From 434208d4c9025ee85c6e07c3aa27b8c862fdc452 Mon Sep 17 00:00:00 2001 From: Jean GOUDY Date: Tue, 16 Apr 2024 18:25:59 +0200 Subject: [PATCH 1/2] fix(broken-links-2): fix links and add icon? to gitignore --- .gitignore | 3 +- _shared_content/automate/actions.md | 4 +-- .../intelligence_center/consume/telemetry.md | 2 +- docs/getting_started/manage_users.md | 12 +------ docs/getting_started/sso/azure.md | 2 +- docs/getting_started/sso/okta.md | 2 +- .../ingestion_methods/https/logstash.md | 2 +- .../cloud_and_saas/azure/azure_files.md | 2 +- .../cloud_and_saas/azure/azure_front_door.md | 2 +- .../integrations/cloud_and_saas/cato_sase.md | 2 +- .../netskope/netskope_events.md | 2 +- .../endpoint/crowdstrike_falcon.md | 2 +- .../collect/integrations/endpoint/linux.md | 2 +- .../integrations/endpoint/sentinelone.md | 2 +- docs/xdr/features/detect/rules_catalog.md | 2 +- .../playbook/Add_UserAgent_in_comment.md | 4 +-- .../playbook/ExtractIP_from_Url_country.md | 4 +-- .../Get_events_information_from_alert.md | 4 +-- docs/xdr/usecases/playbook/whoIs.md | 4 +-- mkdocs.yml | 31 +++++++++---------- 20 files changed, 39 insertions(+), 51 deletions(-) diff --git a/.gitignore b/.gitignore index d36301f627..ad946360b5 100644 --- a/.gitignore +++ b/.gitignore @@ -21,4 +21,5 @@ src/sekoiaio.scss docs/getting_started/inactive_users .DS_Store *.pyc -node_modules/ \ No newline at end of file +node_modules/ +Icon? \ No newline at end of file diff --git a/_shared_content/automate/actions.md b/_shared_content/automate/actions.md index 1ff9e49888..0fc2c54587 100644 --- a/_shared_content/automate/actions.md +++ b/_shared_content/automate/actions.md @@ -96,12 +96,12 @@ These helpers need their associated trigger to function properly: ## Third-party applications -- [Microsoft Entra ID (Azure AD) ](library/entra-id.md) +- [Microsoft Entra ID (Azure AD) ](library/microsoft-entra-id.md) - [Microsoft Remote Server](library/microsoft-remote-server.md) - [Fortigate Firewalls](library/fortigate-firewalls.md) - [HarfangLab](library/harfanglab.md) - [Panda Security](library/panda-security.md) -- [Sentinel One](library/sentinel-one.md) +- [Sentinel One](library/sentinelone.md) - [ServiceNow](library/servicenow.md) More actions are available in the Actions Library. To learn how to set up an action, please refer to its documentation. diff --git a/_shared_content/intelligence_center/consume/telemetry.md b/_shared_content/intelligence_center/consume/telemetry.md index b6c3dfbe14..06ba3c8c0f 100644 --- a/_shared_content/intelligence_center/consume/telemetry.md +++ b/_shared_content/intelligence_center/consume/telemetry.md @@ -87,7 +87,7 @@ The telemetry data provides a valuable resource to scrutinize the observable's h In this case, the telemetry heatmap serves as a dynamic timeline, allowing security analysts to efficiently assess the observable's credibility. -Since you can import external IOCs to the platform by using the [IOC collections](_shared_content/intelligence_center/consume/ioccollections.md) feature, it's possible to generate a `telemetry report` to help verify the viability of the imported IOCs. +Since you can import external IOCs to the platform by using the [IOC collections](/xdr/features/detect/ioccollections) feature, it's possible to generate a `telemetry report` to help verify the viability of the imported IOCs. !!! Warning The generated telemetry report contains the associated observable telemetry, not the threat telemetry. This telemetry is calculated based on the occurence of a value, not a threat ID. diff --git a/docs/getting_started/manage_users.md b/docs/getting_started/manage_users.md index 51571622b2..69ea898d9c 100644 --- a/docs/getting_started/manage_users.md +++ b/docs/getting_started/manage_users.md @@ -2,21 +2,13 @@ ## Overview -Admins and users with the right permissions are able to add users with a role. - A role has attached permissions allowing a user to access, view pages and use its features. In the following sections, you will learn how to manage your users. ## Needed role and