From 79ca63e12889bee58834633c99da7fb4877dc0a3 Mon Sep 17 00:00:00 2001 From: Bivic Date: Thu, 19 Dec 2024 17:59:24 +0100 Subject: [PATCH] change name of the permission to be more explicit --- docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md | 4 ++-- .../playbook/Get_events_information_from_alert.md | 8 ++++---- .../playbook/Shodan_and_VirusTotal_configuration.md | 8 ++++---- docs/xdr/usecases/playbook/implement_blocklist.md | 10 +++++----- .../usecases/playbook/notifications_using_playbooks.md | 4 ++-- docs/xdr/usecases/playbook/synchronize_alerts.md | 2 +- docs/xdr/usecases/playbook/whoIs.md | 8 ++++---- docs/xdr/usecases/use_your_own_cti.md | 4 ++-- 8 files changed, 24 insertions(+), 24 deletions(-) diff --git a/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md b/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md index aa31233c0a..4223582490 100644 --- a/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md +++ b/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md @@ -8,8 +8,8 @@ This use case describes how to enrich the comments of an alert with the User age - The user that configures the Playbook should have a role that contains: * The SYMPHONY permissions - An API Key with a role that contains at least the following permission: - * `SIC_READ_ALERTS` - * `SIC_WRITE_ALERTS_COMMENT` + * `View alerts` + * `Comment alerts` !!!note To create your API Key, follow this [documentation](/getting_started/manage_api_keys.md#create-an-api-key). diff --git a/docs/xdr/usecases/playbook/Get_events_information_from_alert.md b/docs/xdr/usecases/playbook/Get_events_information_from_alert.md index 9e1e54fa28..b499943612 100644 --- a/docs/xdr/usecases/playbook/Get_events_information_from_alert.md +++ b/docs/xdr/usecases/playbook/Get_events_information_from_alert.md @@ -8,10 +8,10 @@ This use case describes how to get the MAC address of events associated with an - The user that configures the Playbook should have a role that contains: * The SYMPHONY permissions - An API Key with a role that contains at least the following permissions: - * `SIC_READ_ALERTS` - * `EVENTS_READ_STATS` - * `EVENTS_READ_DATASETS` - * `SIC_READ_EVENT_STATS` + * `View alerts` + * `View anomaly stats` + * `View anomaly dataset` + * `View event stats in asset listing` !!! note To create your API Key, follow this [documentation](/getting_started/manage_api_keys.md). diff --git a/docs/xdr/usecases/playbook/Shodan_and_VirusTotal_configuration.md b/docs/xdr/usecases/playbook/Shodan_and_VirusTotal_configuration.md index ccd33ac135..4af00e658f 100644 --- a/docs/xdr/usecases/playbook/Shodan_and_VirusTotal_configuration.md +++ b/docs/xdr/usecases/playbook/Shodan_and_VirusTotal_configuration.md @@ -12,10 +12,10 @@ There are 2 steps: - The user that configures the Playbook should have a Role that contains: * The SYMPHONY permissions - An API Key with a Role that contains at least the following permission: - * SIC_READ_ALERTS - * EVENTS_READ_STATS - * EVENTS_READ_DATASETS - * SIC_READ_EVENT_STATS + * View alerts + * View anomaly stats + * View anomaly dataset + * View event stats in asset listing > To create your API Key, follow this [documentation](../../../getting_started/manage_api_keys.md). diff --git a/docs/xdr/usecases/playbook/implement_blocklist.md b/docs/xdr/usecases/playbook/implement_blocklist.md index 3ea53895b4..da7d756537 100644 --- a/docs/xdr/usecases/playbook/implement_blocklist.md +++ b/docs/xdr/usecases/playbook/implement_blocklist.md @@ -18,12 +18,12 @@ The implementation of a blocklist in Sekoia.io is based on the [IOC Collections] - The user that configures the playbooks should have a Role that contains: * The SYMPHONY permissions - An API Key with the **Analyst** role or a custom role that contains at least the following permission for the playbook: - * SIC_READ_ALERTS - * SIC_READ_INTAKES - * INTHREAT_READ_IOC_COLLECTIONS - * INTHREAT_WRITE_IOC_COLLECTIONS + * View alerts + * View intakes + * View IOC collections + * Manage IOC collections - An API Key with the **Guest** role or a custom role that contains the following permission to authenticate the network security solutions: - * INTHREAT_READ_IOC_COLLECTIONS + * View IOC collections > To create your API Key, follow this [documentation](../../../getting_started/manage_api_keys.md). diff --git a/docs/xdr/usecases/playbook/notifications_using_playbooks.md b/docs/xdr/usecases/playbook/notifications_using_playbooks.md index c4abf0088e..c7545a5a7d 100644 --- a/docs/xdr/usecases/playbook/notifications_using_playbooks.md +++ b/docs/xdr/usecases/playbook/notifications_using_playbooks.md @@ -8,8 +8,8 @@ This use case describes how to send a notification to a third party system like - The user that configures the Playbook should have a Role that contains: * The SYMPHONY permissions - An API Key with a Role that contains at least the following permission: - * SIC_READ_ALERTS - * SIC_READ_INTAKES + * View alerts + * View intakes > To create your API Key, follow this [documentation](../../../getting_started/manage_api_keys.md). diff --git a/docs/xdr/usecases/playbook/synchronize_alerts.md b/docs/xdr/usecases/playbook/synchronize_alerts.md index bfe4c028df..64fd207ea5 100644 --- a/docs/xdr/usecases/playbook/synchronize_alerts.md +++ b/docs/xdr/usecases/playbook/synchronize_alerts.md @@ -8,7 +8,7 @@ This use case describes how to automatically push new Alerts in an external secu - The user that configures the Playbook should have a Role that contains: * The SYMPHONY permissions - An API Key with a Role that contains at least the following permission: - * SIC_READ_ALERTS + * View alerts > To create your API Key, follow this [documentation](../../../getting_started/manage_api_keys.md). diff --git a/docs/xdr/usecases/playbook/whoIs.md b/docs/xdr/usecases/playbook/whoIs.md index 62149784e2..18effefc39 100644 --- a/docs/xdr/usecases/playbook/whoIs.md +++ b/docs/xdr/usecases/playbook/whoIs.md @@ -8,10 +8,10 @@ This use case describes how to use Whois module in order to enrich an IP address - The user that configures the Playbook should have a role that contains: * The [SYMPHONY permissions](https://docs.sekoia.io/getting_started/roles_permissions/#playbooks) - An API Key with a role that contains at least the following permissions: - * `SIC_READ_ALERTS` - * `EVENTS_READ_STATS` - * `EVENTS_READ_DATASETS` - * `SIC_READ_EVENT_STATS` + * `View alerts` + * `View anomaly stats` + * `View anomaly dataset` + * `View event stats in asset listing` !!!note To create your API Key, follow this [documentation](../../../getting_started/manage_api_keys.md). diff --git a/docs/xdr/usecases/use_your_own_cti.md b/docs/xdr/usecases/use_your_own_cti.md index 1ee81e6ead..d913c90c8b 100644 --- a/docs/xdr/usecases/use_your_own_cti.md +++ b/docs/xdr/usecases/use_your_own_cti.md @@ -8,8 +8,8 @@ This section will show how to programmatically add your CTI inside the platform - A Sekoia.io XDR license - An API Key with that contains at least the following permissions: - * INTHREAT_READ_IOC_COLLECTIONS - * INTHREAT_WRITE_IOC_COLLECTIONS + * View IOC collections + * Manage IOC collections ## Detect threats using your CTI