})
diff --git a/docs/integrations/microsoft-azure/azure-analysis-services.md b/docs/integrations/microsoft-azure/azure-analysis-services.md
deleted file mode 100644
index 2489aaf234..0000000000
--- a/docs/integrations/microsoft-azure/azure-analysis-services.md
+++ /dev/null
@@ -1,63 +0,0 @@
----
-id: azure-analysis-services
-title: Azure Analysis Services
-description: Learn about the Sumo Logic collection process for the Azure Analysis Services service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-[Azure Analysis Services](https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-overview) is a fully managed platform as a service (PaaS) that provides enterprise-grade data models in the cloud. This integration helps in monitoring how your servers are performing and tracking server events like start, stop, pause, restart and delete.
-
-## Log and Metric types
-
-For Azure Analysis Services, you can collect the following logs and metrics:
-
-* [Engine logs](https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-logging#engine)
-* [Service logs](https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-logging#service)
-* **Server Metrics**. These metrics are available in [Microsoft.AnalysisServices/servers](https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-analysisservices-servers-metrics) namespace. For more information on supported metrics, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-monitor#server-metrics).
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-* Metrics collection using our [HTTP Logs and Metrics source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/) via Azure Functions deployed using the ARM template.
-
-You must explicitly enable diagnostic settings for each Azure Analysis Services server you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/AnalysisServices/Logs`, `Azure/AnalysisServices/Metrics`.
-
-### Configure metrics collection
-
-In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
-
-1. [Configure an HTTP Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-1-configure-an-http-source).
-2. [Configure and deploy the ARM Template](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-2-configure-azure-resources-using-arm-template).
-3. [Export metrics to Event Hub](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-3-export-metrics-for-a-particular-resource-to-event-hub). Perform below steps for each Azure Analysis Services server that you want to monitor.
- 1. Choose `Stream to an event hub` as destination.
- 1. Select `AllMetrics`.
- 1. Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-### Configure logs collection
-
-In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
-
-1. To set up the Azure Event Hubs cloud-to-cloud source in Sumo Logic portal, refer to our [Azure Event Hubs source documentation](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-2. To create the Diagnostic settings in Azure portal, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-logging#setup-diagnostics-logging). Perform below steps for each Azure Analysis Services server that you want to monitor.
- 1. Choose `Stream to an event hub` as the destination.
- 1. Select `Engine` and `Service`.
- 1. Use the Event hub namespace and Event hub name configured in previous step in destination details section. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-## Troubleshooting
-
-### Azure Event Hubs Source
-
-Common error types are described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#error-types).
-
-You can try [restarting](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#restarting-your-source) the source for `ThirdPartyConfig` errors.
-
-### HTTP Logs and Metrics Source used by Azure Functions
-
-To troubleshoot metrics collection, follow the instructions in [Collect Metrics from Azure Monitor > Troubleshooting metrics collection](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#troubleshooting-metrics-collection).
diff --git a/docs/integrations/microsoft-azure/azure-api-management.md b/docs/integrations/microsoft-azure/azure-api-management.md
deleted file mode 100644
index 04c65a9cbd..0000000000
--- a/docs/integrations/microsoft-azure/azure-api-management.md
+++ /dev/null
@@ -1,64 +0,0 @@
----
-id: azure-api-management
-title: Azure API Management
-description: Learn about the Sumo Logic collection process for the Azure API Management service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-[Azure API Management](https://learn.microsoft.com/en-us/azure/api-management/api-management-key-concepts) is a hybrid, multicloud management platform for APIs across all environments. As a platform-as-a-service, API Management supports the complete API lifecycle. This integration helps in giving you near real-time visibility into the state and health of your APIs and also provides rich information about API Management operations that are important for auditing.
-
-## Log and Metric types
-
-For Azure API Management, you can collect the following logs and metrics:
-
-* **Resource logs**. To know more about the resource log schema for Azure API Management, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/api-management/gateway-log-schema-reference). The Consumption tier doesn't support the collection of resource logs.
-* **Platform Metrics for Azure API Management**. These metrics are available in [Microsoft.ApiManagement/service](https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-apimanagement-service-metrics) namespace.
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-* Metrics collection using our [HTTP Logs and Metrics source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/) via Azure Functions deployed using the ARM template.
-
-You must explicitly enable diagnostic settings for each Azure API Management service you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/APIManagement/Logs`, `Azure/APIManagement/Metrics`.
-
-### Configure metrics collection
-
-In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
-
-1. [Configure an HTTP Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-1-configure-an-http-source).
-2. [Configure and deploy the ARM Template](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-2-configure-azure-resources-using-arm-template).
-3. [Export metrics to Event Hub](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-3-export-metrics-for-a-particular-resource-to-event-hub). Perform below steps for each Azure API Management service that you want to monitor.
- 1. Choose `Stream to an event hub` as destination.
