas-cloud/pagerduty-v2.md index bb4ee8a6c5..4d9ebdf38b 100644 --- a/docs/integrations/saas-cloud/pagerduty-v2.md +++ b/docs/integrations/saas-cloud/pagerduty-v2.md @@ -12,14 +12,14 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; The Sumo Logic App for PagerDuty V2 collects incident messages from your PagerDuty account via a webhook, and displays incident data in pre-configured Dashboards that allow you to monitor and analyze the activity of your PagerDuty account and Services. The Sumo Logic App for PagerDuty V2 uses Webhooks V2, to provide enhanced context for alert object models. -## Event Types +## Event types The Sumo Logic App for PagerDuty V2 ingests PagerDuty incident Webhooks V2 messages, that are triggered by events that occur in your PagerDuty account and Services. For more information on the incident messages supported in Webhooks V2, see the PagerDuty documentation: [https://v2.developer.pagerduty.com/docs/webhooks-v2-overview](https://v2.developer.pagerduty.com/docs/webhooks-v2-overview) -### Sample Logs +### Sample log messages For examples of incident.trigger, incident.acknowledge, incident.resolve, and incident.assign log messages, see the [PagerDuty Webhooks V2 Examples](https://v2.developer.pagerduty.com/docs/webhooks-v2-overview#examples) page. @@ -39,7 +39,7 @@ _sourceCategory=Labs/pagerduty_v2 "incident.trigger" ``` -## Collecting Logs for PagerDuty V2 +## Collecting logs for PagerDuty V2 This section provides instructions for configuring a Sumo Logic Hosted Collector and HTTP Source to create a PagerDuty Webhook V2, to collect PagerDuty events. diff --git a/docs/integrations/saas-cloud/pagerduty-v3.md b/docs/integrations/saas-cloud/pagerduty-v3.md index f32bce8223..7f1b387e1e 100644 --- a/docs/integrations/saas-cloud/pagerduty-v3.md +++ b/docs/integrations/saas-cloud/pagerduty-v3.md @@ -23,14 +23,14 @@ This section provides instructions for configuring a Sumo Logic Hosted Collector * [Create a PagerDuty V3 Webhook](#create-a-pagerduty-v3-webhook) -### Event Types +### Event types The Sumo Logic App for PagerDuty V3 ingests PagerDuty incident Webhooks V3 messages, that are triggered by events that occur in your PagerDuty account and Services. For more information on the incident messages supported in Webhooks V3, see the [PagerDuty documentation](https://developer.pagerduty.com/docs/ZG9jOjQ1MTg4ODQ0-overview). -### Sample logs +### Sample log messages For examples of incident.triggered, incident.acknowledged and incident.resolved log messages, see the [PagerDuty Webhooks V3 Examples](https://developer.pagerduty.com/docs/ZG9jOjQ1MTg4ODQ0-overview#webhook-payload) page. diff --git a/docs/integrations/saml/auth0.md b/docs/integrations/saml/auth0.md index 39d6828531..ee6fb2fea0 100644 --- a/docs/integrations/saml/auth0.md +++ b/docs/integrations/saml/auth0.md @@ -14,7 +14,7 @@ Auth0 is a cloud-based, extensible identity provider for applications. The Sumo For more information, see [Export Logs to Sumo Logic](https://auth0.com/docs/extensions/sumologic). -## Collecting Logs for Auth0 +## Collecting logs for Auth0 This procedure explains how to collect error logs from Auth0. Sumo Logic collects the following log types: diff --git a/docs/integrations/saml/okta.md b/docs/integrations/saml/okta.md index 9bbe099ab2..10a5d3d0da 100644 --- a/docs/integrations/saml/okta.md +++ b/docs/integrations/saml/okta.md @@ -15,7 +15,7 @@ Okta provides secure connections between people and your applications on any dev The Sumo Logic collector uses Okta System Log API to get the logs of Okta System. The log types include authentication, events, and actions. For more information on the Okta log API, see [here](https://developer.okta.com/docs/api/resources/system_log.html). -### Sample log message +### Sample log messages
Click to expand diff --git a/docs/integrations/saml/onelogin.md b/docs/integrations/saml/onelogin.md index db7b8120f2..b10b990ff2 100644 --- a/docs/integrations/saml/onelogin.md +++ b/docs/integrations/saml/onelogin.md @@ -29,7 +29,7 @@ Once you begin uploading data, your daily data usage will increase. It's a good The Sumo Logic app for OneLogin uses event logs in NDJSON format. -## Sample log message +## Sample log messages Each event is a single-line JSON, containing information such as: diff --git a/docs/integrations/security-threat-detection/akamai-security-events.md b/docs/integrations/security-threat-detection/akamai-security-events.md index 274e041ae1..8961962711 100644 --- a/docs/integrations/security-threat-detection/akamai-security-events.md +++ b/docs/integrations/security-threat-detection/akamai-security-events.md @@ -75,7 +75,7 @@ _sourceCategory= |count by attack_date, client_ip, city, country, rule_action, rule, rule_message, rule_selector, rule_version, config_id, policy_id,http_response ``` -## Collecting Logs for Akamai Security Events app +## Collecting logs for Akamai Security Events app To begin collecting logs for the Sumo app for Akamai Security Events: diff --git a/docs/integrations/security-threat-detection/barracuda-waf.md b/docs/integrations/security-threat-detection/barracuda-waf.md index 3ba1c37314..99531c7ca9 100644 --- a/docs/integrations/security-threat-detection/barracuda-waf.md +++ b/docs/integrations/security-threat-detection/barracuda-waf.md @@ -53,7 +53,7 @@ _sourceCategory=Labs/loggen/barracuda " TR " | limit 5 ``` -## Collecting Logs for Barracuda WAF app +## Collecting logs for Barracuda WAF app This section shows you how to configure collection for the Barracuda WAF App to use with the predefined searches and dashboards. diff --git a/docs/integrations/security-threat-detection/cisco-asa.md