diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml
index 35a7fc9eebf6..6f4328ffe517 100644
--- a/_topic_maps/_topic_map.yml
+++ b/_topic_maps/_topic_map.yml
@@ -3,6 +3,8 @@ Name: About OpenShift logging
 Dir: about
 Distros: openshift-logging
 Topics:
+- Name: Logging 6.3 release notes
+  File: logging-release-notes
 - Name: Logging overview
   File: about-logging
 - Name: Cluster logging support
diff --git a/about/logging-release-notes.adoc b/about/logging-release-notes.adoc
new file mode 100644
index 000000000000..9934d6b1e49e
--- /dev/null
+++ b/about/logging-release-notes.adoc
@@ -0,0 +1,10 @@
+:_mod-docs-content-type: ASSEMBLY
+include::_attributes/common-attributes.adoc[]
+[id="logging-release-notes"]
+= Logging 6.3 release notes
+
+:context: logging-release-notes
+
+toc::[]
+
+include::modules/logging-release-notes-6-3-0.adoc[leveloffset=+1]
\ No newline at end of file
diff --git a/modules/logging-release-notes-6-3-0.adoc b/modules/logging-release-notes-6-3-0.adoc
new file mode 100644
index 000000000000..d5868b1f0228
--- /dev/null
+++ b/modules/logging-release-notes-6-3-0.adoc
@@ -0,0 +1,73 @@
+// Module included in the following assemblies:
+//
+// * about/logging-release-notes.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="logging-release-notes-6-3-0_{context}"]
+= Logging 6.3.0 release notes
+
+This release of {LoggingProductName} is supported on {ocp-product-title} 4.17 and later. This release includes new features and bug fixes. 
+
+[id="openshift-logging-release-notes-6-3-0-enhancements_{context}"]
+== New features and enhancements
+
+[id="log-collection_{context}"]
+=== Log collection
+
+* With this release, you can configure multiple {aws-first} outputs with distinct identity and access management (IAM) roles in the `clusterLogForwarder` resource. (https://issues.redhat.com/browse/LOG-6790[LOG-6790])
+
+* With this release, you can configure affinity rules to control collector scheduling. (https://issues.redhat.com/browse/LOG-6858[LOG-6858])
+
+* With this release, the default values of Splunk metadata keys (that is, index, indexed fields, source, and message payload) are predefined for log forwarders. The values are based on the log type. As a user, you can override these values. (https://issues.redhat.com/browse/LOG-6859[LOG-6859]) 
+
+[id="log-storage_{context}"]
+=== Log storage
+
+* With this release, you can use the `forcepathstyle` field in the S3 secret. Use this field to configure Loki to use either path style or virtual host style for the S3 access. By default, only {aws-short} endpoints use the virtual host style URL, while others use path-style. (https://issues.redhat.com/browse/LOG-7024?[LOG-7024])
+
+[id="logging-release-notes-6-3-0-technology-preview-features_{context}"]
+== Technology preview features
+
+:FeatureName: The OpenTelemetry Protocol (OTLP) output log forwarder
+include::snippets/technology-preview.adoc[]
+
+[id="logging-release-notes-6-3-0-bug-fixes_{context}"]
+== Bug fixes
+
+* Before this update, collector pods would enter a crash loop due to a configuration error when attempting token-based authentication with an Elasticsearch output. With this update, token authentication with an Elasticsearch output generates a valid configuration. (https://issues.redhat.com/browse/LOG-5991[LOG-5991])
+
+//* Before this update, alerting rules created by the {loki-op} incorrectly used the `message` field to display the message related to the alert. With this update, the alerting rules correctly use the `description` field. (https://issues.redhat.com/browse/LOG-6380[LOG-6380]) 
+
+* Before this update, because of a lack of filtering based on the namespace in the Prometheus rules endpoint, user alerts were visible in unrelated namespaces. With this update, rule label filters have been added to the handler configuration. As a result, alert visibility is now restricted to the original namespace. (https://issues.redhat.com/browse/LOG-6148[LOG-6148])
+
+//* Before this update, `ClusterLogForwarder` CR status updates failed due to an incorrect patching method. As a consequence, the {clo} failed to update objects, which caused log data inconsistencies. With this release, `ClusterLogForwarder` CR status uses the `Patch()` method instead of the `Update()` method. As a result, the {clo} no longer fails to update the object, which improves log forwarding stability. (https://issues.redhat.com/browse/LOG-6539[LOG-6539])
+