permissions -To manage users in a community, you need to have the role `manage_member`. This role contains the following permissions: - -| Permission | Description | -| --- | --- | -| COMMUNITY_ADD_MEMBER | Adds new members to the community | -| COMMUNITY_LIST_MEMBER | Lists all members in a community | -| COMMUNITY_REMOVE_MEMBER | Removes members from a community | +To manage users in a community, you need to be an Administrator of the community. ## Detailed page of a user @@ -77,5 +69,3 @@ To create custom roles for your guests, you’ll have to: Permissions can be different depending on your job position at your company. There are three main categories to all of these permissions: `Admin`, `Manage` or `View`. - -In the [next page](roles_permissions.md), you’ll have a look at all our permissions depending on which product you are subscribed to. diff --git a/docs/getting_started/sso/azure.md b/docs/getting_started/sso/azure.md index 2c4f63a05a..838c5468c8 100644 --- a/docs/getting_started/sso/azure.md +++ b/docs/getting_started/sso/azure.md @@ -5,7 +5,7 @@ In order to configure Azure with Sekoia.io, the following steps must be done: 1. Verify that the user that will connect have a complete profile. To authenticate, the profile must have the following information: email address, first name, last name and full name 2. Create a new application on Azure 3. Connect to Sekoia.io, add a new domain that belongs to your community and wait for its validation -4. Configure OpenID Connect in Sekoia.io (see associated documentation [Single Sign-On With OpenID Connect](../SSO_openid_connect.md)) +4. Configure OpenID Connect in Sekoia.io (see associated documentation [Single Sign-On With OpenID Connect](/getting_started/sso/openid_connect)) ## Create a Microsoft Entra ID (Azure AD) app registration diff --git a/docs/getting_started/sso/okta.md b/docs/getting_started/sso/okta.md index 6125194b17..61bdfe6c36 100644 --- a/docs/getting_started/sso/okta.md +++ b/docs/getting_started/sso/okta.md @@ -4,7 +4,7 @@ In order to configure Okta with Sekoia.io, the following steps must be done: 1. Create a new application in your Okta admin console 2. Connect to Sekoia.io and add a new domain that belongs to your community and wait for its validation. -3. Configure OpenID Connect in Sekoia.io. (see associated documentation [Single Sign-On With OpenID Connect](../SSO_openid_connect.md)) +3. Configure OpenID Connect in Sekoia.io. (see associated documentation [Single Sign-On With OpenID Connect](/getting_started/sso/openid_connect)) ## Create a new application in Okta diff --git a/docs/xdr/features/collect/ingestion_methods/https/logstash.md b/docs/xdr/features/collect/ingestion_methods/https/logstash.md index bf7d510d1a..65727509e4 100644 --- a/docs/xdr/features/collect/ingestion_methods/https/logstash.md +++ b/docs/xdr/features/collect/ingestion_methods/https/logstash.md @@ -6,7 +6,7 @@ To push logs, you have to configure some filters in Logstash that will add the p ## Example -In the following example, we have multiple inputs to handle logs collected via Syslog (Apache HTTP Server and NGINX logs) and via [Beats (Winlogbeat)](../integrations/endpoint/winlogbeat.md) and forward them to Sekoia.io. +In the following example, we have multiple inputs to handle logs collected via Syslog (Apache HTTP Server and NGINX logs) and via [Beats (Winlogbeat)](/xdr/features/collect/integrations/endpoint/winlogbeat.md) and forward them to Sekoia.io. In order to filter events effectively, Logstash uses tags as a key component. To ensure proper functionality, make sure to update the intake key value by editing the placeholder `CHANGE_ME_INTAKE_KEY` mentioned below. Additionally, you have the flexibility to incorporate multiple filters within the `filter` section as per your requirements. diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_files.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_files.md index d9d2898cda..9005a378d4 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_files.