b/docs/integrations/security-threat-detection/cisco-asa.md index 7fdd30e2c7..37e98813db 100644 --- a/docs/integrations/security-threat-detection/cisco-asa.md +++ b/docs/integrations/security-threat-detection/cisco-asa.md @@ -21,7 +21,7 @@ The Cisco ASA App gives you insight into website visitor patterns, monitors infr The Cisco ASA App assumes logs from the Cisco Adaptive Security Appliance (ASA) firewall product. -### Sample log +### Sample log messages ```json Tue Aug 15 23:30:09 %ASA-6-302016: Teardown UDP connection 40 for outside:44.44.4.4/500 to inside:44.44.2.2/500 duration 0:02:02 bytes 1416 diff --git a/docs/integrations/security-threat-detection/cloudpassage-halo.md b/docs/integrations/security-threat-detection/cloudpassage-halo.md index 642476ac2e..beb6670a56 100644 --- a/docs/integrations/security-threat-detection/cloudpassage-halo.md +++ b/docs/integrations/security-threat-detection/cloudpassage-halo.md @@ -14,7 +14,7 @@ The CloudPassage Halo app helps you detect security violations and look for thre You can leverage the security visibility provided by CloudPassage's Halo platform with Sumo Logic’s correlation and visualization capabilities to deliver a security reporting and analysis tool. This app enables security operators and administrators to correlate security events across their Halo-managed infrastructure. -## Collecting Logs for the CloudPassage Halo app +## Collecting logs for the CloudPassage Halo app The CloudPassage Halo app uses the Halo REST API and AWS Lambda to collect Halo events. diff --git a/docs/integrations/security-threat-detection/crowdstrike-falcon-endpoint-protection.md b/docs/integrations/security-threat-detection/crowdstrike-falcon-endpoint-protection.md index 49ee1b1882..7e1a6ceda1 100644 --- a/docs/integrations/security-threat-detection/crowdstrike-falcon-endpoint-protection.md +++ b/docs/integrations/security-threat-detection/crowdstrike-falcon-endpoint-protection.md @@ -24,7 +24,7 @@ The CrowdStrike Falcon Endpoint Protection app uses the following log types: For more information on Events, please refer to the CrowdStrike Falcon Endpoint Protection [Streaming API Event Dictionary](https://falcon.crowdstrike.com/support/documentation/62/streaming-api-event-dictionary). -### Sample logs +### Sample log messages For more information on Events, please refer to [Streaming API Event Dictionary](https://falcon.crowdstrike.com/support/documentation/62/streaming-api-event-dictionary). @@ -182,7 +182,7 @@ _sourceCategory=*Crowdstrike* UserActivityAuditEvent ``` -## Collecting Logs for the CrowdStrike app +## Collecting logs for the CrowdStrike app This section shows you how to configure log collection from CrowdStrike Falcon Endpoint Protection and have them sent to Sumo Logic. CrowdStrike Falcon Endpoint Protection provides endpoint detection and response, next-gen antivirus, and threat intelligence services through the cloud. Multiple security functions are consolidated into a single lightweight agent, for visibility across using central security analytics with Sumo Logic. diff --git a/docs/integrations/security-threat-detection/cylance.md b/docs/integrations/security-threat-detection/cylance.md index 63ffeb2c62..be9c1ca7c3 100644 --- a/docs/integrations/security-threat-detection/cylance.md +++ b/docs/integrations/security-threat-detection/cylance.md @@ -66,7 +66,7 @@ _sourceCategory=*cylance* "Event Type:" AuditLog | transpose row _timeslice column event_name ``` -## Collecting Logs for the Cylance app +## Collecting logs for the Cylance app This procedure demonstrates how to collect logs from Cylance into Sumo Logic. Cylance applies artificial intelligence, algorithmic science, and machine learning to cyber security, and provides visibility to their service through integrations with a central security analytics platform like Sumo Logic. By combining the threat events data from Cylance and other data sources, you can reduce your security risk and improve your overall security posture. diff --git a/docs/integrations/security-threat-detection/duo-security.md b/docs/integrations/security-threat-detection/duo-security.md index f9a88b0a42..afc60a76f8 100644 --- a/docs/integrations/security-threat-detection/duo-security.md +++ b/docs/integrations/security-threat-detection/duo-security.md @@ -21,7 +21,7 @@ When you generate the Duo credentials, you should do it for the Admin API applic * Administrator Logs * Telephony Logs -## Collecting Logs for the Duo Security app +## Collecting logs for the Duo Security app To collect logs from the Duo Security App, use the new [Cloud-to-Cloud Integration for Duo Security App](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source) to create the source and use the same source category while installing the app. diff --git a/docs/integrations/security-threat-detection/evident-security-platform.md b/docs/integrations/security-threat-detection/evident-security-platform.md index 63aa74c71b..a588c35585 100644 --- a/docs/integrations/security-threat-detection/evident-security-platform.md +++ b/docs/integrations/security-threat-detection/evident-security-platform.md @@ -19,7 +19,7 @@ The Evident.io ESP App collects monitoring alerts. For details on the log format and definitions, refer to Evident.io documentation at [http://docs.evident.io/](http://docs.evident.io/). -### Sample log message +### Sample log messages
