Merge pull request #1835 from SEKOIA-IO/fix-doc-legacy-fields

fix: remove references to legacy fields

docs/xdr/features/investigate/querying_events.md

@@ -20,10 +20,8 @@ The Tables below detail the main fields that can be used to narrow down your sea
 
 | name                           | type   | description                                 |
 | ------------------------------ | ------ | ------------------------------------------- |
-| sekoiaio.entity.name           | string | Name of the entity                          |
 | sekoiaio.entity.uuid           | string | Unique identifier of the entity             |
-| sekoiaio.intake.key            | string | The intake key                              |
-| sekoiaio.intake.name           | string | Name of the intake                          |
+| sekoiaio.intake.uuid           | string | Unique identifier of the intake             |
 | sekoiaio.intake.dialect        | string | Name of the intake format                   |
 | sekoiaio.intake.dialect_uuid   | string | UUID of the intake format                   |
 | sekoiaio.intake.parsing_status | string | The parsing status (`success` or `failure`) |

docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md

@@ -36,7 +36,7 @@ Find the playbook configuration below:
   - **earliest_time**   `{{ ((node.2.first_seen_at | iso8601_to_timestamp) - 3600000) | timestamp_to_iso8601 }}`
   - **fields**  `user_agent.original`
   - **latest_time**    `now`    
-  - **query**   `source.ip:"{{ node.2['source'] }}" AND destination.ip:"{{ node.2['target'] }}" AND entity.name:"{{ node.2['entity']['name'] }}"`
+  - **query**   `source.ip:"{{ node.2['source'] }}" AND destination.ip:"{{ node.2['target'] }}" AND entity.uuid:"{{ node.2['entity']['uuid'] }}"`
 
 `Comment Alert`
   - **content**  `{{ node.3| jsonpath("$.fields[*].common_values[*]['value']", True) }}% of time this user-agent "{{ node.3| jsonpath("$.fields[*].common_values[*]['name']", True) }}}" was seen on these events during the last 60 minutes.`