From bfb786878866c14b80d705dceccc096c247feee0 Mon Sep 17 00:00:00 2001 From: Mathieu Bellon Date: Fri, 22 Sep 2023 14:55:53 +0200 Subject: [PATCH 1/4] Replace our default Beta message --- .../features/collect/integrations/application/rsa_securid.md | 2 +- .../collect/integrations/cloud_and_saas/aws/aws_guardduty.md | 2 +- .../features/collect/integrations/cloud_and_saas/cato_sase.md | 2 +- .../cloud_and_saas/cloudflare/cloudflare-access-requests.md | 2 +- .../cloud_and_saas/cloudflare/cloudflare-audit-logs.md | 2 +- .../cloud_and_saas/cloudflare/cloudflare-gateway-dns.md | 2 +- .../cloud_and_saas/cloudflare/cloudflare-gateway-http.md | 2 +- .../cloud_and_saas/cloudflare/cloudflare-gateway-network.md | 2 +- .../collect/integrations/cloud_and_saas/duo_security.md | 2 +- .../collect/integrations/cloud_and_saas/github_audit_logs.md | 2 +- .../integrations/cloud_and_saas/google/google_reports.md | 2 +- .../features/collect/integrations/cloud_and_saas/ogo_shield.md | 2 +- .../features/collect/integrations/cloud_and_saas/salesforce.md | 2 +- .../cloud_and_saas/sophos_threat_analysis_center.md | 2 +- .../features/collect/integrations/cloud_and_saas/ubika_waap.md | 2 +- docs/xdr/features/collect/integrations/email/cisco_esa.md | 2 +- .../collect/integrations/endpoint/crowdstrike_telemetry.md | 2 +- .../integrations/endpoint/darktrace_threat_visualizer.md | 2 +- .../collect/integrations/endpoint/sentinelone_cloudfunnel2.0.md | 2 +- docs/xdr/features/collect/integrations/endpoint/trellix_epo.md | 2 +- .../collect/integrations/endpoint/vmware/vmware_esxi.md | 2 +- .../collect/integrations/endpoint/vmware/vmware_vcenter.md | 2 +- .../features/collect/integrations/network/cisco/cisco_nx_os.md | 2 +- docs/xdr/features/collect/integrations/network/citrix_adc.md | 2 +- docs/xdr/features/collect/integrations/network/sonicwall_fw.md | 2 +- .../collect/integrations/network/varonis_data_security.md | 2 +- 26 files changed, 26 insertions(+), 26 deletions(-) diff --git a/docs/xdr/features/collect/integrations/application/rsa_securid.md b/docs/xdr/features/collect/integrations/application/rsa_securid.md index 0d067610e0..78e1254fa1 100644 --- a/docs/xdr/features/collect/integrations/application/rsa_securid.md +++ b/docs/xdr/features/collect/integrations/application/rsa_securid.md @@ -7,7 +7,7 @@ type: intake SecurID is a token system, or authenticator, produced by RSA Security and intended to offer strong authentication to its user in the context of access to an information system. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_20876735-c423-4bbc-9d19-67edc91fb063_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/aws/aws_guardduty.md b/docs/xdr/features/collect/integrations/cloud_and_saas/aws/aws_guardduty.md index f94079e59f..1c9c84788e 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/aws/aws_guardduty.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/aws/aws_guardduty.md @@ -6,7 +6,7 @@ type: intake AWS GuardDuty is a service that detects potential security issues within your network. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_3e060900-4004-4754-a597-d2944a601930_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md index a2394db13b..beb35d2179 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md @@ -7,7 +7,7 @@ type: intake Cato Networks is a software company providing solutions to protect cloud applications. Cato SASE Cloud provides zero trust network access to on-premises and cloud applications. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_469bd3ae-61c9-4c39-9703-7452882e70da_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md index 7d8d3ca487..10a2a09c87 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md @@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In In this documentation, you will learn how to collect and send Cloudflare Access Request logs to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_588a448b-c08d-4139-a746-b2b9f366e34b_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-audit-logs.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-audit-logs.md index b64aa4cd6f..27071b72c5 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-audit-logs.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-audit-logs.md @@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In In this documentation, you will learn how to collect and send Cloudflare Audit logs to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_76d767ed-5431-4db1-b893-a48b6903d871_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-dns.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-dns.md index 06a8fe7c23..6e32a87c48 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-dns.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-dns.md @@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In In this documentation, you will learn how to collect and send Cloudflare Gateway DNS logs to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_7b1317ec-3f87-4b53-9b6d-3f79045f28fa_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-http.