- 1. Select `AllMetrics`.
- 1. Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-### Configure logs collection
-
-In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
-
-1. To set up the Azure Event Hubs cloud-to-cloud source in Sumo Logic portal, refer to our [Azure Event Hubs source documentation](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-2. To create the Diagnostic settings in Azure portal, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-use-azure-monitor#resource-logs). Perform below steps for each Azure API Management service that you want to monitor.
- 1. Choose `Stream to an event hub` as the destination.
- 1. Select `allLogs`.
- 1. Use the Event hub namespace and Event hub name configured in previous step in destination details section. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-3. By default, logging is enabled for all APIs, to modify the [logging settings](https://learn.microsoft.com/en-us/azure/api-management/diagnostic-logs-reference), refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-use-azure-monitor#modify-api-logging-settings).
-4. To log API Management events using [log-to-eventhub](https://learn.microsoft.com/en-us/azure/api-management/log-to-eventhub-policy) policy, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-log-event-hubs?tabs=arm).
-
-## Troubleshooting
-
-### Azure Event Hubs Source
-
-Common error types are described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#error-types).
-
-You can try [restarting](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#restarting-your-source) the source for `ThirdPartyConfig` errors.
-
-### HTTP Logs and Metrics Source used by Azure Functions
-
-To troubleshoot metrics collection, follow the instructions in [Collect Metrics from Azure Monitor > Troubleshooting metrics collection](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#troubleshooting-metrics-collection).
diff --git a/docs/integrations/microsoft-azure/azure-app-configuration.md b/docs/integrations/microsoft-azure/azure-app-configuration.md
deleted file mode 100644
index 9b72122e27..0000000000
--- a/docs/integrations/microsoft-azure/azure-app-configuration.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-id: azure-app-configuration
-title: Azure App Configuration
-description: Learn about the Sumo Logic collection process for the Azure App Configuration service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-[Azure App Configuration](https://learn.microsoft.com/en-us/azure/azure-app-configuration/overview) provides a service to centrally manage application settings and feature flags. This integration helps in monitoring resource usage, such as the total number of requests, number of throttled requests, and request duration per configuration store.
-
-## Log and Metric types
-
-For Azure App Configuration, you can collect the following logs and metrics:
-
-* **Resource logs**. To know more about the different resource log category types and schemas collected for Azure App Configuration, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/azure-app-configuration/monitor-app-configuration-reference#resourcelogs).
-* **Platform Metrics for Azure App Configuration**. These metrics are available in [Microsoft.AppConfiguration/configurationStores](https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-appconfiguration-configurationstores-metrics) namespace. For more information on supported metrics and dimesnsions, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/azure-app-configuration/monitor-app-configuration-reference#metrics).
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-* Metrics collection using our [HTTP Logs and Metrics source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/) via Azure Functions deployed using the ARM template.
-
-You must explicitly enable diagnostic settings for each Azure App Configuration store you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/AppConfiguration/Logs`, `Azure/AppConfiguration/Metrics`.
-
-### Configure metrics collection
-
-In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
-
-1. [Configure an HTTP Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-1-configure-an-http-source).
-2. [Configure and deploy the ARM Template](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-2-configure-azure-resources-using-arm-template).
-3. [Export metrics to Event Hub](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-3-export-metrics-for-a-particular-resource-to-event-hub). Perform below steps for each Azure App Configuration store that you want to monitor.
- 1. Choose `Stream to an event hub` as destination.
- 1. Select `AllMetrics`.
- 1. Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-### Configure logs collection
-
-In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
-
-1. To set up the Azure Event Hubs cloud-to-cloud source in Sumo Logic portal, refer to our [Azure Event Hubs source documentation](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-2. To create the Diagnostic settings in Azure portal, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/azure-app-configuration/monitor-app-configuration?tabs=portal#collectionandrouting). Perform below steps for each Azure App Configuration store that you want to monitor.
- 1. Choose `Stream to an event hub` as the destination.
- 1. Select `allLogs`.
- 1. Use the Event hub namespace and Event hub name configured in previous step in destination details section. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-## Troubleshooting
-
-### Azure Event Hubs Source
-
-Common error types are described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#error-types).
-
-You can try [restarting](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#restarting-your-source) the source for `ThirdPartyConfig` errors.
-
-### HTTP Logs and Metrics Source used by Azure Functions
-
-To troubleshoot metrics collection, follow the instructions in [Collect Metrics from Azure Monitor > Troubleshooting metrics collection](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#troubleshooting-metrics-collection).
diff --git a/docs/integrations/microsoft-azure/azure-app-service-environment.md b/docs/integrations/microsoft-azure/azure-app-service-environment.md
deleted file mode 100644
index 5452545305..0000000000
--- a/docs/integrations/microsoft-azure/azure-app-service-environment.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-id: azure-app-service-environment
-title: Azure App Service Environment
-description: Learn about the Sumo Logic collection process for the Azure App Service Environment service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-An [Azure App Service Environment](https://learn.microsoft.com/en-us/azure/app-service/environment/overview) is an Azure App Service feature that provides a fully isolated and dedicated environment for running App Service apps securely at high scale. This integration helps in monitoring your environments operational events such as upgrades, scaling, and suspensions.
