Refresh intakes documentation

_shared_content/operations_center/integrations/generated/40deb162-6bb1-4635-9c99-5c2de7e1d340.md

@@ -2429,42 +2429,42 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "code_signature": {
                 "exists": false
             },
-            "command_line": " /bin/sh -c ip -6 -a -o address",
-            "executable": "/usr/bin/dash",
+            "command_line": " ip -6 -a -o address",
+            "executable": "/usr/bin/ip",
             "hash": {
-                "sha1": "827265afe07691a445674eb09e0eb4fd025dbd43"
+                "sha1": "3c954614f2c9af7181e4d00e00ab4485e4a9c33f"
             },
-            "name": "dash",
+            "name": "ip",
             "parent": {
                 "code_signature": {
                     "exists": false
                 },
-                "command_line": " python3 -u /usr/sbin/waagent -run-exthandlers",
-                "executable": "/usr/bin/python3.9",
+                "command_line": " /bin/sh -c ip -6 -a -o address",
+                "executable": "/usr/bin/dash",
                 "hash": {
-                    "sha1": "50e2a658cfe2243cfe3e6f722f049b0ba377b7e4"
+                    "sha1": "827265afe07691a445674eb09e0eb4fd025dbd43"
                 },
-                "name": "python3.9",
-                "pid": 911,
+                "name": "dash",
+                "pid": 1517,
                 "real_user": {
                     "id": "0",
                     "name": "root"
                 },
                 "start": "2023-04-12T14:05:32.200000Z",
-                "title": "python3.9",
+                "title": "dash",
                 "user": {
                     "id": "0",
                     "name": "root"
                 },
                 "working_directory": "/usr/bin"
             },
-            "pid": 1517,
+            "pid": 1518,
             "real_user": {
                 "id": "0",
                 "name": "root"
             },
             "start": "2023-04-12T14:24:34.590000Z",
-            "title": "dash",
+            "title": "ip",
             "user": {
                 "id": "0",
                 "name": "root"
@@ -2473,7 +2473,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "related": {
             "hash": [
-                "50e2a658cfe2243cfe3e6f722f049b0ba377b7e4",
+                "3c954614f2c9af7181e4d00e00ab4485e4a9c33f",
                 "827265afe07691a445674eb09e0eb4fd025dbd43"
             ],
             "user": [
@@ -3102,50 +3102,54 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "exists": true,
                 "subject_name": "MICROSOFT WINDOWS"
             },
-            "command_line": "C:\\Windows\\system32\\svchost.exe -k DcomLaunch -p",
-            "executable": "C:\\Windows\\System32\\svchost.exe",
+            "command_line": "C:\\Windows\\System32\\RuntimeBroker.exe -Embedding",
+            "executable": "C:\\Windows\\System32\\RuntimeBroker.exe",
             "hash": {
-                "md5": "b7f884c1b74a263f746ee12a5f7c9f6a",
-                "sha1": "1bc5066ddf693fc034d6514618854e26a84fd0d1",
-                "sha256": "add683a6910abbbf0e28b557fad0ba998166394932ae2aca069d9aa19ea8fe88"
+                "md5": "ba4cfe6461afa1004c52f19c8f2169dc",
+                "sha1": "ab8539ef6b2a93ff9589dec4b34a0257b6296c92",
+                "sha256": "e86870769ee6c797e09457bd99c58d9bf2303cf0193a24ef9b1222c2c3daf628"
             },
-            "name": "svchost.exe",
+            "name": "RuntimeBroker.exe",
             "parent": {
                 "code_signature": {
                     "exists": true,
                     "subject_name": "MICROSOFT WINDOWS"
                 },
-                "command_line": "C:\\Windows\\system32\\svchost.exe -k DcomLaunch -p",
-                "executable": "C:\\Windows\\System32\\svchost.exe",
+                "command_line": "\"C:\\Windows\\system32\\BackgroundTaskHost.exe\" -ServerName:BackgroundTaskHost.WebAccountProvider",
+                "executable": "C:\\Windows\\System32\\backgroundTaskHost.exe",
                 "hash": {
-                    "md5": "b7f884c1b74a263f746ee12a5f7c9f6a",
-                    "sha1": "1bc5066ddf693fc034d6514618854e26a84fd0d1",
-                    "sha256": "add683a6910abbbf0e28b557fad0ba998166394932ae2aca069d9aa19ea8fe88"
+                    "md5": "da7063b17dbb8bbb3015351016868006",
+                    "sha1": "c6e63c7aae9c4e07e15c1717872c0c73f3d4fb09",
+                    "sha256": "20330d3ca71d58f4aeb432676cb6a3d5b97005954e45132fb083e90782efdd50"
                 },
-                "name": "svchost.exe",
+                "name": "backgroundTaskHost.exe",
+                "pid": 2096,
                 "process": {
                     "pid": "852"
                 },
                 "start": "2023-03-21T10:33:49.780000Z",
-                "title": "Host Process for Windows Services",
+                "title": "Background Task Host",
                 "user": {
-                    "name": "NT AUTHORITY\\SYSTEM"
+                    "name": "desktop-jdoe\\john.doe"
                 },
                 "working_directory": "C:\\Windows\\System32"
             },
-            "pid": 852,
-            "start": "2023-03-21T10:33:49.780000Z",
-            "title": "Host Process for Windows Services",
+            "pid": 3212,
+            "start": "2023-03-21T13:39:25.867000Z",
+            "title": "Runtime Broker",
             "user": {
-                "name": "NT AUTHORITY\\SYSTEM"
+                "name": "desktop-jdoe\\john.doe"
             },
             "working_directory": "C:\\Windows\\System32"
         },
         "related": {
             "hash": [
-                "1bc5066ddf693fc034d6514618854e26a84fd0d1",
-                "add683a6910abbbf0e28b557fad0ba998166394932ae2aca069d9aa19ea8fe88",
-                "b7f884c1b74a263f746ee12a5f7c9f6a"
+                "20330d3ca71d58f4aeb432676cb6a3d5b97005954e45132fb083e90782efdd50",
+                "ab8539ef6b2a93ff9589dec4b34a0257b6296c92",
+                "ba4cfe6461afa1004c52f19c8f2169dc",
+                "c6e63c7aae9c4e07e15c1717872c0c73f3d4fb09",
+                "da7063b17dbb8bbb3015351016868006",
+                "e86870769ee6c797e09457bd99c58d9bf2303cf0193a24ef9b1222c2c3daf628"
             ],
             "user": [
                 "SYSTEM"