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-http.md index 160efe2b92..539aa97d05 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-http.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-http.md @@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In In this documentation, you will learn how to collect and send Cloudflare Gateway HTTP logs to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_f570dd30-854b-4a22-9c2d-e2cfa46bf0e5_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-network.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-network.md index 7d1b185378..ebc2032c55 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-network.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-network.md @@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In In this documentation, you will learn how to collect and send Gateway Network logs to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_d14567dd-56b1-42f8-aa64-fb65d4b0a4cf_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md b/docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md index 77248eb18a..36f3475221 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md @@ -8,7 +8,7 @@ type: intake Duo Security offers solutions for strong authentication. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md b/docs/xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md index f3b6b05f03..d5bf35284f 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md @@ -8,7 +8,7 @@ Github audit logs represents activities on your Github organization. This setup guide describes how to forward audit logs from Github to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_80de6ccb-7246-40de-bcbb-bc830118c1f9_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md b/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md index 98cea6955e..0a5c2f0877 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md @@ -7,7 +7,7 @@ type: intake Google Reports is a data reporting and analysis platform offered by Google for Google Workspace services, designed to provide insights and metrics about user activities and interactions within various Google services. It allows organizations to track and visualize user engagement, application usage, and other relevant data points, enabling informed decision-making and optimization of digital experiences. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. ### Supported applications diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/ogo_shield.md b/docs/xdr/features/collect/integrations/cloud_and_saas/ogo_shield.md index 3984f0c5d1..90fac96b70 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/ogo_shield.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/ogo_shield.md @@ -9,7 +9,7 @@ OGO Shield Web Application Firewall provides protection and performance for your This setup guide describes how to forward security events from OGO to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_cf5c916e-fa26-11ed-a844-f7f4d7348199_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/salesforce.md b/docs/xdr/features/collect/integrations/cloud_and_saas/salesforce.md index bebc47a311..783559d348 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/salesforce.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/salesforce.md @@ -7,7 +7,7 @@ type: intake Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, e-commerce, analytics, and application development. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_d2725f97-0c7b-4942-a847-983f38efb8ff_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/sophos_threat_analysis_center.md b/docs/xdr/features/collect/integrations/cloud_and_saas/sophos_threat_analysis_center.md index 1c9e7b19cf..864d771f5b 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/sophos_threat_analysis_center.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/sophos_threat_analysis_center.md @@ -7,7 +7,7 @@ type: intake The Sophos Threat Analysis Center (STAC), is a dedicated tool for research and analysis of cybersecurity threats. so it can help continuously on monitoring the cyber threat landscape and analyze new forms of malware, attack techniques, and cybercrime trends. which has also the most important part which the _live Discover_ , with usage of queries you can have device informations from Sophos data lake. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!\_shared_content/operations_center/detection/generated/suggested_rules_99da26fc-bf7b-4e5b-a76c-408472fcfebb_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/ubika_waap.md b/docs/xdr/features/collect/integrations/cloud_and_saas/ubika_waap.md index b46ac6b273..ee36506b10 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/ubika_waap.