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_files.md @@ -60,6 +60,6 @@ Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a n To start to pull events, you have to: -1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Consume Eventhub messages](../../../../../automate/library/microsoft-azure.md#consume-eventhub-messages) +1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Consume Eventhub messages](/xdr/feature/automate/library/microsoft-azure.md#consume-eventhub-messages) 2. Set up the trigger configuration with the EventHub's `Connection string-primary key`, the hub name, the consumer group, the storage's `Connection string-primary key` and the container name. 3. Start the playbook and enjoy your events diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_front_door.md b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_front_door.md index 8929a92a5c..4dde00ee0b 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_front_door.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/azure/azure_front_door.md @@ -32,7 +32,7 @@ Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a n ### Pull events -Go to the [playbook page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Consume Eventhub messages](../../../../..automate/library/microsoft-azure.md#consume-eventhub-messages). +Go to the [playbook page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Consume Eventhub messages](/xdr/features/automate/library/microsoft-azure.md#consume-eventhub-messages). Set up the trigger configuration with the EventHub's `Connection string-primary key`, the hub name, the consumer group, the storage's `Connection string-primary key` and the container name. diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md b/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md index 71cb2b27a5..5faa16673d 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md @@ -39,7 +39,7 @@ Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a n To start to pull events, you have to: -1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Cato SASE](../../../automate/library/cato_sase.md) trigger +1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Cato SASE](/xdr/features/automate/library/cato-networks.md) trigger 2. Set up the module configuration with the Api Key and Account Id. Set up the trigger configuration with the intake key 3. Start the playbook and enjoy your events diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/netskope/netskope_events.md b/docs/xdr/features/collect/integrations/cloud_and_saas/netskope/netskope_events.md index 2ff894601f..fc2ead69ac 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/netskope/netskope_events.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/netskope/netskope_events.md @@ -43,7 +43,7 @@ Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a n To start to pull events, you have to: -1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Fetch new events from Netskope](../../../automate/library/netskope.md) trigger +1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Fetch new events from Netskope](/xdr/features/automate/library/netskope.md) trigger 2. Set up the module configuration with the base URL of your Netskope instance. Set up the trigger configuration with the API token and the intake key 3. Start the playbook and enjoy your events diff --git a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md index fe43691632..8b625fe049 100644 --- a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md +++ b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md @@ -57,6 +57,6 @@ Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a n To start to pull events, you have to: -1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Fetch CrowdStrike Falcon Events](../../../automate/library/crowdstrike_falcon.md) trigger +1. Go to the [playbooks page](https://app.sekoia.io/operations/playbooks) and create a new playbook with the [Fetch CrowdStrike Falcon Events](/xdr/features/automate/library/crowdstrike-falcon.md) trigger 2. Set up the module configuration with the base URL of the API (e.g. https://api.eu-1.crowdstrike.com), your client id and your client secret. Set up the trigger configuration with the intake key. 3. Start the playbook and enjoy your events diff --git a/docs/xdr/features/collect/integrations/endpoint/linux.md b/docs/xdr/features/collect/integrations/endpoint/linux.md index f7e5b261c6..85cc7d47fc 100644 --- a/docs/xdr/features/collect/integrations/endpoint/linux.md +++ b/docs/xdr/features/collect/integrations/endpoint/linux.md @@ -19,5 +19,5 @@ Linux is a family of free and open-source software operating systems built aroun - [Sentinel One](sentinelone.md) - [Sophos EDR](sophos_edr.md) - [Tehtris](tehtris_edr.md) - - [Trend Micro Deep Security](trend_micro_deep_security.md) + - [Trend Micro Deep Security](trend_micro/trend_micro_deep_security.md) diff --git a/docs/xdr/features/collect/integrations/endpoint/sentinelone.md b/docs/xdr/features/collect/integrations/endpoint/sentinelone.md index 26c79ab1f1..efe19c8170 100644 --- a/docs/xdr/features/collect/integrations/endpoint/sentinelone.md +++ b/docs/xdr/features/collect/integrations/endpoint/sentinelone.md @@ -41,7 +41,7 @@ This setup guide will show you how to pull events produced by SentinelOne EDR on 4. Select `Create User` and copy the generated API token. !!! note - A `Service User` with the `Site Admin` or `IR Team` role can mitigate threats from [Sekoia.io](https://app.sekoia.io/) using [SentinelOne playbook actions](../../../automate/library/sentinel-one.md). A user with the `Site Viewer` role can view activity events and threats but cannot take action. + A `Service User` with the `Site Admin` or `IR Team` role can mitigate threats from [Sekoia.io](https://app.sekoia.io/) using [SentinelOne playbook actions](/xdr/features/automate/library/sentinelone.md). A user with the `Site Viewer` role can view activity events and threats but cannot take action. ## Create a SentinelOne intake diff --git a/docs/xdr/features/detect/rules_catalog.md b/docs/xdr/features/detect/rules_catalog.md index 93075ab1aa..34b5c6f3a6 100644 --- a/docs/xdr/features/detect/rules_catalog.md +++ b/docs/xdr/features/detect/rules_catalog.md @@ -159,7 +159,7 @@ If you choose `All communities`, your rule will be available for all your commun This is the detection logic itself. It varies according to the selected rule type. !!! note - Fields available to create a detection pattern follow the [ECS standard](features/investigate/events_query_language.md) and can be found on Events page > **Show fields and top values**. + Fields available to create a detection pattern follow the ECS standard and can be found on Events page > **Show fields and top values**. #### Security alerts In the Alert properties part, you should indicate the category and type of the alerts raised by the rule and the severity of the rule, which is used to calculate the urgency of the corresponding raised alerts in association with assets criticality for events matching assets. diff --git a/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md b/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md index 55ac1b79f8..37c0583d91 100644 --- a/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md +++ b/docs/xdr/usecases/playbook/Add_UserAgent_in_comment.md @@ -12,13 +12,13 @@ This use case describes how to enrich the comments of an alert with the User age * `SIC_WRITE_ALERTS_COMMENT` !!!note - To create your API Key, follow this [documentation](../../../getting_started/generate_api_keys.md). + To create your API Key, follow this [documentation](/getting_started/manage_api_keys/#create-an-api-key). ## Playbook configuration Find the playbook configuration below: -![Playbook Add_UserAgent_in_comment](docs/assets/playbooks/library/UseCases/Add_UserAgent_in_comment.md.png) +![Playbook Add_UserAgent_in_comment](/assets/playbooks/library/UseCases/Add_UserAgent_in_comment.png) | Module | Configuration | | --- | --- | diff --git a/docs/xdr/usecases/playbook/ExtractIP_from_Url_country.md b/docs/xdr/usecases/playbook/ExtractIP_from_Url_country.md index 4d079cb11e..54038e1ac0 