diff --git a/docs/search/copilot.md b/docs/search/copilot.md
index f9c16b0e89..d1e8f646f0 100644
--- a/docs/search/copilot.md
+++ b/docs/search/copilot.md
@@ -68,13 +68,15 @@ In this section, you'll learn the recommended workflow for using Copilot effecti
To start using Copilot:
-From the [**Classic UI**](/docs/get-started/sumo-logic-ui-classic), navigate to the **Copilot** tab.
})
+From the [**Classic UI**](/docs/get-started/sumo-logic-ui-classic), navigate to the **Copilot** tab.
-From the [**New UI**](/docs/get-started/sumo-logic-ui), click **Copilot** in the left nav.
})
+From the [**New UI**](/docs/get-started/sumo-logic-ui), click **Copilot** in the left nav.
### Step 2: Review the auto-selected source
-Review the auto-selected **Source Category** and adjust it if needed. The source category is selected based on Copilot’s assessment of user intent. You can also type a source expression in the box. In either approach, you are defining the scope of your exploration. In this example, we'll select a source for AWS WAF. For indexes, type `_index=`.
+Review the auto-selected **Source Category** and adjust it if needed. The source category is selected based on Copilot’s assessment of user intent. You can also type a source expression in the box. In either approach, you are defining the scope of your exploration.
+
+In this example, we'll select a source for AWS WAF. For indexes, type `_index=`. Autocompletion is supported for sources; type a few words, view source suggestions and pick one.
})
@@ -86,9 +88,9 @@ In this example, we'll click `Count the number of log entries by the collector I
})
-#### Ask a question
+### Step 4: Ask a question
-In the **Ask Something...** field, you can manually enter a natural language prompt similar to the prebuilt ones under **Suggestions**. In addition, use autocompletions if appropriate. Type a work in the search bar to trigger completions based on the keyword.
+In the **Ask Something...** field, you can manually enter a natural language prompt similar to the prebuilt ones under **Suggestions**. In addition, use autocompletions if appropriate. Type a word in the search bar to trigger completions based on the keyword.
@@ -104,16 +106,22 @@ Break your questions into smaller, specific requirements to help Copilot provide
see https://drive.google.com/file/d/10XUn4DQD3K91V3Qf5heCizkHJneTaBJ7/view?usp=sharing
--->
-Copilot is built on [Sumo Logic search query language](/docs/search/search-query-language). Below are key functions you can call using natural language prompts:
+##### Tips and tricks
-* `Count logs by` [field(s)]
-* `Group logs by` [field(s)]
+* **Start with a broad query**. Begin with a query like `Show me the most recent logs` to understand the structure and available fields in your logs.
+* **Disambiguate field names**. If fields have similar names and cause confusion, explicitly specify the field (e.g., ``) to improve accuracy.
+* **Experiment with phrasing**. Try multiple variations of a query to provide context and receive more relevant suggestions.
+* **Include time or variations to add `timeslice` as a dimension**. When timeslicing data, include the term `time` in your query. For example: `Count requests, every 1m, different code challenges and user used during login attempts by time`.
+
+Below are examples of how you can phrase queries if the autocompletions and contextual suggestions are not relevant to you:
+
+* `Count logs by` [field(s)] and `Group logs by` [field(s)] produce the same result
* `Sort by` [field(s)] [in descending order]
-* `Percentage breakdown in` [field] `values`
+* `Percentage by` [field] `values`
* `Find` [stat] `for` [field] (max, min, standard deviation, etc.)
* `Filter by` [field] `contains` [keyword]
:::note
- Keyword searches are case-sensitive
+ Keyword searches are case-sensitive.
:::
* `Apply logreduce to logs`
@@ -122,13 +130,6 @@ Additional prompts can trigger more advanced activities (e.g., mapping network a
* `Analyze risk and severity of network activity`
* `Identify top application categories accessed`
-##### Tips and tricks
-
-* **Start with a broad query**. Begin with a query like `Show me the most recent logs` to understand the structure and available fields in your logs.
-* **Clarify field names**. If fields have similar names and cause confusion, explicitly specify the field (e.g., ``) to improve accuracy.
-* **Experiment with phrasing**. Try multiple variations of a query to provide context and receive more relevant suggestions.
-* **Include time for timeslicing**. When timeslicing data, include the term `time` in your query. For example: `Count requests, every 1m, different code challenges and user used during login attempts by time`.
-
#### Time range
By default, Copilot searches run with a 15-minute time range. If your search returns no results, consider expanding the time range.
@@ -197,7 +198,7 @@ Second, you can resume from a specific query in a conversation by clicking on th
To start a fresh exploration, click **New Conversation**. This clears your current session and allows you to begin with a clean slate.
})
-### Step 4: Open in Log Search
+### Step 5: Open in Log Search
Click the **Open in Log Search** icon, which will copy your query from Copilot over to a new log search, allowing you to utilize all of Sumo Logic's search functionality. You can continue investigating, save the search, and remediate.
@@ -264,7 +265,7 @@ To summarize, you conclude there is malicious activity originating from certain
## Role Based Access Control
-Role Based Access Control is not supported for contextual suggestions and autocompletions. It is possible for a user who is blocked by [log search RBAC](/docs/manage/users-roles/roles/construct-search-filter-for-role/) to view suggestions or completions for unpermitted source expressions. However, they will not be executed by the search and will see the error: `""`.
+Role Based Access Control is not supported for contextual suggestions and autocompletions. It is possible for a user who is blocked by [log search RBAC](/docs/manage/users-roles/roles/construct-search-filter-for-role/) to view suggestions or completions for unpermitted source expressions. However, they will not be executed by the search.
## Feedback
@@ -275,3 +276,7 @@ We want your feedback! Let us know what you think by clicking the thumbs up or t
You can also leave feedback on errors.
})
+
+## Opt out
+
+To opt out of Copilot, contact our [support team](https://support.sumologic.com/support/s/).
diff --git a/static/img/search/copilot/copilot-tab-new.png b/static/img/search/copilot/copilot-tab-new.png
index fa565d9f95..04f7b9dc5c 100644
Binary files a/static/img/search/copilot/copilot-tab-new.png and b/static/img/search/copilot/copilot-tab-new.png differ
diff --git a/static/img/search/copilot/copilot-tab.png b/static/img/search/copilot/copilot-tab.png
index 79b0488ebc..9572e849ea 100644
Binary files a/static/img/search/copilot/copilot-tab.png and b/static/img/search/copilot/copilot-tab.png differ