sters
diff --git a/‎.apigentools-info
Lines changed: 4 additions & 4 deletions b/‎.apigentools-info
Lines changed: 4 additions & 4 deletions
diff --git a/‎assets/scripts/components/dd-browser-logs-rum.js
Lines changed: 15 additions & 4 deletions b/‎assets/scripts/components/dd-browser-logs-rum.js
Lines changed: 15 additions & 4 deletions
diff --git a/‎assets/scripts/config/config-docs.js
Lines changed: 2 additions & 2 deletions b/‎assets/scripts/config/config-docs.js
Lines changed: 2 additions & 2 deletions
diff --git a/‎config/_default/menus/menus.en.yaml
Lines changed: 19 additions & 9 deletions b/‎config/_default/menus/menus.en.yaml
Lines changed: 19 additions & 9 deletions
diff --git a/‎config/live/config.yaml
Lines changed: 1 addition & 1 deletion b/‎config/live/config.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎config/preview/config.yaml
Lines changed: 1 addition & 1 deletion b/‎config/preview/config.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/en/account_management/billing/_index.md
Lines changed: 2 additions & 2 deletions b/‎content/en/account_management/billing/_index.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎content/en/account_management/billing/serverless.md
Lines changed: 19 additions & 6 deletions b/‎content/en/account_management/billing/serverless.md
Lines changed: 19 additions & 6 deletions
diff --git a/‎content/en/account_management/multi_organization.md
Lines changed: 1 addition & 1 deletion b/‎content/en/account_management/multi_organization.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/en/agent/faq/circleci-incident-impact-on-datadog-agent.md
Lines changed: 124 additions & 0 deletions b/‎content/en/agent/faq/circleci-incident-impact-on-datadog-agent.md
Lines changed: 124 additions & 0 deletions
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.4",
-            "regenerated": "2023-01-06 10:16:54.807506",
-            "spec_repo_commit": "03622159"
+            "regenerated": "2023-01-11 12:49:52.610347",
+            "spec_repo_commit": "c986b09e"
         },
         "v2": {
             "apigentools_version": "1.6.4",
-            "regenerated": "2023-01-06 10:17:01.431045",
-            "spec_repo_commit": "03622159"
+            "regenerated": "2023-01-11 12:50:00.910072",
+            "spec_repo_commit": "c986b09e"
         }
     }
 }
@@ -2,6 +2,7 @@
 import configDocs from '../config/config-docs';
 const { env, branch } = document.documentElement.dataset;
 const lang = document.documentElement.lang || 'en';
+
 function getConfig() {
     if (env === 'live') {
         return configDocs['live'];
@@ -11,7 +12,9 @@ function getConfig() {
         return configDocs['development'];
     }
 }
+
 const Config = getConfig();
+
 if (window.DD_RUM) {
     if (env === 'preview' || env === 'live') {
         window.DD_RUM.init({
@@ -22,33 +25,41 @@ if (window.DD_RUM) {
             version: CI_COMMIT_SHORT_SHA,
             trackInteractions: true,
             trackFrustrations: true,
-            enableExperimentalFeatures: ["frustration-signals","clickmap"],
+            enableExperimentalFeatures: ["clickmap"],
             sampleRate: 50,
-            premiumSampleRate: 50,
-            allowedTracingOrigins: [window.location.origin]
+            sessionReplaySampleRate: 50,
+            allowedTracingOrigins: [window.location.origin],
+            internalAnalyticsSubdomain: 'iam-rum-intake'
         });
+
         window.DD_RUM.startSessionReplayRecording();
+
         if (branch) {
             window.DD_RUM.addRumGlobalContext('branch', branch);
         }
     }
 }
+
 if (window.DD_LOGS) {
     // init browser logs
     window.DD_LOGS.init({
         clientToken: Config.ddClientToken,
         forwardErrorsToLogs: true,
         env,
         service: 'docs',
-        version: CI_COMMIT_SHORT_SHA
+        version: CI_COMMIT_SHORT_SHA,
+        internalAnalyticsSubdomain: 'iam-rum-intake'
     });
+
     // global context
     window.DD_LOGS.addLoggerGlobalContext('host', window.location.host);
     window.DD_LOGS.addLoggerGlobalContext('referrer', document.referrer);
     window.DD_LOGS.addLoggerGlobalContext('lang', lang);
+
     if (branch) {
         window.DD_LOGS.addLoggerGlobalContext('branch', branch);
     }
+
     // Locally log to console
     window.DD_LOGS.logger.setHandler(Config.loggingHandler);
 }
@@ -13,8 +13,8 @@ module.exports = {
         gaTag: 'UA-21102638-5'
     },
     preview: {
-        ddClientToken: 'pub36877d3864fab670b5ae7e1d5d26cb08',
-        ddApplicationId: 'c4e83ad8-4eda-4d2e-aae1-d943abce0463',
+        ddClientToken: 'pub16bb5ef3e9bf55f156338987e27246c7',
+        ddApplicationId: '3493b4e7-ab12-4852-8836-ba96af7bc745',
         loggingHandler: 'http',
         algoliaConfig: {
             index: 'docsearch_docs_preview',
 
