Merge pull request #1594 from SEKOIA-IO/update-intake-documentation

Refresh intakes documentation

_shared_content/operations_center/integrations/generated/20876735-c423-4bbc-9d19-67edc91fb063.md

@@ -112,7 +112,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
     ```json
 
     {
-        "message": "11:21:58,183, example.intranet, audit.admin.com.rsa.authmgr.internal.admin.tokenmgt.impl.TokenAdministrationImpl, INFO, 1c91aa9d56d64ea6816814fbd5f4fd4b,0e34d92f7c6549b19ed28471c02a049b,5.6.7.8,1.2.3.4,AM_UNLINK_TOKEN_PRINCIPAL,20046,SUCCESS,,e7ec7ff59d604a2ba3fa09067bbd65a4-L0+/miv3k62B,,000000000000000000001000d0021000,000000000000000000001000d0011000,000000000000000000001000e0011000,admin,Admin,Admin,AM_TOKEN,b43b74700a8c4634b2d5e6335a4a4a2a,,000000000000000000001000e0011000,000517223810,PRINCIPAL,54b6b5513c6410ac1cdda331149e66f3,0c38de293c6410ac0174e9584025c12f,000000000000000000001000e0011000,source.hostname,admin",
+        "message": "11:21:58,183, example.intranet, audit.admin.com.rsa.authmgr.internal.admin.tokenmgt.impl.TokenAdministrationImpl, INFO, 1c91aa9d56d64ea6816814fbd5f4fd4b,0e34d92f7c6549b19ed28471c02a049b,5.6.7.8,1.2.3.4,AM_UNLINK_TOKEN_PRINCIPAL,20046,SUCCESS,,e7ec7ff59d604a2ba3fa09067bbd65a4-L0+/miv3k62B,,000000000000000000001000d0021000,000000000000000000001000d0011000,000000000000000000001000e0011000,admin,Admin,Admin,AM_TOKEN,b43b74700a8c4634b2d5e6335a4a4a2a,,000000000000000000001000e0011000,000517223810,PRINCIPAL,54b6b5513c6410ac1cdda331149e66f3,0c38de293c6410ac0174e9584025c12f,000000000000000000001000e0011000,user.target,admin",
         "event": {
             "category": [
                 "authentication"
@@ -183,7 +183,10 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "user": {
             "id": "000000000000000000001000d0021000",
-            "name": "admin"
+            "name": "admin",
+            "target": {
+                "name": "user.target"
+            }
         }
     }
     	
@@ -752,4 +755,5 @@ The following table lists the fields that are extracted, normalized under the EC
 |`source.ip` | `ip` | IP address of the source. |
 |`user.id` | `keyword` | Unique identifier of the user. |
 |`user.name` | `keyword` | Short name or login of the user. |
+|`user.target.name` | `keyword` | Short name or login of the user. |
 

_shared_content/operations_center/integrations/generated/23b75d0c-2026-4d3e-b916-636c27ba4931.md

