Merge pull request #1354 from SEKOIA-IO/feat/jumpcloud-documentation

Add Jumpcloud documentation

_shared_content/automate/library/jumpcloud-directory-insights.md

@@ -1,6 +1,6 @@
-# Jumpcloud Directory Insights
+# Jumpcloud Directory Insights Connector
 
-![Jumpcloud Directory Insights](/assets/playbooks/library/jumpcloud-directory-insights.png){ align=right width=150 }
+![Jumpcloud Directory Insights Connector](/assets/playbooks/library/jumpcloud-directory-insights.png){ align=right width=150 }
 
 Directory Insights allows you to read event logs, view activity in your directory, and monitor user authentications to the console, RADIUS, LDAP, and SSO apps. Directory Insights analyzes the audit trails that lead to critical events so you know the what, where, when, how, and who of your directory activities.
 
@@ -13,7 +13,7 @@ Directory Insights allows you to read event logs, view activity in your director
 
 ## Triggers
 
-### [BETA] Jumpcloud Directory Insights Connector
+### Jumpcloud Directory Insights Connector
 
 
 

docs/xdr/features/collect/integrations/cloud_and_saas/jumpcloud_directory_insights.md

@@ -0,0 +1,39 @@
+uuid: a1dbed03-cd69-4a51-8ae5-aa67d2f29fcb
+name: Jumpcloud Directory Insights
+type: intake
+
+
+## Overview
+
+Jumpcloud Directory Insights provides activity records related to your organization.
+
+
+{!_shared_content/operations_center/detection/generated/suggested_rules_a1dbed03-cd69-4a51-8ae5-aa67d2f29fcb_do_not_edit_manually.md!}
+
+{!_shared_content/operations_center/integrations/generated/a1dbed03-cd69-4a51-8ae5-aa67d2f29fcb.md!}
+
+## Configure
+
+### Generate API token
+
+1. Sign-in in your Jumpcloud tenant with administrator role
+2. Click on your username on the top right of the screen 
+3. Select `My API Key
+
+### Create the intake in Sekoia.io
+
+1. Go to the [intake page](https://app.sekoia.io/operations/intakes) 
+2. Create a new intake from the format `Jumpcloud Directory Insights`. 
+3. Copy the intake key
+
+### Pull events
+
+To start to pull events, you have to:
+
+1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Jumpcloud Directory Insights Connector](../../../automate/library/jumpcloud-directory-insights.md) trigger
+2. Set up the module configuration with your API Key. Set up the trigger configuration with the intake key and select the event types you want to collect (`all` by default, refer to the [Jumpcloud Directory Insights service list](https://docs.jumpcloud.com/api/insights/directory/1.0/index.html#section/Using-the-Directory-Insights-API/JSON-POST-Request-Body) for other possible values).
+3. Start the playbook and enjoy your events
+
+## Further Readings
+
+- [Jumpcloud Directory Insights API documentation](https://docs.jumpcloud.com/api/insights/directory/1.0/index.html)

mkdocs.yml

@@ -115,6 +115,7 @@ nav:
             - Google Cloud VPC Flow Logs: xdr/features/collect/integrations/cloud_and_saas/google/google_vpc_flow_logs.md
             - Google Workspace: xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md
           - Imperva WAF: xdr/features/collect/integrations/cloud_and_saas/imperva_waf.md
+          - Jumpcloud Directory Insights: xdr/features/collect/integrations/cloud_and_saas/jumpcloud_directory_insights.md
           - Microsoft Azure:
             - Azure Active Directory: xdr/features/collect/integrations/cloud_and_saas/azure/azure_ad.md
             - Azure Front Door: xdr/features/collect/integrations/cloud_and_saas/azure/azure_front_door.md
@@ -264,6 +265,7 @@ nav:
         - IKnowWhatYouDownload: xdr/features/automate/library/iknowwhatyoudownload.md
         - IPtoASN: xdr/features/automate/library/iptoasn.md
         - Imperva: xdr/features/automate/library/imperva.md
+        - Jumpcloud: xdr/features/automate/library/jumpcloud-directory-insights.md
         - MISP: xdr/features/automate/library/misp.md
         - MWDB: xdr/features/automate/library/mwdb.md
         - Mandrill: xdr/features/automate/library/mandrill.md