100644 --- a/docs/xdr/usecases/playbook/ExtractIP_from_Url_country.md +++ b/docs/xdr/usecases/playbook/ExtractIP_from_Url_country.md @@ -10,13 +10,13 @@ This use case describes how to extract an IP address from a URL and a country. * Be an Administrator or an Analyst of the community. * Have an API Key with a role that contains at least the permission "View alerts" -> To create your API Key, follow this [documentation](../../../getting_started/generate_api_keys.md). +> To create your API Key, follow this [documentation](/getting_started/manage_api_keys/). ## Playbook configuration Here is the playbook configuration to set: -![Playbook ExtractIP](docs/assets/playbooks/library/UseCases/ExtractIP.png) +![Playbook ExtractIP](/assets/playbooks/library/UseCases/ExtractIP.png) Alert created => set module & trigger configuration Get Alert => **uuid** = `short_id` variables in **Alert created** diff --git a/docs/xdr/usecases/playbook/Get_events_information_from_alert.md b/docs/xdr/usecases/playbook/Get_events_information_from_alert.md index 80dfd8d1ed..496ac70e8b 100644 --- a/docs/xdr/usecases/playbook/Get_events_information_from_alert.md +++ b/docs/xdr/usecases/playbook/Get_events_information_from_alert.md @@ -14,13 +14,13 @@ This use case describes how to get the MAC address of events associated with an * `SIC_READ_EVENT_STATS` !!! note - To create your API Key, follow this [documentation](../../../getting_started/generate_api_keys.md). + To create your API Key, follow this [documentation](/getting_started/manage_api_keys). ## Playbook configuration Here is the configuration below: -![Playbook Enrich_information_in_alert](docs/assets/playbooks/library/UseCases/Enrich_information_in_alert.png) +![Playbook Enrich_information_in_alert](/assets/playbooks/library/UseCases/Enrich_information_in_alert.png) | Module | Configuration | | --- | --- | diff --git a/docs/xdr/usecases/playbook/whoIs.md b/docs/xdr/usecases/playbook/whoIs.md index cf7fe907f7..949788078e 100644 --- a/docs/xdr/usecases/playbook/whoIs.md +++ b/docs/xdr/usecases/playbook/whoIs.md @@ -14,13 +14,13 @@ This use case describes how to use Whois module in order to enrich an IP address * `SIC_READ_EVENT_STATS` !!!note - To create your API Key, follow this [documentation](../../../getting_started/generate_api_keys.md). + To create your API Key, follow this [documentation](../../../getting_started/manage_api_keys.md). ## Playbook configuration You can find the configuration below: -![Playbook WhoIS](docs/assets/playbooks/library/UseCases/WhoIS.png) +![Playbook WhoIS](/docs/assets/playbooks/library/UseCases/WhoIS.png) | Module | Configuration | | --- | --- | diff --git a/mkdocs.yml b/mkdocs.yml index 25e0077568..b8b01bd794 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -509,7 +509,7 @@ nav: - Mattermost: tip/features/automate/library/mattermost.md - Microsoft Active Directory: tip/features/automate/library/microsoft-active-directory.md - Microsoft Azure: tip/features/automate/library/microsoft-azure.md - - Microsoft Entra ID (Azure AD): tip/features/automate/library/entra-id.md + - Microsoft Entra ID (Azure AD): tip/features/automate/library/microsoft-entra-id.md - Microsoft Office365: tip/features/automate/library/microsoft-office365.md - Microsoft Windows Server: tip/features/automate/library/microsoft-windows-server.md - Netskope: tip/features/automate/library/netskope.md @@ -571,9 +571,7 @@ plugins: 'api/operation center: asset management': xdr/develop/rest_api/assets.md 'api/operation center: rules, entities, intakes, events.md': xdr/develop/rest_api/configuration.md api/profile & permissions: xdr/develop/rest_api/community.md - apis.md: xdr/develop/index.md cti/develop/rest_api/identity_and_authentication.md: cti/develop/rest_api/community.md - develop.md: xdr/develop/index.md develop/guides/filtering.md: xdr/develop/guides/filtering.md develop/guides/get_started.md: xdr/develop/guides/get_started.md develop/rest_api/community.md: xdr/develop/rest_api/community.md @@ -600,7 +598,7 @@ plugins: integrations/aws_cloudtrail.md: xdr/features/collect/integrations/cloud_and_saas/aws/aws_cloudtrail.md integrations/aws_flow_logs.md: xdr/features/collect/integrations/cloud_and_saas/aws/aws_flow_logs.md integrations/aws_s3_logs.md: xdr/features/collect/integrations/cloud_and_saas/aws/aws_s3_logs.md - integrations/azure-ad.md: xdr/features/collect/integrations/cloud_and_saas/azure/intra_id.md + integrations/azure-ad.md: xdr/features/collect/integrations/cloud_and_saas/azure/entra_id.md integrations/azure-files.md: xdr/features/collect/integrations/cloud_and_saas/azure/azure_files.md integrations/azure-linux.md: xdr/features/collect/integrations/cloud_and_saas/azure/azure_linux.md integrations/azure-mysql.md: xdr/features/collect/integrations/cloud_and_saas/azure/azure_mysql.md @@ -629,17 +627,17 @@ plugins: integrations/freeradius.md: xdr/index.md integrations/fsecure.md: xdr/index.md integrations/github_audit_logs.md: xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md - integrations/google_drive_reports.md: xdr/features/collect/integrations/cloud_and_saas/google/google_drive_reports.md + integrations/google_drive_reports.md: xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md integrations/google_kubernetes_engine.md: xdr/features/collect/integrations/cloud_and_saas/google/google_kubernetes_engine.md integrations/google_vpc_flow_logs.md: xdr/features/collect/integrations/cloud_and_saas/google/google_vpc_flow_logs.md - integrations/google_workspace.md: xdr/features/collect/integrations/cloud_and_saas/google/google_workspace.md + integrations/google_workspace.md: xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md integrations/haproxy.md: xdr/features/collect/integrations/application/haproxy.md integrations/harfanglab.md: xdr/features/collect/integrations/endpoint/harfanglab.md integrations/imperva_waf.md: xdr/features/collect/integrations/cloud_and_saas/imperva_waf.md integrations/index.md: xdr/features/collect/integrations/index.md integrations/infoblox-ddi.md: xdr/features/collect/integrations/network/infoblox_ddi.md integrations/infoblox_ddi.md: xdr/features/collect/integrations/network/infoblox_ddi.md - integrations/intra_id.md: xdr/features/collect/integrations/cloud_and_saas/azure/intra_id.md + integrations/intra_id.md: xdr/features/collect/integrations/cloud_and_saas/azure/entra_id.md integrations/linux.md: xdr/features/collect/integrations/endpoint/linux.md integrations/log-insight-windows.md: xdr/features/collect/integrations/endpoint/log_insight_windows.md integrations/log_insight_windows.md: xdr/features/collect/integrations/endpoint/log_insight_windows.md @@ -669,16 +667,16 @@ plugins: integrations/sophos_fw.md: xdr/features/collect/integrations/network/sophos_fw.md integrations/spamassassin.md: xdr/features/collect/integrations/email/spamassassin.md integrations/squid.md: xdr/features/collect/integrations/network/squid.md - integrations/stormshield_endpoint.md: xdr/features/collect/integrations/network/stormshield_endpoint.md + integrations/stormshield_endpoint.md: xdr/features/collect/integrations/endpoint/stormshield_endpoint.md integrations/stormshield_network_security.md: xdr/features/collect/integrations/network/stormshield_network_security.md integrations/suricata.md: xdr/features/collect/integrations/network/suricata.md integrations/symantec-endpoint-protection.md: xdr/features/collect/integrations/endpoint/symantec_epp.md integrations/symantec_endpoint_protection.md: xdr/features/collect/integrations/endpoint/symantec_epp.md integrations/tanium.md: xdr/features/collect/integrations/endpoint/tanium.md - integrations/thehive.md: xdr/features/collect/integrations/application/thehive.md + integrations/thehive.md: tip/features/integrations/thehive.md integrations/transport.md: xdr/features/collect/ingestion_methods/index.md integrations/transport/graylog.md: xdr/features/collect/ingestion_methods/graylog.md - integrations/transport/https.md: xdr/features/collect/ingestion_methods/https.md + integrations/transport/https.md: xdr/features/collect/ingestion_methods/https/format.md