diff --git a/_shared_content/automate/library/atlassian-jira.md b/_shared_content/automate/library/atlassian-jira.md index dfe545342f..0a2783289c 100644 --- a/_shared_content/automate/library/atlassian-jira.md +++ b/_shared_content/automate/library/atlassian-jira.md @@ -1,3 +1,7 @@ +uuid: d1445e5e-8e3b-417f-ae19-bca67a10affd +name: Atlassian JIRA +type: playbook + # Atlassian JIRA ![Atlassian JIRA](/assets/playbooks/library/atlassian-jira.png){ align=right width=150 } diff --git a/_shared_content/automate/library/aws.md b/_shared_content/automate/library/aws.md index 2378fb55ab..551f0f2bc4 100644 --- a/_shared_content/automate/library/aws.md +++ b/_shared_content/automate/library/aws.md @@ -1,3 +1,7 @@ +uuid: b4462429-6f0f-42b5-87b8-430111697d28 +name: AWS +type: playbook + # AWS ![AWS](/assets/playbooks/library/aws.svg){ align=right width=150 } @@ -59,119 +63,6 @@ Get the last records from FlowLog (deprecated in flavor of Fetch new logs on S3) | `records_path` | `string` | The filename containing the records | -### Fetch new CloudFront logs on S3 - -Get all CloudFront records from S3 - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `separator` | `string` | The separator used between each records (default: the linefeed character '\n') | -| `skip_first` | `integer` | The number of records to skip at the begining of each S3 object (default: 0) | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - -### Fetch new Flowlogs on S3 - -Get line-oriented Flowlog records from new S3 objects based on notifications - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `separator` | `string` | The separator used between each records (default: the linefeed character '\n') | -| `skip_first` | `integer` | The number of records to skip at the begining of each S3 object (default: 0) | -| `ignore_comments` | `boolean` | Flag to ignore commented lines (starting with the character `#`; default: false) | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - -### Fetch new FlowLogs Parquet records on S3 - -Get FlowLogs records from new S3 Parquet objects based on notifications - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - -### Fetch new logs on S3 - -Get line-oriented records from new S3 objects based on notifications - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `separator` | `string` | The separator used between each records (default: the linefeed character '\n') | -| `skip_first` | `integer` | The number of records to skip at the begining of each S3 object (default: 0) | -| `ignore_comments` | `boolean` | Flag to ignore commented lines (starting with the character `#`; default: false) | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - -### Fetch new OCSF records on S3 - -Get OSCF records from new S3 Parquet objects based on notifications - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - -### Fetch new CloudTrail records on S3 - -Get Cloudtrail records from new S3 objects based on notifications - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue that received the notifications of the creation of S3 objects | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - -### Fetch new messages from the SQS - -Get messages from SQS - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `queue_name` | `string` | The name of the SQS queue | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - - ## Extra Module **`AWS` v1.31.6** \ No newline at end of file diff --git a/_shared_content/automate/library/binaryedge-s-api.md b/_shared_content/automate/library/binaryedge-s-api.md index cfc20347ca..e415896d8f 100644 --- a/_shared_content/automate/library/binaryedge-s-api.md +++ b/_shared_content/automate/library/binaryedge-s-api.md @@ -1,3 +1,7 @@ +uuid: d9ba02ab-cb1e-4c8d-bf60-feebfc3700d6 +name: BinaryEdge's API +type: playbook + # BinaryEdge's API ![BinaryEdge's API](/assets/playbooks/library/binaryedge-s-api.png){ align=right width=150 } diff --git a/_shared_content/automate/library/censys.md b/_shared_content/automate/library/censys.md index 3fef245fb8..1e88200e8d 100644 --- a/_shared_content/automate/library/censys.md +++ b/_shared_content/automate/library/censys.md @@ -1,3 +1,7 @@ +uuid: 48a7eb68-f319-4498-b3ed-461d690e6d05 +name: Censys +type: playbook + # Censys ![Censys](/assets/playbooks/library/censys.png){ align=right width=150 } diff --git a/_shared_content/automate/library/certificate-transparency.md b/_shared_content/automate/library/certificate-transparency.md index b75803a7a0..9ea4ecdb17 100644 --- a/_shared_content/automate/library/certificate-transparency.md +++ b/_shared_content/automate/library/certificate-transparency.md @@ -1,3 +1,7 @@ +uuid: 6d6cfd48-1f93-423c-bc8d-0fe5d3029395 +name: Certificate Transparency +type: playbook + # Certificate Transparency ![Certificate Transparency](/assets/playbooks/library/certificate-transparency.png){ align=right width=150 } diff --git a/_shared_content/automate/library/crowdstrike-falcon.md b/_shared_content/automate/library/crowdstrike-falcon.md index f5ee2099d4..b9d1ab5358 100644 --- a/_shared_content/automate/library/crowdstrike-falcon.md +++ b/_shared_content/automate/library/crowdstrike-falcon.md @@ -1,3 +1,7 @@ +uuid: 4fdbae70-e9cd-492e-9a39-24ce99325e3f +name: CrowdStrike Falcon +type: playbook + # CrowdStrike Falcon ![CrowdStrike Falcon](/assets/playbooks/library/crowdstrike-falcon.png){ align=right width=150 } @@ -12,21 +16,6 @@ Integrates with CrowdStrike Falcon EDR | `client_secret` | `string` | Client Secret | | `base_url` | `string` | Base URL of the API | -## Triggers - -### Fetch CrowdStrike Falcon Events - -Get latest events from CrowdStrike Falcon - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `intake_key` | `string` | Intake key to use when sending events | -| `tg_base_url` | `string` | The base_url for the ThreatGraphAPI | -| `tg_username` | `['string', 'null']` | The username for the ThreatGraphAPI | -| `tg_password` | `['string', 'null']` | The password for the ThreatGraphAPI | - ## Actions ### Block IOC diff --git a/_shared_content/automate/library/detection-rules.md b/_shared_content/automate/library/detection-rules.md index a43b1284f5..adcb2c156c 100644 --- a/_shared_content/automate/library/detection-rules.md +++ b/_shared_content/automate/library/detection-rules.md @@ -1,3 +1,7 @@ +uuid: fd4754b9-aff6-4865-92c7-bb0b1d5605c0 +name: Detection Rules +type: playbook + # Detection Rules ![Detection Rules](/assets/playbooks/library/detection-rules.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/digital-shadows.md b/_shared_content/automate/library/digital-shadows.md index 9dc55862d3..81a0e1cc65 100644 --- a/_shared_content/automate/library/digital-shadows.md +++ b/_shared_content/automate/library/digital-shadows.md @@ -1,3 +1,7 @@ +uuid: e76687ed-db66-482a-8549-f3ef3b248e06 +name: Digital Shadows +type: playbook + # Digital Shadows ![Digital Shadows](/assets/playbooks/library/digital-shadows.png){ align=right width=150 } diff --git a/_shared_content/automate/library/fortigate-firewalls.md b/_shared_content/automate/library/fortigate-firewalls.md index d438117828..0cad8cc3e7 100644 --- a/_shared_content/automate/library/fortigate-firewalls.md +++ b/_shared_content/automate/library/fortigate-firewalls.md @@ -1,3 +1,7 @@ +uuid: ca9a9497-bcd2-4d0c-b0c1-72699231feb2 +name: Fortigate Firewalls +type: playbook + # Fortigate Firewalls ![Fortigate Firewalls](/assets/playbooks/library/fortigate-firewalls.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/git.md b/_shared_content/automate/library/git.md index 40bd954dc8..89ee06cd08 100644 --- a/_shared_content/automate/library/git.md +++ b/_shared_content/automate/library/git.md @@ -1,3 +1,7 @@ +uuid: 0a0cdc27-5b29-41e0-9a0c-36ee065922e5 +name: Git +type: playbook + # Git ![Git](/assets/playbooks/library/git.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/glimps.md b/_shared_content/automate/library/glimps.md index ca30ca48f7..f20abf539e 100644 --- a/_shared_content/automate/library/glimps.md +++ b/_shared_content/automate/library/glimps.md @@ -1,3 +1,7 @@ +uuid: 3ba4b84b-c323-48ef-93d2-6f3544c783d6 +name: GLIMPS +type: playbook + # GLIMPS ![GLIMPS](/assets/playbooks/library/glimps.png){ align=right width=150 } diff --git a/_shared_content/automate/library/google.md b/_shared_content/automate/library/google.md index e5b5cef2fb..ee0e57dc62 100644 --- a/_shared_content/automate/library/google.md +++ b/_shared_content/automate/library/google.md @@ -1,3 +1,7 @@ +uuid: 4f682a9e-9a25-43a5-8a48-cd9bd7fade7e +name: Google +type: playbook + # Google ![Google](/assets/playbooks/library/google.svg){ align=right width=150 } @@ -10,65 +14,6 @@ Google module | --------- | ------- | --------------------------- | | `credentials` | `object` | Credentials to use. You can find them in the credentials file | -## Triggers - -### Get user activities - -Get user activities using google reports - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `application_name` | `string` | The application from which the activities should be fetched | -| `timedelta` | `integer` | The temporal shift, in the past, in minutes, the connector applies when fetching the events (default to 0 minutes ago) | -| `start_time` | `integer` | The number of hours from which events should be queried. | -| `chunk_size` | `integer` | The max size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | -| `admin_mail` | `string` | Email of your google admin | - - -### Get login user activities - -Get Login user activities using google reports api - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `timedelta` | `integer` | The temporal shift, in the past, in minutes, the connector applies when fetching the events (default to 150 minutes ago) | -| `start_time` | `integer` | The number of hours from which events should be queried. | -| `chunk_size` | `integer` | The max size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | -| `admin_mail` | `string` | Email of your google admin | - - -### Connect to the specified project subscription - -Connect to the Google Cloud Pub/Sub topic and return events - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `intake_key` | `string` | Intake key to use when sending events | -| `frequency` | `integer` | Batch frequency in seconds | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `project_id` | `string` | Project ID | -| `subject_id` | `string` | Subscription ID | -| `chunk_size` | `integer` | The size of chunks for the batch processing (max is 1000) | - - -**Outputs** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `messages_path` | `string` | Path to the file holding the results | - ## Actions ### Run a query against a BigQuery table diff --git a/_shared_content/automate/library/harfanglab.md b/_shared_content/automate/library/harfanglab.md index 739d88c05e..a742b1fcce 100644 --- a/_shared_content/automate/library/harfanglab.md +++ b/_shared_content/automate/library/harfanglab.md @@ -1,3 +1,7 @@ +uuid: 8380240b-61a4-48b7-93e4-044a7ee2309b +name: HarfangLab +type: playbook + # HarfangLab ![HarfangLab](/assets/playbooks/library/harfanglab.png){ align=right width=150 } diff --git a/_shared_content/automate/library/http.md b/_shared_content/automate/library/http.md index f59349acaf..cf614a7f08 100644 --- a/_shared_content/automate/library/http.md +++ b/_shared_content/automate/library/http.md @@ -1,3 +1,7 @@ +uuid: 5894985f-91eb-46db-9306-cc5ac6463d3d +name: HTTP +type: playbook + # HTTP ![HTTP](/assets/playbooks/library/http.