-
-The below instructions applies to App Service Environment v3.
-
-## Log and Metric types
-
-For Azure App Service Environment, you can collect the following logs:
-
-* **App Service Environment Platform Logs**. Logs are only emitted when your App Service Environment has an event (for example a scale operation with an App Service plan) that triggers the logs. To know more about the different situations and messages collected for Azure App Service Environment, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/app-service/environment/using#logging).
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-
-You must explicitly enable diagnostic settings for each Azure App Service Environment you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/AppServiceEnvironment/Logs`, `Azure/AppServiceEnvironment/Metrics`.
-
-### Configure logs collection
-
-In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
-
-1. To set up the Azure Event Hubs cloud-to-cloud source in Sumo Logic portal, refer to our [Azure Event Hubs source documentation](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-2. To create the Diagnostic settings in Azure portal, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#create-diagnostic-settings). Perform below steps for each Azure App Service Environment that you want to monitor.
- * Choose `Stream to an event hub` as the destination.
- * Select `App Service Environment Platform Logs`.
- * Use the Event hub namespace and Event hub name configured in previous step in destination details section. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-## Troubleshooting
-
-### Azure Event Hubs Source
-
-Common error types are described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#error-types).
-
-You can try [restarting](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#restarting-your-source) the source for `ThirdPartyConfig` errors.
diff --git a/docs/integrations/microsoft-azure/azure-app-service-plan.md b/docs/integrations/microsoft-azure/azure-app-service-plan.md
deleted file mode 100644
index 967eb3233f..0000000000
--- a/docs/integrations/microsoft-azure/azure-app-service-plan.md
+++ /dev/null
@@ -1,45 +0,0 @@
----
-id: azure-app-service-plan
-title: Azure App Service Plan
-description: Learn about the Sumo Logic collection process for the Azure App Service Plan service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-An [Azure App Service Plan](https://learn.microsoft.com/en-us/azure/app-service/overview-hosting-plans) defines a set of compute resources for a app service to run. This integration helps in monitoring memory, CPU, incoming and outgoing bandwidth, number of sockets and their states across all the instances of the plan.
-
-## Log and Metric types
-
-For Azure App Service Plan, you can collect the following metrics:
-
-* **Platform Metrics for Azure App Service Plan**. These metrics are available in [Microsoft.Web/serverfarms](https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-web-serverfarms-metrics) namespace. For more information on supported metrics, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/app-service/web-sites-monitor#understand-metrics). App Service plan metrics are available only for plans in Basic, Standard, and Premium tiers.
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-* Metrics collection using our [HTTP Logs and Metrics source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/) via Azure Functions deployed using the ARM template.
-
-You must explicitly enable diagnostic settings for each Azure App Service plan you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/AppServicePlan/Logs`, `Azure/AppServicePlan/Metrics`.
-
-### Configure metrics collection
-
-In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
-
-1. [Configure an HTTP Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-1-configure-an-http-source).
-2. [Configure and deploy the ARM Template](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-2-configure-azure-resources-using-arm-template).
-3. [Export metrics to Event Hub](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-3-export-metrics-for-a-particular-resource-to-event-hub). Perform below steps for each Azure App Service plan that you want to monitor.
- 1. Choose `Stream to an event hub` as destination.
- 1. Select `AllMetrics`.
- 1. Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-## Troubleshooting
-
-### HTTP Logs and Metrics Source used by Azure Functions
-
-To troubleshoot metrics collection, follow the instructions in [Collect Metrics from Azure Monitor > Troubleshooting metrics collection](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#troubleshooting-metrics-collection).
diff --git a/docs/integrations/microsoft-azure/azure-automation.md b/docs/integrations/microsoft-azure/azure-automation.md
deleted file mode 100644
index 76e3c01993..0000000000
--- a/docs/integrations/microsoft-azure/azure-automation.md
+++ /dev/null
@@ -1,62 +0,0 @@
----
-id: azure-automation
-title: Azure Automation
-description: Learn about the Sumo Logic collection process for the Azure Automation service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-[Azure Automation](https://learn.microsoft.com/en-us/azure/automation/overview) delivers a cloud-based automation, operating system updates, and configuration service that supports consistent management across your Azure and non-Azure environments. It includes process automation, configuration management, update management, shared capabilities, and heterogeneous features. This integration helps in monitoring create, update and delete operations for the Automation runbooks, jobs and automation assets like connection, credential, variable, and certificate. It also gives insights into the status of your Automation jobs.