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/ubika_waap.md @@ -7,7 +7,7 @@ type: intake Ubika WAAP Gateway detect and prevent threats against your web applications and your APIs. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_6dbdd199-77ae-4705-a5de-5c2722fa020e_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/email/cisco_esa.md b/docs/xdr/features/collect/integrations/email/cisco_esa.md index 20b25f2cbf..74bf1fc00e 100644 --- a/docs/xdr/features/collect/integrations/email/cisco_esa.md +++ b/docs/xdr/features/collect/integrations/email/cisco_esa.md @@ -7,7 +7,7 @@ type: intake Cisco Email Security Appliance (ESA) is a email gateway appliance that provides protection against spam, malware, viruses, and other email threats. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_2ee6048e-8322-4575-8e47-1574946412b6_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_telemetry.md b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_telemetry.md index 9f2c0216b7..24b274aac8 100644 --- a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_telemetry.md +++ b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_telemetry.md @@ -7,7 +7,7 @@ type: intake CrowdStrike provides cloud workload and endpoint security, threat intelligence, and cyberattack response services and products. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_10999b99-9a8d-4b92-9fbd-01e3fac01cd5_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/endpoint/darktrace_threat_visualizer.md b/docs/xdr/features/collect/integrations/endpoint/darktrace_threat_visualizer.md index e20b3103fb..5b06b3c1bc 100644 --- a/docs/xdr/features/collect/integrations/endpoint/darktrace_threat_visualizer.md +++ b/docs/xdr/features/collect/integrations/endpoint/darktrace_threat_visualizer.md @@ -9,7 +9,7 @@ Darktrace monitors all people and digital assets across your entire ecosystem. This setup guide describes how to forward logs from Darktrace Threat visualizer to Sekoia.io. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/integrations/generated/98fa7079-41ae-4033-a93f-bbd70d114188.md!} diff --git a/docs/xdr/features/collect/integrations/endpoint/sentinelone_cloudfunnel2.0.md b/docs/xdr/features/collect/integrations/endpoint/sentinelone_cloudfunnel2.0.md index 139f8bfccf..7cdb990078 100644 --- a/docs/xdr/features/collect/integrations/endpoint/sentinelone_cloudfunnel2.0.md +++ b/docs/xdr/features/collect/integrations/endpoint/sentinelone_cloudfunnel2.0.md @@ -9,7 +9,7 @@ SentinelOne Cloud Funnel 2.0 is the state of the art method to collect SentinelO SentinelOne Deep Visibility logs provides in-depth logs that are useful for detection and investigation purposes. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. !!! note No additional installation or configuration on the agents is needed. diff --git a/docs/xdr/features/collect/integrations/endpoint/trellix_epo.md b/docs/xdr/features/collect/integrations/endpoint/trellix_epo.md index 3d7486e870..b905e427c2 100644 --- a/docs/xdr/features/collect/integrations/endpoint/trellix_epo.md +++ b/docs/xdr/features/collect/integrations/endpoint/trellix_epo.md @@ -7,7 +7,7 @@ type: intake Trellix ePO - On-prem monitors and manages your network, collects data on events and alerts, creates reports, and automates workflow to streamline product deployments, patch installations, and security updates. As an open and comprehensive platform, Trellix ePO - On-prem integrates more than 150 third-party solutions for faster and more accurate responses. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_ba40ab72-1456-11ee-be56-0242ac120002_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_esxi.md b/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_esxi.md index b0543e4dad..c8117db6aa 100644 --- a/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_esxi.md +++ b/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_esxi.md @@ -7,7 +7,7 @@ type: intake VMware ESXi is a hypervisor and an operation system. It serves virtual computers while running directly on the server hardware !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_2b13307b-7439-4973-900a-2b58303cac90_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_vcenter.md b/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_vcenter.md index cee944350e..fcd59cd930 100644 --- a/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_vcenter.md +++ b/docs/xdr/features/collect/integrations/endpoint/vmware/vmware_vcenter.md @@ -7,7 +7,7 @@ type: intake VMWare VCenter is a centralized management software. It provides a single point of control for managing virtual machines and ESXi hosts from a centralized interface. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_0642b03a-9d4a-4c88-a5e2-4597e366b8c4_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/network/cisco/cisco_nx_os.md b/docs/xdr/features/collect/integrations/network/cisco/cisco_nx_os.md index 2e1936a533..29f71ab020 100644 --- a/docs/xdr/features/collect/integrations/network/cisco/cisco_nx_os.md +++ b/docs/xdr/features/collect/integrations/network/cisco/cisco_nx_os.md @@ -7,7 +7,7 @@ type: intake Cisco NX-OS is a network operating system for Cisco Nexus-series switches. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_591feb54-1d1f-4453-b780-b225c59e9f99_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/network/citrix_adc.md b/docs/xdr/features/collect/integrations/network/citrix_adc.md index cf867e2416..5d408cad5a 100644 --- a/docs/xdr/features/collect/integrations/network/citrix_adc.md +++ b/docs/xdr/features/collect/integrations/network/citrix_adc.md @@ -7,7 +7,7 @@ type: intake Citrix ADC (formely Citrix NetScaler) is a delivery controller and load-balancing tool that offers enhanced security and application performance. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_02a74ceb-a9b0-467c-97d1-588319e39d71_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/network/sonicwall_fw.md b/docs/xdr/features/collect/integrations/network/sonicwall_fw.md index bb38c06554..8fdedcdec5 100644 --- a/docs/xdr/features/collect/integrations/network/sonicwall_fw.md +++ b/docs/xdr/features/collect/integrations/network/sonicwall_fw.md @@ -7,7 +7,7 @@ type: intake SonicWall firewalls enable you to identify and control all applications that are running on your network. By identifying applications based on their unique signatures rather than ports or protocols, this additional control improves compliance and data leakage prevention. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_ee0b3023-524c-40f6-baf5-b69c7b679887_do_not_edit_manually.md!} diff --git a/docs/xdr/features/collect/integrations/network/varonis_data_security.md b/docs/xdr/features/collect/integrations/network/varonis_data_security.md index bdb754f545..bbf7c7cf20 100644 --- a/docs/xdr/features/collect/integrations/network/varonis_data_security.md +++ b/docs/xdr/features/collect/integrations/network/varonis_data_security.md @@ -8,7 +8,7 @@ Varonis offers solutions to track and protect data. !!! warning - This format is in beta. + Important note - This format is currently in beta. We highly value your feedback to improve its performance. {!_shared_content/operations_center/detection/generated/suggested_rules_7b75d498-4a65-4d44-aa81-31090d723a60_do_not_edit_manually.md!} From 9e4c930caca00b05aaa588f17a99db5fd4ec6333 Mon Sep 17 00:00:00 2001 From: Mathieu Bellon Date: Fri, 22 Sep 2023 15:04:27 +0200 Subject: [PATCH 2/4] Rename Duo Security to Cisco Duo Security --- ...7-b28f-3ee3cd5b9a8e_do_not_edit_manually.json | 2 +- ...507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md | 4 ++-- .../547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md | 16 ++++++++-------- .../{duo_security.md => cisco_duo_security.md} | 6 +++--- mkdocs.yml | 2 +- 5 files changed, 15 insertions(+), 15 deletions(-) rename docs/xdr/features/collect/integrations/cloud_and_saas/{duo_security.md => cisco_duo_security.md} (89%) diff --git a/_shared_content/operations_center/detection/generated/attack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json b/_shared_content/operations_center/detection/generated/attack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json index 818d8946f9..d11d82fa64 100644 --- a/_shared_content/operations_center/detection/generated/attack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json +++ b/_shared_content/operations_center/detection/generated/attack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json @@ -1 +1 @@ -{"name": "SEKOIA.IO x Duo Security [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed, Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071.001", "score": 100, "comment": "Rules: Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}]} \ No newline at end of file +{"name": "SEKOIA.IO x Cisco Duo Security [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed, Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071.001", "score": 100, "comment": "Rules: Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}]} \ No newline at end of file diff --git a/_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md b/_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md index 088f3f267d..9a67a81514 100644 --- a/_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md +++ b/_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md @@ -1,8 +1,8 @@ ## Related Built-in Rules -Benefit from SEKOIA.IO built-in rules and upgrade **Duo Security [BETA]** with the following detection capabilities out-of-the-box. +Benefit from SEKOIA.IO built-in rules and upgrade **Cisco Duo Security [BETA]** with the following detection capabilities out-of-the-box. -[SEKOIA.IO x Duo Security [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json){ .md-button } +[SEKOIA.IO x Cisco Duo Security [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json){ .md-button } ??? abstract "Nimbo-C2 User Agent" Nimbo-C2 Uses an unusual User-Agent format in its implants. diff --git a/_shared_content/operations_center/integrations/generated/547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md b/_shared_content/operations_center/integrations/generated/547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md index 09479d060d..bd6d03b564 100644 --- a/_shared_content/operations_center/integrations/generated/547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md +++ b/_shared_content/operations_center/integrations/generated/547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md @@ -6,7 +6,7 @@ The following table lists the data source offered by this integration. | Data Source | Description | | ----------- | ------------------------------------ | -| `Authentication logs` | Duo Security provides audit logs about authentication sessions | +| `Authentication logs` | Cisco Duo Security provides audit logs about authentication sessions | @@ -48,7 +48,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. "@timestamp": "2020-01-23T16:18:58Z", "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" } } @@ -75,7 +75,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. "@timestamp": "2020-01-24T15:09:42Z", "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" }, "user": { "name": "admin" @@ -114,7 +114,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. "@timestamp": "2020-02-13T18:56:20.351346Z", "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" }, "user": { "email": "narroway@example.com", @@ -173,7 +173,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. "@timestamp": "2019-08-30T16:10:05Z", "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" }, "duo": { "security": { @@ -226,7 +226,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" }, "duo": { "security": { @@ -260,7 +260,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" }, "duo": { "security": { @@ -294,7 +294,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Duo", - "product": "Duo Security" + "product": "Cisco Duo Security" }, "duo": { "security": { diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md similarity index 89% rename from docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md rename to docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md index 36f3475221..c11e6b9669 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md @@ -1,11 +1,11 @@ uuid: 547234b3-82ea-4507-b28f-3ee3cd5b9a8e -name: Duo Security +name: Cisco Duo Security type: intake ## Overview -Duo Security offers solutions for strong authentication. +Cisco Duo Security offers solutions for strong authentication. !!! warning Important note - This format is currently in beta. We highly value your feedback to improve its performance. @@ -28,7 +28,7 @@ More details in [Duo documentation](https://duo.com/docs/adminapi#first-steps) ### Create the intake in Sekoia.io -Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format `Duo Security`. Copy the intake key. +Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format `Cisco Duo Security`. Copy the intake key. ### Pull events diff --git a/mkdocs.yml b/mkdocs.yml index cfc349e880..f072f44268 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -107,7 +107,7 @@ nav: - HTTP requests: xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-http-requests.md - Cato SASE: xdr/features/collect/integrations/cloud_and_saas/cato_sase.md - Digital Shadows SearchLight: xdr/features/collect/integrations/cloud_and_saas/digital_shadows.md - - Duo Security: xdr/features/collect/integrations/cloud_and_saas/duo_security.md + - Cisco Duo Security: xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md - Github Audit Logs: xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md - Google Cloud: - Google Cloud Audit Logs: xdr/features/collect/integrations/cloud_and_saas/google/google_cloud_audit.md From 9fa0e60872d0fc88b5cad1039c78ef5b8c8d0d4a Mon Sep 17 00:00:00 2001 From: Mathieu Bellon Date: Fri, 22 Sep 2023 15:23:14 +0200 Subject: [PATCH 3/4] Rename Cisco ISE to Cisco Identity Services Engine (ISE) --- ...b96a-8808b3c6cade_do_not_edit_manually.json | 2 +- ...6-b96a-8808b3c6cade_do_not_edit_manually.md | 4 ++-- .../8a9894f8-d7bc-4c06-b96a-8808b3c6cade.md | 18 +++++++++--------- ...d => cisco_identity_services_engine_ise.md} | 8 ++++---- mkdocs.yml | 2 +- 5 files changed, 17 insertions(+), 17 deletions(-) rename docs/xdr/features/collect/integrations/network/cisco/{cisco_ise.md => cisco_identity_services_engine_ise.md} (54%) diff --git a/_shared_content/operations_center/detection/generated/attack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json b/_shared_content/operations_center/detection/generated/attack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json