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/iknowwhatyoudownload.md b/_shared_content/automate/library/iknowwhatyoudownload.md index 670453c16b..9596538e43 100644 --- a/_shared_content/automate/library/iknowwhatyoudownload.md +++ b/_shared_content/automate/library/iknowwhatyoudownload.md @@ -1,3 +1,7 @@ +uuid: 3c334ccd-91be-49d5-9267-915db6ab588e +name: IKnowWhatYouDownload +type: playbook + # IKnowWhatYouDownload ![IKnowWhatYouDownload](/assets/playbooks/library/iknowwhatyoudownload.png){ align=right width=150 } diff --git a/_shared_content/automate/library/ipinfo.md b/_shared_content/automate/library/ipinfo.md index 7cec3ab2e2..173184c214 100644 --- a/_shared_content/automate/library/ipinfo.md +++ b/_shared_content/automate/library/ipinfo.md @@ -1,3 +1,7 @@ +uuid: 2f8ad4f8-7740-4ce9-ab1d-9903d79c0739 +name: IPInfo +type: playbook + # IPInfo ![IPInfo](/assets/playbooks/library/ipinfo.png){ align=right width=150 } diff --git a/_shared_content/automate/library/iptoasn.md b/_shared_content/automate/library/iptoasn.md index d8f39bf970..28273c6b82 100644 --- a/_shared_content/automate/library/iptoasn.md +++ b/_shared_content/automate/library/iptoasn.md @@ -1,3 +1,7 @@ +uuid: b1c26bbd-8ec6-464b-a979-bc1f804417b2 +name: IPtoASN +type: playbook + # IPtoASN ![IPtoASN](/assets/playbooks/library/iptoasn.png){ align=right width=150 } diff --git a/_shared_content/automate/library/mandrill.md b/_shared_content/automate/library/mandrill.md index e59c1a1711..4801ad8974 100644 --- a/_shared_content/automate/library/mandrill.md +++ b/_shared_content/automate/library/mandrill.md @@ -1,3 +1,7 @@ +uuid: bc2699a6-93e5-4d74-816d-4186d6eb3ce8 +name: Mandrill +type: playbook + # Mandrill ![Mandrill](/assets/playbooks/library/mandrill.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/mattermost.md b/_shared_content/automate/library/mattermost.md index 544461cdc9..4d23d8cfe2 100644 --- a/_shared_content/automate/library/mattermost.md +++ b/_shared_content/automate/library/mattermost.md @@ -1,3 +1,7 @@ +uuid: 89c860f0-3e73-4946-a5c9-431deb33b0e8 +name: Mattermost +type: playbook + # Mattermost ![Mattermost](/assets/playbooks/library/mattermost.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/microsoft-active-directory.md b/_shared_content/automate/library/microsoft-active-directory.md index 9bc40e8332..f33926baa0 100644 --- a/_shared_content/automate/library/microsoft-active-directory.md +++ b/_shared_content/automate/library/microsoft-active-directory.md @@ -1,3 +1,7 @@ +uuid: b2d96259-af89-4f7a-ae6e-a0af2d2400f3 +name: Microsoft Active Directory +type: playbook + # Microsoft Active Directory ![Microsoft Active Directory](/assets/playbooks/library/microsoft-active-directory.png){ align=right width=150 } diff --git a/_shared_content/automate/library/microsoft-entra-id.md b/_shared_content/automate/library/microsoft-entra-id.md index dd10de3e48..ecf3143384 100644 --- a/_shared_content/automate/library/microsoft-entra-id.md +++ b/_shared_content/automate/library/microsoft-entra-id.md @@ -1,3 +1,7 @@ +uuid: 3abf7928-65ef-4a5f-ba3e-5fbe56123d0c +name: Microsoft Entra ID +type: playbook + # Microsoft Entra ID ![Microsoft Entra ID](/assets/playbooks/library/microsoft-entra-id.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/microsoft-windows-server.md b/_shared_content/automate/library/microsoft-windows-server.md index 5ae1252a58..5468da553a 100644 --- a/_shared_content/automate/library/microsoft-windows-server.md +++ b/_shared_content/automate/library/microsoft-windows-server.md @@ -1,3 +1,7 @@ +uuid: 33ea4995-5454-4091-a19f-497cb213346a +name: Microsoft Windows Server +type: playbook + # Microsoft Windows Server ![Microsoft Windows Server](/assets/playbooks/library/microsoft-windows-server.png){ align=right width=150 } diff --git a/_shared_content/automate/library/misp.md b/_shared_content/automate/library/misp.md index 10302f4cf6..4caf3e3c70 100644 --- a/_shared_content/automate/library/misp.md +++ b/_shared_content/automate/library/misp.md @@ -1,3 +1,7 @@ +uuid: df3a0c67-592b-45b2-8465-48473929c7f9 +name: MISP +type: playbook + # MISP ![MISP](/assets/playbooks/library/misp.png){ align=right width=150 } diff --git a/_shared_content/automate/library/mwdb.md b/_shared_content/automate/library/mwdb.md index 54b2a3e10e..6184d0c90e 100644 --- a/_shared_content/automate/library/mwdb.md +++ b/_shared_content/automate/library/mwdb.md @@ -1,3 +1,7 @@ +uuid: 0b8e1ea4-f191-4486-9658-47578a67d046 +name: MWDB +type: playbook + # MWDB ![MWDB](/assets/playbooks/library/mwdb.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/nybble.md b/_shared_content/automate/library/nybble.md index 3255fba0b7..f8b7c74853 100644 --- a/_shared_content/automate/library/nybble.md +++ b/_shared_content/automate/library/nybble.md @@ -1,3 +1,7 @@ +uuid: 0664bc2d-8f09-410f-ab8f-e0e07911a6f4 +name: Nybble +type: playbook + # Nybble ![Nybble](/assets/playbooks/library/nybble.png){ align=right width=150 } diff --git a/_shared_content/automate/library/onyphe.md b/_shared_content/automate/library/onyphe.md index 18c7e2a854..760cab8391 100644 --- a/_shared_content/automate/library/onyphe.md +++ b/_shared_content/automate/library/onyphe.md @@ -1,3 +1,7 @@ +uuid: 3d20c308-bc7f-492f-99b0-211614a58116 +name: Onyphe +type: playbook + # Onyphe ![Onyphe](/assets/playbooks/library/onyphe.png){ align=right width=150 } diff --git a/_shared_content/automate/library/openai.md b/_shared_content/automate/library/openai.md index 137178fcab..d34b767f4d 100644 --- a/_shared_content/automate/library/openai.md +++ b/_shared_content/automate/library/openai.md @@ -1,3 +1,7 @@ +uuid: 05fd97a1-43f7-4f47-ae02-63e1d1219040 +name: OpenAI +type: playbook + # OpenAI ![OpenAI](/assets/playbooks/library/openai.png){ align=right width=150 } diff --git a/_shared_content/automate/library/osint.md b/_shared_content/automate/library/osint.md index edd7df782b..8b4ce04ae7 100644 --- a/_shared_content/automate/library/osint.md +++ b/_shared_content/automate/library/osint.md @@ -1,3 +1,7 @@ +uuid: 19cf9b48-dc7a-485f-ba14-3b7b998774c1 +name: OSINT +type: playbook + # OSINT ![OSINT](/assets/playbooks/library/osint.svg){ align=right width=150 } diff --git a/docs/integration/action_library/overview.md b/_shared_content/automate/library/overview.md similarity index 100% rename from docs/integration/action_library/overview.md rename to _shared_content/automate/library/overview.md diff --git a/_shared_content/automate/library/pagerduty.md b/_shared_content/automate/library/pagerduty.md index 7207f4cf04..01b46a2146 100644 --- a/_shared_content/automate/library/pagerduty.md +++ b/_shared_content/automate/library/pagerduty.md @@ -1,3 +1,7 @@ +uuid: 97864342-32c5-4076-b590-ba0179db9233 +name: PagerDuty +type: playbook + # PagerDuty ![PagerDuty](/assets/playbooks/library/pagerduty.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/panda-security.md b/_shared_content/automate/library/panda-security.md index 603a6124c1..5dc37eb984 100644 --- a/_shared_content/automate/library/panda-security.md +++ b/_shared_content/automate/library/panda-security.md @@ -1,3 +1,7 @@ +uuid: e2215979-3462-4fb6-8635-57700aada01c +name: Panda Security +type: playbook + # Panda Security ![Panda Security](/assets/playbooks/library/panda-security.png){ align=right width=150 } diff --git a/_shared_content/automate/library/public-suffix.md b/_shared_content/automate/library/public-suffix.md index 51fce68bfc..df38843c75 100644 --- a/_shared_content/automate/library/public-suffix.md +++ b/_shared_content/automate/library/public-suffix.md @@ -1,3 +1,7 @@ +uuid: 735b9f36-50eb-4a36-8d08-0996966ee9aa +name: Public Suffix +type: playbook + # Public Suffix ![Public Suffix](/assets/playbooks/library/public-suffix.png){ align=right width=150 } diff --git a/_shared_content/automate/library/riskiq.md b/_shared_content/automate/library/riskiq.md index 70a02bf72e..428a964e98 100644 --- a/_shared_content/automate/library/riskiq.md +++ b/_shared_content/automate/library/riskiq.md @@ -1,3 +1,7 @@ +uuid: ab1540c3-1b60-4bad-9f5b-13d86a554826 +name: RiskIQ +type: playbook + # RiskIQ ![RiskIQ](/assets/playbooks/library/riskiq.png){ align=right width=150 } diff --git a/_shared_content/automate/library/rss.md b/_shared_content/automate/library/rss.md index 49ccd169a2..dd9f5166bc 100644 --- a/_shared_content/automate/library/rss.md +++ b/_shared_content/automate/library/rss.md @@ -1,3 +1,7 @@ +uuid: 52686cd0-8636-48d3-a7d6-9c20ee47f111 +name: RSS +type: playbook + # RSS ![RSS](/assets/playbooks/library/rss.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/sekoia-io.md b/_shared_content/automate/library/sekoia-io.md index 738a410a4e..b70e63e3f7 100644 --- a/_shared_content/automate/library/sekoia-io.md +++ b/_shared_content/automate/library/sekoia-io.md @@ -1,3 +1,7 @@ +uuid: 92d8bb47-7c51-445d-81de-ae04edbb6f0a +name: Sekoia.io +type: playbook + # Sekoia.io ![Sekoia.io](/assets/playbooks/library/sekoia-io.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/sentinelone.md b/_shared_content/automate/library/sentinelone.md index b4d0b4dc74..bee218ca93 100644 --- a/_shared_content/automate/library/sentinelone.md +++ b/_shared_content/automate/library/sentinelone.md @@ -1,3 +1,7 @@ +uuid: ff675e74-e5c1-47c8-a571-d207fc297464 +name: SentinelOne +type: playbook + # SentinelOne ![SentinelOne](/assets/playbooks/library/sentinelone.png){ align=right width=150 } @@ -11,38 +15,6 @@ This module interacts with the SentinelOne | `hostname` | `string` | The domain-name to the SentinelOne instance | | `api_token` | `string` | The API token to authenticate to SentinelOne | -## Triggers - -### [DEPRECATED] Consume events from SentinelOne DeepVisibility - -Consume events from SentinelOne DeepVisibility’s Kafka brokers - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `chunk_size` | `integer` | The size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | -| `bootstrap_servers` | `string` | Kafka bootstrap servers (e.g. 