SEKOIA-IO · squioc · Apr 9, 2024 · Apr 8, 2024
diff --git a/...perations_center/integrations/generated/00bbde4f-cb17-4c3f-9f5e-a585fc7c8fc0.md b/...perations_center/integrations/generated/00bbde4f-cb17-4c3f-9f5e-a585fc7c8fc0.md
@@ -16,7 +16,7 @@ In details, the following table denotes the type of events produced by this inte
 
 | Name | Values |
 | ---- | ------ |
-| Kind | `event` |
+| Kind | `` |
 | Category | `process` |
 | Type | `change` |
 
@@ -38,7 +38,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "category": [
                 "process"
             ],
-            "kind": "event",
             "reason": "StopContainer for \\\"4c2b21624d4488ea8305bec91bb58135e840ab50b779da3db19ddf87864a760e\\\" with timeout 30 (s)",
             "type": [
                 "change"
@@ -117,7 +116,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "category": [
                 "process"
             ],
-            "kind": "event",
             "reason": "Pulling image \"gke.gcr.io/prometheus-to-sd:v0.11.3-gke.0\"",
             "type": [
                 "change"
@@ -213,7 +211,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "category": [
                 "process"
             ],
-            "kind": "event",
             "reason": "Failed to update endpoint kube-system/kube-dns: Operation cannot be fulfilled on endpoints \"kube-dns\": the object has been modified; please apply your changes to the latest version and try again",
             "type": [
                 "change"
@@ -306,7 +303,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "category": [
                 "process"
             ],
-            "kind": "event",
             "reason": "Created container prometheus-to-sd",
             "type": [
                 "change"
@@ -402,7 +398,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "category": [
                 "process"
             ],
-            "kind": "event",
             "reason": "{\"unmanaged\": {\"net.netfilter.nf_conntrack_buckets\": \"32768\"}}",
             "type": [
                 "change"
@@ -493,7 +488,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             "category": [
                 "process"
             ],
-            "kind": "event",
             "reason": "Event exporter started watching. Some events may have been lost up to this point.",
             "type": [
                 "change"
@@ -540,7 +534,6 @@ The following table lists the fields that are extracted, normalized under the EC
 |`cloud.project.id` | `keyword` | The cloud project id. |
 |`event.action` | `keyword` | The action captured by the event. |
 |`event.category` | `keyword` | Event category. The second categorization field in the hierarchy. |
-|`event.kind` | `keyword` | The kind of the event. The highest categorization field in the hierarchy. |
 |`event.reason` | `keyword` | Reason why this event happened, according to the source |
 |`event.type` | `keyword` | Event type. The third categorization field in the hierarchy. |
 |`google_kubernetes_engine.insertId` | `keyword` |  |

diff --git a/...perations_center/integrations/generated/02a74ceb-a9b0-467c-97d1-588319e39d71.md b/...perations_center/integrations/generated/02a74ceb-a9b0-467c-97d1-588319e39d71.md
@@ -17,7 +17,7 @@ In details, the following table denotes the type of events produced by this inte
 
 | Name | Values |
 | ---- | ------ |
-| Kind | `alert`, `event` |
+| Kind | `alert` |
 | Category | `network` |
 | Type | `connection` |
 
@@ -41,7 +41,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "Message",
             "dataset": "audit_aaatm",
-            "kind": "event",
             "reason": "\"AAA JSON-PARSE: ns_aaa_json_parser_StartElementHandler: NAME_VAL state, multi valued attribute start 'ConnectionId' seen\"",
             "type": [
                 "connection"
@@ -131,7 +130,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "CONN_TERMINATE",
             "dataset": "audit_connection",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -179,7 +177,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "CONN_TERMINATE",
             "dataset": "audit_connection",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -227,7 +224,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "CONN_DELINK",
             "dataset": "audit_connection",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -346,7 +342,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "TRAP_SENT",
             "dataset": "audit_snmp",
-            "kind": "event",
             "reason": "appfwPolicyHit (appfwLogMsg = \"\"CEF:0|Citrix|NetScaler|NS13.1|APPFW|APPFW_POLI...\"\", nsPartitionName = default)\"",
             "type": [
                 "connection"
@@ -373,7 +368,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "SSL_HANDSHAKE_SUCCESS",
             "dataset": "audit_ssl",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -421,7 +415,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "Message",
             "dataset": "audit_sslvpn",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -475,7 +468,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "NONHTTP_RESOURCEACCESS_DENIED",
             "dataset": "audit_sslvpn",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -536,7 +528,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "Message",
             "dataset": "audit_sslvpn",
-            "kind": "event",
             "type": [
                 "connection"
             ]

diff --git a/...perations_center/integrations/generated/033cd098-b21b-4c9b-85c4-c8174c307e48.md b/...perations_center/integrations/generated/033cd098-b21b-4c9b-85c4-c8174c307e48.md
@@ -18,7 +18,7 @@ In details, the following table denotes the type of events produced by this inte
 
 | Name | Values |
 | ---- | ------ |
-| Kind | `event` |
+| Kind | `` |
 | Category | `intrusion_detection`, `malware`, `network`, `process`, `web` |
 | Type | `denied`, `info` |
 