index 17bfe1d700..7a0d76ffb3 100644 --- a/_shared_content/operations_center/detection/generated/attack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json +++ b/_shared_content/operations_center/detection/generated/attack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json @@ -1 +1 @@ -{"name": "SEKOIA.IO x Cisco ISE [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}]} \ No newline at end of file +{"name": "SEKOIA.IO x Cisco Identity Services Engine (ISE) [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}]} \ No newline at end of file diff --git a/_shared_content/operations_center/detection/generated/suggested_rules_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.md b/_shared_content/operations_center/detection/generated/suggested_rules_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.md index a3ebc74911..4ca23d7510 100644 --- a/_shared_content/operations_center/detection/generated/suggested_rules_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.md +++ b/_shared_content/operations_center/detection/generated/suggested_rules_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.md @@ -1,8 +1,8 @@ ## Related Built-in Rules -Benefit from SEKOIA.IO built-in rules and upgrade **Cisco ISE [BETA]** with the following detection capabilities out-of-the-box. +Benefit from SEKOIA.IO built-in rules and upgrade **Cisco Identity Services Engine (ISE) [BETA]** with the following detection capabilities out-of-the-box. -[SEKOIA.IO x Cisco ISE [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json){ .md-button } +[SEKOIA.IO x Cisco Identity Services Engine (ISE) [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json){ .md-button } ??? abstract "RYUK Ransomeware - martinstevens Username" Detects user name "martinstevens". Wizard Spider is used to add the user name "martinstevens" to the AD of its victims. It was observed in several campaigns; in 2019 and 2020. diff --git a/_shared_content/operations_center/integrations/generated/8a9894f8-d7bc-4c06-b96a-8808b3c6cade.md b/_shared_content/operations_center/integrations/generated/8a9894f8-d7bc-4c06-b96a-8808b3c6cade.md index 65aabc5515..33a5f3d57b 100644 --- a/_shared_content/operations_center/integrations/generated/8a9894f8-d7bc-4c06-b96a-8808b3c6cade.md +++ b/_shared_content/operations_center/integrations/generated/8a9894f8-d7bc-4c06-b96a-8808b3c6cade.md @@ -8,7 +8,7 @@ The following table lists the data source offered by this integration. | ----------- | ------------------------------------ | | `Authentication logs` | There's an authentification audit, control and diagnostic | | `Network device configuration` | Changing conf of devices usually by the admin | -| `Web logs` | Cisco ISE logs provide information about the connected client and the requested resource | +| `Web logs` | Cisco Identity Services Engine (ISE) logs provide information about the connected client and the requested resource | @@ -47,7 +47,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" }, "user": { "name": "john.doe" @@ -86,7 +86,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" } } @@ -111,7 +111,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" }, "cisco": { "ise": { @@ -143,7 +143,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" } } @@ -167,7 +167,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" }, "source": { "domain": "servername", @@ -205,7 +205,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" }, "source": { "domain": "servername", @@ -249,7 +249,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" }, "cisco": { "ise": { @@ -293,7 +293,7 @@ Find below few samples of events and how they are normalized by Sekoia.io. }, "observer": { "vendor": "Cisco", - "product": "Cisco ISE" + "product": "Cisco Identity Services Engine (ISE)" }, "user": { "name": "admin" diff --git a/docs/xdr/features/collect/integrations/network/cisco/cisco_ise.md b/docs/xdr/features/collect/integrations/network/cisco/cisco_identity_services_engine_ise.md similarity index 54% rename from docs/xdr/features/collect/integrations/network/cisco/cisco_ise.md rename to docs/xdr/features/collect/integrations/network/cisco/cisco_identity_services_engine_ise.md index 2773928497..65f8c76202 100644 --- a/docs/xdr/features/collect/integrations/network/cisco/cisco_ise.md +++ b/docs/xdr/features/collect/integrations/network/cisco/cisco_identity_services_engine_ise.md @@ -1,10 +1,10 @@ uuid: 8a9894f8-d7bc-4c06-b96a-8808b3c6cade -name: Cisco ISE +name: Cisco Identity Services Engine (ISE) type: intake ## Overview -Cisco ISE is an intelligent security policy enforcement platform that reduces security risks by providing visibility of connections between all users and devices across all network infrastructure. This product provides exceptional control over the information and locations to which users have access on the network. This solution, and all its components, have been approved and rigorously tested as an integrated system. +Cisco Identity Services Engine (ISE) is an intelligent security policy enforcement platform that reduces security risks by providing visibility of connections between all users and devices across all network infrastructure. This product provides exceptional control over the information and locations to which users have access on the network. This solution, and all its components, have been approved and rigorously tested as an integrated system. {!