Merge branch 'main' into patch-1

Author: juergen-walter

docs/configuration-parameters-1830bca.md

@@ -128,6 +128,34 @@ Configures the data ingestion over the ingest-otlp endpoint \(OpenTelemetry Prot
 <tr>
 <td valign="top">
 
+feature\_flags
+
+</td>
+<td valign="top">
+
+No
+
+</td>
+<td valign="top">
+
+String Array
+
+</td>
+<td valign="top">
+
+Used for enabling specific/experimental features specified as array:
+
+`"feature_flags": [ "feature-1", "feature 2" ]`. Please omit or keep empty by default.
+
+Available feature flags:
+
+`upgradeToOpenSearchV2` to use OpenSearch 2.19; note that an upgraded version can not be downgraded any more. See [3617458 - SAP Cloud Logging: OpenSearch Stack Update Available](https://me.sap.com/notes/3617458).
+
+</td>
+</tr>
+<tr>
+<td valign="top">
+
 retention\_period
 
 </td>
@@ -675,3 +703,28 @@ Key to sign tokens. Provide a *random* key with an *even number \(min. length: 3
 </tr>
 </table>
 
+
+
+<a name="loio1830bca1b060484e9cfabc0e62472e8e__section_rgc_gm1_cgc"/>
+
+## Sample Configuration Parameters in JSON
+
+The following snippet shows a sample payload that could be used for a `standard` or `large` plan:
+
+> ### Sample Code:  
+> ```
+> {
+>   "backend": {
+>     "max_data_nodes": 10
+>   },
+>   "dashboards": {
+>     "custom_label": "My-Label"
+>   },
+>   "feature_flags": [ "upgradeToOpenSearchV2" ],
+>   "ingest": {
+>     "max_instances": 10
+>   },
+>   "retention_period": 14
+> }
+> ```
+

docs/index.md

@@ -19,5 +19,6 @@ SAP Cloud Logging service is an instance-based and environment-agnostic observab
     -   [Rotate the Ingestion Root CA Certificate](rotate-the-ingestion-root-ca-certificate-bbcb3e7.md)
 -   [Access and Analyze Observability Data](access-and-analyze-observability-data-dad5b01.md)
 -   [Data Protection and Privacy](data-protection-and-privacy-80e76fd.md)
+-   [Security Recommendations](security-recommendations-3382a69.md)
 -   [Backup and Restore Custom Contents](backup-and-restore-custom-contents-5b9bc66.md)
 

docs/prerequisites-41d8559.md

@@ -143,14 +143,14 @@ Parameterization
 </td>
 <td valign="top">
 
-Set IdP information `idp.metadata_url` and `idp.entity_id` from Obtain SAML 2.0 IdP Information step.
+Set IdP information `idp.metadata_url` \(e.g.: `https://myaccount.accounts.ondemand.com/saml2/metadata`\) and `idp.entity_id` \(e.g. `https://myaccount.accounts.ondemand.com`\) from Obtain SAML 2.0 IdP Information step.
 
 </td>
 </tr>
 <tr>
 <td valign="top">
 
-Set `sp.entity_id` from Create a SAML 2.0 application step.
+Set `sp.entity_id` from Create a SAML 2.0 application step \(Do not confuse with `idp.entity_id`\)
 
 </td>
 </tr>

docs/security-recommendations-3382a69.md

@@ -0,0 +1,26 @@
+<!-- loio3382a694e46d4a2da863bb5413bc1cb4 -->
+
+# Security Recommendations
+
+
+
+<a name="loio3382a694e46d4a2da863bb5413bc1cb4__section_rfs_xm2_bgc"/>
+
+## Security Recommendations for SAP Cloud Logging
+
+SAP Cloud Logging publishes a list of recommendations to be considered for security configuration under [SAP BTP Security Recommendations](https://help.sap.com/docs/btp/sap-btp-security-recommendations-c8a9bb59fe624f0981efa0eff2497d7d/sap-btp-security-recommendations?seclist-index=BTP-CLS&locale=en-US).
+
+Please verify whether the recommendations are relevant to you and ensure that your Cloud Logging instances are configured accordingly.
+
+
+
+<a name="loio3382a694e46d4a2da863bb5413bc1cb4__section_p2w_zm2_bgc"/>
+
+## Monitor Security Recommendations with SAP Cloud ALM
+
+With the Configuration & Security Analysis app of [SAP Cloud ALM](https://help.sap.com/docs/cloud-alm), you can check if your Cloud Logging instances are configured in alignment with the [SAP BTP Security Recommendations - Cloud Logging](https://help.sap.com/docs/btp/sap-btp-security-recommendations-c8a9bb59fe624f0981efa0eff2497d7d/sap-btp-security-recommendations?seclist-index=BTP-CLS&locale=en-US).
+
+> ### Note:  
+> -   SAP Cloud Logging reports data to SAP Cloud ALM daily. For more information, see [Monitor Security Recommendations with SAP Cloud ALM](https://help.sap.com/docs/btp/sap-btp-security-recommendations-c8a9bb59fe624f0981efa0eff2497d7d/monitor-security-recommendations-with-sap-cloud-alm?locale=en-US).
+> -   Currently, only the critical-level security recommendation \(setting up SAML authentication with Identity Authentication Service\) is reported from SAP Cloud Logging to SAP Cloud ALM.
+