Refresh intakes documentation

_shared_content/operations_center/integrations/generated/02a74ceb-a9b0-467c-97d1-588319e39d71.md

@@ -29,6 +29,33 @@ In details, the following table denotes the type of events produced by this inte
 Find below few samples of events and how they are normalized by Sekoia.io.
 
 
+=== "test_aaatm.json"
+
+    ```json
+
+    {
+        "message": "09/29/2023:07:40:56 GMT ADC-WEB1 0-PPE-1 : default AAATM Message 1111111111 0 :  \"AAA JSON-PARSE: ns_aaa_json_parser_StartElementHandler: NAME_VAL state, multi valued attribute start 'ConnectionId' seen\"",
+        "event": {
+            "kind": "event",
+            "category": [
+                "network"
+            ],
+            "type": [
+                "connection"
+            ],
+            "code": "Message",
+            "dataset": "audit_aaatm",
+            "reason": "\"AAA JSON-PARSE: ns_aaa_json_parser_StartElementHandler: NAME_VAL state, multi valued attribute start 'ConnectionId' seen\""
+        },
+        "observer": {
+            "name": "ADC-WEB1"
+        },
+        "@timestamp": "2023-09-29T07:40:56Z"
+    }
+    	
+	```
+
+
 === "test_blocked_event.json"
 
     ```json
@@ -322,7 +349,8 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "connection"
             ],
             "code": "TRAP_SENT",
-            "dataset": "audit_snmp"
+            "dataset": "audit_snmp",
+            "reason": "appfwPolicyHit (appfwLogMsg = \"\"CEF:0|Citrix|NetScaler|NS13.1|APPFW|APPFW_POLI...\"\", nsPartitionName = default)\""
         },
         "@timestamp": "2023-07-04T09:03:41Z",
         "observer": {
@@ -398,6 +426,9 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "code": "Message",
             "dataset": "audit_sslvpn"
         },
+        "observer": {
+            "name": "ADC-VPN"
+        },
         "@timestamp": "2023-07-04T09:03:46Z",
         "citrix": {
             "adc": {