From 56488edf59f91e045a7a6c342f9d0317524a54ab Mon Sep 17 00:00:00 2001 From: Men-hau <101662967+Men-hau@users.noreply.github.com> Date: Wed, 29 Nov 2023 17:51:43 +0100 Subject: [PATCH 01/13] Update azure_windows.md --- .../cloud_and_saas/azure/azure_windows.md | 31 ++++++++++++++----- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index d9b43b80a9..f6560525b1 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -20,7 +20,11 @@ As a prerequisite, you need to choose an existing “resource group”, or creat #### Retrieve your Subscription ID -You also need your “Subscription ID” if you don't have a default one. In Azure Web Portal, navigate to: “Home”, “Cost Management + Billing”, ”Subscriptions”. From there, copy the relevant “Subscription ID” that will be used in the command line (e.g. `uuid`) +You also need your “Subscription ID” if you don't have a default one. + +In Azure Web Portal, navigate to: `Home` > `Cost Management + Billing` > `Subscriptions`. + +From there, copy the relevant `Subscription ID` that will be used in the command line (e.g. `uuid`) #### Create the Event Hubs @@ -42,9 +46,18 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group #### Create “Shared Access Policies” -1. Navigate to “Home”, “Event Hubs”, “company-eventhub - Shared access policies”. From there, you can create a policy (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the `Primary Key` that will be used as the `SharedAccessKey`. -2. Navigate to “Home”, “Event Hubs”, “company-eventhub”, “windows-event - Shared access policies”. From there, you can create a policy (e.g. `sekoiaio`) with the claims `Listen`. Once created, click on the policy and save the `Connection string-primary key`, to be sent to Sekoia.io. -3. Navigate to “Home”, “Event Hubs”, “company-eventhub”, ”windows-event - Consumer groups”. From there, you can create a consumer group (e.g. `sekoiaio`). +1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies`. + + From there, you can create a policy (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the `Primary Key` that will be used as the `SharedAccessKey`. + +3. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `windows-event - Shared access policies`. + + From there, you can create a policy (e.g. `sekoiaio`) with the claims `Listen`. + Once created, click on the policy and save the `Connection string-primary key`, to be sent to Sekoia.io. + +5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `windows-event - Consumer groups`. + + From there, you can create a consumer group (e.g. `sekoiaio`). #### Create a Blob Storage for Checkpointing @@ -70,11 +83,15 @@ Finally, you have to retrieve the connection string from Azure Web Portal by goi You need to activate and configure the diagnostic extension `Microsoft.Insights.VMDiagnosticsSettings`. -Navigate to “Home”, “Virtual machines”, “virtual machine name” (e.g. `company-windows`), “Settings” and “Extensions”. Install it and note the new `StorageAccount` name created (e.g. `company-storage-account`). +1. Navigate to `Home` > `Virtual machines` > `virtual machine name` (e.g. `company-windows`) > `Settings` > `Extensions`. + + Install it and note the new `StorageAccount` name created (e.g. `company-storage-account`). + +3. Navigate to `Home` > `Storage accounts` > `company-storage-account` > `Access keys`. -Navigate to “Home”, “Storage accounts”, “company-storage-account”, ”Access keys”. From there you can note the key value later used as the `storageAccountKey`. + From there you can note the key value later used as the `storageAccountKey`. -You need to create two configuration files `public_settings.json` and `protected_settings.json`. +5. You need to create two configuration files `public_settings.json` and `protected_settings.json`. Once again you need Azure powershell to do it using your favorite text editor: From 0e3ea9337ef861458f78fcdf0329e89bfd154db4 Mon Sep 17 00:00:00 2001 From: Men-hau <101662967+Men-hau@users.noreply.github.com> Date: Wed, 29 Nov 2023 18:06:36 +0100 Subject: [PATCH 02/13] Update azure_windows.md --- .../cloud_and_saas/azure/azure_windows.md | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index f6560525b1..6c1d35af5f 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -16,19 +16,19 @@ Theses changes have to be made from the [Azure Web Portal](https://portal.azure. ### Azure Event Hubs -As a prerequisite, you need to choose an existing “resource group”, or create a new one (e.g. `company-resource-group`). +As a prerequisite, you need to choose an existing **resource group**, or create a new one (e.g. `company-resource-group`). #### Retrieve your Subscription ID -You also need your “Subscription ID” if you don't have a default one. +You also need your **Subscription ID** if you don't have a default one. In Azure Web Portal, navigate to: `Home` > `Cost Management + Billing` > `Subscriptions`. -From there, copy the relevant `Subscription ID` that will be used in the command line (e.g. `uuid`) +From there, copy the relevant `**Subscription ID**` that will be used in the command line (e.g. `uuid`) #### Create the Event Hubs -Use Azure PowerShell (within Cloud Shell interface for example) to create a namespace (e.g. `company-eventhub`) and a specific `Event Hub` (e.g. `windows-event`) within your “resource group” (e.g. `company-resource-group`) +Use