_shared_content/operations_center/integrations/generated/7a12aa3b-ec73-4ebb-8fb3-f7c543fd84a5.md

@@ -499,6 +499,58 @@ Find below few samples of events and how they are normalized by Sekoia.io.
 	```
 
 
+=== "test_event_sys31437.json"
+
+    ```json
+
+    {
+        "message": "id=firewall time=\"2024-01-12 23:00:22\" pri=6 fw=8.8.8.8 vpn=EX023-V6 user=System realm=\"\" roles=\"\" type=mgmt proto= src=1.2.3.4 dst= dstname= sent= rcvd= msg=\"SYS31437: Successful syslog connection to peer: '3.4.5.6'\"",
+        "event": {
+            "category": [
+                "network"
+            ],
+            "code": "SYS31437",
+            "reason": " Successful syslog connection to peer: '3.4.5.6'",
+            "type": [
+                "info"
+            ]
+        },
+        "action": {
+            "name": "SYS31437"
+        },
+        "network": {
+            "forwarded_ip": "8.8.8.8"
+        },
+        "observer": {
+            "ip": [
+                "8.8.8.8"
+            ]
+        },
+        "related": {
+            "ip": [
+                "3.4.5.6",
+                "8.8.8.8"
+            ],
+            "user": [
+                "System"
+            ]
+        },
+        "service": {
+            "name": "EX023-V6",
+            "type": "mgmt"
+        },
+        "source": {
+            "address": "3.4.5.6",
+            "ip": "3.4.5.6"
+        },
+        "user": {
+            "name": "System"
+        }
+    }
+    	
+	```
+
+
 === "test_event_sys32083.json"
 
     ```json