Click to expand @@ -195,7 +195,7 @@ _sourceCategory=security_evident | count by status ``` -## Collecting Logs for the Evident.io ESP app +## Collecting logs for the Evident.io ESP app This page demonstrates how to configure log collection for the Evident.io ESP App, and provides an example log message and query. diff --git a/docs/integrations/security-threat-detection/f5-big-ip-ltm.md b/docs/integrations/security-threat-detection/f5-big-ip-ltm.md index 07f041020e..db9cbf8684 100644 --- a/docs/integrations/security-threat-detection/f5-big-ip-ltm.md +++ b/docs/integrations/security-threat-detection/f5-big-ip-ltm.md @@ -17,7 +17,7 @@ The Sumo Logic app for F5 - BIG-IP Local Traffic Manager (LTM) helps you optimiz The F5 - BIG-IP Local Traffic Manager (LTM) app uses event logs with payloads, as described in this [document.](https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/output-example.html#ltm-request-log) -### Sample log message +### Sample log messages ```json title="LTM Request Log" { @@ -101,7 +101,7 @@ curl -k --user admin: -H "Accept: application/json" -H "Content-Type #### Step 3: Sumo Logic Consumer Set up using Telemetry -Download the Sumo Logic `sumo.json` [here](https://sumologic-app-data.s3.amazonaws.com/F5LTM/sumo.json), and replace `SUMOLOGIC_HOST` and `SUMOLOGIC_SECRET_KEY` with values from Sumo Logic HTTP URL created in step 1. +Download the Sumo Logic `sumo.json` [here](https://sumologic-app-data.s3.amazonaws.com/F5LTM/sumo.json), and replace `SUMOLOGIC_HOST` and `SUMOLOGIC_SECRET_KEY` with values from Sumo Logic HTTP URL created in step 1. Example: For the Sumo Logic HTTP URL `https://collectors.us2.sumologic.com/receiver/v1/http/test-endpoint`, the above values are as follows: * `SUMOLOGIC_HOST`. `collectors.us2.sumologic.com` diff --git a/docs/integrations/security-threat-detection/palo-alto-networks-9.md b/docs/integrations/security-threat-detection/palo-alto-networks-9.md index 12a3a5e807..6b2c525c97 100644 --- a/docs/integrations/security-threat-detection/palo-alto-networks-9.md +++ b/docs/integrations/security-threat-detection/palo-alto-networks-9.md @@ -33,7 +33,7 @@ The Palo Alto Networks 9 app uses the following log types: * [Threat](https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields) Logs -## Sample logs +## Sample log messages ```json title="System logs" Oct 09 10:15:15 SumoRedfw01a 1,2019/10/09 diff --git a/docs/integrations/sumo-apps/enterprise-audit.md b/docs/integrations/sumo-apps/enterprise-audit.md index 4df9259b15..32ba5c7cde 100644 --- a/docs/integrations/sumo-apps/enterprise-audit.md +++ b/docs/integrations/sumo-apps/enterprise-audit.md @@ -62,14 +62,14 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md'; test -Enterprise Audit - Collector and Data Forwarding Management App dashboards present information on Collector, Sources activities, and data forwarding trends by destination types. This App has the following two dashboard categories: +The **Enterprise Audit - Collector and Data Forwarding Management App** dashboards present information on Collector, Sources activities, and data forwarding trends by destination types. This App has the following two dashboard categories: * Collector Management * Data Forwarding Management #### Collector Management Overview -Enterprise Audit - Collector Management Overview dashboard provides a high-level view of trends related to collector and source activities, collector upgrade requests, upgrade successes and failures, the number of ephemeral collectors created and deleted, and the number of clobber collectors that were deleted. +The **Enterprise Audit - Collector Management Overview** dashboard provides a high-level view of trends related to collector and source activities, collector upgrade requests, upgrade successes and failures, the number of ephemeral collectors created and deleted, and the number of clobber collectors that were deleted. Use this dashboard to: * Review collector types, both hosted and installable. @@ -81,9 +81,9 @@ Use this dashboard to: test -#### Collector Activities +#### Collector Activities -Enterprise Audit - Collector Activities dashboard provides detailed information on collector activities, such as top users by activity and a one-day time comparison. You can also review data on recent collector activities and upgrades, and use pre-populated filters for a granular view of selected data. +The **Enterprise Audit - Collector Activities** dashboard provides detailed information on collector activities, such as top users by activity and a one-day time comparison. You can also review data on recent collector activities and upgrades, and use pre-populated filters for a granular view of selected data. Use this dashboard to: * Review the geographic locations where activities are performed. @@ -95,7 +95,7 @@ Use this dashboard to: #### Collector Sources Activities -Enterprise Audit - Collector Sources Activities dashboard provides detailed information on created, updated and deleted sources, the top collectors where sources were added, active users, and one-day time comparisons. You can use pre-populated filters for a more granular view of selected data. +The **Enterprise Audit - Collector Sources Activities** dashboard provides detailed information on created, updated and deleted sources, the top collectors where sources were added, active users, and one-day time comparisons. You can use pre-populated filters for a more granular view of selected data. Use this dashboard to: * Review the geographic location where activities were performed. @@ -107,7 +107,7 @@ Use this dashboard to: #### Data Forwarding Management Overview -Enterprise Audit - Data Forwarding Management Overview dashboard provides an at-a-glance view of trends for destination types and the distribution of destination types, such as Amazon S3, hitachi, Syslog, and Generic REST. Visual representations for the distribution of data