fix: fix broken links and anchor warnings

SEKOIA-IO · Nov 15, 2024 · 8b5c4c9 · 8b5c4c9
1 parent f925f2c
commit 8b5c4c9
Show file tree

Hide file tree

Showing 324 changed files with 4,190 additions and 1,539 deletions.
diff --git a/_shared_content/automate/actions.md b/_shared_content/automate/actions.md
@@ -8,7 +8,7 @@ An `Action` helps you execute specific tasks depending on your needs. There are
 - Extract data: [data collection enrichers](#data-collection)
 - Connect and use [third-party applications](#third-party-applications)
 - Set up [notifications](#notifications)
-- Use [helpers](#Helpers) to build your own actions
+- Use [helpers](#helpers) to build your own actions
 
 The Actions Library lists all available actions in playbooks with their detailed configuration.
 
@@ -18,11 +18,11 @@ The Actions Library lists all available actions in playbooks with their detailed
 
 | Name | Description |
 | --- | --- |
-| [Get Event Field Common Values](/integration/action_library/generic/sekoia-io/#get-event-field-common-values) | Retrieve the most common values of an ECS field based on the time window |
-| [List Assets](/integration/action_library/generic/sekoia-io/#list-assets) | Retrieve detailed information about assets based on a filter |
-| [Search Alerts](/integration/action_library/generic/sekoia-io/#search-alerts) | Retrieve detailed information about alerts (such as the urgency, name of the rule, etc… except events) based on a filter. |
-| [Get Alert](/integration/action_library/generic/sekoia-io/#get-alert) | Retrieve detailed alert information such as the urgency, name of the rule, pattern, etc… except events. |
-| [Get Events](/integration/action_library/generic/sekoia-io/#get-events) | Retrieve events based on a search. This action is equivalent to a search on the event page and takes into consideration 3 parameters: a query with filters (`source.ip=xx.xxx.xx`), and earliest time/latest time: two dates to determine the date range of the search. |
+| [Get Event Field Common Values](/integration/action_library/sekoia-io.md#get-event-field-common-values) | Retrieve the most common values of an ECS field based on the time window |
+| [List Assets](/integration/action_library/sekoia-io.md#list-assets) | Retrieve detailed information about assets based on a filter |
+| [Search Alerts](/integration/action_library/sekoia-io.md#search-alerts) | Retrieve detailed information about alerts (such as the urgency, name of the rule, etc… except events) based on a filter. |
+| [Get Alert](/integration/action_library/sekoia-io.md#get-alert) | Retrieve detailed alert information such as the urgency, name of the rule, pattern, etc… except events. |
+| [Get Events](/integration/action_library/sekoia-io.md#get-events) | Retrieve events based on a search. This action is equivalent to a search on the event page and takes into consideration 3 parameters: a query with filters (`source.ip=xx.xxx.xx`), and earliest time/latest time: two dates to determine the date range of the search. |
 
 !!!note
 	`Get Events` can be used to retrieve events from an alert. Events associated to an alert contain the key `alert_short_ids` with the value of the ID of the alert.
@@ -31,15 +31,15 @@ The Actions Library lists all available actions in playbooks with their detailed
 