'dv-exporter-kafka-eu-central-1-prod.sentinelone.net:9093') | -| `username` | `string` | Kafka username | -| `password` | `string` | Kafka password | -| `group_id` | `string` | Kafka consumer group | -| `topic` | `string` | Kafka topic | - - -### Collect SentinelOne alerts - -Collect activities and threats from SentinelOne - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - ## Actions ### [BETA] Create IOCs diff --git a/_shared_content/automate/library/servicenow.md b/_shared_content/automate/library/servicenow.md index beb016241e..74d632ae0d 100644 --- a/_shared_content/automate/library/servicenow.md +++ b/_shared_content/automate/library/servicenow.md @@ -1,3 +1,7 @@ +uuid: 2b2f877e-6eaa-4d6c-a18e-f3383e52a429 +name: ServiceNow +type: playbook + # ServiceNow ![ServiceNow](/assets/playbooks/library/servicenow.png){ align=right width=150 } diff --git a/_shared_content/automate/library/shodan.md b/_shared_content/automate/library/shodan.md index 64d8650a71..0f2cb5b17a 100644 --- a/_shared_content/automate/library/shodan.md +++ b/_shared_content/automate/library/shodan.md @@ -1,3 +1,7 @@ +uuid: 25c9c44e-b3dc-4485-a2cb-4e9a116bc8fd +name: Shodan +type: playbook + # Shodan ![Shodan](/assets/playbooks/library/shodan.png){ align=right width=150 } diff --git a/_shared_content/automate/library/sophos.md b/_shared_content/automate/library/sophos.md index 83d82bef1d..009d2ca345 100644 --- a/_shared_content/automate/library/sophos.md +++ b/_shared_content/automate/library/sophos.md @@ -1,3 +1,7 @@ +uuid: 0de5216e-19b0-4ad3-9b91-a547cfaf52ca +name: Sophos +type: playbook + # Sophos ![Sophos](/assets/playbooks/library/sophos.png){ align=right width=150 } @@ -13,36 +17,6 @@ Sophos Module | `client_id` | `string` | OAuth2 client identifier | | `client_secret` | `string` | OAuth2 client secret | -## Triggers - -### Get Sophos events - -Forward Sophos Events - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `chunk_size` | `integer` | The max size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | -| `exclude_types` | `array` | A list of type to exclude from the pulling | - - -### Query IoC from data lake [BETA] - -Query last IoCs from the Sophos Data lake - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `frequency` | `integer` | Batch frequency in seconds | -| `chunk_size` | `integer` | The max size of chunks for the batch processing | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - ## Actions ### [BETA] Deisolate endpoint diff --git a/_shared_content/automate/library/the-hive-v5.md b/_shared_content/automate/library/the-hive-v5.md index 681a5aeff9..928d58abe1 100644 --- a/_shared_content/automate/library/the-hive-v5.md +++ b/_shared_content/automate/library/the-hive-v5.md @@ -1,3 +1,7 @@ +uuid: d6c96586-707c-451f-b9f6-d31b3291f87d +name: The Hive V5 +type: playbook + # The Hive V5 ![The Hive V5](/assets/playbooks/library/the-hive-v5.png){ align=right width=150 } diff --git a/_shared_content/automate/library/the-hive.md b/_shared_content/automate/library/the-hive.md index c491fa23bb..2527900438 100644 --- a/_shared_content/automate/library/the-hive.md +++ b/_shared_content/automate/library/the-hive.md @@ -1,3 +1,7 @@ +uuid: 48086812-d709-4eff-b308-e8bf504b8a7a +name: The Hive +type: playbook + # The Hive ![The Hive](/assets/playbooks/library/the-hive.png){ align=right width=150 } diff --git a/_shared_content/automate/library/tranco.md b/_shared_content/automate/library/tranco.md index a853e932ad..c34c6cea42 100644 --- a/_shared_content/automate/library/tranco.md +++ b/_shared_content/automate/library/tranco.md @@ -1,3 +1,7 @@ +uuid: 081074fc-240d-437f-a214-fba49691e69e +name: Tranco +type: playbook + # Tranco ![Tranco](/assets/playbooks/library/tranco.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/triage.md b/_shared_content/automate/library/triage.md index dde0d89b88..5271f59133 100644 --- a/_shared_content/automate/library/triage.md +++ b/_shared_content/automate/library/triage.md @@ -1,3 +1,7 @@ +uuid: 919705ab-7a64-493e-a92b-4049fafea325 +name: Triage +type: playbook + # Triage ![Triage](/assets/playbooks/library/triage.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/utils.md b/_shared_content/automate/library/utils.md index 924501b0d3..8843aae90c 100644 --- a/_shared_content/automate/library/utils.md +++ b/_shared_content/automate/library/utils.md @@ -1,3 +1,7 @@ +uuid: 07cce76b-a319-40ee-a0cf-1ba433431e21 +name: Utils +type: playbook + # Utils ![Utils](/assets/playbooks/library/utils.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/vade-secure.md b/_shared_content/automate/library/vade-secure.md index 3d0f35c4d1..c707628fd9 100644 --- a/_shared_content/automate/library/vade-secure.md +++ b/_shared_content/automate/library/vade-secure.md @@ -1,3 +1,7 @@ +uuid: 1411df5b-5de1-40bd-a988-725cfe692aff +name: Vade Secure +type: playbook + # Vade Secure ![Vade Secure](/assets/playbooks/library/vade-secure.png){ align=right width=150 } diff --git a/_shared_content/automate/library/virustotal.md b/_shared_content/automate/library/virustotal.md index 8089bc0040..97cbe1da46 100644 --- a/_shared_content/automate/library/virustotal.md +++ b/_shared_content/automate/library/virustotal.md @@ -1,3 +1,7 @@ +uuid: d023af1d-25d8-465b-b85f-2ed48214d6a5 +name: VirusTotal +type: playbook + # VirusTotal ![VirusTotal](/assets/playbooks/library/virustotal.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/whois.md b/_shared_content/automate/library/whois.md index c2444de34b..66707d7857 100644 --- a/_shared_content/automate/library/whois.md +++ b/_shared_content/automate/library/whois.md @@ -1,3 +1,7 @@ +uuid: a55461dd-cd8b-9e05-f87a-607b574804fd +name: Whois +type: playbook + # Whois ![Whois](/assets/playbooks/library/whois.svg){ align=right width=150 } diff --git a/_shared_content/automate/library/withsecure.md b/_shared_content/automate/library/withsecure.md index 59ed4397ff..a507113abd 100644 --- a/_shared_content/automate/library/withsecure.md +++ b/_shared_content/automate/library/withsecure.md @@ -1,3 +1,7 @@ +uuid: 8aa9f86c-f360-4ae7-84f5-b61c6917cf01 +name: WithSecure +type: playbook + # WithSecure ![WithSecure](/assets/playbooks/library/withsecure.png){ align=right width=150 } @@ -11,19 +15,6 @@ Interact with WithSecure Elements | `client_id` | `string` | Client identifier | | `secret` | `string` | API secret to authenticate | -## Triggers - -### Fetch security events - -Get last security events - -**Arguments** - -| Name | Type | Description | -| --------- | ------- | --------------------------- | -| `intake_server` | `string` | Server of the intake server (e.g. 'https://intake.sekoia.io') | -| `intake_key` | `string` | Intake key to use when sending events | - ## Actions ### Add comment on Incident diff --git a/_shared_content/automate/library/zscaler.md b/_shared_content/automate/library/zscaler.md index 8d479da115..7c405f6b98 100644 --- a/_shared_content/automate/library/zscaler.md +++ b/_shared_content/automate/library/zscaler.md @@ -1,3 +1,7 @@ +uuid: 0c97d665-e316-48ff-bcba-bbfbd4eaccc7 +name: Zscaler +type: playbook + # Zscaler ![Zscaler](/assets/playbooks/library/zscaler.png){ align=right width=150 } diff --git a/action_library b/action_library new file mode 120000 index 0000000000..5271121a66 --- /dev/null +++ b/action_library @@ -0,0 +1 @@ +docs/integration/action_library \ No newline at end of file diff --git a/docs/integration/action_library b/docs/integration/action_library new file mode 120000 index 0000000000..1cd6356204 --- /dev/null +++ b/docs/integration/action_library @@ -0,0 +1 @@ +../../_shared_content/automate/library \ No newline at end of file diff --git a/docs/integration/action_library/applicative/mandrill.md b/docs/integration/action_library/applicative/mandrill.md deleted file mode 100644 index 6ecc02f933..0000000000 --- a/docs/integration/action_library/applicative/mandrill.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/mandrill.md!} diff --git a/docs/integration/action_library/applicative/mattermost.md b/docs/integration/action_library/applicative/mattermost.md deleted file mode 100644 index b3c2e30945..0000000000 --- a/docs/integration/action_library/applicative/mattermost.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/mattermost.md!} diff --git a/docs/integration/action_library/applicative/microsoft-office365.md b/docs/integration/action_library/applicative/microsoft-office365.md deleted file mode 100644 index a31f2a43fb..0000000000 --- a/docs/integration/action_library/applicative/microsoft-office365.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/microsoft-office365.md!} diff --git a/docs/integration/action_library/applicative/microsoft-remote-server.md b/docs/integration/action_library/applicative/microsoft-remote-server.md deleted file mode 100644 index 457aa96d7a..0000000000 --- a/docs/integration/action_library/applicative/microsoft-remote-server.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/microsoft-remote-server.md!} diff --git a/docs/integration/action_library/applicative/microsoft-windows-server.md b/docs/integration/action_library/applicative/microsoft-windows-server.md deleted file mode 100644 index b54f0598ed..0000000000 --- a/docs/integration/action_library/applicative/microsoft-windows-server.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/microsoft-windows-server.md!} diff --git a/docs/integration/action_library/applicative/pagerduty.md b/docs/integration/action_library/applicative/pagerduty.md deleted file mode 100644 index 51429d407a..0000000000 --- a/docs/integration/action_library/applicative/pagerduty.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/pagerduty.md!} diff --git a/docs/integration/action_library/applicative/proofpoint.md b/docs/integration/action_library/applicative/proofpoint.md deleted file mode 100644 index 979f519b55..0000000000 --- a/docs/integration/action_library/applicative/proofpoint.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/proofpoint.md!} diff --git a/docs/integration/action_library/applicative/salesforce.md b/docs/integration/action_library/applicative/salesforce.md deleted file mode 100644 index ede2cc9c9a..0000000000 --- a/docs/integration/action_library/applicative/salesforce.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/salesforce.md!} diff --git a/docs/integration/action_library/cloud_providers/aws.md b/docs/integration/action_library/cloud_providers/aws.md deleted file mode 100644 index 1e1442fcb2..0000000000 --- a/docs/integration/action_library/cloud_providers/aws.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/aws.md!} diff --git a/docs/integration/action_library/cloud_providers/google.md b/docs/integration/action_library/cloud_providers/google.md deleted file mode 100644 index 6eeb63b1e5..0000000000 --- a/docs/integration/action_library/cloud_providers/google.