\_shared_content/operations_center/detection/generated/suggested_rules_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.md!} @@ -22,7 +22,7 @@ Log on your ISE Administration Interface and follow [this guide](https://www.cis ## Create the intake -Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format Cisco ISE. +Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format Cisco Identity Services Engine (ISE). ## Forward logs to Sekoia.io @@ -30,4 +30,4 @@ Please consult the [Syslog Forwarding](https://docs.sekoia.io/xdr/features/colle ## Further Readings -- [Cisco ISE documentation](https://www.cisco.com/c/en/us/support/security/identity-services-engine/series.html#~tab-documents) +- [Cisco Identity Services Engine (ISE) documentation](https://www.cisco.com/c/en/us/support/security/identity-services-engine/series.html#~tab-documents) diff --git a/mkdocs.yml b/mkdocs.yml index f072f44268..e6a3d80315 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -181,7 +181,7 @@ nav: - Cisco Secure Firewall: xdr/features/collect/integrations/network/cisco/cisco_asa.md - Cisco Secure Web Appliance: xdr/features/collect/integrations/network/cisco/cisco_wsa.md - Cisco IOS: xdr/features/collect/integrations/network/cisco/cisco_ios.md - - Cisco ISE: xdr/features/collect/integrations/network/cisco/cisco_ise.md + - Cisco Identity Services Engine (ISE): xdr/features/collect/integrations/network/cisco/cisco_identity_services_engine_ise.md - Cisco NX-OS: xdr/features/collect/integrations/network/cisco/cisco_nx_os.md - Cisco Meraki MX: xdr/features/collect/integrations/network/cisco/cisco_meraki_mx.md - Citrix ADC: xdr/features/collect/integrations/network/citrix_adc.md From b3171d1e9bd3a23724a48c1abee73f6139f8e9aa Mon Sep 17 00:00:00 2001 From: Mathieu Bellon Date: Fri, 22 Sep 2023 15:26:52 +0200 Subject: [PATCH 4/4] Remove Beta for 25/09/23 stable release IAM category --- .../features/collect/integrations/application/rsa_securid.md | 4 ---- .../collect/integrations/cloud_and_saas/cisco_duo_security.md | 3 --- .../cloud_and_saas/cloudflare/cloudflare-access-requests.md | 3 --- 3 files changed, 10 deletions(-) diff --git a/docs/xdr/features/collect/integrations/application/rsa_securid.md b/docs/xdr/features/collect/integrations/application/rsa_securid.md index 78e1254fa1..c4de2913be 100644 --- a/docs/xdr/features/collect/integrations/application/rsa_securid.md +++ b/docs/xdr/features/collect/integrations/application/rsa_securid.md @@ -6,10 +6,6 @@ type: intake SecurID is a token system, or authenticator, produced by RSA Security and intended to offer strong authentication to its user in the context of access to an information system. -!!! warning - Important note - This format is currently in beta. We highly value your feedback to improve its performance. - - {!_shared_content/operations_center/detection/generated/suggested_rules_20876735-c423-4bbc-9d19-67edc91fb063_do_not_edit_manually.md!} {!_shared_content/operations_center/integrations/generated/20876735-c423-4bbc-9d19-67edc91fb063.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md index c11e6b9669..0e43a2acec 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md @@ -7,9 +7,6 @@ type: intake Cisco Duo Security offers solutions for strong authentication. -!!! warning - Important note - This format is currently in beta. We highly value your feedback to improve its performance. - {!_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md!} {!_shared_content/operations_center/integrations/generated/547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md!} diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md index 10a2a09c87..2b67263811 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md @@ -8,9 +8,6 @@ Cloudflare is a global network designed to make everything you connect to the In In this documentation, you will learn how to collect and send Cloudflare Access Request logs to Sekoia.io. -!!! warning - Important note - This format is currently in beta. We highly value your feedback to improve its performance. - {!_shared_content/operations_center/detection/generated/suggested_rules_588a448b-c08d-4139-a746-b2b9f366e34b_do_not_edit_manually.md!} {!_shared_content/operations_center/integrations/generated/588a448b-c08d-4139-a746-b2b9f366e34b.md!}