@@ -42,7 +42,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "malware"
             ],
             "dataset": "AMSI",
-            "kind": "event",
             "type": [
                 "info"
             ]
@@ -113,7 +112,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "process"
             ],
             "dataset": "applicationControl",
-            "kind": "event",
             "type": [
                 "info"
             ]
@@ -226,7 +224,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "web"
             ],
             "dataset": "browsingProtection",
-            "kind": "event",
             "reason": "WF_Denied",
             "type": [
                 "denied"
@@ -282,7 +279,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "web"
             ],
             "dataset": "reputationBasedBrowsing",
-            "kind": "event",
             "reason": "BP_Harmful",
             "type": [
                 "denied"
@@ -341,7 +337,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "malware"
             ],
             "dataset": "deepGuard",
-            "kind": "event",
             "reason": "DeepGuard blocks a rare application",
             "type": [
                 "info"
@@ -409,7 +404,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "intrusion_detection"
             ],
             "dataset": "edr",
-            "kind": "event",
             "type": [
                 "info"
             ]
@@ -467,7 +461,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "intrusion_detection"
             ],
             "dataset": "edr",
-            "kind": "event",
             "type": [
                 "info"
             ]
@@ -513,7 +506,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "network"
             ],
             "dataset": "firewall",
-            "kind": "event",
             "type": [
                 "denied"
             ]
@@ -587,7 +579,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "web"
             ],
             "dataset": "reputationBasedBrowsing",
-            "kind": "event",
             "reason": "BP_Harmful",
             "type": [
                 "denied"
@@ -651,7 +642,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "malware"
             ],
             "dataset": "manualScanning",
-            "kind": "event",
             "type": [
                 "info"
             ]
@@ -724,7 +714,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
             ],
             "code": "4625",
             "dataset": "systemEventsLog",
-            "kind": "event",
             "provider": "Microsoft-Windows-Security-Auditing",
             "reason": "An account failed to log on.",
             "type": [
@@ -807,7 +796,6 @@ The following table lists the fields that are extracted, normalized under the EC
 |`event.category` | `keyword` | Event category. The second categorization field in the hierarchy. |
 |`event.code` | `keyword` | Identification code for this event. |
 |`event.dataset` | `keyword` | Name of the dataset. |
-|`event.kind` | `keyword` | The kind of the event. The highest categorization field in the hierarchy. |
 |`event.provider` | `keyword` | Source of the event. |
 |`event.reason` | `keyword` | Reason why this event happened, according to the source |
 |`event.type` | `keyword` | Event type. The third categorization field in the hierarchy. |

diff --git a/...perations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd.md b/...perations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd.md
@@ -16,7 +16,7 @@ In details, the following table denotes the type of events produced by this inte
 
 | Name | Values |
 | ---- | ------ |
-| Kind | `event` |
+| Kind | `` |
 | Category | `authentication`, `configuration`, `file`, `iam`, `session` |
 | Type | `access`, `admin`, `connection` |
 
@@ -40,7 +40,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "configuration"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "info"
             ]
@@ -104,7 +103,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "configuration"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "access",
                 "change"
@@ -161,7 +159,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "configuration"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "change"
             ]
@@ -220,7 +217,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "configuration"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "change",
                 "creation"
@@ -282,7 +278,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "session"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -339,7 +334,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "session"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -393,7 +387,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "file"
             ],
             "dataset": "audit#activity",
-            "kind": "event",
             "type": [
                 "access",
                 "change"
@@ -460,7 +453,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "file"
             ],
             "dataset": "audit#activity",
-            "kind": "event",
             "type": [
                 "access",
                 "change"
@@ -523,7 +515,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "file"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "access"
             ]
@@ -589,7 +580,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "iam"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "admin"
             ]
@@ -641,7 +631,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "session"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -700,7 +689,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "session"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "connection"
             ]
@@ -755,7 +743,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "file"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "access",
                 "change"
@@ -824,7 +811,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "authentication"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "access",
                 "connection"
@@ -890,7 +876,6 @@ Find below few samples of events and how they are normalized by Sekoia.io.
                 "authentication"
             ],
             "dataset": "admin#reports#activity",
-            "kind": "event",
             "type": [
                 "access",
                 "connection"
@@ -962,7 +947,6 @@ The following table lists the fields that are extracted, normalized under the EC
 |`event.action` | `keyword` | The action captured by the event. |
 |`event.category` | `keyword` | Event category. The second categorization field in the hierarchy. |
 |`event.dataset` | `keyword` | Name of the dataset. |
-|`event.kind` | `keyword` | The kind of the event. The highest categorization field in the hierarchy. |
 |`event.type` | `keyword` | Event type. The third categorization field in the hierarchy. |
 |`file.gid` | `keyword` | Primary group ID (GID) of the file. |
 |`file.name` | `keyword` | Name of the file including the extension, without the directory. |