forwarding destinations and data forwarding indexes are also shown. +The **Enterprise Audit - Data Forwarding Management Overview** dashboard provides an at-a-glance view of trends for destination types and the distribution of destination types, such as Amazon S3, hitachi, Syslog, and Generic REST. Visual representations for the distribution of data forwarding destinations and data forwarding indexes are also shown. Use this dashboard to: * Assess destination type trends. @@ -120,7 +120,7 @@ Use this dashboard to: #### Data Forwarding Destination Activities -Enterprise Audit - Data Forwarding Destination Activities dashboard provides detailed information on data forwarding destination activities. You can review trends for activities, their geographical locations, one-day times shift comparisons, user activity, and recent destination activities. For a more granular view of the data, you can use the pre populated filters. +The **Enterprise Audit - Data Forwarding Destination Activities** dashboard provides detailed information on data forwarding destination activities. You can review trends for activities, their geographical locations, one-day times shift comparisons, user activity, and recent destination activities. For a more granular view of the data, you can use the pre populated filters. Use this dashboard to: @@ -133,7 +133,7 @@ Use this dashboard to: #### Data Forwarding Index Activities -Enterprise Audit - Data Forwarding Index Activities dashboard provides detailed information about data forwarding indexes that were created using partitions and scheduled views. You can review trends, geographical locations for data forwarding index activities, one-day time shift comparisons, user activities, as well as data on disabled indexes and recent index activities. For a more granular analysis of the data, you can use the pre-populated filters. +The **Enterprise Audit - Data Forwarding Index Activities** dashboard provides detailed information about data forwarding indexes that were created using partitions and scheduled views. You can review trends, geographical locations for data forwarding index activities, one-day time shift comparisons, user activities, as well as data on disabled indexes and recent index activities. For a more granular analysis of the data, you can use the pre-populated filters. Use this dashboard to: @@ -148,12 +148,12 @@ Use this dashboard to: test -Enterprise Audit - Content Management App dashboards provide information on content activities, such as content that is created, updated, deleted, imported, exported, copied, moved, publicly accessed, made visible to the public, and application installed. +The **Enterprise Audit - Content Management App** dashboards provide information on content activities, such as content that is created, updated, deleted, imported, exported, copied, moved, publicly accessed, made visible to the public, and application installed. #### Content Management Overview -Enterprise Audit - Content Management Overview dashboard provides a high-level view of system activities with data on content activities over time, top applications, top content, publicly accessed content, and exported content. You can also view data on user activity and top content on which permission are added and deleted. +The **Enterprise Audit - Content Management Overview** dashboard provides a high-level view of system activities with data on content activities over time, top applications, top content, publicly accessed content, and exported content. You can also view data on user activity and top content on which permission are added and deleted. Use this dashboard to: @@ -168,7 +168,7 @@ Use this dashboard to: #### Created, Deleted, Exported, Imported Content -Enterprise Audit - Created, Deleted, Exported, Imported Content dashboard provides detailed information on content that is created, deleted, exported, and imported. The dashboard is organized according to activities performed by users in User Mode and Content Administrator Mode. You can view more granular data using pre-populated filters for Event Type, Content Type and Admin Mode. +The **Enterprise Audit - Created, Deleted, Exported, Imported Content** dashboard provides detailed information on content that is created, deleted, exported, and imported. The dashboard is organized according to activities performed by users in User Mode and Content Administrator Mode. You can view more granular data using pre-populated filters for Event Type, Content Type and Admin Mode. Use the dashboard to: @@ -183,7 +183,7 @@ Use the dashboard to: #### Updated, Moved, Copied Content -Enterprise Audit- Updated, Moved, Copied Content dashboard provides detailed information about content that is updated, moved and copied. The dashboard is organized according to activities performed by users in User Mode and Content Administrator Mode. You can view more granular data using pre-populated filters for Event Type, Content Type and Admin Mode. +The **Enterprise Audit- Updated, Moved, Copied Content** dashboard provides detailed information about content that is updated, moved and copied. The dashboard is organized according to activities performed by users in User Mode and Content Administrator Mode. You can view more granular data using pre-populated filters for Event Type, Content Type and Admin Mode. Use the dashboard to: @@ -198,7 +198,7 @@ Use the dashboard to: #### Permission Updated, Synchronized Content -Enterprise Audit- Permission Updated, Synchronized Content dashboard provides detailed information on content permissions that have been added or deleted, as well as content that has been