From 633c4bb88c0685e88d547ef092187bfd92f19e52 Mon Sep 17 00:00:00 2001 From: gbossert Date: Thu, 2 Nov 2023 15:30:13 +0000 Subject: [PATCH 1/2] Refresh automation library documentation --- _shared_content/automate/library/aws.md | 21 ++++++++++++++++++++- mkdocs.yml | 3 ++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/_shared_content/automate/library/aws.md b/_shared_content/automate/library/aws.md index 7b4b44596f..c3ab0a3b62 100644 --- a/_shared_content/automate/library/aws.md +++ b/_shared_content/automate/library/aws.md @@ -59,6 +59,25 @@ Get the last records from FlowLog (deprecated in flavor of Fetch new logs on S3) | `records_path` | `string` | The filename containing the records | +### Fetch new Flowlogs on S3 + +Get line-oriented Flowlog records from new S3 objects based on notifications + +**Arguments** + +| Name | Type | Description | +| --------- | ------- | --------------------------- | +| `frequency` | `integer` | Batch frequency in seconds | +| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | +| `chunk_size` | `integer` | The size of chunks for the batch processing | +| `separator` | `string` | The separator used between each records (default: the linefeed character '\n') | +| `skip_first` | `integer` | The number of records to skip at the begining of each S3 object (default: 0) | +| `ignore_comments` | `boolean` | Flag to ignore commented lines (starting with the character `#`; default: false) | +| `delete_consumed_messages` | `boolean` | Flag to delete consuming messages (default: false) | +| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | +| `intake_key` | `string` | Intake key to use when sending events | + + ### Fetch new logs on S3 Get line-oriented records from new S3 objects based on notifications @@ -128,4 +147,4 @@ Get messages from SQS ## Extra -Module **`AWS` v1.22.2** \ No newline at end of file +Module **`AWS` v1.25** \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index c09e94c59b..b0a63b265a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -249,6 +249,7 @@ nav: - Operators: xdr/features/automate/operators.md - Actions: xdr/features/automate/actions.md - Actions Library: + - AWS: xdr/features/automate/library/aws.md - AWS: xdr/features/automate/library/aws.md - Azure Active Directory: xdr/features/automate/library/azure-active-directory.md - BinaryEdge's API: xdr/features/automate/library/binaryedge-s-api.md @@ -310,7 +311,6 @@ nav: - WithSecure: xdr/features/automate/library/withsecure.md - fileutils: xdr/features/automate/library/fileutils.md - Debug playbooks: xdr/features/automate/debug-playbooks.md - - External integrations: - FortiSOAR: xdr/features/integrations/fortisoar.md - Palo Alto Cortex XSOAR: xdr/features/integrations/interconnect_sekoia_with_xsoar.md @@ -429,6 +429,7 @@ nav: - Operators: tip/features/automate/operators.md - Actions: tip/features/automate/actions.md - Actions Library: + - AWS: tip/features/automate/library/aws.md - AWS: tip/features/automate/library/aws.md - BinaryEdge's API: tip/features/automate/library/binaryedge-s-api.md - Censys: tip/features/automate/library/censys.md From e292cc41ed6a4ec080a6e27bea98486e07166825 Mon Sep 17 00:00:00 2001 From: Sebastien Quioc Date: Thu, 2 Nov 2023 17:11:33 +0100 Subject: [PATCH 2/2] fix: fix the menu --- mkdocs.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/mkdocs.yml b/mkdocs.yml index b0a63b265a..b14d18b16f 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -249,7 +249,6 @@ nav: - Operators: xdr/features/automate/operators.md - Actions: xdr/features/automate/actions.md - Actions Library: - - AWS: xdr/features/automate/library/aws.md - AWS: xdr/features/automate/library/aws.md - Azure Active Directory: xdr/features/automate/library/azure-active-directory.md - BinaryEdge's API: xdr/features/automate/library/binaryedge-s-api.md @@ -429,7 +428,6 @@ nav: - Operators: tip/features/automate/operators.md - Actions: tip/features/automate/actions.md - Actions Library: - - AWS: tip/features/automate/library/aws.md - AWS: tip/features/automate/library/aws.md - BinaryEdge's API: tip/features/automate/library/binaryedge-s-api.md - Censys: tip/features/automate/library/censys.md