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/google.md!} diff --git a/docs/integration/action_library/cloud_providers/microsoft-azure.md b/docs/integration/action_library/cloud_providers/microsoft-azure.md deleted file mode 100644 index de0ef1e727..0000000000 --- a/docs/integration/action_library/cloud_providers/microsoft-azure.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/microsoft-azure.md!} diff --git a/docs/integration/action_library/collaboration_tools/atlassian-jira.md b/docs/integration/action_library/collaboration_tools/atlassian-jira.md deleted file mode 100644 index 94d1b92f29..0000000000 --- a/docs/integration/action_library/collaboration_tools/atlassian-jira.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/atlassian-jira.md!} diff --git a/docs/integration/action_library/collaboration_tools/git.md b/docs/integration/action_library/collaboration_tools/git.md deleted file mode 100644 index cddf7a5828..0000000000 --- a/docs/integration/action_library/collaboration_tools/git.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/git.md!} diff --git a/docs/integration/action_library/collaboration_tools/github.md b/docs/integration/action_library/collaboration_tools/github.md deleted file mode 100644 index 60aefa49db..0000000000 --- a/docs/integration/action_library/collaboration_tools/github.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/github.md!} diff --git a/docs/integration/action_library/collaboration_tools/servicenow.md b/docs/integration/action_library/collaboration_tools/servicenow.md deleted file mode 100644 index 55b821405f..0000000000 --- a/docs/integration/action_library/collaboration_tools/servicenow.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/servicenow.md!} diff --git a/docs/integration/action_library/collaboration_tools/the-hive.md b/docs/integration/action_library/collaboration_tools/the-hive.md deleted file mode 100644 index 1730c6740b..0000000000 --- a/docs/integration/action_library/collaboration_tools/the-hive.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/the-hive.md!} diff --git a/docs/integration/action_library/email/mimecast.md b/docs/integration/action_library/email/mimecast.md deleted file mode 100644 index 0e5aadaceb..0000000000 --- a/docs/integration/action_library/email/mimecast.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/mimecast.md!} diff --git a/docs/integration/action_library/email/vade-secure.md b/docs/integration/action_library/email/vade-secure.md deleted file mode 100644 index b25ae8c49e..0000000000 --- a/docs/integration/action_library/email/vade-secure.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/vade-secure.md!} diff --git a/docs/integration/action_library/endpoint/crowdstrike-falcon.md b/docs/integration/action_library/endpoint/crowdstrike-falcon.md deleted file mode 100644 index 83388c93ba..0000000000 --- a/docs/integration/action_library/endpoint/crowdstrike-falcon.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/crowdstrike-falcon.md!} diff --git a/docs/integration/action_library/endpoint/crowdstrike.md b/docs/integration/action_library/endpoint/crowdstrike.md deleted file mode 100644 index 1dda1ab3f9..0000000000 --- a/docs/integration/action_library/endpoint/crowdstrike.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/crowdstrike.md!} diff --git a/docs/integration/action_library/endpoint/cybereason.md b/docs/integration/action_library/endpoint/cybereason.md deleted file mode 100644 index 7c5219763f..0000000000 --- a/docs/integration/action_library/endpoint/cybereason.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/cybereason.md!} diff --git a/docs/integration/action_library/endpoint/harfanglab.md b/docs/integration/action_library/endpoint/harfanglab.md deleted file mode 100644 index 9572003bf3..0000000000 --- a/docs/integration/action_library/endpoint/harfanglab.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/harfanglab.md!} diff --git a/docs/integration/action_library/endpoint/panda-security.md b/docs/integration/action_library/endpoint/panda-security.md deleted file mode 100644 index add25bb51a..0000000000 --- a/docs/integration/action_library/endpoint/panda-security.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/panda-security.md!} diff --git a/docs/integration/action_library/endpoint/sentinelone.md b/docs/integration/action_library/endpoint/sentinelone.md deleted file mode 100644 index 9d0f8febd0..0000000000 --- a/docs/integration/action_library/endpoint/sentinelone.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/sentinelone.md!} diff --git a/docs/integration/action_library/endpoint/sentinelonedeepvisibility.md b/docs/integration/action_library/endpoint/sentinelonedeepvisibility.md deleted file mode 100644 index 63bd6c89f0..0000000000 --- a/docs/integration/action_library/endpoint/sentinelonedeepvisibility.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/sentinelonedeepvisibility.md!} diff --git a/docs/integration/action_library/endpoint/sophos.md b/docs/integration/action_library/endpoint/sophos.md deleted file mode 100644 index 585fbfbd88..0000000000 --- a/docs/integration/action_library/endpoint/sophos.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/sophos.md!} diff --git a/docs/integration/action_library/endpoint/tehtris.md b/docs/integration/action_library/endpoint/tehtris.md deleted file mode 100644 index 10aba94a0e..0000000000 --- a/docs/integration/action_library/endpoint/tehtris.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/tehtris.md!} diff --git a/docs/integration/action_library/endpoint/trellix.md b/docs/integration/action_library/endpoint/trellix.md deleted file mode 100644 index d81cea9ffe..0000000000 --- a/docs/integration/action_library/endpoint/trellix.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/trellix.md!} diff --git a/docs/integration/action_library/endpoint/trend-micro.md b/docs/integration/action_library/endpoint/trend-micro.md deleted file mode 100644 index 2887875221..0000000000 --- a/docs/integration/action_library/endpoint/trend-micro.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/trend-micro.md!} diff --git a/docs/integration/action_library/endpoint/withsecure.md b/docs/integration/action_library/endpoint/withsecure.md deleted file mode 100644 index d92e1e4758..0000000000 --- a/docs/integration/action_library/endpoint/withsecure.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/withsecure.md!} diff --git a/docs/integration/action_library/generic/fileutils.md b/docs/integration/action_library/generic/fileutils.md deleted file mode 100644 index eb983ca54d..0000000000 --- a/docs/integration/action_library/generic/fileutils.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/fileutils.md!} diff --git a/docs/integration/action_library/generic/http.md b/docs/integration/action_library/generic/http.md deleted file mode 100644 index fca88286bc..0000000000 --- a/docs/integration/action_library/generic/http.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/http.md!} diff --git a/docs/integration/action_library/generic/openai.md b/docs/integration/action_library/generic/openai.md deleted file mode 100644 index cd4cddfd28..0000000000 --- a/docs/integration/action_library/generic/openai.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/openai.md!} diff --git a/docs/integration/action_library/generic/rss.md b/docs/integration/action_library/generic/rss.md deleted file mode 100644 index 64becc5a03..0000000000 --- a/docs/integration/action_library/generic/rss.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/rss.md!} diff --git a/docs/integration/action_library/generic/sekoia-io.md b/docs/integration/action_library/generic/sekoia-io.md deleted file mode 100644 index 05a54dae95..0000000000 --- a/docs/integration/action_library/generic/sekoia-io.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/sekoia-io.md!} diff --git a/docs/integration/action_library/generic/utils.md b/docs/integration/action_library/generic/utils.md deleted file mode 100644 index aba687e228..0000000000 --- a/docs/integration/action_library/generic/utils.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/utils.md!} diff --git a/docs/integration/action_library/iam/duo.md b/docs/integration/action_library/iam/duo.md deleted file mode 100644 index 0118b2d4b2..0000000000 --- a/docs/integration/action_library/iam/duo.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/duo.md!} diff --git a/docs/integration/action_library/iam/intra_id.md b/docs/integration/action_library/iam/intra_id.md deleted file mode 100644 index 3e40b39e58..0000000000 --- a/docs/integration/action_library/iam/intra_id.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/intra_id.md!} diff --git a/docs/integration/action_library/iam/jumpcloud-directory-insights.md b/docs/integration/action_library/iam/jumpcloud-directory-insights.md deleted file mode 100644 index 7a08b125d6..0000000000 --- a/docs/integration/action_library/iam/jumpcloud-directory-insights.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/jumpcloud-directory-insights.md!} diff --git a/docs/integration/action_library/iam/microsoft-active-directory.md b/docs/integration/action_library/iam/microsoft-active-directory.md deleted file mode 100644 index 258dc0b239..0000000000 --- a/docs/integration/action_library/iam/microsoft-active-directory.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/microsoft-active-directory.md!} diff --git a/docs/integration/action_library/iam/microsoft-entra-id.md b/docs/integration/action_library/iam/microsoft-entra-id.md deleted file mode 100644 index 21fffd31bb..0000000000 --- a/docs/integration/action_library/iam/microsoft-entra-id.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/microsoft-entra-id.md!} diff --git a/docs/integration/action_library/iam/okta.md b/docs/integration/action_library/iam/okta.md deleted file mode 100644 index 9bba4f0ae9..0000000000 --- a/docs/integration/action_library/iam/okta.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/okta.md!} diff --git a/docs/integration/action_library/network/broadcom-cloud-secure-web-gateway.md b/docs/integration/action_library/network/broadcom-cloud-secure-web-gateway.md deleted file mode 100644 index 1b3fafdbc5..0000000000 --- a/docs/integration/action_library/network/broadcom-cloud-secure-web-gateway.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/broadcom-cloud-secure-web-gateway.md!} diff --git a/docs/integration/action_library/network/cato-networks.md b/docs/integration/action_library/network/cato-networks.md deleted file mode 100644 index f541376450..0000000000 --- a/docs/integration/action_library/network/cato-networks.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/cato-networks.md!