synchronized. The dashboard is organized according to Content Synchronization and Content Permissions. +The **Enterprise Audit- Permission Updated, Synchronized Content** dashboard provides detailed information on content permissions that have been added or deleted, as well as content that has been synchronized. The dashboard is organized according to Content Synchronization and Content Permissions. Use this dashboard to: @@ -211,7 +211,7 @@ Use this dashboard to: #### Publicly Accessed, Application Installed -Enterprise Audit- Publicly Accessed, Application Installed dashboard provides detailed information on installed applications, shared and publicly accessed content. The dashboard is organized according to installed applications and publicly accessed content. For a more granular view of the data, you can filter on Event Type, Content Type, Admin Mode, Visibility using the pre-populated filters. +The **Enterprise Audit- Publicly Accessed, Application Installed** dashboard provides detailed information on installed applications, shared and publicly accessed content. The dashboard is organized according to installed applications and publicly accessed content. For a more granular view of the data, you can filter on Event Type, Content Type, Admin Mode, Visibility using the pre-populated filters. Use this dashboard to: @@ -225,7 +225,7 @@ Use this dashboard to: #### Field Extraction Rule Activities -Enterprise Audit - Field Extraction Rule Activities dashboard provides detailed information on the geographic location, active users, recent activities, trends, and one day time shift comparison for Field Extraction Rules. You can analyze more granular data using the pre-populated filters. +The **Enterprise Audit - Field Extraction Rule Activities** dashboard provides detailed information on the geographic location, active users, recent activities, trends, and one day time shift comparison for Field Extraction Rules. You can analyze more granular data using the pre-populated filters. Use this dashboard to: * Review data on user field extraction rule activity. @@ -259,7 +259,7 @@ Use this dashboard to: #### User Activities -Enterprise Audit- User Activities dashboard provides detailed information about user activities, including top admins, one-day time comparison, and recent events. For a granular view of data, you can filter by event name and user active status using pre-populated filters. +The **Enterprise Audit- User Activities** dashboard provides detailed information about user activities, including top admins, one-day time comparison, and recent events. For a granular view of data, you can filter by event name and user active status using pre-populated filters. Use this dashboard to: * Review activity trends and the geographic locations where activities are performed. @@ -270,7 +270,7 @@ Use this dashboard to: #### Role Activities -Enterprise Audit- Role Activities dashBoard provides detailed information on activities by user role, such as top capabilities, admin role activities, and recent events. For a granular view of data, you can filter by event name and system using pre-populated filters. +The **Enterprise Audit- Role Activities** dashboard provides detailed information on activities by user role, such as top capabilities, admin role activities, and recent events. For a granular view of data, you can filter by event name and system using pre-populated filters. Use this dashboard to: @@ -280,9 +280,9 @@ Use this dashboard to: test -#### User Session Activities +#### User Session Activities -Enterprise Audit - User Session Activities dashBoard provides detailed information on user session activities, such as locked and unlocked account activities, top admins, current logged in and logged out users, and timed out users. For a more granular view of the data, you can filter by event name using the pre-populated filters. +The **Enterprise Audit - User Session Activities** dashboard provides detailed information on user session activities, such as locked and unlocked account activities, top admins, current logged in and logged out users, and timed out users. For a more granular view of the data, you can filter by event name using the pre-populated filters. Use this dashboard to: @@ -294,9 +294,9 @@ Use this dashboard to: #### User (Email, Password) Activities -User(Email, Password) Activities dashBoard provides detailed information on user password and email activities, such as password changes, password resets by admins, and user email change requests and changes. For a more granular view of the data, you can filter by event name using the pre-populated filters. +**User(Email, Password) Activities** dashboard provides detailed information on user password and email activities, such as password changes, password resets by admins, and user email change requests and changes. For a more granular view of the data, you can filter by event name using the pre-populated filters. -Use this dashboard to : +Use this dashboard to: * Review trends for password and email changes, as well as the top admins performing password resets. * Get an overview of the recent password resets and email changes, and the geographic locations where all email and password activities were performed. @@ -306,7 +306,7 @@ Use this dashboard to : #### User Role Relationship Activities -Enterprise Audit - User Role Relationship Activities dashboard provides detailed information on activities for user and role modification. You can review the top users that were added to and removed from roles, the top roles from which users were added and removed, and the top admins. +The **Enterprise