-
-## Log and Metric types
-
-For Azure Automation, you can collect the following logs and metrics:
-
-* **Platform logs**. To know more about the different log category types and schemas collected for Azure Automation, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/automation/automation-manage-send-joblogs-log-analytics#azure-monitor-log-records).
-* **Platform Metrics for Azure Automation**. These metrics are available in [Microsoft.Automation/automationAccounts](https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-automation-automationaccounts-metrics) namespace.
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-* Metrics collection using our [HTTP Logs and Metrics source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/) via Azure Functions deployed using the ARM template.
-
-You must explicitly enable diagnostic settings for each Azure Automation account you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/Automation/Logs`, `Azure/Automation/Metrics`.
-
-### Configure metrics collection
-
-In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
-
-1. [Configure an HTTP Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-1-configure-an-http-source).
-2. [Configure and deploy the ARM Template](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-2-configure-azure-resources-using-arm-template).
-3. [Export metrics to Event Hub](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-3-export-metrics-for-a-particular-resource-to-event-hub). Perform below steps for each Azure Automation account that you want to monitor.
- 1. Choose `Stream to an event hub` as destination.
- 1. Select `AllMetrics`.
- 1. Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-### Configure logs collection
-
-In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
-
-1. To set up the Azure Event Hubs cloud-to-cloud source in Sumo Logic portal, refer to our [Azure Event Hubs source documentation](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-2. To create the Diagnostic settings in Azure portal, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/automation/automation-manage-send-joblogs-log-analytics#configure-diagnostic-settings-in-azure-portal). Perform below steps for each Azure Automation account that you want to monitor.
- 1. Choose `Stream to an event hub` as the destination.
- 1. Select `allLogs`.
- 1. Use the Event hub namespace and Event hub name configured in previous step in destination details section. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-## Troubleshooting
-
-### Azure Event Hubs Source
-
-Common error types are described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#error-types).
-
-You can try [restarting](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#restarting-your-source) the source for `ThirdPartyConfig` errors.
-
-### HTTP Logs and Metrics Source used by Azure Functions
-
-To troubleshoot metrics collection, follow the instructions in [Collect Metrics from Azure Monitor > Troubleshooting metrics collection](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#troubleshooting-metrics-collection).
diff --git a/docs/integrations/microsoft-azure/azure-hdinsight.md b/docs/integrations/microsoft-azure/azure-hdinsight.md
deleted file mode 100644
index 553fb53b92..0000000000
--- a/docs/integrations/microsoft-azure/azure-hdinsight.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-id: azure-hdinsight
-title: Azure HDInsight
-description: Learn about the Sumo Logic collection process for the Azure HDInsight service.
----
-
-import useBaseUrl from '@docusaurus/useBaseUrl';
-
-})
-
-[Azure HDInsight](https://learn.microsoft.com/en-gb/azure/hdinsight/hdinsight-overview) is a full-spectrum, managed cluster platform which simplifies running big data frameworks in large volume and velocity using Apache Spark, Apache Hive, LLAP, Apache Kafka, Apache Hadoop, and more in your Azure environment. This integration helps in monitoring request throughput, message throughput, and concurrent connections in your clusters.
-
-## Log and Metric types
-
-For Azure HDInsight, you can collect the following metrics:
-
-* **Availability**. These metrics are available in [Microsoft.HDInsight/clusters](https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-hdinsight-clusters-metrics) namespace. For more information on supported metrics, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-how-to-monitor#list-of-metrics).
-
-## Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Metrics collection using our [HTTP Logs and Metrics source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/) via Azure HDInsight deployed using the ARM template.
-
-You must explicitly enable diagnostic settings for each Azure HDInsight cluster that you want to monitor. You can forward metrics from multiple clusters to the same event hub provided they satisfy the limitations and permissions as described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/HDInsights/Metrics`.
-
-### Configure metrics collection
-
-In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
-
-1. [Configure an HTTP Source](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-1-configure-an-http-source).
-2. [Configure and deploy the ARM Template](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-2-configure-azure-resources-using-arm-template).
-3. [Export metrics to Event Hub](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#step-3-export-metrics-for-a-particular-resource-to-event-hub). Perform below steps for each Azure HDInsight cluster that that you want to monitor.
- 1. Choose `Stream to an event hub` as destination.
- 1. Select `Availability`.
- 1. Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy `RootManageSharedAccessKey` as the policy name.
-
-## Troubleshooting
-
-### HTTP Logs and Metrics Source used by Azure Functions
-
-To troubleshoot metrics collection, follow the instructions in [Collect Metrics from Azure Monitor > Troubleshooting metrics collection](/docs/send-data/collect-from-other-data-sources/azure-monitoring/collect-metrics-azure-monitor/#troubleshooting-metrics-collection).
diff --git a/docs/integrations/microsoft-azure/index.md b/docs/integrations/microsoft-azure/index.md
index d5e0ad16b7..e596b3290d 100644
--- a/docs/integrations/microsoft-azure/index.md
+++ b/docs/integrations/microsoft-azure/index.md
@@ -35,391 +35,335 @@ This guide has documentation for all of the apps that Sumo provides for Microsof
- A guide to the Sumo Logic integration for Azure App Service Environment.
