OSDOCS-13243: Removing references to Splunk Forwarder tcpout

Author: michaelryanmcneill

modules/cluster-wide-proxy-preqs.adoc

@@ -54,36 +54,5 @@ When using a cluster-wide proxy, you must configure the `s3.<aws_region>.amazona
 |https/443
 |The https://cloud.redhat.com/openshift site uses authentication from sso.redhat.com to download the cluster pull secret and use Red Hat SaaS solutions to facilitate monitoring of your subscriptions, cluster inventory, and chargeback reporting.
 |===
-+
-** Your proxy must exclude re-encrypting the following site reliability engineering (SRE) and management URLs:
-+
-[cols="6,1,6",options="header"]
-|===
-|Address | Protocol/Port | Function
-|`*.osdsecuritylogs.splunkcloud.com`
-
-**OR**
-
-`inputs1.osdsecuritylogs.splunkcloud.com`
-`inputs2.osdsecuritylogs.splunkcloud.com`
-`inputs4.osdsecuritylogs.splunkcloud.com`
-`inputs5.osdsecuritylogs.splunkcloud.com`
-`inputs6.osdsecuritylogs.splunkcloud.com`
-`inputs7.osdsecuritylogs.splunkcloud.com`
-`inputs8.osdsecuritylogs.splunkcloud.com`
-`inputs9.osdsecuritylogs.splunkcloud.com`
-`inputs10.osdsecuritylogs.splunkcloud.com`
-`inputs11.osdsecuritylogs.splunkcloud.com`
-`inputs12.osdsecuritylogs.splunkcloud.com`
-`inputs13.osdsecuritylogs.splunkcloud.com`
-`inputs14.osdsecuritylogs.splunkcloud.com`
-`inputs15.osdsecuritylogs.splunkcloud.com`
-|tcp/9997
-|Used by the splunk-forwarder-operator as a log forwarding endpoint to be used by Red Hat SRE for log-based alerting.
-
-|`http-inputs-osdsecuritylogs.splunkcloud.com`
-|https/443
-|Used by the splunk-forwarder-operator as a log forwarding endpoint to be used by Red Hat SRE for log-based alerting.
-|===
 --
 

modules/osd-aws-privatelink-firewall-prerequisites.adoc

@@ -292,25 +292,6 @@ Alternatively, if you choose to not use a wildcard for Amazon Web Services (AWS)
 |443
 |Alerting service used by {product-title} to send periodic pings that indicate whether the cluster is available and running.
 
-|`.osdsecuritylogs.splunkcloud.com`
-OR
-`inputs1.osdsecuritylogs.splunkcloud.com`
-`inputs2.osdsecuritylogs.splunkcloud.com`
-`inputs4.osdsecuritylogs.splunkcloud.com`
-`inputs5.osdsecuritylogs.splunkcloud.com`
-`inputs6.osdsecuritylogs.splunkcloud.com`
-`inputs7.osdsecuritylogs.splunkcloud.com`
-`inputs8.osdsecuritylogs.splunkcloud.com`
-`inputs9.osdsecuritylogs.splunkcloud.com`
-`inputs10.osdsecuritylogs.splunkcloud.com`
-`inputs11.osdsecuritylogs.splunkcloud.com`
-`inputs12.osdsecuritylogs.splunkcloud.com`
-`inputs13.osdsecuritylogs.splunkcloud.com`
-`inputs14.osdsecuritylogs.splunkcloud.com`
-`inputs15.osdsecuritylogs.splunkcloud.com`
-|9997
-|Used by the `splunk-forwarder-operator` as a logging forwarding endpoint to be used by Red{nbsp}Hat SRE for log-based alerting.
-
 |`http-inputs-osdsecuritylogs.splunkcloud.com`
 |443
 |Required. Used by the `splunk-forwarder-operator` as a logging forwarding endpoint to be used by Red{nbsp}Hat SRE for log-based alerting.

modules/osd-gcp-psc-firewall-prerequisites.adoc

@@ -153,40 +153,6 @@ Managed clusters require the enabling of telemetry to allow Red Hat to react mor
 |443
 |Alerting service used by {product-title} to send periodic pings that indicate whether the cluster is available and running.
 
-|`*.osdsecuritylogs.splunkcloud.com`
-
-OR
-
-`inputs1.osdsecuritylogs.splunkcloud.com`
-
-`inputs2.osdsecuritylogs.splunkcloud.com`
-
-`inputs4.osdsecuritylogs.splunkcloud.com`
-
-`inputs5.osdsecuritylogs.splunkcloud.com`
-
-`inputs6.osdsecuritylogs.splunkcloud.com`
-
-`inputs7.osdsecuritylogs.splunkcloud.com`
-
-`inputs8.osdsecuritylogs.splunkcloud.com`
-
-`inputs9.osdsecuritylogs.splunkcloud.com`
-
-`inputs10.osdsecuritylogs.splunkcloud.com`
-
-`inputs11.osdsecuritylogs.splunkcloud.com`
-
-`inputs12.osdsecuritylogs.splunkcloud.com`
-
-`inputs13.osdsecuritylogs.splunkcloud.com`
-
-`inputs14.osdsecuritylogs.splunkcloud.com`
-
-`inputs15.osdsecuritylogs.splunkcloud.com`
-|9997
-|Used by the `splunk-forwarder-operator` as a logging forwarding endpoint to be used by Red{nbsp}Hat SRE for log-based alerting.
-
 |`http-inputs-osdsecuritylogs.splunkcloud.com`
 |443
 |Used by the `splunk-forwarder-operator` as a logging forwarding endpoint to be used by Red{nbsp}Hat SRE for log-based alerting.

osd_whats_new/osd-whats-new.adoc

@@ -15,6 +15,10 @@ With its foundation in Kubernetes, {product-title} is a complete {OCP} cluster p
 [id="osd-new-changes-and-updates_{context}"]
 == New changes and updates
 
+[id="osd-q1-2025_{context}"]
+=== Q1 2025
+* **Red{nbsp}Hat SRE log-based alerting endpoints have been updated.** {product-title} customers who are using a firewall to control egress traffic can now remove all references to `*.osdsecuritylogs.splunkcloud.com:9997` from your firewall allowlist. {product-title} clusters still require the `http-inputs-osdsecuritylogs.splunkcloud.com:443` log-based alerting endpoint to be accessible from the cluster.
+
 [id="osd-q4-2024_{context}"]
 === Q4 2024
 

rosa_release_notes/rosa-release-notes.adoc

@@ -24,6 +24,8 @@ Egress lockdown is a Technology Preview feature.
 ====
 
 * **Egress lockdown is now available as a Technology Preview on {product-title} clusters.** You can create a fully operational cluster that does not require a public egress by configuring a virtual private cloud (VPC) and using the `--properties zero_egress:true` flag when creating your cluster. For more information, see xref:../rosa_hcp/rosa-hcp-egress-lockdown-install.adoc#rosa-hcp-egress-lockdown-install[Creating a {product-title} cluster with egress lockdown].
+
+* **Red{nbsp}Hat SRE log-based alerting endpoints have been updated.** {product-title} customers who are using a firewall to control egress traffic can now remove all references to `*.osdsecuritylogs.splunkcloud.com:9997` from your firewall allowlist. {product-title} clusters still require the `http-inputs-osdsecuritylogs.splunkcloud.com:443` log-based alerting endpoint to be accessible from the cluster. This is applicable only to Red{nbsp}Hat OpenShift Service on AWS (classic architecture).
 endif::openshift-rosa[]
 ifdef::openshift-rosa-hcp[]
 [IMPORTANT]