+//* Before this update, the Vector collector could not forward OpenShift Virtual Network (OVN) and auditd logs. With this update, OpenTelemetry Protocol (OTLP) semantic conventions table has been improved to support OVN logs and auditd logs in observability pipelines. As a result, OVN and auditd logs are successfully forwarded. (https://issues.redhat.com/browse/LOG-6711[LOG-6711])
+
+//* Before this update, an empty OpenTelemetry (OTEL) tuning configuration caused a validation error, which resulted in a build failure for the `ClusterLogForwarder` CR. With this update, the validation rules allow empty OTEL tuning configurations. (https://issues.redhat.com/browse/LOG-6806[LOG-6806])
+
+* Before this update, the Loki API documentation did not specify the required attributes for the `lokistack.spec.tenants.openshift.otlp` resource. With this update, the Loki API documentation has been updated to include the missing information. (https://issues.redhat.com/browse/LOG-6810[LOG-6810])
+
+* Before this update, the loki-gateway did not enforce fine-grained authorization on the `/series` endpoint for the `application` tenant. As a consequence, users could get unauthorized access to the stream metadata information from different log streams. With this update, the `/series` endpoint uses the `match` parameter instead of the `query` parameter to filter the series metadata that is returned for a request. As a result, the loki-gateway correctly enforces fine-grained authorization for the `/series` endpoint for the `application` tenant. (https://issues.redhat.com/browse/LOG-6892[LOG-6892])
+
+//* Before this update, Loki ingesters that got into an `UNHEALTHY` state due to networking issues remained so, even when the network recovered. With this update, the {loki-op} adds a configuration option to perform service discovery more often. As a result, `UNHEALTHY` ingesters are permitted to rejoin the group. (https://issues.redhat.com/browse/LOG-6987[LOG-6987])
+
+//* Before this update, when using the OTEL data model, the Loki distributor returned parsing errors when it received logs without the `responseStatus.code` field. As a consequence, users saw parsing errors in Loki audit logs. With this release, empty `k8s.audit.event.response.code` Loki attributes in logs are ignored. As a result, users do not see parsing errors in Loki audit logs. (https://issues.redhat.com/browse/LOG-7028[LOG-7028])
+
+//* Before this update, merging data from the `message` field into the root of a syslog event caused inconsistencies with the ViaQ data model. These inconsistencies could overwrite system information, duplicate data, or corrupt the log event. This update makes syslog parsing and merging consistent with the other output types and resolves the issue. (https://issues.redhat.com/browse/LOG-7189[LOG-7189])
+
+* Before this update, restarting Vector collector pods in {ocp-product-title} clusters created a high volume of requests to the `KubeAPI`. As a result, the control plane could become unavailable. With this update, when restarting the collector pods, users can enable kube caching with the `use-apiserver-cache` attribute and configure the DaemonSet rollout strategy with the `max-unavailable-rollout` attribute . As a result, the control plane remains stable during collector pod restarts, which reduces API request timeouts. (https://issues.redhat.com/browse/LOG-7196[LOG-7196])
++
+[IMPORTANT]
+====
+Using the `use-apiserver-cache` and `max-unavailable-rollout` attributes is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
+
+For more information about the support scope of Red Hat Technology Preview features, see link:https://access.redhat.com/support/offerings/techpreview/[Technology Preview Features Support Scope].
+====
+
+*  Before this update, a `ClusterLogForwarder` CR that was configured for a `LokiStack` output with the OTEL data model incorrectly passed validation without the `tech preview` annotation. With this update, a `ClusterLogForwarder` CR that is configured for a `LokiStack` output with the OTEL data model correctly fails validation unless the `tech preview` annotation is included. (https://issues.redhat.com/browse/LOG-7279[LOG-7279])
+
+[id="logging-release-notes-6-3-0-known-issues_{context}"]
+== Known issues
+
+* When you forward logs to a syslog output, the produced message format is inconsistent between Fluentd and Vector log collectors. Vector messages are within quotation marks; Fluentd messages are not. As a consequence, users might experience issues with their tool integrations when they migrate from Fluentd to Vector. (link:https://issues.redhat.com/browse/LOG-7007[LOG-7007])