-})
A guide to the Sumo Logic integration for Azure Cosmos DB for PostgreSQL.
})
A guide to the Sumo Logic integration for Azure Database for PostgreSQL.
}){kind=small}
A guide to the Sumo Logic app for Azure Kubernetes Service Control Plane.
})
- A guide to the Sumo Logic app for Microsoft Dynamics 365 Customer Insights.
-})
A guide to the Sumo Logic app for Microsoft Graph Identity Protection.
}){kind=icon}
A guide to the Sumo Logic app for PCI Compliance for Windows Legacy.
})
-
-[Microsoft Dynamics 365 Customer Insights](https://learn.microsoft.com/en-us/dynamics365/customer-insights/overview) is Microsoft's customer data platform (CDP) that helps deliver personalized customer experiences by unifying customer data with operational and IoT data in real-time. This integration helps in tracking changes via the Dynamics 365 Customer Insights UI; creation, update, and deletion events of API calls; and monitoring the execution events of workflow.
-
-## Log types
-
-For Microsoft Dynamics 365 Customer Insights, you can collect the following types of logs:
-
-* **Audit events**. API events to track the configuration changes on the service.
-* Operational events
- * **Workflow events**. The execution events of a workflow.
- * **API events**. Events to track all API calls from the customer's instance to Dynamics 365 Customer Insights.
-
-API events and workflow events have a common structure, but with a few differences. For more information, see [API event schema](https://learn.microsoft.com/en-us/dynamics365/customer-insights/diagnostics#api-event-schema) or [Workflow event schema](https://learn.microsoft.com/en-us/dynamics365/customer-insights/diagnostics#workflow-event-schema).
-
-### Setup
-
-Azure service sends monitoring data to Azure Monitor, which can then [stream data to Eventhub](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/stream-monitoring-data-event-hubs). Sumo Logic supports:
-
-* Logs collection from [Azure Monitor](https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-get-started) using our [Azure Event Hubs source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/).
-
-When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: `Azure/Dynamic365/Logs`
-
-### Prerequisites
-
-Follow the [prerequisites](https://learn.microsoft.com/en-us/dynamics365/customer-insights/diagnostics#prerequisites) before configuring the collection setup. We will be using Event hub as a destination resource, and more details about its limitations and permissions are described [here](https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#destination-limitations).
-
-### Configure logs collection
-
-In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
-
-1. Create an Event Hubs namespace as described in [step 2 of the prerequisites section](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#prerequisites). Here, you don't have to create an Event Hub Instance in step 3 since `Microsoft Dynamics 365 Customer Insights` automatically creates the below two Event Hubs:
-
- * **insight-logs-audit**. It contains audit events.
- * **insight-logs-operational**. It contains operational events.
-
-2. Create a [Shared Access Policy](https://docs.microsoft.com/en-us/azure/governance/policy/overview) for the entire namespace with the `Listen` claim or you can use the existing default `RootManageSharedAccessKey` policy. Copy the `Primary key` associated with this policy. For more details, refer to the [steps 4 and 5 of the prerequisites section](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#prerequisites).
-
-3. Create two Azure Event Hubs Sources using the instructions described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#create-an-azure-event-hubssource). You can add both of them to the same Hosted Collector. Provide `insight-logs-audit` and `insight-logs-operational` as `Event Hubs Instance Name` in the two Azure Event Hubs Sources, respectively.
-
-4. To create the Diagnostic settings in the Azure portal, refer to the [Azure documentation](https://learn.microsoft.com/en-us/dynamics365/customer-insights/diagnostics#set-up-diagnostics-with-azure-monitor).
- 1. Choose Event Hub as the`Resource type`.
- 1. Select the Event Hub's `Subscription` name, `Resource group` name, and `Resource` name for the destination resource.
-
-### Troubleshooting
-
-### Azure Event Hubs Source
-
-Common error types are described [here](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#error-types).
-
-You can try [restarting](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/azure-event-hubs-source/#restarting-your-source) the source for `ThirdPartyConfig` errors.
diff --git a/docs/integrations/saas-cloud/microsoft-graph-azure-ad-reporting.md b/docs/integrations/saas-cloud/microsoft-graph-azure-ad-reporting.md
index c3af4e2e4f..ba64639a7d 100644
--- a/docs/integrations/saas-cloud/microsoft-graph-azure-ad-reporting.md
+++ b/docs/integrations/saas-cloud/microsoft-graph-azure-ad-reporting.md
@@ -8,7 +8,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
-The Sumo Logic App for Microsoft Graph Azure AD Reporting enables you to access and monitor data, including audit information, user activity, sign-in patterns, and provisioning activities. It helps you to gain insights into how your organization uses Azure AD and identify potential security issues.