Audit - User Role Relationship Activities** dashboard provides detailed information on activities for user and role modification. You can review the top users that were added to and removed from roles, the top roles from which users were added and removed, and the top admins. Use this dashboard to: @@ -320,12 +320,12 @@ Use this dashboard to: test -Enterprise Audit - Security Management App dashboard provide visibility into security posture, such as Access Key Activities, SAML Activities, Password Policy, Multi-Factor Authorization (MFA), and Service AllowList activities within your Sumo Logic Environment. +The **Enterprise Audit - Security Management App** dashboard provide visibility into security posture, such as Access Key Activities, SAML Activities, Password Policy, Multi-Factor Authorization (MFA), and Service AllowList activities within your Sumo Logic Environment. #### Security Management Overview -Enterprise Audit - Security Management Overview dashboard provides an at-a-glance view of security activities over time, user activity, the number of users who have been enabled and disabled MFA, and the geographic locations of security activities. +The **Enterprise Audit - Security Management Overview** dashboard provides an at-a-glance view of security activities over time, user activity, the number of users who have been enabled and disabled MFA, and the geographic locations of security activities. Use this dashboard to: @@ -339,7 +339,7 @@ Use this dashboard to: #### Password Policy, MFA, Service AllowList Activities -Enterprise Audit - Password Policy, MFA, Service AllowList Activities dashboard provides detailed information about password policy creation, deletion, and updates. It also provides a high-level view of users that enable and disable multi factor authorization (MFA), service allowlist updates, as well as user and admin activities. +**Enterprise Audit - Password Policy, MFA, Service AllowList Activities** dashboard provides detailed information about password policy creation, deletion, and updates. It also provides a high-level view of users that enable and disable multi factor authorization (MFA), service allowlist updates, as well as user and admin activities. Use this dashboard to: @@ -352,7 +352,7 @@ Use this dashboard to: #### Access Key Activities -Enterprise Audit - Access Key Activities dashBoard provides detailed information about access key activities, such as creation, deletion, and updates. You can also review trends, user activity, the number of active access keys, and one-day time comparisons. For more granular data, such as type of event or access key status, you can use the predefined filters. +The **Enterprise Audit - Access Key Activities** dashboard provides detailed information about access key activities, such as creation, deletion, and updates. You can also review trends, user activity, the number of active access keys, and one-day time comparisons. For more granular data, such as type of event or access key status, you can use the predefined filters. Use this dashboard to: @@ -364,7 +364,7 @@ Use this dashboard to: #### SAML Activities -Enterprise Audit - SAML Activities dashboard provides detailed information about SAML activities, such as SAML lockdown and SAML configuration. You can also review AllowList user activities such as creating, deleting, and updating allowlists. You can view more granular data for an activity using the predefined filters. +The **Enterprise Audit - SAML Activities** dashboard provides detailed information about SAML activities, such as SAML lockdown and SAML configuration. You can also review AllowList user activities such as creating, deleting, and updating allowlists. You can view more granular data for an activity using the predefined filters. Use this dashboard to: * Review SAML Lockdown trends, AllowList User and SAML configuration activities. diff --git a/docs/integrations/web-servers/apache-tomcat.md b/docs/integrations/web-servers/apache-tomcat.md index 6d9c34539c..e5bd49327d 100644 --- a/docs/integrations/web-servers/apache-tomcat.md +++ b/docs/integrations/web-servers/apache-tomcat.md @@ -13,7 +13,7 @@ import TabItem from '@theme/TabItem'; The Apache Tomcat app is a unified logs and metrics app that helps you monitor the availability, performance, health and resource utilization of your Apache Tomcat servers. Preconfigured dashboards provide insight into visitor locations, traffic patterns, errors, resource utilization, garbage collection, web server operations and access from known malicious sources. -## Collecting Logs and Metrics for Apache Tomcat +## Collecting logs and metrics for Apache Tomcat Before installing the Sumo Logic app, Apache Tomcat must be set up and configured to log events. diff --git a/docs/integrations/web-servers/apache.md b/docs/integrations/web-servers/apache.md index a01ff48a26..2c7af226ad 100644 --- a/docs/integrations/web-servers/apache.md +++ b/docs/integrations/web-servers/apache.md @@ -110,7 +110,7 @@ The predefined searches in the Apache app are based on the Apache Access logs an * Apache - Top Referrers causing errors -## Collecting Logs and Metrics for Apache +## Collecting logs and metrics for Apache This section provides instructions for configuring log and metrics collection for the Sumo Logic app for Apache. diff --git a/docs/integrations/web-servers/haproxy.md b/docs/integrations/web-servers/haproxy.md index 0ab38113ad..2b42c6b917 100644 --- a/docs/integrations/web-servers/haproxy.md +++ b/docs/integrations/web-servers/haproxy.md @@ -71,7 +71,7 @@ This query example is from the [**HAProxy - Overview** dashboard](#overview) > * | limit 