integrations/transport/logstash.md: xdr/features/collect/ingestion_methods/logstash.md integrations/transport/rsyslog.md: xdr/features/collect/ingestion_methods/rsyslog.md integrations/transport/syslog-ng.md: xdr/features/collect/ingestion_methods/syslog-ng.md @@ -719,7 +717,7 @@ plugins: operation_center/data_collection/index.md: xdr/features/collect/ingestion_methods/index.md operation_center/data_collection/ingestion_methods.md: xdr/features/collect/ingestion_methods/index.md operation_center/data_collection/ingestion_methods/graylog.md: xdr/features/collect/ingestion_methods/graylog.md - operation_center/data_collection/ingestion_methods/https.md: xdr/features/collect/ingestion_methods/https.md + operation_center/data_collection/ingestion_methods/https.md: xdr/features/collect/ingestion_methods/https/format.md operation_center/data_collection/ingestion_methods/logstash.md: xdr/features/collect/ingestion_methods/logstash.md operation_center/data_collection/ingestion_methods/rsyslog.md: xdr/features/collect/ingestion_methods/rsyslog.md operation_center/data_collection/ingestion_methods/sekoiaio.md: xdr/features/collect/integrations/endpoint/sekoiaio.md @@ -737,9 +735,9 @@ plugins: operation_center/integration_catalog/application/nginx.md: xdr/features/collect/integrations/application/nginx.md operation_center/integration_catalog/application/openldap.md: xdr/features/collect/integrations/application/openldap.md operation_center/integration_catalog/application/openssh.md: xdr/features/collect/integrations/application/openssh.md - operation_center/integration_catalog/application/prove-it.md: xdr/features/collect/integrations/application/prove-it.md + operation_center/integration_catalog/application/prove-it.md: xdr/features/collect/integrations/network/rubycat_prove_it.md operation_center/integration_catalog/application/sekoiaio_activity_logs.md: xdr/features/collect/integrations/application/sekoiaio_activity_logs.md - operation_center/integration_catalog/application/thehive.md: xdr/features/collect/integrations/application/thehive.md + operation_center/integration_catalog/application/thehive.md: cti/features/integrations/thehive.md operation_center/integration_catalog/application/unbound.md: xdr/features/collect/integrations/application/unbound.md operation_center/integration_catalog/cloud_and_saas/aws/aws_cloudtrail.md: xdr/features/collect/integrations/cloud_and_saas/aws/aws_cloudtrail.md operation_center/integration_catalog/cloud_and_saas/aws/aws_flow_logs.md: xdr/features/collect/integrations/cloud_and_saas/aws/aws_flow_logs.md @@ -747,7 +745,7 @@ plugins: operation_center/integration_catalog/cloud_and_saas/azure/azure_mysql.md: xdr/features/collect/integrations/cloud_and_saas/azure/azure_mysql.md operation_center/integration_catalog/cloud_and_saas/azure/azure_network_watcher.md: xdr/features/collect/integrations/cloud_and_saas/azure/azure_network_watcher.md operation_center/integration_catalog/cloud_and_saas/azure/azure_windows.md: xdr/features/collect/integrations/cloud_and_saas/azure/azure_windows.md - operation_center/integration_catalog/cloud_and_saas/azure/intra_id.md: xdr/features/collect/integrations/cloud_and_saas/azure/intra_id.md + operation_center/integration_catalog/cloud_and_saas/azure/intra_id.md: xdr/features/collect/integrations/cloud_and_saas/azure/entra_id.md operation_center/integration_catalog/cloud_and_saas/cisco_umbrella/umbrella_dns.md: xdr/features/collect/integrations/cloud_and_saas/cisco_umbrella/umbrella_dns.md operation_center/integration_catalog/cloud_and_saas/cisco_umbrella/umbrella_ip.md: xdr/features/collect/integrations/cloud_and_saas/cisco_umbrella/umbrella_ip.md operation_center/integration_catalog/cloud_and_saas/cisco_umbrella/umbrella_proxy.md: xdr/features/collect/integrations/cloud_and_saas/cisco_umbrella/umbrella_proxy.md @@ -756,7 +754,7 @@ plugins: operation_center/integration_catalog/cloud_and_saas/cloudflare/cloudflare-http-requests.md: xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-http-requests.md