+The Sumo Logic App for Microsoft Graph Azure AD Reporting enables you to access and monitor data, including audit information, user activity, sign-in patterns, and provisioning activities. It helps you to gain insights into how your organization uses Azure AD and identify potential security issues.
Key features of the Microsoft Graph Azure AD Reporting app include:
- **Analyze Audit Activities**. Provides real-time user activity for every resource category and shows the distribution of audits by operations and services.
@@ -260,7 +260,7 @@ _sourceCategory="azure_ad_reporting" "activityDisplayName" "operationType"
| sort by frequency
```
-```sql title="Sign-In Over Time (Sign-In Acitvity)"
+```sql title="Sign-In Over Time (Sign-In Activity)"
_sourceCategory="azure_ad_reporting" "appDisplayName" "clientAppUsed" "ipAddress" "resourceId"
| json "id","ipAddress","clientAppUsed","isInteractive","resourceDisplayName","riskDetail","riskEventTypes","riskLevelAggregated","riskState","status.failureReason","conditionalAccessStatus" as id, ip,client_app_used,is_interactive,resource,risk_reason,risk_event_types,risk_level,risk_state,failure_reason,conditional_activity_status nodrop
| where risk_reason matches "{{risk_reason}}"
@@ -275,7 +275,7 @@ _sourceCategory="azure_ad_reporting" "appDisplayName" "clientAppUsed" "ipAddress
| fillmissing timeslice
```
-```sql title="Average Provisioning Activity Time (Provisioning Acitvity)"
+```sql title="Average Provisioning Activity Time (Provisioning Activity)"
_sourceCategory="azure_ad_reporting" "provisioningAction" "provisioningSteps" "provisioningStatusInfo"
| json "id","provisioningStatusInfo.status","provisioningAction","durationInMilliseconds","initiatedBy.initiatingType","servicePrincipal.displayName","sourceIdentity.identityType","sourceSystem.displayName","targetIdentity.identityType","targetSystem.displayName" as id,provisioning_status,provisioning_action,duration_in_ms,initiated_by,service_principal,source_identity_type,source_system,target_identity_type,target_system_name nodrop
| where initiated_by matches "{{initiated_by}}"
diff --git a/docs/manage/field-extractions/create-field-extraction-rule.md b/docs/manage/field-extractions/create-field-extraction-rule.md
index afd3479aec..a024389231 100644
--- a/docs/manage/field-extractions/create-field-extraction-rule.md
+++ b/docs/manage/field-extractions/create-field-extraction-rule.md
@@ -114,7 +114,7 @@ parse "user=\"*\" action=\"*\" sessionId=\"*\"" as user, action, sessionid
**Make sure all fields appear in the Scope you define.** When Field Extraction is applied to data, all fields must be present to have any fields indexed; even if one field isn't found in a message, that message is dropped from the results. In other words, it's all or nothing. For multiple sets of fields that are somewhat independent, make two rules.
-**Re-use field names in multiple FERs if scope is distinct and separate and not matching same messages.** To save space and allow for more FERs within your 200 field limit, you can re-use the field names as long as they are used in non-overlapping FERs.
+**Reuse field names in multiple FERs if scope is distinct and separate and not matching same messages.** To save space and allow for more FERs within your 200 field limit, you can reuse the field names as long as they are used in non-overlapping FERs.
**Avoid targeting the same field name in the same message with multiple FERs.** When more than one FER targets the same message with the same field name, one of the rules will NOT apply. The rule applied to the specific field name is randomly selected. Don't use the same field names in multiple FERs that target the same messages.
diff --git a/docs/manage/ingestion-volume/monitor-ingestion-receive-alerts.md b/docs/manage/ingestion-volume/monitor-ingestion-receive-alerts.md
index 322b20ea34..76612437dc 100644
--- a/docs/manage/ingestion-volume/monitor-ingestion-receive-alerts.md
+++ b/docs/manage/ingestion-volume/monitor-ingestion-receive-alerts.md
@@ -126,7 +126,7 @@ After completing the setup steps above, schedule the search to run, as follows.
1. Schedule the query you created in the previous step (**Query**). For details, see [Schedule a Search](../../alerts/scheduled-searches/schedule-search.md).
1. Set the run frequency to **Daily**.
-1. Set time range value to **Last 24 Hours**.})
1. Click the **More Actions** (kebab icon) dropdown menu.})
@@ -268,11 +268,11 @@ You can see the list of all saved filter views by clicking on the funnel icon.
})
-You can make further modifications to a saved filter view later using kebab menu options next to the funnel icon.
+You can make further modifications to a saved filter view later using kebab menu options next to the funnel icon.
})
:::note
* A maximum of 10 saved views are allowed per user.