5 ``` -## Collecting Logs and Metrics for HAProxy +## Collecting logs and metrics for HAProxy This section provides instructions for configuring logs and metrics collection for the Sumo Logic app for HAProxy. diff --git a/docs/integrations/web-servers/heroku.md b/docs/integrations/web-servers/heroku.md index e16109b856..0fc4a1ee0b 100644 --- a/docs/integrations/web-servers/heroku.md +++ b/docs/integrations/web-servers/heroku.md @@ -83,7 +83,7 @@ You will now be able to see Heroku logs flowing into that HTTP source in Sumo Lo You can also run `heroku drains` or `heroku drains --json` command in your app directory to find the name of an existing Sumo Logic http source log_drain url of an app, which can be attached to a new app. ::: -### Collecting Logs via Sumo Logic add-on +### Collecting logs via Sumo Logic add-on The Sumo Logic add-on for Heroku helps you to monitor Heroku apps and harness the power of machine data with effortless log management that delivers business and operational insights within minutes. diff --git a/docs/integrations/web-servers/iis-10.md b/docs/integrations/web-servers/iis-10.md index 44894a223a..a63e2b0979 100644 --- a/docs/integrations/web-servers/iis-10.md +++ b/docs/integrations/web-servers/iis-10.md @@ -19,7 +19,7 @@ This app is tested with the following IIS versions: IIS app and integration are supported only on Windows. ::: -## Collecting Logs and Metrics for the IIS app +## Collecting logs and metrics for the IIS app This section provides instructions for configuring log and metric collection for the Sumo Logic app for IIS. diff --git a/docs/integrations/web-servers/nginx-ingress.md b/docs/integrations/web-servers/nginx-ingress.md index 4889e47eee..989c576e91 100644 --- a/docs/integrations/web-servers/nginx-ingress.md +++ b/docs/integrations/web-servers/nginx-ingress.md @@ -27,7 +27,7 @@ The Sumo Logic app for Nginx Ingress assumes Prometheus format Metrics for Reque For more details on Nginx Ingress Metrics, see [Prometheus](https://docs.nginx.com/nginx-ingress-controller/logging-and-monitoring/prometheus/). -## Collecting Logs and Metrics for Nginx Ingress +## Collecting logs and metrics for Nginx Ingress This section provides instructions for configuring log and metric collection for the Sumo Logic app for Nginx Ingress. diff --git a/docs/integrations/web-servers/nginx-plus-ingress.md b/docs/integrations/web-servers/nginx-plus-ingress.md index ddac8c913c..9d31d776b0 100644 --- a/docs/integrations/web-servers/nginx-plus-ingress.md +++ b/docs/integrations/web-servers/nginx-plus-ingress.md @@ -61,7 +61,7 @@ Cluster={{Cluster}} Namespace={{Namespace}} Deployment={{Deployment}} Pod={{Pod} | sort _count ``` -## Collecting Logs and Metrics for Nginx Plus Ingress +## Collecting logs and metrics for Nginx Plus Ingress This section provides instructions for configuring log and metric collection for the Sumo Logic app for Nginx Plus Ingress. This includes the following tasks: diff --git a/docs/integrations/web-servers/nginx-plus.md b/docs/integrations/web-servers/nginx-plus.md index 907e399f95..cf3749dbbd 100644 --- a/docs/integrations/web-servers/nginx-plus.md +++ b/docs/integrations/web-servers/nginx-plus.md @@ -90,7 +90,7 @@ _sourceCategory=Labs/Nginx/Logs | sort by _timeslice asc ``` -## Collecting Logs and Metrics for Nginx Plus +## Collecting logs and metrics for Nginx Plus This section provides instructions for configuring log and metric collection for the Sumo Logic app for Nginx Plus. Sumo Logic supports a collection of logs and metrics data from Nginx Plus in both Kubernetes and non-Kubernetes environments. Click on the appropriate links below based on the environment where your Nginx Plus servers are hosted. diff --git a/docs/integrations/web-servers/nginx.md b/docs/integrations/web-servers/nginx.md index 4ec80a74b3..75042e28be 100644 --- a/docs/integrations/web-servers/nginx.md +++ b/docs/integrations/web-servers/nginx.md @@ -36,7 +36,7 @@ Tutorial: Set up NGINX for non-Kubernetes Sources. ::: -## Collecting Logs for the Nginx app +## Collecting logs for the Nginx app This section provides instructions for configuring log and metric collection for the Sumo Logic app for Nginx. The following tasks are required: diff --git a/docs/integrations/web-servers/squid-proxy.md b/docs/integrations/web-servers/squid-proxy.md index 6cb94ce305..0985844f4f 100644 --- a/docs/integrations/web-servers/squid-proxy.md +++ b/docs/integrations/web-servers/squid-proxy.md @@ -18,7 +18,7 @@ This app is tested with the following Squid Proxy versions: * Non-Kubernetes environments: Squid Proxy version: 6.0.0 -## Collecting Logs and Metrics for the Squid Proxy app +## Collecting logs and metrics for the Squid Proxy app This section provides instructions for configuring log and metric collection for the Sumo Logic app for Squid Proxy. diff --git a/docs/integrations/web-servers/varnish.md b/docs/integrations/web-servers/varnish.md index 453aaa3430..0c9a84a9bb 100644 --- a/docs/integrations/web-servers/varnish.md +++ b/docs/integrations/web-servers/varnish.md @@ -50,7 +50,7 @@ This app is tested with the following versions: -## Collecting Logs and Metrics for Varnish +## Collecting logs and metrics for Varnish This section provides instructions for configuring log and metric collection for the Sumo Logic app for Varnish. diff --git a/docs/integrations/webhooks/netlify.md b/docs/integrations/webhooks/netlify.md index cb9d320b6c..92dd0a4f0f 100644 --- a/docs/integrations/webhooks/netlify.md +++ b/docs/integrations/webhooks/netlify.md @@ -15,7 +15,7 @@ Netlify is a web development platform for building fast and dynamic websites, e- The Sumo Logic app for Netlify ingests site deployment events into Sumo Logic through an outgoing webhook available in Netlify. For more information on supported events that are ingested through the Netlify webhook, see the [Netlify Documentation](https://docs.netlify.com/site-deploys/notifications/) -### Sample log message +### Sample log messages