} diff --git a/docs/integration/action_library/network/check-point.md b/docs/integration/action_library/network/check-point.md deleted file mode 100644 index 1c16939817..0000000000 --- a/docs/integration/action_library/network/check-point.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/check-point.md!} diff --git a/docs/integration/action_library/network/darktrace.md b/docs/integration/action_library/network/darktrace.md deleted file mode 100644 index a8cd8b9af2..0000000000 --- a/docs/integration/action_library/network/darktrace.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/darktrace.md!} diff --git a/docs/integration/action_library/network/extrahop.md b/docs/integration/action_library/network/extrahop.md deleted file mode 100644 index 02929d09fb..0000000000 --- a/docs/integration/action_library/network/extrahop.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/extrahop.md!} diff --git a/docs/integration/action_library/network/fortigate-firewalls.md b/docs/integration/action_library/network/fortigate-firewalls.md deleted file mode 100644 index 49fc2e4df8..0000000000 --- a/docs/integration/action_library/network/fortigate-firewalls.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/fortigate-firewalls.md!} diff --git a/docs/integration/action_library/network/fortigate-fw.md b/docs/integration/action_library/network/fortigate-fw.md deleted file mode 100644 index 578aca247e..0000000000 --- a/docs/integration/action_library/network/fortigate-fw.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/fortigate-fw.md!} diff --git a/docs/integration/action_library/network/imperva.md b/docs/integration/action_library/network/imperva.md deleted file mode 100644 index 9675cdae6e..0000000000 --- a/docs/integration/action_library/network/imperva.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/imperva.md!} diff --git a/docs/integration/action_library/network/lacework.md b/docs/integration/action_library/network/lacework.md deleted file mode 100644 index b31799c86b..0000000000 --- a/docs/integration/action_library/network/lacework.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/lacework.md!} diff --git a/docs/integration/action_library/network/netskope.md b/docs/integration/action_library/network/netskope.md deleted file mode 100644 index 63abf9723b..0000000000 --- a/docs/integration/action_library/network/netskope.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/netskope.md!} diff --git a/docs/integration/action_library/network/skyhigh-security-secure-web-gateway-swg.md b/docs/integration/action_library/network/skyhigh-security-secure-web-gateway-swg.md deleted file mode 100644 index 02c85fdf23..0000000000 --- a/docs/integration/action_library/network/skyhigh-security-secure-web-gateway-swg.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/skyhigh-security-secure-web-gateway-swg.md!} diff --git a/docs/integration/action_library/network/skyhigh-security.md b/docs/integration/action_library/network/skyhigh-security.md deleted file mode 100644 index 837752be55..0000000000 --- a/docs/integration/action_library/network/skyhigh-security.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/skyhigh-security.md!} diff --git a/docs/integration/action_library/network/ubika.md b/docs/integration/action_library/network/ubika.md deleted file mode 100644 index dc5c52b17f..0000000000 --- a/docs/integration/action_library/network/ubika.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/ubika.md!} diff --git a/docs/integration/action_library/network/vade-cloud.md b/docs/integration/action_library/network/vade-cloud.md deleted file mode 100644 index 4a920a9a1a..0000000000 --- a/docs/integration/action_library/network/vade-cloud.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/vade-cloud.md!} diff --git a/docs/integration/action_library/network/zscaler.md b/docs/integration/action_library/network/zscaler.md deleted file mode 100644 index 206f81bf18..0000000000 --- a/docs/integration/action_library/network/zscaler.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/zscaler.md!} diff --git a/docs/integration/action_library/threat_intelligence/binaryedge-s-api.md b/docs/integration/action_library/threat_intelligence/binaryedge-s-api.md deleted file mode 100644 index 6f377e0960..0000000000 --- a/docs/integration/action_library/threat_intelligence/binaryedge-s-api.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/binaryedge-s-api.md!} diff --git a/docs/integration/action_library/threat_intelligence/bitsight.md b/docs/integration/action_library/threat_intelligence/bitsight.md deleted file mode 100644 index 5b8206352a..0000000000 --- a/docs/integration/action_library/threat_intelligence/bitsight.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/bitsight.md!} diff --git a/docs/integration/action_library/threat_intelligence/censys.md b/docs/integration/action_library/threat_intelligence/censys.md deleted file mode 100644 index 371607288d..0000000000 --- a/docs/integration/action_library/threat_intelligence/censys.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/censys.md!} diff --git a/docs/integration/action_library/threat_intelligence/certificate-transparency.md b/docs/integration/action_library/threat_intelligence/certificate-transparency.md deleted file mode 100644 index ef6590777e..0000000000 --- a/docs/integration/action_library/threat_intelligence/certificate-transparency.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/certificate-transparency.md!} diff --git a/docs/integration/action_library/threat_intelligence/detection-rules.md b/docs/integration/action_library/threat_intelligence/detection-rules.md deleted file mode 100644 index b2077fa808..0000000000 --- a/docs/integration/action_library/threat_intelligence/detection-rules.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/detection-rules.md!} diff --git a/docs/integration/action_library/threat_intelligence/digital-shadows.md b/docs/integration/action_library/threat_intelligence/digital-shadows.md deleted file mode 100644 index f100a8d90a..0000000000 --- a/docs/integration/action_library/threat_intelligence/digital-shadows.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/digital-shadows.md!} diff --git a/docs/integration/action_library/threat_intelligence/glimps.md b/docs/integration/action_library/threat_intelligence/glimps.md deleted file mode 100644 index 49bfa978c8..0000000000 --- a/docs/integration/action_library/threat_intelligence/glimps.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/glimps.md!} diff --git a/docs/integration/action_library/threat_intelligence/iknowwhatyoudownload.md b/docs/integration/action_library/threat_intelligence/iknowwhatyoudownload.md deleted file mode 100644 index 5f530745c8..0000000000 --- a/docs/integration/action_library/threat_intelligence/iknowwhatyoudownload.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/iknowwhatyoudownload.md!} diff --git a/docs/integration/action_library/threat_intelligence/ipinfo.md b/docs/integration/action_library/threat_intelligence/ipinfo.md deleted file mode 100644 index 66cd58fdf2..0000000000 --- a/docs/integration/action_library/threat_intelligence/ipinfo.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/ipinfo.md!} diff --git a/docs/integration/action_library/threat_intelligence/iptoasn.md b/docs/integration/action_library/threat_intelligence/iptoasn.md deleted file mode 100644 index e9ad5630b0..0000000000 --- a/docs/integration/action_library/threat_intelligence/iptoasn.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/iptoasn.md!} diff --git a/docs/integration/action_library/threat_intelligence/misp.md b/docs/integration/action_library/threat_intelligence/misp.md deleted file mode 100644 index e3cb276c0e..0000000000 --- a/docs/integration/action_library/threat_intelligence/misp.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/misp.md!} diff --git a/docs/integration/action_library/threat_intelligence/mwdb.md b/docs/integration/action_library/threat_intelligence/mwdb.md deleted file mode 100644 index be81f92249..0000000000 --- a/docs/integration/action_library/threat_intelligence/mwdb.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/mwdb.md!} diff --git a/docs/integration/action_library/threat_intelligence/nybble.md b/docs/integration/action_library/threat_intelligence/nybble.md deleted file mode 100644 index 4ee12597f6..0000000000 --- a/docs/integration/action_library/threat_intelligence/nybble.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/nybble.md!} diff --git a/docs/integration/action_library/threat_intelligence/onyphe.md b/docs/integration/action_library/threat_intelligence/onyphe.md deleted file mode 100644 index 5c3c3458cb..0000000000 --- a/docs/integration/action_library/threat_intelligence/onyphe.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/onyphe.md!} diff --git a/docs/integration/action_library/threat_intelligence/osint.md b/docs/integration/action_library/threat_intelligence/osint.md deleted file mode 100644 index c68820934c..0000000000 --- a/docs/integration/action_library/threat_intelligence/osint.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/osint.md!} diff --git a/docs/integration/action_library/threat_intelligence/public-suffix.md b/docs/integration/action_library/threat_intelligence/public-suffix.md deleted file mode 100644 index 39715e6155..0000000000 --- a/docs/integration/action_library/threat_intelligence/public-suffix.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/public-suffix.md!} diff --git a/docs/integration/action_library/threat_intelligence/riskiq.md b/docs/integration/action_library/threat_intelligence/riskiq.md deleted file mode 100644 index 402b2483fa..0000000000 --- a/docs/integration/action_library/threat_intelligence/riskiq.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/riskiq.md!} diff --git a/docs/integration/action_library/threat_intelligence/shodan.md b/docs/integration/action_library/threat_intelligence/shodan.md deleted file mode 100644 index 0584310541..0000000000 --- a/docs/integration/action_library/threat_intelligence/shodan.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/shodan.md!} diff --git a/docs/integration/action_library/threat_intelligence/stix.md b/docs/integration/action_library/threat_intelligence/stix.md deleted file mode 100644 index fb7400ddaf..0000000000 --- a/docs/integration/action_library/threat_intelligence/stix.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/stix.md!} diff --git a/docs/integration/action_library/threat_intelligence/thinkst-canary.md b/docs/integration/action_library/threat_intelligence/thinkst-canary.md deleted file mode 100644 index aa30919475..0000000000 --- a/docs/integration/action_library/threat_intelligence/thinkst-canary.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/thinkst-canary.md!