 | Name | Description |
 | --- | --- |
-| [Create an asset](/integration/action_library/generic/sekoia-io/#create-asset) | Create an asset |
-| [Delete an asset](/integration/action_library/generic/sekoia-io/#delete-an-asset) | Delete an asset |
-| [Add attribute to asset](/integration/action_library/generic/sekoia-io/#add-attribute-to-asset) | Add attribute to asset |
-| [Add key to asset](/integration/action_library/generic/sekoia-io/#add-key-to-asset) | Add key to asset |
-| [Edit alert](/integration/action_library/generic/sekoia-io/#edit-alert) | Edit an alert details such as the urgency or the alert category |
-| [Comment alert](/integration/action_library/generic/sekoia-io/#comment-alert) | Add a comment to the alert |
-| [Update alert status](/integration/action_library/generic/sekoia-io/#update-alert-status) | Change the status of an alert |
-| [Push Events to Intake](/integration/action_library/generic/sekoia-io/#push-events-to-intake) | Push one or more events to an Intake |
-| [Attach Alerts to Case](/integration/action_library/generic/sekoia-io/#attach-alerts-to-case) | Attach one or more alerts to a case. |
+| [Create an asset](/integration/action_library/sekoia-io.md#create-asset) | Create an asset |
+| [Delete an asset](/integration/action_library/sekoia-io.md#delete-an-asset) | Delete an asset |
+| [Add attribute to asset](/integration/action_library/sekoia-io.md#add-attribute-to-asset) | Add attribute to asset |
+| [Add key to asset](/integration/action_library/sekoia-io.md#add-key-to-asset) | Add key to asset |
+| [Edit alert](/integration/action_library/sekoia-io.md#edit-alert) | Edit an alert details such as the urgency or the alert category |
+| [Comment alert](/integration/action_library/sekoia-io.md#comment-alert) | Add a comment to the alert |
+| [Update alert status](/integration/action_library/sekoia-io.md#update-alert-status) | Change the status of an alert |
+| [Push Events to Intake](/integration/action_library/sekoia-io.md#push-events-to-intake) | Push one or more events to an Intake |
+| [Attach Alerts to Case](/integration/action_library/sekoia-io.md#attach-alerts-to-case) | Attach one or more alerts to a case. |
 
 
 #### How to update an alert status
@@ -58,53 +58,53 @@ To update an alert status, you need to copy the `status_uuid` corresponding to t
 
 To get notified, you can rely on these tools:
 
-- [Mandrill](/integration/action_library/applicative/mandrill.md): Send Message
-- [Mattermost](/integration/action_library/applicative/mattermost.md): Post message / Post Sekoia.io alert
-- [Pagerduty](/integration/action_library/applicative/pagerduty.md): Trigger Alert
-- [The Hive](/integration/action_library/collaboration_tools/the-hive.md): Create an alert in the Hive
+- [Mandrill](/integration/action_library/mandrill.md): Send Message
+- [Mattermost](/integration/action_library/mattermost.md): Post message / Post Sekoia.io alert
+- [Pagerduty](/integration/action_library/pagerduty.md): Trigger Alert
+- [The Hive](/integration/action_library/the-hive.md): Create an alert in the Hive
 - ...
 
 ## Data collection
 
 If you have an account in one of the listed tools below, you can easily extract data from there and import it to Sekoia.io. This is made possible with an API key.
 
-- [BinaryEdge](/integration/action_library/threat_intelligence/binaryedge-s-api.md)
-- [Censys](/integration/action_library/threat_intelligence/censys.md)
-- [GLIMPS](/integration/action_library/threat_intelligence/glimps.md)
-- [IKnowWhatYouDownloaded](/integration/action_library/threat_intelligence/iknowwhatyoudownload.md)
-- [Onyphe](/integration/action_library/threat_intelligence/onyphe.md)
-- [Public Suffix](/integration/action_library/threat_intelligence/public-suffix.md)
-- [RiskIQ](/integration/action_library/threat_intelligence/riskiq.md)
-- [Shodan](/integration/action_library/threat_intelligence/shodan.md)
-- [VirusTotal](/integration/action_library/threat_intelligence/virustotal.md)
-- [Whois](/integration/action_library/threat_intelligence/whois.md)
+- [BinaryEdge](/integration/action_library/binaryedge-s-api.md)
+- [Censys](/integration/action_library/censys.md)
+- [GLIMPS](/integration/action_library/glimps.md)
+- [IKnowWhatYouDownloaded](/integration/action_library/iknowwhatyoudownload.md)
+- [Onyphe](/integration/action_library/onyphe.md)
+- [Public Suffix](/integration/action_library/public-suffix.md)
+- [RiskIQ](/integration/action_library/riskiq.md)
+- [Shodan](/integration/action_library/shodan.md)
+- [VirusTotal](/integration/action_library/virustotal.md)
+- [Whois](/integration/action_library/whois.md)
 - ...
 