operation_center/integration_catalog/cloud_and_saas/cloudflare/cloudflare.md: xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-http-requests.md operation_center/integration_catalog/cloud_and_saas/digital_shadows.md: xdr/features/collect/integrations/cloud_and_saas/digital_shadows.md - operation_center/integration_catalog/cloud_and_saas/google/google_drive_reports.md: xdr/features/collect/integrations/cloud_and_saas/google/google_drive_reports.md + operation_center/integration_catalog/cloud_and_saas/google/google_drive_reports.md: xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md operation_center/integration_catalog/cloud_and_saas/google/google_kubernetes_engine.md: xdr/features/collect/integrations/cloud_and_saas/google/google_kubernetes_engine.md operation_center/integration_catalog/cloud_and_saas/google/google_vpc_flow_logs.md: xdr/features/collect/integrations/cloud_and_saas/google/google_vpc_flow_logs.md operation_center/integration_catalog/cloud_and_saas/google/google_workspace.md: xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md @@ -773,7 +771,7 @@ plugins: operation_center/integration_catalog/endpoint/harfanglab.md: xdr/features/collect/integrations/endpoint/harfanglab.md operation_center/integration_catalog/endpoint/linux.md: xdr/features/collect/integrations/endpoint/linux.md operation_center/integration_catalog/endpoint/log_insight_windows.md: xdr/features/collect/integrations/endpoint/log_insight_windows.md - operation_center/integration_catalog/endpoint/microsoft_defender_for_endpoints.md: xdr/features/collect/integrations/endpoint/microsoft_defender_for_endpoints.md + operation_center/integration_catalog/endpoint/microsoft_defender_for_endpoints.md: xdr/features/collect/integrations/cloud_and_saas/office365/microsoft_365_defender.md operation_center/integration_catalog/endpoint/panda_security_aether.md: xdr/features/collect/integrations/endpoint/panda_security_aether.md operation_center/integration_catalog/endpoint/sentinelone.md: xdr/features/collect/integrations/endpoint/sentinelone.md operation_center/integration_catalog/endpoint/sentinelone_deepvisibility.md: xdr/features/collect/integrations/endpoint/sentinelone_deepvisibility.md @@ -849,7 +847,6 @@ plugins: playbooks/operators.md: xdr/features/automate/operators.md playbooks/overview.md: xdr/features/automate/index.md playbooks/triggers.md: xdr/features/automate/triggers.md - searching/dork.md: xdr/features/investigate/dork_language.md searching/search_events.md: xdr/features/investigate/events.md tip/develop/rest_api/identity_and_authentication.md: tip/develop/rest_api/community.md user_center.md: getting_started/index.md From a62f87d8fa9b03f347530462fbbd91cceea60281 Mon Sep 17 00:00:00 2001 From: Jean GOUDY Date: Thu, 18 Apr 2024 09:30:47 +0200 Subject: [PATCH 2/2] fix(broken-links-2): update a github link --- docs/getting_started/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting_started/index.md b/docs/getting_started/index.md index c7bba13188..ae2d32619a 100644 --- a/docs/getting_started/index.md +++ b/docs/getting_started/index.md @@ -11,7 +11,7 @@ On this website, you’ll find the documentation for the three award-winning pro In addition to a web interface, Sekoia.io provides **REST/API** for external apps for almost all of its features, and it’s free! -This documentation platform is made to guide you through the different features and use cases of the app, but also to answer all of your questions. It’s open-source and it’s a work in progress, so don’t hesitate to contribute and enhance its content using this [public repo](https://github.com/Sekoia.io/documentation). +This documentation platform is made to guide you through the different features and use cases of the app, but also to answer all of your questions. It’s open-source and it’s a work in progress, so don’t hesitate to contribute and enhance its content using this [public repo](https://github.com/SEKOIA-IO/documentation). If you are interested in our products, contact us to plan a demo by filling out [this form](https://www.sekoia.io/en/contact/).