Azure PowerShell (within Cloud Shell interface for example) to create a **namespace** (e.g. `company-eventhub`) and a specific **Event Hub** (e.g. `windows-event`) within your **resource group** (e.g. `company-resource-group`) ```powershell PS Azure:\> az eventhubs namespace create --name company-eventhub --resource-group company-resource-group --enable-kafka true --subscription uuid @@ -41,23 +41,23 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group !!! info Please replace : - - `company-resource-group` with the name of your “resource group”. + - `company-resource-group` with the name of your **resource group**. - `uuid` with your subscription ID retrieved previously (see below). #### Create “Shared Access Policies” 1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies`. - From there, you can create a policy (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the `Primary Key` that will be used as the `SharedAccessKey`. + From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the **Primary Key** that will be used as the `SharedAccessKey`. 3. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `windows-event - Shared access policies`. From there, you can create a policy (e.g. `sekoiaio`) with the claims `Listen`. - Once created, click on the policy and save the `Connection string-primary key`, to be sent to Sekoia.io. + Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. 5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `windows-event - Consumer groups`. - From there, you can create a consumer group (e.g. `sekoiaio`). + From there, you can create a **consumer group** (e.g. `sekoiaio`). #### Create a Blob Storage for Checkpointing @@ -75,9 +75,9 @@ PS Azure:\> az storage container create --name "windows-event" --account-name "s !!! info The container name, here `windows-event` should be the same as the Event Hub’s one. - You also need to replace `company-resource-group` with the name of your “resource group”. + You also need to replace `company-resource-group` with the name of your **resource group**. -Finally, you have to retrieve the connection string from Azure Web Portal by going in “Storage Accounts”, then in the created storage (`sekoiaiocheckpoint`) and finally in the “Access Keys” section. After clicking on “Show keys”, you can copy the first of the two connection strings. +Finally, you have to retrieve the connection string from Azure Web Portal by going in **Storage Accounts**, then in the created storage (`sekoiaiocheckpoint`) and finally in the **Access Keys** section. After clicking on **Show keys**, you can copy the first of the two connection strings. ### Windows Virtual Machine @@ -85,11 +85,11 @@ You need to activate and configure the diagnostic extension `Microsoft.Insights. 1. Navigate to `Home` > `Virtual machines` > `virtual machine name` (e.g. `company-windows`) > `Settings` > `Extensions`. - Install it and note the new `StorageAccount` name created (e.g. `company-storage-account`). + Install it and note the new **StorageAccount** name created (e.g. `company-storage-account`). 3. Navigate to `Home` > `Storage accounts` > `company-storage-account` > `Access keys`. - From there you can note the key value later used as the `storageAccountKey`. + From there you can note the key value later used as the **storageAccountKey**. 5. You need to create two configuration files `public_settings.json` and `protected_settings.json`. @@ -200,9 +200,9 @@ If you do not know how to use and configure it, please check [SwiftOnSecurity gi Finally, please send to Sekoia.io the following information: -- Azure Event Hub’s “Connection string-primary key” (e.g. `"Endpoint=sb://company-eventhub.servicebus.windows.net/;SharedAccessKeyName=sekoiaio;SharedAccessKey=XXXXXX;EntityPath=windows-event"`). -- Azure Event Hub’s consumer group name (e.g. `sekoiaio`). -- Azure Blob Storage’s connection string (e.g. `"DefaultEndpointsProtocol=https;AccountName=sekoiaiocheckpoint;AccountKey=XXXXX"`). +- Azure Event Hub’s **Connection string-primary key** (e.g. `"Endpoint=sb://company-eventhub.servicebus.windows.net/;SharedAccessKeyName=sekoiaio;SharedAccessKey=XXXXXX;EntityPath=windows-event"`). +- Azure Event Hub’s **consumer group name** (e.g. `sekoiaio`). +- Azure Blob Storage’s **connection string** (e.g. `"DefaultEndpointsProtocol=https;AccountName=sekoiaiocheckpoint;AccountKey=XXXXX"`). ## Further Readings From bdeb5a2acc657226b77cf59e95cf9b26b0f87c66 Mon Sep 17 00:00:00 2001 From: Men-hau <101662967+Men-hau@users.noreply.github.com> Date: Wed, 29 Nov 2023 18:17:20 +0100 Subject: [PATCH 03/13] Update azure_windows.md --- .../cloud_and_saas/azure/azure_windows.md | 24 ++++++++----------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index 6c1d35af5f..364651ba65 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -22,9 +22,10 @@ As a prerequisite, you need to choose an existing **resource group**, or create You also need your **Subscription ID** if you don't have a default one. -In Azure Web Portal, navigate to: `Home` > `Cost Management + Billing` > `Subscriptions`. +In Azure Web Portal: -From there, copy the relevant `**Subscription ID**` that will be used in the command line (e.g. `uuid`) +1. Navigate to: `Home` > `Cost Management + Billing` > `Subscriptions`. +2. From there, copy the relevant **Subscription ID** that will be used in the command line (e.g. `uuid`) #### Create the Event Hubs @@ -42,22 +43,19 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group Please replace : - `company-resource-group` with the name of your **resource group**. - - `uuid` with your subscription ID retrieved previously (see below). + - `uuid` with your **subscription ID** retrieved previously (see below). #### Create “Shared Access Policies” 1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies`. - - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the **Primary Key** that will be used as the `SharedAccessKey`. + From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the **Primary Key** that will be used as the `SharedAccessKey`. 3. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `windows-event - Shared access policies`. - - From there, you can create a policy (e.g. `sekoiaio`) with the claims `Listen`. - Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. + From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen`. + Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. 5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `windows-event - Consumer groups`. - - From there, you can create a **consumer group** (e.g. `sekoiaio`). + From there, you can create a **consumer group** (e.g. `sekoiaio`). #### Create a Blob Storage for Checkpointing @@ -84,12 +82,10 @@ Finally, you have to retrieve the connection string from Azure Web Portal by goi You need to activate and configure the diagnostic extension `Microsoft.Insights.VMDiagnosticsSettings`. 1. Navigate to `Home` > `Virtual machines` > `virtual machine name` (e.g. `company-windows`) > `Settings` > `Extensions`. - - Install it and note the new **StorageAccount** name created (e.g. `company-storage-account`). + Install it and note the new **StorageAccount** name created (e.g. `company-storage-account`). 3. Navigate to `Home` > `Storage accounts` > `company-storage-account` > `Access keys`. - - From there you can note the key value later used as the **storageAccountKey**. + From there you can note the key value later used as the **storageAccountKey**. 5. You need to create two configuration files `public_settings.json` and `protected_settings.json`. From 9a3eddf35a483c0a416c977077d35968b0ce2d80 Mon Sep 17 00:00:00 2001 From: Men-hau <101662967+Men-hau@users.noreply.github.com> Date: Wed, 29 Nov 2023 18:44:06 +0100 Subject: [PATCH 04/13] Update azure_windows.md --- .../cloud_and_saas/azure/azure_windows.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index 364651ba65..a598689022 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -48,14 +48,14 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group #### Create “Shared Access Policies” 1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies`. - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen`, and note the **Primary Key** that will be used as the `SharedAccessKey`. + - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen` and note the **Primary Key** that will be used as the **SharedAccessKey**. -3. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `windows-event - Shared access policies`. - From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen`. - Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. +2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies`. + - a. From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen`. + - b. Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. -5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `windows-event - Consumer groups`. - From there, you can create a **consumer group** (e.g. `sekoiaio`). +5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `mysql-event - Consumer groups`. + - From there, you can create a **consumer group** (e.g. `sekoiaio`). #### Create a Blob Storage for Checkpointing From 6d3470c331e9b9c5378dc7fb178600baebebf4b2 Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:43:38 +0100 Subject: [PATCH 05/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index a598689022..dc29af02d4 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -40,7 +40,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group ``` !!! info - Please replace : + Please replace the following: - `company-resource-group` with the name of your **resource group**. - `uuid` with your **subscription ID** retrieved previously (see below). From 8ca5344d7e2210356314ac156fd0a04952f6ac7d Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:43:48 +0100 Subject: [PATCH 06/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index dc29af02d4..67ff5fc77c 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -24,7 +24,7 @@ You also need your **Subscription ID** if you don't have a default one. In Azure Web Portal: -1. Navigate to: `Home` > `Cost Management + Billing` > `Subscriptions`. +1. Navigate to: `Home` > `Cost Management + Billing` > `Subscriptions` 2. From there, copy the relevant **Subscription ID** that will be used in the command line (e.g. `uuid`) #### Create the Event Hubs From 2b028aa9845ec5f3bdad65f63c350fa48cb2a56c Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:43:54 +0100 Subject: [PATCH 07/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index 67ff5fc77c..db53552fb0 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -47,7 +47,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group #### Create “Shared Access Policies” -1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies`. +1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies` - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen` and note the **Primary Key** that will be used as the **SharedAccessKey**. 2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies`. From 15ae7280d91ac98e3f6cd443d4e19fbf13f16cb2 Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:43:59 +0100 Subject: [PATCH 08/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index db53552fb0..6fa4d27dcb 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -48,7 +48,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group #### Create “Shared Access Policies” 1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies` - - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen` and note the **Primary Key** that will be used as the **SharedAccessKey**. + - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen` and note the **Primary Key** that will be used as the **SharedAccessKey** 2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies`. - a. From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen`. From 02c9b89b76f3a18ce7dc5c058124cbea0b7a1d63 Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:44:04 +0100 Subject: [PATCH 09/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index 6fa4d27dcb..70edded7cf 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -50,7 +50,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group 1. Navigate to `Home` > `Event Hubs`> `company-eventhub - Shared access policies` - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen` and note the **Primary Key** that will be used as the **SharedAccessKey** -2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies`. +2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies` - a. From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen`. - b. Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. From e8ae855b9374c1f74647ffbeff50a7e94d96515a Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:44:09 +0100 Subject: [PATCH 10/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index 70edded7cf..efcca5810d 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -51,7 +51,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group - From there, you can create a **policy** (e.g. `RootManageSharedAccessKey`) with the claims `Manage`, `Send` and `Listen` and note the **Primary Key** that will be used as the **SharedAccessKey** 2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies` - - a. From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen`. + - From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen` - b. Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. 5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `mysql-event - Consumer groups`. From 61ed93a5730020417f7198220be81f26409000bc Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:44:14 +0100 Subject: [PATCH 11/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index efcca5810d..d01136d46e 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -52,7 +52,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group 2. Navigate to `Home` > `Event Hubs` > `company-eventhub` > `mysql-event - Shared access policies` - From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen` - - b. Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io. + - Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io 5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `mysql-event - Consumer groups`. - From there, you can create a **consumer group** (e.g. `sekoiaio`). From b12007f9ad5157ff7cdaebac4cd7b1a0b8e7bd2d Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:44:22 +0100 Subject: [PATCH 12/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index d01136d46e..f99ac7756e 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -55,7 +55,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group - Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io 5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `mysql-event - Consumer groups`. - - From there, you can create a **consumer group** (e.g. `sekoiaio`). + - From there, you can create a **consumer group** (e.g. `sekoiaio`) #### Create a Blob Storage for Checkpointing From 871c068ba6dd0f517cea949f165ad432154e1b88 Mon Sep 17 00:00:00 2001 From: Khaoula Ettaleb <49680698+ka0ula@users.noreply.github.com> Date: Thu, 7 Dec 2023 15:44:27 +0100 Subject: [PATCH 13/13] Update docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md --- .../collect/integrations/cloud_and_saas/azure/azure_windows.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md index f99ac7756e..b39cbdde54 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md @@ -54,7 +54,7 @@ PS Azure:\> az eventhubs eventhub create --resource-group company-resource-group - From there, you can create a **policy** (e.g. `sekoiaio`) with the claims `Listen` - Once created, click on the policy and save the **Connection string-primary key**, to be sent to Sekoia.io -5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `mysql-event - Consumer groups`. +5. Navigate to `Home`> `Event Hubs`> `company-eventhub`> `mysql-event - Consumer groups` - From there, you can create a **consumer group** (e.g. `sekoiaio`) #### Create a Blob Storage for Checkpointing