@@ -1944,7 +1944,7 @@ main:
     parent: apm_heading
     weight: 145000
   - name: Enabling the Profiler
-    url: profiler/enabling/java/
+    url: profiler/enabling/
     parent: profiler
     identifier: profiler_enabling
     weight: 1
@@ -1988,26 +1988,31 @@ main:
     parent: profiler_enabling
     identifier: profiler_enabling_linux
     weight: 108
+  - name: Profile Types
+    url: profiler/profile_types/
+    parent: profiler
+    identifier: profiler_types
+    weight: 2
   - name: Search Profiles
     url: profiler/search_profiles/
     parent: profiler
     identifier: profiler_search_profiles
-    weight: 2
+    weight: 3
   - name: Investigate Slow Traces or Endpoints
     url: profiler/connect_traces_and_profiles/
     parent: profiler
     identifier: profiler_traces_profiles
-    weight: 3
+    weight: 4
   - name: Compare Profiles
     url: profiler/compare_profiles
     parent: profiler
     identifier: profiler_compare
-    weight: 4
+    weight: 5
   - name: Profiler Troubleshooting
     url: profiler/profiler_troubleshooting/
     parent: profiler
     identifier: profiler_profiler_troubleshooting
-    weight: 5
+    weight: 6
   - name: CI Visibility
     url: continuous_integration/
     pre: ci
@@ -3244,21 +3249,26 @@ main:
     parent: rum_explorer
     identifier: rum_explorer_watchdog_insights
     weight: 908
+  - name: Funnel Analysis
+    url: real_user_monitoring/funnel_analysis
+    parent: rum
+    identifier: rum_funnel_analysis
+    weight: 10
   - name: Generate Metrics
     url: real_user_monitoring/generate_metrics
     parent: rum
     identifier: rum_generate_metrics
-    weight: 10
+    weight: 11
   - name: Connect RUM and Traces
     url: real_user_monitoring/connect_rum_and_traces
     parent: rum
     identifier: rum_connect_rum_and_traces
-    weight: 11
+    weight: 12
   - name: Error Tracking
     url: real_user_monitoring/error_tracking/
     parent: rum
     identifier: rum_error_tracking
-    weight: 12
+    weight: 13
   - name: Explorer
     url: real_user_monitoring/error_tracking/explorer/
     parent: rum_error_tracking
@@ -3298,7 +3308,7 @@ main:
     url: real_user_monitoring/guide/
     parent: rum
     identifier: rum_guides
-    weight: 13
+    weight: 14
   - name: Network Monitoring
     url: network_monitoring/
     pre: network
 
@@ -17,7 +17,7 @@ deployment:
     targets:
     - name: "live"
       URL: "s3://datadog-docs-live-hugo?region=us-east-1"
-      exclude: "**.{go,java,sh,py,rb}"
+      exclude: "**.{go,java,py,rb}"
       # cloudFrontDistributionID: E2B2OODXRYOXSA
     - name: "liveAssets"
       URL: "s3://origin-static-assets?region=us-east-1&prefix=documentation/"
 
@@ -17,7 +17,7 @@ deployment:
     targets:
     - name: "preview"
       URL: "s3://datadog-docs-preview?region=us-east-1&prefix=$CI_COMMIT_REF_NAME/"
-      exclude: "**.{go,java,sh,py,rb}"
+      exclude: "**.{go,java,py,rb}"
       cloudFrontDistributionID: E3EYIYXXL26MK1
     - name: "previewAssets"
       URL: "s3://dd-staging-static-assets?region=us-east-1&prefix=documentation/"
 