View sample log message diff --git a/docs/integrations/webhooks/postman.md b/docs/integrations/webhooks/postman.md index fce71ca4a2..063357b02d 100644 --- a/docs/integrations/webhooks/postman.md +++ b/docs/integrations/webhooks/postman.md @@ -16,7 +16,7 @@ Postman is an API development tool that streamlines API building, testing, modif The Sumo Logic app for Postman ingests Postman events into Sumo Logic through an outgoing webhook available in the Postman. For more information on supported events that are ingested through the Postman webhook, see the [Postman Documentation](https://learning.postman.com/docs/integrations/webhooks/). -### Sample log message +### Sample log messages ```json { diff --git a/docs/integrations/webhooks/sentry.md b/docs/integrations/webhooks/sentry.md index 9f8b34747f..539337b79e 100644 --- a/docs/integrations/webhooks/sentry.md +++ b/docs/integrations/webhooks/sentry.md @@ -22,7 +22,7 @@ The Sumo Logic app for Sentry ingests Sentry events into Sumo Logic through an o - Comments - Errors -### Sample log message +### Sample log messages
View sample log message diff --git a/docs/integrations/webhooks/split.md b/docs/integrations/webhooks/split.md index ecdf775457..1cef924c9c 100644 --- a/docs/integrations/webhooks/split.md +++ b/docs/integrations/webhooks/split.md @@ -19,7 +19,7 @@ The Sumo Logic app for Split ingests Split events into Sumo Logic through an out - Admin audit logs - Impressions -### Sample log message +### Sample log messages
View sample log message diff --git a/docs/integrations/webhooks/squadcast.md b/docs/integrations/webhooks/squadcast.md index 29093b3d41..ba71171ed3 100644 --- a/docs/integrations/webhooks/squadcast.md +++ b/docs/integrations/webhooks/squadcast.md @@ -42,7 +42,7 @@ The Sumo Logic app for Squadcast ingests events into Sumo Logic through an outgo - SLO-Violating Incident spent error budget - StatusPage updated -### Sample log message +### Sample log messages
View sample log message diff --git a/docs/integrations/webhooks/stripe.md b/docs/integrations/webhooks/stripe.md index e838768a50..3782c01a61 100644 --- a/docs/integrations/webhooks/stripe.md +++ b/docs/integrations/webhooks/stripe.md @@ -16,7 +16,7 @@ Stripe is a popular online payment processing platform that enables businesses t The Sumo Logic app for Stripe ingests Stripe events into Sumo Logic through an outgoing webhook available in the Stripe. For more information on supported events that are ingested through the Stripe webhook, see the [Stripe documentation](https://stripe.com/docs/api/events/types). -### Sample log message +### Sample log messages ```json { From 715ce0abc078efcb7092068730d9307d4e242ee8 Mon Sep 17 00:00:00 2001 From: "Kim (Sumo Logic)" <56411016+kimsauce@users.noreply.github.com> Date: Mon, 1 Jul 2024 10:56:41 -0700 Subject: [PATCH 3/4] Update docs/send-data/installed-collectors/configuration.md Co-authored-by: John Pipkin (Sumo Logic) --- docs/send-data/installed-collectors/configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/installed-collectors/configuration.md b/docs/send-data/installed-collectors/configuration.md index 6b76690fde..b278294a6a 100644 --- a/docs/send-data/installed-collectors/configuration.md +++ b/docs/send-data/installed-collectors/configuration.md @@ -10,7 +10,7 @@ As the name implies, an Installed Collector is installed in your environment, as A Sumo Source is an object configured for a specific Collector that sends data to Sumo Logic. There are a number of Source types that work with Installed Collectors. For a list of all Sources supported by Installed Collectors, see [Sources for Installed Collectors](/docs/send-data/installed-collectors/sources). -See [How to Choose a Collector](/docs/send-data/choose-collector-source) for guidance on when to use a single or multiple Installed Collectors. +See [Choosing a Sumo Logic Collector and Source](/docs/send-data/choose-collector-source) for guidance on when to use a single or multiple Installed Collectors. :::note The maximum number of Collectors allowed per organization is 10,000. From 18e724012a5ec5aea73a793d847fc9b6dabc4ee4 Mon Sep 17 00:00:00 2001 From: "Kim (Sumo Logic)" <56411016+kimsauce@users.noreply.github.com> Date: Mon, 1 Jul 2024 10:56:48 -0700 Subject: [PATCH 4/4] Update docs/integrations/sumo-apps/enterprise-audit.md Co-authored-by: John Pipkin (Sumo Logic) --- docs/integrations/sumo-apps/enterprise-audit.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/sumo-apps/enterprise-audit.md b/docs/integrations/sumo-apps/enterprise-audit.md index 32ba5c7cde..b902c75b7a 100644 --- a/docs/integrations/sumo-apps/enterprise-audit.md +++ b/docs/integrations/sumo-apps/enterprise-audit.md @@ -62,7 +62,7 @@ import ViewDashboards from '../../reuse/apps/view-dashboards.md'; test -The **Enterprise Audit - Collector and Data Forwarding Management App** dashboards present information on Collector, Sources activities, and data forwarding trends by destination types. This App has the following two dashboard categories: +The **Enterprise Audit - Collector and Data Forwarding Management App** dashboards present information on Collector, Sources activities, and data forwarding trends by destination types. This app has the following two dashboard categories: * Collector Management * Data Forwarding Management