 ## Helpers
 
 | Name | Description |
 | --- | --- |
-| [fileutils](/integration/action_library/generic/fileutils.md) | Extract data from XML or JSON files |
-| [http](/integration/action_library/generic/http.md) | Request HTTP resources (download file, request URL) |
-| [STIX](/integration/action_library/threat_intelligence/stix.md) | Add source, add tags, create relationships, cryptolaemus to STIX, CVE to STIX, filter bundle, JSON objects to observables, VirusTotal LiveHunt to observables, MISP to STIX, observables to contextualized indicators, observables to indicators, remove orphan objects, STIX to MISP, string to observables |
+| [fileutils](/integration/action_library/fileutils.md) | Extract data from XML or JSON files |
+| [http](/integration/action_library/http.md) | Request HTTP resources (download file, request URL) |
+| [STIX](/integration/action_library/stix.md) | Add source, add tags, create relationships, cryptolaemus to STIX, CVE to STIX, filter bundle, JSON objects to observables, VirusTotal LiveHunt to observables, MISP to STIX, observables to contextualized indicators, observables to indicators, remove orphan objects, STIX to MISP, string to observables |
 
 These helpers need their associated trigger to function properly:
 
 | Name | Description |
 | --- | --- |
-| [MISP](/integration/action_library/threat_intelligence/misp.md) | Gather, store, share and correlate threat intelligence. Convert from MISP to STIX, publish MISP event |
-| [MWDB](/integration/action_library/threat_intelligence/mwdb.md) | Convert a MWDB config to a bundle of observables |
-| [Triage](/integration/action_library/threat_intelligence/triage.md) | Triage raw results to observables |
+| [MISP](/integration/action_library/misp.md) | Gather, store, share and correlate threat intelligence. Convert from MISP to STIX, publish MISP event |
+| [MWDB](/integration/action_library/mwdb.md) | Convert a MWDB config to a bundle of observables |
+| [Triage](/integration/action_library/triage.md) | Triage raw results to observables |
 
 ## Third-party applications
 
-- [Microsoft Entra ID (Azure AD) ](/integration/action_library/iam/microsoft-entra-id.md)
-- [Microsoft Remote Server](/integration/action_library/applicative/microsoft-remote-server.md)
-- [Fortigate Firewalls](/integration/action_library/network/fortigate-firewalls.md)
-- [HarfangLab](/integration/action_library/endpoint/harfanglab.md)
-- [Panda Security](/integration/action_library/endpoint/panda-security.md)
-- [Sentinel One](/integration/action_library/endpoint/sentinelone.md)
-- [ServiceNow](/integration/action_library/collaboration_tools/servicenow.md)
+- [Microsoft Entra ID (Azure AD) ](/integration/action_library/microsoft-entra-id.md)
+- [Microsoft Remote Server](/integration/action_library/microsoft-remote-server.md)
+- [Fortigate Firewalls](/integration/action_library/fortigate-firewalls.md)
+- [HarfangLab](/integration/action_library/harfanglab.md)
+- [Panda Security](/integration/action_library/panda-security.md)
+- [Sentinel One](/integration/action_library/sentinelone.md)
+- [ServiceNow](/integration/action_library/servicenow.md)
 - ...
 
 More actions are available in the Actions Library. To learn how to set up an action, please refer to its documentation.

diff --git a/_shared_content/automate/build-playbooks.md b/_shared_content/automate/build-playbooks.md
@@ -60,7 +60,7 @@ To create a playbook from scratch, you will need to create an empty playbook, go
 
 Please refer to the documentation for each of these types to learn how to use them efficiently.
 
