diff --git a/docs/integrations/sumo-apps/enterprise-audit.md b/docs/integrations/sumo-apps/enterprise-audit.md
index 889e01f3fd..d849589ec0 100644
--- a/docs/integrations/sumo-apps/enterprise-audit.md
+++ b/docs/integrations/sumo-apps/enterprise-audit.md
@@ -365,6 +365,24 @@ Use this dashboard to:
})
+## Create monitors for the Sumo Logic Enterprise Audit app
+
+import CreateMonitors from '../../reuse/apps/create-monitors.md';
+
+
+
+### Enterprise Audit - Collector and Data Forwarding Management App alerts
+
+| Name | Description | Alert Condition | Recover Condition |
+|:--|:--|:--|:--|
+| `Enterprise Audit - Collector Deleted or Deregistered` | This alert is triggered when a collector is deleted or deregistered. | Count >= 1 | Count < 1 |
+| `Enterprise Audit - Collector Source Synchronization Failures` | This alert is triggered when collector source synchronization failures are detected. | Count > 2 | Count < = 2 |
+| `Enterprise Audit - Collector Upgrade Failed` | This alert is triggered when collector upgrade failure is detected. | Count >= 1 | Count < 1 |
+| `Enterprise Audit - Data Forwarding Destination Deleted Alert` | This alert is triggered when one or more data forwarding destination is deleted. | Count > 0 | Count < = 0 |
+| `Enterprise Audit - Data Forwarding Index Deactivation Alert` | This alert is triggered when data forwarding index deactivation is detected. | Count > 0 | Count < = 0 |
+| `Enterprise Audit - Data Forwarding S3 Unencrypted Destination Created` | This alert is triggered when a unencrypted data forwarding destination is created for S3. | Count > = 1 | Count < 1 |
+
+
## Upgrade/Downgrade the Enterprise Audit apps (Optional)
import AppUpdate from '../../reuse/apps/app-update.md';
@@ -375,4 +393,4 @@ import AppUpdate from '../../reuse/apps/app-update.md';
import AppUninstall from '../../reuse/apps/app-uninstall.md';
-
\ No newline at end of file
+