Merge pull request #1652 from SEKOIA-IO/update-automation-library-doc…

…umentation Refresh automation library documentation
SEKOIA-IO · Mar 27, 2024 · fa3af2f · fa3af2f
2 parents 4dc0389 + 16d1c4f
commit fa3af2f
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 2 deletions.
diff --git a/_shared_content/automate/library/lacework.md b/_shared_content/automate/library/lacework.md
@@ -0,0 +1,35 @@
+# Lacework
+
+![Lacework](/assets/playbooks/library/lacework.png){ align=right width=150 }
+
+[Lacework](https://www.lacework.com/) is a cybersecurity company specializing in cloud security and compliance, offering automated threat detection and response solutions for modern cloud environments.
+
+## Configuration
+
+| Name      |  Type   |  Description  |
+| --------- | ------- | --------------------------- |
+| `key_id` | `string` | The KeyId of your API Key |
+| `secret` | `string` | The secret of your API Key |
+| `account` | `string` | The account of your API Key (e.g: `YourLaceworkTenant.lacework.net`) |
+
+## Triggers
+
+### [BETA] Fetch new logs from Lacework
+
+Get last system logs from the Lacework platform
+
+**Arguments**
+
+| Name      |  Type   |  Description  |
+| --------- | ------- | --------------------------- |
+| `frequency` | `integer` | Batch frequency in seconds |
+| `chunk_size` | `integer` | The size of chunks for the batch processing |
+| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') |
+| `intake_key` | `string` | Intake key to use when sending events |
+| `filter` | `string` | [Filter Expression](https://docs.lacework.net/console/filter-alerts) that filters the results |
+| `ratelimit_per_hour` | `integer` | The number of requests allowed to the API in one hour for the token |
+
+
+## Extra
+
+Module **`Lacework` v0.1.5**
diff --git a/docs/assets/playbooks/library/lacework.png b/docs/assets/playbooks/library/lacework.png
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -83,7 +83,7 @@ nav:
           - Tenable Identity Exposure / Alsid: xdr/features/collect/integrations/application/alsid.md
           - Apache HTTP Server: xdr/features/collect/integrations/application/apache.md
           - BIND: xdr/features/collect/integrations/application/bind.md
-          - Суberwatch Detection: xdr/features/collect/integrations/application/cyberwatch_detection.md
+          - "\u0421\u0443berwatch Detection": xdr/features/collect/integrations/application/cyberwatch_detection.md
           - FreeRADIUS: xdr/features/collect/integrations/application/freeradius.md
           - HAProxy: xdr/features/collect/integrations/application/haproxy.md
           - ISC DHCP: xdr/features/collect/integrations/application/dhcpd.md
@@ -305,6 +305,7 @@ nav:
         - IPtoASN: xdr/features/automate/library/iptoasn.md
         - Imperva: xdr/features/automate/library/imperva.md
         - Jumpcloud Directory Insights: xdr/features/automate/library/jumpcloud-directory-insights.md
+        - Lacework: xdr/features/automate/library/lacework.md
         - MISP: xdr/features/automate/library/misp.md
         - MWDB: xdr/features/automate/library/mwdb.md
         - Mandrill: xdr/features/automate/library/mandrill.md
@@ -498,6 +499,7 @@ nav:
         - IPtoASN: tip/features/automate/library/iptoasn.md
         - Imperva: tip/features/automate/library/imperva.md
         - Jumpcloud Directory Insights: tip/features/automate/library/jumpcloud-directory-insights.md
+        - Lacework: tip/features/automate/library/lacework.md
         - MISP: tip/features/automate/library/misp.md
         - MWDB: tip/features/automate/library/mwdb.md
         - Mandrill: tip/features/automate/library/mandrill.md
@@ -852,12 +854,12 @@ plugins:
       user_center/multi_factor_authentication.md: getting_started/account_security.md
       xdr/develop/rest_api/identity_and_authentication.md: xdr/develop/rest_api/community.md
       xdr/features/collect/ingestion_methods/sekoiaio.md: xdr/features/collect/integrations/endpoint/sekoiaio.md
+      xdr/features/collect/integrations/cloud_and_saas/duo_security.md: xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md
       xdr/features/collect/integrations/cloud_and_saas/google/google_workspace.md: xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md
       xdr/features/collect/integrations/cloud_and_saas/netskope_events.md: xdr/features/collect/integrations/cloud_and_saas/netskope/netskope_events.md
       xdr/features/collect/integrations/endpoint/checkpoint_harmony.md: xdr/features/collect/integrations/endpoint/checkpoint_harmony_mobile.md
       xdr/features/collect/integrations/endpoint/trend_micro_deep_security.md: xdr/features/collect/integrations/endpoint/trend_micro/trend_micro_deep_security.md
       xdr/features/investigate/dork_language.md: xdr/features/investigate/events_query_language.md
-      xdr/features/collect/integrations/cloud_and_saas/duo_security.md: xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md
 - redoc
 - intakes_by_uuid
 repo_url: https://github.com/SEKOIA-IO/documentation