* Saved filter views are only visible to you and cannot be shared with other users in your org.
-:::
\ No newline at end of file
+:::
diff --git a/docs/search/get-started-with-search/search-basics/about-search-basics.md b/docs/search/get-started-with-search/search-basics/about-search-basics.md
index 8087d67d4b..a97704d178 100644
--- a/docs/search/get-started-with-search/search-basics/about-search-basics.md
+++ b/docs/search/get-started-with-search/search-basics/about-search-basics.md
@@ -71,6 +71,6 @@ Searches can be long and complex, but they are limited to a maximum of 15,000 ch
* Learn more about [How to Build a Search](/docs/search/get-started-with-search/build-search).
* Expand the complexity of your search queries with Sumo Logic [search operators](/docs/search/search-query-language/group-aggregate-operators).
-* [Save a search](save-search.md) to re-use later or to run as regularly [scheduled searches](/docs/alerts/scheduled-searches/schedule-search) that can be delivered to your email address.
+* [Save a search](save-search.md) to reuse later or to run as regularly [scheduled searches](/docs/alerts/scheduled-searches/schedule-search) that can be delivered to your email address.
* [Share a link](share-link-to-search.md) to the results of a search query, depending on each user's permissions. To share a link to a search, after your query has run, click **Share** beneath the search query box. This link will be available for three years after it is created.
* See [Best Practices: Search Rules to Live By](/docs/search/get-started-with-search/build-search/best-practices-search) for types on writing efficient searches.
diff --git a/docs/search/get-started-with-search/suggested-searches/cisco-asa-parser.md b/docs/search/get-started-with-search/suggested-searches/cisco-asa-parser.md
index ad3e94c5be..d665dd60ed 100644
--- a/docs/search/get-started-with-search/suggested-searches/cisco-asa-parser.md
+++ b/docs/search/get-started-with-search/suggested-searches/cisco-asa-parser.md
@@ -12,7 +12,7 @@ Be sure to [save your search](../search-basics/save-search.md) queries if you
These are a few valuable search queries you can enter in the Search field when you want to discover details about your Cisco ASA traffic.
-The **`_sourceCategory`** fields shown in these sample queries are based on Sumo Logic's recommendations for [adding metadata to Sources](/docs/send-data/collection/edit-source.md). To re-use these queries, type the Category you entered for the relevant Source after `"_sourceCategory="` or use an asterisk wildcard (`*`) instead.
+The **`_sourceCategory`** fields shown in these sample queries are based on Sumo Logic's recommendations for [adding metadata to Sources](/docs/send-data/collection/edit-source.md). To reuse these queries, type the Category you entered for the relevant Source after `"_sourceCategory="` or use an asterisk wildcard (`*`) instead.
## Top Denied Sources
diff --git a/docs/search/optimize-search-performance.md b/docs/search/optimize-search-performance.md
index 7ad973d975..b2d045a95a 100644
--- a/docs/search/optimize-search-performance.md
+++ b/docs/search/optimize-search-performance.md
@@ -64,7 +64,7 @@ Here's a quick look at how to choose the right indexed search optimization tool.
| Segregate data by sourceCategory | Yes | |
| Have aggregate data ready to query | | Yes |
| Use RBAC to deny or grant access to the data set | Yes | Yes |
-| Re-use the fields that I'm parsing for other searches against this same sourceCategory | | |
+| Reuse the fields that I'm parsing for other searches against this same sourceCategory | | |
## How is data added to Partitions and Scheduled Views?
diff --git a/docs/send-data/collection/processing-rules/include-and-exclude-rules.md b/docs/send-data/collection/processing-rules/include-and-exclude-rules.md
index eeffea5811..7b96146131 100644
--- a/docs/send-data/collection/processing-rules/include-and-exclude-rules.md
+++ b/docs/send-data/collection/processing-rules/include-and-exclude-rules.md
@@ -28,27 +28,11 @@ you could use the following filter expression:
When writing regular expression rules, you must follow these rules:
* Your rule must be [RE2 compliant](https://github.com/google/re2/wiki/Syntax).
-
* Your rule must match the **entire message**, from the start to the end of any log message rather than addressing only a section.
-
-* For **single line messages**, you must prefix and suffix the regex expression with .\* if the matching string pattern is not at the beginning or end of the line. For example, if you want to exclude any message containing the words "secure" or "security", write the rule:
-
- ```
- .*secur.*
- ```
-
-* For **multiline messages**, add single line modifiers (?s) to the beginning and end of the expression to simplify matching your string, regardless of where it occurs in the message. For example, if you want to exclude any Windows Event message containing the Event Code 5156, write the rule like this:
-
- ```
- (?s).*EventCode = 5156.*(?s)
- ```
-
+* For **single line messages**, you must prefix and suffix the regex expression with .\* if the matching string pattern is not at the beginning or end of the line. For example, if you want to exclude any message containing the words "secure" or "security", write the rule: `.*secur.*`
+* For **multiline messages**, add single line modifiers (?s) to the beginning and end of the expression to simplify matching your string, regardless of where it occurs in the message. For example, if you want to exclude any Windows Event message containing the Event Code 5156, write the rule like this: `(?s).*EventCode = 5156.*(?s)`
* Syslog UDP messages may contain a trailing newline character, which will require the above regular expression to properly match your string.