} diff --git a/docs/integration/action_library/threat_intelligence/tranco.md b/docs/integration/action_library/threat_intelligence/tranco.md deleted file mode 100644 index 75d8455b4c..0000000000 --- a/docs/integration/action_library/threat_intelligence/tranco.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/tranco.md!} diff --git a/docs/integration/action_library/threat_intelligence/triage.md b/docs/integration/action_library/threat_intelligence/triage.md deleted file mode 100644 index 923c4bf7ec..0000000000 --- a/docs/integration/action_library/threat_intelligence/triage.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/triage.md!} diff --git a/docs/integration/action_library/threat_intelligence/virustotal.md b/docs/integration/action_library/threat_intelligence/virustotal.md deleted file mode 100644 index 5982fc9733..0000000000 --- a/docs/integration/action_library/threat_intelligence/virustotal.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/virustotal.md!} diff --git a/docs/integration/action_library/threat_intelligence/whois.md b/docs/integration/action_library/threat_intelligence/whois.md deleted file mode 100644 index 71ead5d7fc..0000000000 --- a/docs/integration/action_library/threat_intelligence/whois.md +++ /dev/null @@ -1 +0,0 @@ -{!_shared_content/automate/library/whois.md!} diff --git a/mkdocs.yml b/mkdocs.yml index 4349aab594..5825a71641 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -208,87 +208,64 @@ nav: - Operators: tip/features/automate/operators.md - Actions: tip/features/automate/actions.md - Actions Library: - - 1Password: tip/features/automate/library/1password.md - - AWS: tip/features/automate/library/aws.md - - Atlassian JIRA: tip/features/automate/library/atlassian-jira.md - - BinaryEdge's API: tip/features/automate/library/binaryedge-s-api.md - - Bitsight: tip/features/automate/library/bitsight.md - - Broadcom Cloud Secure Web Gateway: tip/features/automate/library/broadcom-cloud-secure-web-gateway.md - - Cato Networks: tip/features/automate/library/cato-networks.md - - Censys: tip/features/automate/library/censys.md - - Certificate Transparency: tip/features/automate/library/certificate-transparency.md - - Check Point: tip/features/automate/library/check-point.md - - CrowdStrike: tip/features/automate/library/crowdstrike.md - - CrowdStrike Falcon: tip/features/automate/library/crowdstrike-falcon.md - - Cybereason: tip/features/automate/library/cybereason.md - - Darktrace: tip/features/automate/library/darktrace.md - - Detection Rules: tip/features/automate/library/detection-rules.md - - Digital Shadows: tip/features/automate/library/digital-shadows.md - - Duo: tip/features/automate/library/duo.md - - ExtraHop: tip/features/automate/library/extrahop.md - - Fastly: tip/features/automate/library/fastly.md - - Fortigate Firewalls: tip/features/automate/library/fortigate-firewalls.md - - GLIMPS: tip/features/automate/library/glimps.md - - Git: tip/features/automate/library/git.md - - Github: tip/features/automate/library/github.md - - Google: tip/features/automate/library/google.md - - HTTP: tip/features/automate/library/http.md - - HarfangLab: tip/features/automate/library/harfanglab.md - - IKnowWhatYouDownload: tip/features/automate/library/iknowwhatyoudownload.md - - IPInfo: tip/features/automate/library/ipinfo.md - - IPtoASN: tip/features/automate/library/iptoasn.md - - Imperva: tip/features/automate/library/imperva.md - - Jumpcloud Directory Insights: tip/features/automate/library/jumpcloud-directory-insights.md - - Lacework: tip/features/automate/library/lacework.md - - MISP: tip/features/automate/library/misp.md - - MWDB: tip/features/automate/library/mwdb.md - - Mandrill: tip/features/automate/library/mandrill.md - - Mattermost: tip/features/automate/library/mattermost.md - - Microsoft Active Directory: tip/features/automate/library/microsoft-active-directory.md - - Microsoft Azure: tip/features/automate/library/microsoft-azure.md - - Microsoft Entra ID (Azure AD): tip/features/automate/library/microsoft-entra-id.md - - Microsoft Office365: tip/features/automate/library/microsoft-office365.md - - Microsoft Windows Server: tip/features/automate/library/microsoft-windows-server.md - - Mimecast: tip/features/automate/library/mimecast.md - - Netskope: tip/features/automate/library/netskope.md - - Nybble: tip/features/automate/library/nybble.md - - OSINT: tip/features/automate/library/osint.md - - Okta: tip/features/automate/library/okta.md - - Onyphe: tip/features/automate/library/onyphe.md - - OpenAI: tip/features/automate/library/openai.md - - PagerDuty: tip/features/automate/library/pagerduty.md - - Palo Alto Cortex XDR (EDR): tip/features/automate/library/palo-alto-cortex-xdr-edr.md - - Panda Security: tip/features/automate/library/panda-security.md - - Proofpoint: tip/features/automate/library/proofpoint.md - - Public Suffix: tip/features/automate/library/public-suffix.md - - RSS: tip/features/automate/library/rss.md - - Retarus: tip/features/automate/library/retarus.md - - RiskIQ: tip/features/automate/library/riskiq.md - - STIX: tip/features/automate/library/stix.md - - Salesforce: tip/features/automate/library/salesforce.md - - Sekoia.io: tip/features/automate/library/sekoia-io.md - - SentinelOne: tip/features/automate/library/sentinelone.md - - SentinelOneDeepVisibility: tip/features/automate/library/sentinelonedeepvisibility.md - - ServiceNow: tip/features/automate/library/servicenow.md - - Shodan: tip/features/automate/library/shodan.md - - Skyhigh Security: tip/features/automate/library/skyhigh-security.md - - Sophos: tip/features/automate/library/sophos.md - - TEHTRIS: tip/features/automate/library/tehtris.md - - The Hive: tip/features/automate/library/the-hive.md - - The Hive V5: tip/features/automate/library/the-hive-v5.md - - Thinkst Canary: tip/features/automate/library/thinkst-canary.md - - Tranco: tip/features/automate/library/tranco.md - - Trellix: tip/features/automate/library/trellix.md - - Trend Micro: tip/features/automate/library/trend-micro.md - - Triage: tip/features/automate/library/triage.md - - Ubika: tip/features/automate/library/ubika.md - - Utils: tip/features/automate/library/utils.md - - Vade Cloud: tip/features/automate/library/vade-cloud.md - - Vade Secure: tip/features/automate/library/vade-secure.md - - VirusTotal: tip/features/automate/library/virustotal.md - - Whois: tip/features/automate/library/whois.md - - WithSecure: tip/features/automate/library/withsecure.md - - Zscaler: tip/features/automate/library/zscaler.md + - Overview: tip/features/automate/library/overview.md + - Applicative: + - Mandrill: tip/features/automate/library/mandrill.md + - Mattermost: tip/features/automate/library/mattermost.md + - Microsoft Windows Server: tip/features/automate/library/microsoft-windows-server.md + - PagerDuty: tip/features/automate/library/pagerduty.md + - Cloud Providers: + - AWS: tip/features/automate/library/aws.md + - Google: tip/features/automate/library/google.md + - Collaboration Tools: + - Atlassian JIRA: tip/features/automate/library/atlassian-jira.md + - Git: tip/features/automate/library/git.md + - ServiceNow: tip/features/automate/library/servicenow.md + - The Hive: tip/features/automate/library/the-hive.md + - The Hive V5: tip/features/automate/library/the-hive-v5.md + - Email: + - Vade Secure: tip/features/automate/library/vade-secure.md + - Endpoint: + - CrowdStrike Falcon: tip/features/automate/library/crowdstrike-falcon.md + - HarfangLab: tip/features/automate/library/harfanglab.md + - Panda Security: tip/features/automate/library/panda-security.md + - SentinelOne: tip/features/automate/library/sentinelone.md + - Sophos: tip/features/automate/library/sophos.md + - WithSecure: tip/features/automate/library/withsecure.md + - Generic: + - HTTP: tip/features/automate/library/http.md + - OpenAI: tip/features/automate/library/openai.md + - RSS: tip/features/automate/library/rss.md + - Sekoia.io: tip/features/automate/library/sekoia-io.md + - Utils: tip/features/automate/library/utils.md + - IAM: + - Microsoft Active Directory: tip/features/automate/library/microsoft-active-directory.md + - Microsoft Entra ID: tip/features/automate/library/microsoft-entra-id.md + - Network: + - Fortigate Firewalls: tip/features/automate/library/fortigate-firewalls.md + - Zscaler: tip/features/automate/library/zscaler.md + - Threat Intelligence: + - BinaryEdge's API: tip/features/automate/library/binaryedge-s-api.md + - Censys: tip/features/automate/library/censys.md + - Certificate Transparency: tip/features/automate/library/certificate-transparency.md + - Detection Rules: tip/features/automate/library/detection-rules.md + - Digital Shadows: tip/features/automate/library/digital-shadows.md + - GLIMPS: tip/features/automate/library/glimps.md + - IKnowWhatYouDownload: tip/features/automate/library/iknowwhatyoudownload.md + - IPInfo: tip/features/automate/library/ipinfo.md + - IPtoASN: tip/features/automate/library/iptoasn.md + - MISP: tip/features/automate/library/misp.md + - MWDB: tip/features/automate/library/mwdb.md + - Nybble: tip/features/automate/library/nybble.md + - OSINT: tip/features/automate/library/osint.md + - Onyphe: tip/features/automate/library/onyphe.md + - Public Suffix: tip/features/automate/library/public-suffix.md + - RiskIQ: tip/features/automate/library/riskiq.md + - Shodan: tip/features/automate/library/shodan.md + - Tranco: tip/features/automate/library/tranco.md + - Triage: tip/features/automate/library/triage.md + - VirusTotal: tip/features/automate/library/virustotal.md + - Whois: tip/features/automate/library/whois.md - Develop: - REST API: - Quickstart: tip/develop/rest_api/quickstart.md @@ -499,94 +476,63 @@ nav: - Zscaler Internet Access: integration/categories/network_security/zscaler_zia.md - List of Playbooks Actions: - Overview: integration/action_library/overview.md - - Applicatives: - - Mandrill: integration/action_library/applicative/mandrill.md - - Mattermost: integration/action_library/applicative/mattermost.md - - Microsoft Office365: integration/action_library/applicative/microsoft-office365.md - - Microsoft Remote Server: integration/action_library/applicative/microsoft-remote-server.md - - Microsoft Windows Server: integration/action_library/applicative/microsoft-windows-server.md - - PagerDuty: integration/action_library/applicative/pagerduty.md - - Proofpoint: integration/action_library/applicative/proofpoint.md - - Salesforce: integration/action_library/applicative/salesforce.md + - Applicative: + - Mandrill: integration/action_library/mandrill.md + - Mattermost: integration/action_library/mattermost.md + - Microsoft Windows Server: integration/action_library/microsoft-windows-server.md + - PagerDuty: integration/action_library/pagerduty.md - Cloud Providers: - - AWS: integration/action_library/cloud_providers/aws.md - - Google: integration/action_library/cloud_providers/google.md - - Microsoft Azure: integration/action_library/cloud_providers/microsoft-azure.md + - AWS: integration/action_library/aws.md + - Google: integration/action_library/google.md - Collaboration Tools: - - Atlassian JIRA: integration/action_library/collaboration_tools/atlassian-jira.md - - Git: integration/action_library/collaboration_tools/git.md - - Github: integration/action_library/collaboration_tools/github.md - - ServiceNow: integration/action_library/collaboration_tools/servicenow.md - - TheHive: integration/action_library/collaboration_tools/the-hive.md + - Atlassian JIRA: integration/action_library/atlassian-jira.md + - Git: integration/action_library/git.md + - ServiceNow: integration/action_library/servicenow.md + - The Hive: integration/action_library/the-hive.md + - The Hive V5: integration/action_library/the-hive-v5.md - Email: - - Mimecast: integration/action_library/email/mimecast.md - - Vade Secure: integration/action_library/email/vade-secure.md + - Vade Secure: integration/action_library/vade-secure.md - Endpoint: - - CrowdStrike: integration/action_library/endpoint/crowdstrike.md - - CrowdStrike Falcon: integration/action_library/endpoint/crowdstrike-falcon.md - - Cybereason: integration/action_library/endpoint/cybereason.md - - HarfangLab: integration/action_library/endpoint/harfanglab.md - - Panda Security: integration/action_library/endpoint/panda-security.md - - SentinelOne: integration/action_library/endpoint/sentinelone.md - - SentinelOne DeepVisibility: integration/action_library/endpoint/sentinelonedeepvisibility.md - - Sophos: integration/action_library/endpoint/sophos.md - - TEHTRIS: integration/action_library/endpoint/tehtris.md - - Trellix: integration/action_library/endpoint/trellix.md - - Trend Micro: integration/action_library/endpoint/trend-micro.md - - WithSecure: integration/action_library/endpoint/withsecure.md + - CrowdStrike Falcon: integration/action_library/crowdstrike-falcon.md + - HarfangLab: integration/action_library/harfanglab.md + - Panda Security: integration/action_library/panda-security.md + - SentinelOne: integration/action_library/sentinelone.md + - Sophos: integration/action_library/sophos.md + - WithSecure: integration/action_library/withsecure.md - Generic: - - HTTP: integration/action_library/generic/http.md - - FileUtils: integration/action_library/generic/fileutils.md - - OpenAI: integration/action_library/generic/openai.md - - RSS: integration/action_library/generic/rss.md - - Sekoia: integration/action_library/generic/sekoia-io.md - - Utils: integration/action_library/generic/utils.md + - HTTP: integration/action_library/http.md + - OpenAI: integration/action_library/openai.md + - RSS: integration/action_library/rss.md + - Sekoia.io: integration/action_library/sekoia-io.md + - Utils: integration/action_library/utils.md - IAM: - - Duo: integration/action_library/iam/duo.md - - Jumpcloud Directory Insights: integration/action_library/iam/jumpcloud-directory-insights.md - - Microsoft Active Directory: integration/action_library/iam/microsoft-active-directory.md - - Microsoft Entra ID: integration/action_library/iam/microsoft-entra-id.md - - Microsoft Entra ID (Azure AD): integration/action_library/iam/intra_id.md - - Okta: integration/action_library/iam/okta.md + - Microsoft Active Directory: integration/action_library/microsoft-active-directory.md + - Microsoft Entra ID: integration/action_library/microsoft-entra-id.md - Network: - - Broadcom Cloud Secure Web Gateway: integration/action_library/network/broadcom-cloud-secure-web-gateway.md - - Cato Networks: integration/action_library/network/cato-networks.md - - Chec Point: integration/action_library/network/check-point.md - - Darktrace: integration/action_library/network/darktrace.md - - ExtraHop: integration/action_library/network/extrahop.md - - Fortigate Firewalls: integration/action_library/network/fortigate-firewalls.md - - Imperva: integration/action_library/network/imperva.md - - Lacework: integration/action_library/network/lacework.md - - Netskope: integration/action_library/network/netskope.md - - Skyhigh Security Secure Web Gateway: integration/action_library/network/skyhigh-security-secure-web-gateway-swg.md - - Skyhigh Security: integration/action_library/network/skyhigh-security.md - - Ubika: integration/action_library/network/ubika.md - - Vade Cloud: integration/action_library/network/vade-cloud.md - - Zscaler: integration/action_library/network/zscaler.md + - Fortigate Firewalls: integration/action_library/fortigate-firewalls.md + - Zscaler: integration/action_library/zscaler.md - Threat Intelligence: - - BinaryEdges API: integration/action_library/threat_intelligence/binaryedge-s-api.md - - Bitsight: integration/action_library/threat_intelligence/bitsight.md - - Censys: integration/action_library/threat_intelligence/censys.md - - Certificate Transparency: integration/action_library/threat_intelligence/certificate-transparency.md - - Detection Rules: integration/action_library/threat_intelligence/detection-rules.md - - Digital Shadows: integration/action_library/threat_intelligence/digital-shadows.md - - Glimps: integration/action_library/threat_intelligence/glimps.md - - IKnowWhatYouDownload: integration/action_library/threat_intelligence/iknowwhatyoudownload.md - - IPInfo: integration/action_library/threat_intelligence/ipinfo.md - - IPtoASN: integration/action_library/threat_intelligence/iptoasn.md - - MISP: integration/action_library/threat_intelligence/misp.md - - MWDB: integration/action_library/threat_intelligence/mwdb.md - - Nybble: integration/action_library/threat_intelligence/nybble.md - - OSINT: integration/action_library/threat_intelligence/osint.md - - Onyphe: integration/action_library/threat_intelligence/onyphe.md - - Public Suffix: integration/action_library/threat_intelligence/public-suffix.md - - RiskIQ: integration/action_library/threat_intelligence/riskiq.md - - Shodan: integration/action_library/threat_intelligence/shodan.md - - STIX: integration/action_library/threat_intelligence/stix.md - - Triage: integration/action_library/threat_intelligence/triage.md - - Tranco: integration/action_library/threat_intelligence/tranco.md - - VirusTotal: integration/action_library/threat_intelligence/virustotal.md - - Whois: integration/action_library/threat_intelligence/whois.md + - BinaryEdge's API: integration/action_library/binaryedge-s-api.md + - Censys: integration/action_library/censys.md + - Certificate Transparency: integration/action_library/certificate-transparency.md + - Detection Rules: integration/action_library/detection-rules.md + - Digital Shadows: integration/action_library/digital-shadows.md + - GLIMPS: integration/action_library/glimps.md + - IKnowWhatYouDownload: integration/action_library/iknowwhatyoudownload.md + - IPInfo: integration/action_library/ipinfo.md + - IPtoASN: integration/action_library/iptoasn.md + - MISP: integration/action_library/misp.md + - MWDB: integration/action_library/mwdb.md + - Nybble: integration/action_library/nybble.md + - OSINT: integration/action_library/osint.md + - Onyphe: integration/action_library/onyphe.md + - Public Suffix: integration/action_library/public-suffix.md + - RiskIQ: integration/action_library/riskiq.md + - Shodan: integration/action_library/shodan.md + - Tranco: integration/action_library/tranco.md + - Triage: integration/action_library/triage.md + - VirusTotal: integration/action_library/virustotal.md + - Whois: integration/action_library/whois.md - How to develop a new Integration: - Overview: integration/develop_integration/overview.md - Automation: @@ -639,6 +585,56 @@ plugins: develop/rest_api/operation_center/parser.md: xdr/develop/rest_api/parser.md develop/rest_api/playbooks.md: xdr/develop/rest_api/playbooks.md develop/rest_api/quickstart.md: xdr/develop/rest_api/quickstart.md + getting_started/2fa.md: getting_started/account_security.md + getting_started/apikey_creation.md: getting_started/manage_api_keys.md + getting_started/first_steps.md: getting_started/index.md + getting_started/inviting_users_to_join_your_community.md: getting_started/invite_users.md + intelligence_center.md: cti/index.md + intelligence_center/api.md: cti/develop/index.md + intelligence_center/dashboard.md: cti/features/monitor/dashboard.md + intelligence_center/data_export.md: cti/features/consume/export.md + intelligence_center/data_model.md: cti/features/data_model.md + intelligence_center/enricher.md: cti/features/consume/enrichers.md + intelligence_center/graph_explorations.md: cti/features/consume/graph_explorations.md + intelligence_center/integrations.md: cti/features/integrations/index.md + intelligence_center/integrations/anomali.md: cti/features/integrations/anomali.md + intelligence_center/integrations/microsoft-sentinel.md: cti/features/integrations/microsoft-sentinel.md + intelligence_center/integrations/misp.md: cti/features/integrations/misp.md + intelligence_center/integrations/opencti.md: cti/features/integrations/opencti.md + intelligence_center/integrations/splunk.md: cti/features/integrations/splunk.md + intelligence_center/integrations/thehive.md: cti/features/integrations/thehive.md + intelligence_center/intelligence.md: cti/features/consume/intelligence.md + intelligence_center/observables.md: cti/features/consume/observables.md + operation_center.md: xdr/index.md + operation_center/actions.md: xdr/features/automate/actions.md + operation_center/alerts.md: xdr/features/investigate/alerts.md + operation_center/assets.md: xdr/features/collect/assets.md + operation_center/cases.md: xdr/features/investigate/cases.md + operation_center/data_collection/ingestion_methods/sekoiaio.md: integration/categories/endpoint/sekoiaio.md + operation_center/entities.md: xdr/features/collect/entities.md + operation_center/events.md: xdr/features/investigate/events.md + operation_center/faq.md: xdr/FAQ.md + operation_center/intakes.md: xdr/features/collect/intakes.md + operation_center/operators.md: xdr/features/automate/operators.md + operation_center/playbook_overview.md: xdr/features/automate/index.md + operation_center/rules.md: xdr/features/detect/rules_catalog.md + operation_center/rules_catalog.md: xdr/features/detect/rules_catalog.md + operation_center/templates.md: xdr/features/detect/rules_catalog.md + operation_center/threat_exposition.md: xdr/features/report/dashboards.md + operation_center/triggers.md: xdr/features/automate/triggers.md + playbooks/actions.md: xdr/features/automate/actions.md + playbooks/operators.md: xdr/features/automate/operators.md + playbooks/overview.md: xdr/features/automate/index.md + playbooks/triggers.md: xdr/features/automate/triggers.md + searching/search_events.md: xdr/features/investigate/events.md + tip/develop/rest_api/identity_and_authentication.md: tip/develop/rest_api/community.md + user_center.md: getting_started/index.md + user_center/apikeys.md: getting_started/manage_api_keys.md + user_center/multi_factor_authentication.md: getting_started/account_security.md + xdr/develop/rest_api/identity_and_authentication.md: xdr/develop/rest_api/community.md + xdr/features/collect/ingestion_methods/https/format.md: integration/ingestion_methods/https/format.md + xdr/features/collect/ingestion_methods/index.md: integration/ingestion_methods/index.md + xdr/features/collect/ingestion_methods/sekoiaio_forwarder.md: integration/ingestion_methods/syslog/sekoiaio_forwarder.md xdr/features/collect/integrations/application/alsid.md: integration/categories/iam/alsid.md xdr/features/collect/integrations/application/apache.md: integration/categories/applicative/apache.md xdr/features/collect/integrations/application/bind.md: integration/categories/network/bind.md @@ -728,20 +724,22 @@ plugins: xdr/features/collect/integrations/endpoint/checkpoint_harmony_mobile.md: integration/categories/endpoint/checkpoint_harmony_mobile.md xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md: integration/categories/endpoint/crowdstrike_falcon.md xdr/features/collect/integrations/endpoint/crowdstrike_falcon_telemetry.md: integration/categories/endpoint/crowdstrike_falcon_telemetry.md - xdr/features/collect/integrations/endpoint/cybereason_malop_activity.md: integration/categories/endpoint/cybereason_malop_activity.md xdr/features/collect/integrations/endpoint/cybereason_malop.md: integration/categories/endpoint/cybereason_malop.md + xdr/features/collect/integrations/endpoint/cybereason_malop_activity.md: integration/categories/endpoint/cybereason_malop_activity.md xdr/features/collect/integrations/endpoint/darktrace_threat_visualizer.md: integration/categories/network_security/darktrace_threat_visualizer.md xdr/features/collect/integrations/endpoint/daspren_parad.md: integration/categories/network_security/daspren_parad.md xdr/features/collect/integrations/endpoint/eset_protect.md: integration/categories/endpoint/eset_protect.md xdr/features/collect/integrations/endpoint/harfanglab.md: integration/categories/endpoint/harfanglab.md xdr/features/collect/integrations/endpoint/ibm_aix.md: integration/categories/endpoint/ibm_aix.md xdr/features/collect/integrations/endpoint/ibm_i.md: integration/categories/endpoint/ibm_i.md - xdr/features/collect/integrations/endpoint/linux.md: integration/categories/endpoint/linux.md xdr/features/collect/integrations/endpoint/kaspersky_endpoint_security.md: integration/categories/endpoint/kaspersky_endpoint_security.md + xdr/features/collect/integrations/endpoint/linux.md: integration/categories/endpoint/linux.md xdr/features/collect/integrations/endpoint/log_insight_windows.md: integration/categories/endpoint/log_insight_windows.md xdr/features/collect/integrations/endpoint/microsoft_intune.md: integration/categories/endpoint/microsoft_intune.md xdr/features/collect/integrations/endpoint/paloalto_cortex_edr.md: integration/categories/endpoint/paloalto_cortex_edr.md xdr/features/collect/integrations/endpoint/panda_security_aether.md: integration/categories/endpoint/panda_security_aether.md + xdr/features/collect/integrations/endpoint/sekoiaio.md: integration/categories/endpoint/sekoiaio.md + xdr/features/collect/integrations/endpoint/sekoiaio/sekoiaio.md: integration/categories/endpoint/sekoiaio.md xdr/features/collect/integrations/endpoint/sentinelone.md: integration/categories/endpoint/sentinelone.md xdr/features/collect/integrations/endpoint/sophos_edr.md: integration/categories/endpoint/sophos_edr.md xdr/features/collect/integrations/endpoint/stormshield_endpoint.md: integration/categories/endpoint/stormshield_ses.md @@ -759,10 +757,10 @@ plugins: xdr/features/collect/integrations/endpoint/withsecure_elements.md: integration/categories/endpoint/withsecure_elements.md xdr/features/collect/integrations/generic/cef.md: integration/categories/generic/cef.md xdr/features/collect/integrations/generic/raw.md: integration/categories/generic/raw.md + xdr/features/collect/integrations/index.md: integration/categories/index.md xdr/features/collect/integrations/network/arubaos.md: integration/categories/network/arubaos.md xdr/features/collect/integrations/network/broadcom_edge_swg.md: integration/categories/network_security/broadcom_edge_swg.md xdr/features/collect/integrations/network/checkpoint.md: integration/categories/network_security/checkpoint.md - xdr/features/collect/integrations/network/clavister_ng_fw.md: integration/categories/network/clavister_ng_fw.md xdr/features/collect/integrations/network/cisco/cisco_asa.md: integration/categories/network_security/cisco_asa.md xdr/features/collect/integrations/network/cisco/cisco_identity_services_engine_ise.md: integration/categories/network_security/cisco_identity_services_engine_ise.md xdr/features/collect/integrations/network/cisco/cisco_ios.md: integration/categories/network/cisco_ios.md @@ -770,8 +768,9 @@ plugins: xdr/features/collect/integrations/network/cisco/cisco_nx_os.md: integration/categories/network/cisco_nx_os.md xdr/features/collect/integrations/network/cisco/cisco_wsa.md: integration/categories/network_security/cisco_wsa.md xdr/features/collect/integrations/network/citrix_netscaler_adc.md: integration/categories/network/citrix_netscaler_adc.md - xdr/features/collect/integrations/network/ekinops_oneos.md: integration/categories/network/ekinops_oneos.md + xdr/features/collect/integrations/network/clavister_ng_fw.md: integration/categories/network/clavister_ng_fw.md xdr/features/collect/integrations/network/efficientip_solidserver_ddi.md: integration/categories/network/efficientip_solidserver_ddi.md + xdr/features/collect/integrations/network/ekinops_oneos.md: integration/categories/network/ekinops_oneos.md xdr/features/collect/integrations/network/f5-big-ip.md: integration/categories/network/f5-big-ip.md xdr/features/collect/integrations/network/forcepoint_web_gateway.md: integration/categories/network/forcepoint_web_gateway.md xdr/features/collect/integrations/network/fortigate.md: integration/categories/network_security/fortigate.md @@ -800,60 +799,7 @@ plugins: xdr/features/collect/integrations/network/vectra.md: integration/categories/network_security/vectra.md xdr/features/collect/integrations/network/wallix.md: integration/categories/iam/wallix.md xdr/features/collect/integrations/network/watchguard_firebox.md: integration/categories/network_security/watchguard_firebox.md - xdr/features/collect/integrations/endpoint/sekoiaio/sekoiaio.md: integration/categories/endpoint/sekoiaio.md - xdr/features/collect/integrations/index.md: integration/categories/index.md - xdr/features/collect/integrations/endpoint/sekoiaio.md: integration/categories/endpoint/sekoiaio.md - xdr/features/collect/ingestion_methods/index.md: integration/ingestion_methods/index.md - xdr/features/collect/ingestion_methods/sekoiaio_forwarder.md: integration/ingestion_methods/syslog/sekoiaio_forwarder.md - xdr/features/collect/ingestion_methods/https/format.md: integration/ingestion_methods/https/format.md - getting_started/2fa.md: getting_started/account_security.md - getting_started/apikey_creation.md: getting_started/manage_api_keys.md - getting_started/first_steps.md: getting_started/index.md - getting_started/inviting_users_to_join_your_community.md: getting_started/invite_users.md - intelligence_center.md: cti/index.md - intelligence_center/api.md: cti/develop/index.md - intelligence_center/dashboard.md: cti/features/monitor/dashboard.md - intelligence_center/data_export.md: cti/features/consume/export.md - intelligence_center/data_model.md: cti/features/data_model.md - intelligence_center/enricher.md: cti/features/consume/enrichers.md - intelligence_center/graph_explorations.md: cti/features/consume/graph_explorations.md - intelligence_center/integrations.md: cti/features/integrations/index.md - intelligence_center/integrations/anomali.md: cti/features/integrations/anomali.md - intelligence_center/integrations/microsoft-sentinel.md: cti/features/integrations/microsoft-sentinel.md - intelligence_center/integrations/misp.md: cti/features/integrations/misp.md - intelligence_center/integrations/opencti.md: cti/features/integrations/opencti.md - intelligence_center/integrations/splunk.md: cti/features/integrations/splunk.md - intelligence_center/integrations/thehive.md: cti/features/integrations/thehive.md - intelligence_center/intelligence.md: cti/features/consume/intelligence.md - intelligence_center/observables.md: cti/features/consume/observables.md - operation_center.md: xdr/index.md - operation_center/actions.md: xdr/features/automate/actions.md - operation_center/alerts.md: xdr/features/investigate/alerts.md - operation_center/assets.md: xdr/features/collect/assets.md - operation_center/cases.md: xdr/features/investigate/cases.md - operation_center/entities.md: xdr/features/collect/entities.md - operation_center/events.md: xdr/features/investigate/events.md - operation_center/faq.md: xdr/FAQ.md - operation_center/intakes.md: xdr/features/collect/intakes.md - operation_center/operators.md: xdr/features/automate/operators.md - operation_center/playbook_overview.md: xdr/features/automate/index.md - operation_center/rules.md: xdr/features/detect/rules_catalog.md - operation_center/rules_catalog.md: xdr/features/detect/rules_catalog.md - operation_center/templates.md: xdr/features/detect/rules_catalog.md - operation_center/threat_exposition.md: xdr/features/report/dashboards.md - operation_center/triggers.md: xdr/features/automate/triggers.md - playbooks/actions.md: xdr/features/automate/actions.md - playbooks/operators.md: xdr/features/automate/operators.md - playbooks/overview.md: xdr/features/automate/index.md - playbooks/triggers.md: xdr/features/automate/triggers.md - searching/search_events.md: xdr/features/investigate/events.md - tip/develop/rest_api/identity_and_authentication.md: tip/develop/rest_api/community.md - user_center.md: getting_started/index.md - user_center/apikeys.md: getting_started/manage_api_keys.md - user_center/multi_factor_authentication.md: getting_started/account_security.md - xdr/develop/rest_api/identity_and_authentication.md: xdr/develop/rest_api/community.md xdr/features/investigate/dork_language.md: xdr/features/investigate/events_query_language.md - operation_center/data_collection/ingestion_methods/sekoiaio.md: integration/categories/endpoint/sekoiaio.md - redoc - intakes_by_uuid repo_url: https://github.com/SEKOIA-IO/documentation