@@ -292,120 +292,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
 	```
 
 
-=== "test_log1.json"
-
-    ```json
-
-    {
-        "message": "Info: 1649655138.876 43 10.10.209.152 TCP_MISS/200 4936 GET http://formationenligne.barthelemy-avocats.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1647340070&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core_message%22%2C%22template%22%3A%22message_jumpto%22%2C%22themename%22%3A%22fordson%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22tool_usertours%22%2C%22template%22%3A%22resettour%22%2C%22themename%22%3A%22fordson%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22block_recentlyaccess",
-        "event": {
-            "category": [
-                "network",
-                "web"
-            ],
-            "kind": "event"
-        },
-        "cisco_wsa": {
-            "threat": {
-                "category": "Not Set"
-            }
-        },
-        "network": {
-            "direction": "egress"
-        },
-        "observer": {
-            "product": "Cisco Web Security Appliances",
-            "type": "proxy",
-            "vendor": "Cisco"
-        },
-        "sekoiaio": {
-            "intake": {
-                "parsing_warnings": [
-                    "No fields extracted from original event"
-                ]
-            }
-        }
-    }
-    	
-	```
-
-
-=== "test_log2.json"
-
-    ```json
-
-    {
-        "message": "Info: 1649655134.381 30 10.10.209.152 TCP_MISS/200 628 GET http://formationenligne.barthelemy-avocats.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1649643002&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2",
-        "event": {
-            "category": [
-                "network",
-                "web"
-            ],
-            "kind": "event"
-        },
-        "cisco_wsa": {
-            "threat": {
-                "category": "Not Set"
-            }
-        },
-        "network": {
-            "direction": "egress"
-        },
-        "observer": {
-            "product": "Cisco Web Security Appliances",
-            "type": "proxy",
-            "vendor": "Cisco"
-        },
-        "sekoiaio": {
-            "intake": {
-                "parsing_warnings": [
-                    "No fields extracted from original event"
-                ]
-            }
-        }
-    }
-    	
-	```
-
-
-=== "test_log3.json"
-
-    ```json
-
-    {
-        "message": "Info: 1649655134.394 51 10.10.209.152 TCP_MISS/200 8286 GET http://formationenligne.barthelemy-avocats.com/lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1647340070&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22fordson%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22fordson%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22fordson%22%2C%22lang%22%3A%22fr%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_outp",
-        "event": {
-            "category": [
-                "network",
-                "web"
-            ],
-            "kind": "event"
-        },
-        "cisco_wsa": {
-            "threat": {
-                "category": "Not Set"
-            }
-        },
-        "network": {
-            "direction": "egress"
-        },
-        "observer": {
-            "product": "Cisco Web Security Appliances",
-            "type": "proxy",
-            "vendor": "Cisco"
-        },
-        "sekoiaio": {
-            "intake": {
-                "parsing_warnings": [
-                    "No fields extracted from original event"
-                ]
-            }
-        }
-    }
-    	
-	```
-
-
 === "w3c.json"
 
     ```json

_shared_content/operations_center/integrations/generated/2b13307b-7439-4973-900a-2b58303cac90.md

@@ -1169,33 +1169,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
 	```
 
 
-=== "test_incident.json"
-
-    ```json
-
-    {
-        "message": " Event [1201736] [2-3]  (fileName = \"ds:///vmfs/volumes/63985d53-c3598817-6688-5c6f69e18ad0/HDD01-835/HDD01-835.vmdk\", datastore = 'vim.Datastore:d6543eda-9347-4b38-b803-6f5048248ea8:datastore-2809', backingObjectId = \"\", diskMode = \"independent_nonpersistent\", split = <unset>, writeThrough = <unset>, thinProvisioned = false, eagerlyScrub = false, uuid = \"6000C299-dd5c-07cb-b868-3600b53d2781\", contentId = \"5c1d0d8547e8b15283e287f5cb18ef5e\", changeId = <unset>, parent = null, deltaDiskFormat = <unset>, digestEnabled = false, deltaGrainSize = <unset>, deltaDiskFormatVariant = <unset>, sharing = <unset>, keyId = null, cryptoIntegrityProtectionType = <unset>), deltaDiskFormat = \"seSparseFormat\", digestEnabled = false, deltaGrainSize = 4, deltaDiskFormatVariant = <unset>, sharing = \"sharingNone\", keyId = null, cryptoIntegrityProtectionType = <unset>), connectable = null, slotInfo = null, controllerKey = 1000, unitNumber = 3, numaNode = <unset>, capacityInKB = 104857600, capacityInBytes = 107374182400, shar",
-        "event": {
-            "kind": "event",
-            "category": [
-                "file"
-            ],
-            "type": [
-                "info"
-            ]
-        },
-        "observer": {
-            "vendor": "VMware",
-            "product": "ESXi"
-        },
-        "file": {
-            "name": "ds:///vmfs/volumes/63985d53-c3598817-6688-5c6f69e18ad0/HDD01-835/HDD01-835.vmdk"
-        }
-    }
-    	
-	```
-
-