-
* Exclude rules take priority over include rules. Include rules are processed first, however, if an exclude rule matches data that matched the include rule filter, the data is excluded.
-
* If two or more rules are listed, the assumed Boolean operator is OR.
-
* The processing rule name must be less than 32 characters.
-
* A rule will process single line log messages until 1MB of data is processed and multiline log messages until 2,000 lines or 512KB of data is processed, whichever comes first. Once these limits are reached the processing rule will ignore the rest of the log message and move on to the next log.
diff --git a/sidebars.ts b/sidebars.ts
index cf4bf941b0..97a3b13cc9 100644
--- a/sidebars.ts
+++ b/sidebars.ts
@@ -1915,13 +1915,7 @@ integrations: [
'integrations/microsoft-azure/active-directory-azure',
'integrations/microsoft-azure/audit',
'integrations/microsoft-azure/arm-integration-faq',
- 'integrations/microsoft-azure/azure-analysis-services',
- 'integrations/microsoft-azure/azure-api-management',
- 'integrations/microsoft-azure/azure-app-configuration',
- 'integrations/microsoft-azure/azure-app-service-environment',
- 'integrations/microsoft-azure/azure-app-service-plan',
'integrations/microsoft-azure/azure-application-gateway',
- 'integrations/microsoft-azure/azure-automation',
'integrations/microsoft-azure/azure-backup',
'integrations/microsoft-azure/azure-batch',
'integrations/microsoft-azure/azure-cache-for-redis',
@@ -1937,7 +1931,6 @@ integrations: [
'integrations/microsoft-azure/azure-event-hubs',
'integrations/microsoft-azure/azure-front-door',
'integrations/microsoft-azure/azure-functions',
- 'integrations/microsoft-azure/azure-hdinsight',
'integrations/microsoft-azure/azure-iot-hub',
'integrations/microsoft-azure/azure-key-vault',
'integrations/microsoft-azure/azure-load-balancer',
@@ -1955,7 +1948,6 @@ integrations: [
'integrations/microsoft-azure/azure-synapse-analytics',
'integrations/microsoft-azure/azure-virtual-network',
'integrations/microsoft-azure/kubernetes',
- 'integrations/microsoft-azure/microsoft-dynamics365-customer-insights',
'integrations/microsoft-azure/network-watcher',
'integrations/microsoft-azure/sql',
'integrations/microsoft-azure/web-apps',
diff --git a/static/img/integrations/microsoft-azure/azure-analysis-services.png b/static/img/integrations/microsoft-azure/azure-analysis-services.png
deleted file mode 100644
index a6341c2115..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-analysis-services.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-api-management.png b/static/img/integrations/microsoft-azure/azure-api-management.png
deleted file mode 100644
index 3ea4b2e279..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-api-management.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-app-configuration.png b/static/img/integrations/microsoft-azure/azure-app-configuration.png
deleted file mode 100644
index 5bcd9d96d9..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-app-configuration.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-app-service-environment.png b/static/img/integrations/microsoft-azure/azure-app-service-environment.png
deleted file mode 100644
index 566d59abc3..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-app-service-environment.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-app-service-plan.png b/static/img/integrations/microsoft-azure/azure-app-service-plan.png
deleted file mode 100644
index b055b0063f..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-app-service-plan.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-automation.png b/static/img/integrations/microsoft-azure/azure-automation.png
deleted file mode 100644
index 42275f1767..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-automation.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-hdinsight.png b/static/img/integrations/microsoft-azure/azure-hdinsight.png
deleted file mode 100644
index 2ff1537238..0000000000
Binary files a/static/img/integrations/microsoft-azure/azure-hdinsight.png and /dev/null differ
diff --git a/static/img/integrations/microsoft-azure/azure-storage.png b/static/img/integrations/microsoft-azure/azure-storage.png
index c67e6be58e..565603c5cb 100644
Binary files a/static/img/integrations/microsoft-azure/azure-storage.png and b/static/img/integrations/microsoft-azure/azure-storage.png differ
diff --git a/static/img/integrations/microsoft-azure/microsoft-dynamics365-customer-insights.png b/static/img/integrations/microsoft-azure/microsoft-dynamics365-customer-insights.png
deleted file mode 100644
index d28cad198f..0000000000
Binary files a/static/img/integrations/microsoft-azure/microsoft-dynamics365-customer-insights.png and /dev/null differ
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
})
}){kind=small}