-You can refer to our [playbook templates](https://github.com/SEKOIA-IO/Community/tree/main/playbooks/templates) and [use cases](/xdr/usecases/playbook/synchronize_alerts/) for inspiration.
+You can refer to our [playbook templates](https://github.com/SEKOIA-IO/Community/tree/main/playbooks/templates) and [use cases](/xdr/usecases/playbook/synchronize_alerts.md) for inspiration.
 
 ## Meta-playbook creation
 

diff --git a/_shared_content/automate/navigate-playbooks.md b/_shared_content/automate/navigate-playbooks.md
@@ -53,7 +53,7 @@ The workflow view is composed of three main sections:
 
 #### Actions library
 
-Accessible in a side panel that appears when clicking on the `+` on the left of the screen, this library provides you with a set of [triggers](https://docs.sekoia.io/xdr/features/automate/triggers/), [actions](https://docs.sekoia.io/xdr/features/automate/actions/) and [operators](https://docs.sekoia.io/xdr/features/automate/operators/) to help automate your workflow.
+Accessible in a side panel that appears when clicking on the `+` on the left of the screen, this library provides you with a set of [triggers](/xdr/features/automate/triggers.md), [actions](/xdr/features/automate/actions.md) and [operators](/xdr/features/automate/operators.md) to help automate your workflow.
 
 These actions are regrouped in apps and services that are interconnected with Sekoia.io.
 
@@ -65,7 +65,7 @@ To find actions in the listing, you can either:
 To add these actions to your graph, click on the dots next to the action name and drag it to the graph area. Dropping actions into this area will form a **block**.
 
 !!! note
-    Configuration for each of these blocks is detailed in the [Library section](https://docs.sekoia.io/xdr/features/automate/library/aws/) of this documentation.
+    Configuration for each of these blocks is detailed in the [Library section](/xdr/features/automate/library/aws.md) of this documentation.
 
 #### Graph area
 
@@ -229,7 +229,7 @@ This tab includes filters for sorting by Status. Additionally, 'Meta-Playbooks'
 
 #### Run results
 
-Run results are accessible either from the tab `Runs` in the playbook or in the panel that details a [playbook's details](#details-panel).
+Run results are accessible either from the tab `Runs` in the playbook or in the panel that details a [playbook's details](#playbook-details).
 
 This panel contains the following information:
 

diff --git a/_shared_content/automate/playbooks-on-premises.md b/_shared_content/automate/playbooks-on-premises.md
@@ -1,12 +1,12 @@
 # Playbooks On-premises
 
-Our clients may find it necessary to execute Playbook actions within a local network that remains isolated from external internet access or rejects inbound connections. To meet this particular need, we enable users to select actions they want to perform on their local network directly from the Playbooks' user interface. 
+Our clients may find it necessary to execute Playbook actions within a local network that remains isolated from external internet access or rejects inbound connections. To meet this particular need, we enable users to select actions they want to perform on their local network directly from the Playbooks' user interface.
 
-Clients must undertake a short installation process to harness the full potential of this security-enhancing feature. This involves installing our [dedicated agent](https://docs.sekoia.io/integration/integrations/endpoint/sekoiaio/) and Docker onto a Linux machine within their local network. The meticulous setup ensures that Playbook actions can be executed with the utmost reliability and security, maintaining the integrity of the local network environment. 
+Clients must undertake a short installation process to harness the full potential of this security-enhancing feature. This involves installing our [dedicated agent](/integration/categories/endpoint/sekoiaio.md) and Docker onto a Linux machine within their local network. The meticulous setup ensures that Playbook actions can be executed with the utmost reliability and security, maintaining the integrity of the local network environment.
 
 Below, we provide detailed instructions on how to accomplish the installation process.
 
-!!! warning 
+!!! warning
     The Playbook runner supports only action, not trigger, execution on-premises.
 