@@ -105,8 +105,8 @@ Through **Edit Details**, you can add, edit or remove your billing address. You
 [1]: https://app.datadoghq.com/account/usage/hourly
 [2]: /infrastructure/
 [3]: /agent/
-[4]: https://docs.datadoghq.com/account_management/billing/pricing/#apm
-[5]: https://docs.datadoghq.com/account_management/billing/serverless
+[4]: /account_management/billing/pricing/#apm
+[5]: /account_management/billing/serverless
 [6]: https://www.datadoghq.com/pricing/?product=serverless#serverless
 [7]: https://www.datadoghq.com/pricing/
 [8]: /account_management/rbac/#datadog-default-roles
 
@@ -25,17 +25,30 @@ To control the functions whose invocations Datadog is monitoring, filter out par
 
 ### UI
 
-To use the UI to control which AWS Lambda functions Datadog is monitoring, navigate to the [AWS Integration page][5] and add tags as `key:value` sets to the **to Lambdas with tag:** field.
+To use the UI to control which AWS Lambda functions Datadog is monitoring, navigate to the [AWS Integration page][5]. From the left sidebar, select the relevant AWS account, and navigate to the **Metric Collection tab**. Scroll down to the **Limit Metric Collection to Specific Resources** heading, and select Lambda from the **Select AWS Service** dropdown. You can then add tags as `key:value` sets to the field to the right.
 
-To exclude functions with a given tag, add a `!` before the tag key. For example:
+See the [tags](#Tags) section below for more information about how to use tags in this field.
 
-`!env:staging,!env:test1`
+### API
 
-This filter excludes anything that is tagged with `env:staging` or `env:test1`.
+To use the API to control which AWS Lambda functions Datadog is monitoring, reference the [API tag filter documentation][6].
 
-### API
+### Tags
+
+Datadog accepts a comma-separated list of tags in the form `key:value`. This list defines a filter that is used when collecting metrics from the associated AWS service. These `key:value` pairs can both allow and exclude tags. To indicate an exclusion, add a `!` before the tag key. Wildcards, such as `?` (for single characters) and `*` (for multiple characters), can also be used.
+
+The filter only excludes resources where all allowed tags are missing—that is, where the list of allowed tags forms an "OR" statement.
+
+For example: `datadog:monitored,env:production`
+
+This filter only collects EC2 instances that contain the tag `datadog:monitored` OR the tag `env:production`.
+
+If you add an exclusion tag to the list, it takes precedence—that is, adding an exclusion tag adds an "AND" statement.
+
+For example: `datadog:monitored,env:production,instance-type:c1.*,!region:us-east-1`
 
-To use the API to control limit which AWS Lambda functions Datadog is monitoring, reference the [tag filter documentation][6].
+This filter only collects EC2 instances that contain the tag
+`datadog:monitored` OR the tag `env:production` OR an instance-type tag with a `c1.*` value AND NOT a `region:us-east-1` tag.
 
 ## Troubleshooting
 
 
@@ -33,7 +33,7 @@ Here's a two-minute video walkthrough:
 
 ### Create
 
-1. After the feature is enabled, see the [New Account Page][3].
+1. After the feature is enabled, see the [New Organization Page][3].
 2. Enter the name of the child-organization you wish to create and click the **Create** button. **The child-organization name cannot exceed 32 characters.**
 
 The new child-organization inherits the parent-organization's plan and is added to the parent-organization's billing account. If you want to update the child-organization's billing, [contact your sales representative][4].
 
@@ -0,0 +1,124 @@
+---
+title: Impact of the CircleCI Security Incident on the Datadog Agent
+kind: faq
+---
+
+On January 4th, 2023, Datadog was notified by CircleCI that they were investigating a [security incident][1] that may have led to leaking stored secrets. Datadog identified a single secret stored in CircleCI that could theoretically be misused by a potential attacker, an old RPM GNU Privacy Guard (GPG) private signing key and its passphrase. This page documents the implications of the potential leak and the measures Datadog is taking to mitigate any risks to our customers.
+
+<div class="alert alert-info">
+<strong>Note</strong>: As of January 10th, 2023, Datadog has no indication that the key was actually leaked or misused, but we are still taking the following actions out of an abundance of caution.
+</div>
+
+## The affected key
+
+The RPM GPG signing key has fingerprint `60A389A44A0C32BAE3C03F0B069B56F54172A230`, and is accessible in [our signing keys location][2]. This key was historically used to sign Agent 5 releases and Agent 6 releases up to (and including) 6.13.0.
+
+<div class="alert alert-info">
+<strong>Note</strong>: Official Datadog repositories were <strong>not</strong> compromised. The signing key, if actually leaked, could be used to construct an RPM package that looks like it's from Datadog.
+</div>
+
+## Am I affected?
+
+You don't need to take any action if:
+
+* You're installing Agent with Datadog packages on macOS, Windows, Debian/Ubuntu
+* You're using the Container Agent
+* You're on an RPM-based Linux distribution (RHEL, CentOS, Rocky Linux, AlmaLinux, Amazon Linux, SUSE/SLES, Fedora), but your system doesn't trust the affected GPG key (see below on how to check)
+
+Datadog recommends you take action if:
+* You're on an RPM-based Linux distribution (RHEL, CentOS, Rocky Linux, AlmaLinux, Amazon Linux, SUSE/SLES, Fedora), and your system trusts the affected GPG key
+
+## Does my system trust the affected key?
+
+Two places need to be checked to verify if your system trusts the affected key: the RPM database and the Datadog repofile. If either one of these is identified as trusting the key, we recommend taking the actions listed in the following sections. If neither of these is identified as trusting the key, no further action is needed.
+
+### Verifying if the key is imported in the RPM database
+
+Run the following command:
+
+```bash
+$ rpm -q gpg-pubkey-4172a230-55dd14f6
+```
+
+If the command exits with 0 and prints `gpg-pubkey-4172a230-55dd14f6`, your system trusts the affected key, otherwise, it doesn't (it will exit with a non-0 exit code and print a message like `package gpg-pubkey-4172a230-55dd14f6 is not installed`).
+
+### Verifying if the key is used in the Datadog repofile
+
+In default installations, the Datadog repofile can be found at:
+
+* `/etc/yum.repos.d/datadog.repo` on RHEL, CentOS, Rocky Linux, AlmaLinux, Amazon Linux and Fedora
+* `/etc/zypp/repos.d/datadog.repo` on OpenSUSE and SLES
+
+If the repofile contains a reference to one of these lines under the `gpgkey` entry, your system trusts the affected key:
+
+* `https://s3.amazonaws.com/public-signing-keys/DATADOG_RPM_KEY.public`
+* `https://keys.datadoghq.com/DATADOG_RPM_KEY.public`
+* `https://s3.amazonaws.com/yum.datadoghq.com/DATADOG_RPM_KEY.public`
+* `https://yum.datadoghq.com/DATADOG_RPM_KEY.public`
+
+(The easy way to check is to see if there's an entry that ends with `DATADOG_RPM_KEY.public`).
+
+## Taking action
+
+Datadog recommends that all customers ensure that their systems stop trusting the affected key. If you find out that your system trusts the key based on at least one of the above criteria, here's how you can make your system stop trusting it:
+
+To delete the key from the RPM database, run the following command:
+
+```bash
+$ sudo rpm --erase gpg-pubkey-4172a230-55dd14f6
+```
+
+To delete the key from the Datadog repofile, remove the `gpgkey` line that ends with `DATADOG_RPM_KEY.public`. If this was the only `gpgkey` entry in your repofile, replace it with `https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public`. Note that this has implications explained in the section [Implications of no Longer Trusting the Affected Key](#implications-of-no-longer-trusting-the-affected-key).
+
+### Usage of automation tools
+
+Usage of automation tools like the Datadog Ansible role (see the full list in [What Datadog is doing to mitigate the implications](#what-datadog-is-doing-to-mitigate-the-implications)) might reverse the manual changes recommended above. Until we release new versions that fix this, we recommend adding these manual changes to your automation tool runbooks.
+
+### Verifying installed Agent packages
+
+If the GPG key was leaked, it is possible for an attacker to build a package that RPM will verify as coming from Datadog and install it on the system. Out of an abundance of caution, Datadog also recommends that you verify that all packages on your system signed by the affected key were built by Datadog. You can run [this script][3] to verify that:
+
+```bash
+$ curl -o /tmp/rpm_check.sh https://docs.datadoghq.com/resources/sh/rpm_check.sh && chmod +x /tmp/rpm_check.sh
+$ /tmp/rpm_check.sh
+```
+
+The script will:
+
+* Verify that any installed Datadog packages signed by the affected key were indeed built by Datadog by verifying the full GPG signature of RPM headers and payload.
+* Search for any packages signed by the affected key that weren't built by Datadog.
+
+Lines starting with `[ ERROR ]` should be reported to [Datadog Support][4] along with the full script output.
+
+## Implications of no longer trusting the affected key
+
+* If your system uses Agent 7, there is no implication. Agent 7 packages were never signed with the affected key.
+* Your system will no longer be able to install Agent 6 < 6.14.0. We recommend upgrading to Agent 6 >= 6.14.0 or Agent 7.
+* If your system uses Agent 5, you will no longer be able to install any currently released Agent 5 version.
+
+## What Datadog is doing to mitigate the implications
+
+* We're working towards releasing a new Agent 5 version for CentOS/RHEL signed with the [current RPM signing key](https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public), `C6559B690CA882F023BDF3F63F4D1729FD4BF915`.
+* We're working on new releases to Agent installation methods to ensure they make systems safe by explicitly removing the affected key from the RPM database and the Datadog repofile. We will be updating this section as we release the new versions:
+  * Datadog Ansible role: [https://github.com/DataDog/ansible-datadog/][5]
+  * Datadog Chef recipe: [https://github.com/DataDog/chef-datadog][6]
+  * Datadog Puppet module: [https://github.com/DataDog/puppet-datadog-agent][7]
+  * Datadog Saltstack formula: [https://github.com/DataDog/datadog-formula][8]
+  * The set of Datadog Agent 6/7 Linux install scripts:
+    * [https://s3.amazonaws.com/dd-agent/scripts/install_script_agent6.sh][9]
+    * [https://s3.amazonaws.com/dd-agent/scripts/install_script_agent7.sh][10]
+    * [https://s3.amazonaws.com/dd-agent/scripts/install_script.sh][11] (this one is deprecated and no longer recommended to use, but we will update it as well)
+  * The Datadog Agent 5 Linux install script: [https://raw.githubusercontent.com/DataDog/dd-agent/master/packaging/datadog-agent/source/install_agent.sh][12]
+
+[1]: https://circleci.com/blog/january-4-2023-security-alert/
+[2]: https://keys.datadoghq.com/DATADOG_RPM_KEY.public
+[3]: /resources/sh/rpm_check.sh
+[4]: /help/
+[5]: https://github.com/DataDog/ansible-datadog/
+[6]: https://github.com/DataDog/chef-datadog
+[7]: https://github.com/DataDog/puppet-datadog-agent
+[8]: https://github.com/DataDog/datadog-formula
+[9]: https://s3.amazonaws.com/dd-agent/scripts/install_script_agent6.sh
+[10]: https://s3.amazonaws.com/dd-agent/scripts/install_script_agent7.sh
+[11]: https://s3.amazonaws.com/dd-agent/scripts/install_script.sh
+[12]: https://raw.githubusercontent.com/DataDog/dd-agent/master/packaging/datadog-agent/source/install_agent.sh
Original file line number	Diff line number	Diff line change
`@@ -4,13 +4,13 @@`
`4`	`4`	`"spec_versions": {`
`5`	`5`	`"v1": {`
`6`	`6`	`"apigentools_version": "1.6.4",`
`7`		`- "regenerated": "2023-01-06 10:16:54.807506",`
`8`		`- "spec_repo_commit": "03622159"`
	`7`	`+ "regenerated": "2023-01-11 12:49:52.610347",`
	`8`	`+ "spec_repo_commit": "c986b09e"`
`9`	`9`	`},`
`10`	`10`	`"v2": {`
`11`	`11`	`"apigentools_version": "1.6.4",`
`12`		`- "regenerated": "2023-01-06 10:17:01.431045",`
`13`		`- "spec_repo_commit": "03622159"`
	`12`	`+ "regenerated": "2023-01-11 12:50:00.910072",`
	`13`	`+ "spec_repo_commit": "c986b09e"`
`14`	`14`	`}`
`15`	`15`	`}`
`16`	`16`	`}`