 !!! INFO
@@ -36,15 +36,15 @@ Playbooks On-prem rely on `docker` to execute actions. For instructions on how t
 
 #### podman
 
-In certain Linux distributions, such as RHEL and CentOS, podman may come pre-installed, potentially preventing `docker`from working correctly. 
+In certain Linux distributions, such as RHEL and CentOS, podman may come pre-installed, potentially preventing `docker`from working correctly.
 
 Plus, podman can also inadvertently intercept and execute docker commands if the `podman-docker` package is installed.
 
-Because of this, the playbook runner agent **requires the presence of both the Docker client and the Docker engine**. 
+Because of this, the playbook runner agent **requires the presence of both the Docker client and the Docker engine**.
 
 To uninstall `podman` and resolve any compatibility issues, follow the instructions below:
 
-1. Remove packages 
+1. Remove packages
     ```
     sudo yum remove buildah skopeo podman containers-common atomic-registries docker container-tools
     ```
@@ -54,7 +54,7 @@ To uninstall `podman` and resolve any compatibility issues, follow the instructi
     sudo rm -rf /etc/containers/* /var/lib/containers/* /etc/docker /etc/subuid* /etc/subgid*
     ```
 
-3. Delete any associated container storage 
+3. Delete any associated container storage
     ```
     cd ~ && rm -rf /.local/share/containers/
     ```
@@ -66,15 +66,15 @@ To ensure a bug-free installation, the Sekoia Endpoint Agent must be able to com
 - To pull module images:
     - ghcr.io
     - githubusercontent.com
-    
+
 - To send execution results and store files:
     - sekoia.io
     - app.sekoia.io
     - api.sekoia.io
     - minio-symphony.prod.sekoia.io
     - ...
 
-### Testing the prerequisites 
+### Testing the prerequisites
 
 We've prepared a Docker image to facilitate the validation process and ensure the environment is properly configured for agent installation.
 
@@ -103,14 +103,14 @@ Checking connectivity with the object storage ... OK
     * Proxy information: `-e https_proxy={proxy_url}`
 
 
-## Playbook runners 
+## Playbook runners
 
-A playbook runner is a local relay that launches playbook actions on a local network. 
-It can be used with any action in Sekoia.io playbooks. 
+A playbook runner is a local relay that launches playbook actions on a local network.
+It can be used with any action in Sekoia.io playbooks.
 
 ### Create a playbook runner
 
-To create a playbook runner, follow these steps: 
+To create a playbook runner, follow these steps:
 
 1. On the playbooks listing page, select the `Playbook runners` button in the upper-right corner
     ![create playbook runner](/assets/playbooks/create_runner.png){: style="max-width:100%"}
@@ -129,18 +129,18 @@ Your newly created playbook runner should now appear in the list. It will also b
 
  ![playbook runner instructions](/assets/playbooks/playbook_runner_action_on_premise.png){: align="right", width="280"}
 
-Playbook runners can be used in any action in the playbook catalog. You can add them in the configuration panel that is shown when selecting an action in the playbook. 
+Playbook runners can be used in any action in the playbook catalog. You can add them in the configuration panel that is shown when selecting an action in the playbook.
 
-To use a playbook runner for a specific action, follow these steps: 
+To use a playbook runner for a specific action, follow these steps:
 
 1. Go to a playbook and select the action that should be executed on-premises
 2. Open the configuration sidebar for this action and change "How to execute this action" to "On-premises"
 3. In the "Which playbook runner" section, select the runner you want to use to execute this action
-4. After selecting the playbook runner and completing the configuration, save the playbook 
+4. After selecting the playbook runner and completing the configuration, save the playbook
 
 ## Proxy support
 
-The playbook runner can use a proxy server when executing actions if needed. 
+The playbook runner can use a proxy server when executing actions if needed.
 
 If you want to enable this feature, edit the configuration file at `/etc/endpoint-agent/config.yaml` and add the following line: