Merge pull request #338 from logzio/siem-updates-dec

SIEM - Updating main page and links

docs/_include/account-info/log-management.md

@@ -78,7 +78,6 @@ Choose the sub account name, retention, and volume options if relevant. On the r
 | **Save account utilization metrics** | Logs metrics on your account utilization, such as used and expected data volume at current indexing rate (GB). |
 | **Save log size** | Adds the logSizeEnabled field to each log, stating the log's size. |
 | **Use dashboards, visualizations, and saved searches from these accounts** | Choose the main account from which these elements will be visible on the sub account. Useful if you want to be able to access your main account's data from this sub account. |
-{:.paramlist}
 
 Click **Apply** to create the sub account.
 

docs/shipping/AWS/aws-kinesis-firehose.md

@@ -81,8 +81,9 @@ Give the stack a few minutes to be deployed.
 
 Once new logs are added to your chosen log group, they will be sent to your Logz.io account.
 
+:::caution Important
 If you've used the `services` field, you'll have to **wait 6 minutes** before creating new log groups for your chosen services. This is due to cold start and custom resource invocation, that can cause the Lambda to behave unexpectedly.
-{:.info-box.important}
+:::
 
 ##### Check Logz.io for your logs
 

docs/shipping/Azure/azure-activity-logs.md

@@ -67,15 +67,15 @@ Make sure to use the settings shown below.
 |---|---|
 | Resource group | Click **Create new**. Give a meaningful **Name**, such as "logzioEventHubIntegration", and then click **OK**. |
 | Location | Choose the same region as the Azure services that will stream data to this Event Hub. |
-{:.paramlist}
+
 
 #### In the SETTINGS section
 
 | Parameter | Description |
 |---|---|
 | Logs listener host | Use the listener host for your logs account region. For more information on finding your account's region, see Account region. |
 | Logs account token | Use the [token](https://app.logz.io/#/dashboard/settings/general) of the logs account you want to ship to. |
-{:.paramlist}
+
 
 At the bottom of the page, select **I agree to the terms and conditions stated above**, and then click **Purchase** to deploy.
 

docs/shipping/GCP/gcp-stackdriver.md

@@ -152,7 +152,6 @@ Click here for more information about [filebeat for Google Cloud Pub/Sub](https:
 | pubsubs | This is an array of one or more GCP subscriptions. For each subscription, provide topic and subscription IDs, as given from Pub/Sub. |
 | token | Your Logz.io shipping token. For each project under `pubsubs`. Replace `<<LOG-SHIPPING-TOKEN>>` with the [token](https://app.logz.io/#/dashboard/settings/general) of the account you want to ship to. You can send your logs to different accounts that are in the same region, you can do that by inserting a different token per project.  |
 | credentials_file (Not required, Default value: `'<project_id>-credentials.json'`) | This field is only required if your credentials file is named differently than the default value. For an example of adding this field go to [input example file](https://github.com/logzio/logzio-pubsub/blob/master/pubsub-input-example.yml). |
-{:.paramlist}
 
 #### Pull the Docker image
 

docs/user-guide/cloud-siem/index.md

@@ -1,6 +1,9 @@
 ---
 sidebar_position: 2
 title: Getting Started with Cloud SIEM
+image: https://dytvr9ot2sszz.cloudfront.net/logz-docs/social-assets/docs-social.jpg
+description: Meet Logz.io's Cloud SIEM platform; security analytics for identifying, investigating, and remediating threats.
+keywords: [SIEM, Cloud Security, Security, Security information, event management]
 ---
 
 Logz.io Cloud SIEM combines the power of OpenSearch Dashboards with advanced security analytics tools
@@ -9,26 +12,28 @@ to help you identify, investigate, and remediate threats quickly and efficiently
 To open your Cloud SIEM account,
 click **SIEM** in the navigation menu.
 
-![Logz.io Cloud SIEM](https://dytvr9ot2sszz.cloudfront.net/logz-docs/siem/siem-overview-new-nav.png)
+![Logz.io Cloud SIEM](https://dytvr9ot2sszz.cloudfront.net/logz-docs/siem/siem-main-navigation-dec.png)
 
-**A.** Summary: The summary dashboard shows the last 24 hours of security events affecting your systems. [Learn more about investigating events](/user-guide/cloud-siem/security-events.html)
+**A.** **Summary**: The summary dashboard shows the last 24 hours of security events affecting your systems. [Learn more about investigating events](/docs/user-guide/cloud-siem/investigate-events/security-events/).
 
-**B.** Rules
+**B.** [**Event Management**](https://app.logz.io/#/dashboard/security/event-management)
+: Cloud SIEM has an integrated platform for security events management where you can view security events that have occured, edit them, and assign a security rule to a team member. [Learn more](/docs/user-guide/cloud-siem/quick-guide/manage-security-events). 
+
+**C.** [**Rules**](https://app.logz.io/#/dashboard/security/rules/rule-definitions)
 : Manage your SIEM's preconfigured rules, or add your own.
   When a security rule triggers, a security event is logged
-  and written to the relevant dashboards as well as the Summary and Threats dashboards. [Learn more](/user-guide/cloud-siem/manage-security-rules.html)
+  and written to the relevant dashboards as well as the Summary and Threats dashboards. [Learn more](/docs/user-guide/cloud-siem/security-rules/manage-security-rules/).
 
-**C.** Dashboards
-: Your Cloud SIEM is pre-loaded with a large library of dashboards curated by Logz.io. [Learn more](/user-guide/cloud-siem/understanding-your-security-logs.html)
+**D.** **[Dashboards](https://app.logz.io/#/dashboard/security/research/discover/)**
+: Your Cloud SIEM is pre-loaded with a large library of dashboards curated by Logz.io. [Learn more](/docs/user-guide/cloud-siem/investigate-events/understanding-your-security-logs/).
 
-**D.** Threats Overview & Threat Intelligence feeds
-: The Threats dashboard shows you potential threats by correlating your logs with lists of known threats using public and private threat feeds. [Learn more](/user-guide/cloud-siem/threat-intelligence.html)
+**E.** **[Threats Overview](https://app.logz.io/#/dashboard/security/threats/overview) & [Threat Intelligence feeds](https://app.logz.io/#/dashboard/security/threats/threat-intelligence-feeds)**
+: The Threats dashboard shows you potential threats by correlating your logs with lists of known threats using public and private threat feeds. [Learn more](/docs/user-guide/cloud-siem/threat-intelligence/).
 
-**E.** OpenSearch Dashboards
-: Use OpenSearch Dashboards to drill down into your logs, or select dashboards to review events by specific Security products. Your Cloud SIEM is pre-loaded with a large library of dashboards curated by Logz.io. [Learn more](/user-guide/cloud-siem/understanding-your-security-logs.html)
+**F.** [**OpenSearch Dashboards**](https://app.logz.io/#/dashboard/security/research/discover/)
+: Use OpenSearch Dashboards to drill down into your logs, or select dashboards to review events by specific Security products. Your Cloud SIEM is pre-loaded with a large library of dashboards curated by Logz.io. [Learn more](/docs/user-guide/cloud-siem/investigate-events/understanding-your-security-logs).
 
-**F.** Reports
-: Schedule dashboards to be sent out as reports on a regular basis. [Learn more](/user-guide/cloud-siem/dashboards/)
-{:.letter-labels}
+**G.** **[Reports](https://app.logz.io/#/dashboard/scheduled-reports)**
+: Schedule dashboards to be sent out as reports on a regular basis. [Learn more](/docs/user-guide/cloud-siem/dashboards/).
 
 

docs/user-guide/k8s-360/overview.md

@@ -152,12 +152,12 @@ At the bottom of the quick view menu's **Pods** tab, you'll find a list of all p
 In addition, you can browse through the following tabs:
 
 ### Deployment Logs View
-{:.no_toc}
+
 
 **Logs** include the time, log level, and message for each log in this deployment. You can search for specific logs using the search bar, which supports free text and Lucene queries. 
 
 ### Deployment Metrics View
-{:.no_toc}
+
 
 The **Metrics** tab presents useful data in graph form, including:
 
@@ -171,7 +171,7 @@ The **Metrics** tab presents useful data in graph form, including:
 * Received & Transmitted Bytes
 
 ### Deployment Traces View
-{:.no_toc}
+
 
 The **Traces** tab includes all of the spans in this deployment, including the following:
 
@@ -188,7 +188,7 @@ For each tab, you can change the time frame chosen by clicking on the date bar a
 
 <!-- 
 ### Deployment quick view
-{:.no_toc}
+
 
 A **deployment** quick view includes the following fields:
 
@@ -208,19 +208,19 @@ A **deployment** quick view includes the following fields:
 
 <!--
 ### Deployment Pods View
-{:.no_toc}
+
 
 At the bottom of the quick view menu's **Pods** tab, you'll find a list of all pods related to this node. The table includes each pod's status, the number of containers they’re in, and how much CPU and memory they use. Clicking on one of the pods will lead you to that pod's quick view menu. 
 
 In addition, you can browse through the following tabs:
 
 ### Deployment Logs View
-{:.no_toc}
+
 
 **Logs** include the time, log level, and message for each log in this deployment. You can search for specific logs using the search bar, which supports free text and Lucene queries. 
 
 ### Deployment Metrics View
-{:.no_toc}
+
 
 The **Metrics** tab presents useful data in graph form, including:
 
@@ -234,7 +234,7 @@ The **Metrics** tab presents useful data in graph form, including:
 * Received & Transmitted Bytes
 
 ### Deployment Traces View
-{:.no_toc}
+
 
 The **Traces** tab includes all of the spans in this deployment, including the following:
 
@@ -249,7 +249,7 @@ For each tab, you can change the time frame chosen by clicking on the date bar a
 
 
 ### Node quick view
-{:.no_toc}
+
 
 A node quick view menu includes the following fields: 
 
@@ -268,19 +268,19 @@ A node quick view menu includes the following fields:
 At the top of the quick view menu, there are links that can take you directly to the relevant logs (**See Logs**), open Logz.io's Livetail for quick troubleshooting (**Open Livetail**), or see the relevant metrics (**See Metrics**).
 
 ### Node Pods View
-{:.no_toc}
+
 
 At the bottom of the quick view menu's **Pods** tab, you'll find a list of all pods related to this node. The table includes each pod's status, the number of containers they’re in, and how much CPU and memory they use. Clicking on one of the pods will lead you to that pod's quick view menu. 
 
 In addition, you can browse through the following tabs:
 
 ### Node Logs View
-{:.no_toc}
+
 
 **Logs** include the time, log level, and message for each log in this node. You can search for specific logs using the search bar, which supports free text and Lucene queries. 
 
 ### Node Metrics View
-{:.no_toc}
+
 
 The third tab, **Metrics**, presents useful data in graph form, including:
 
@@ -295,7 +295,7 @@ The third tab, **Metrics**, presents useful data in graph form, including:
 * Memory usage per pod
 
 ### Node Traces View
-{:.no_toc}
+
 
 The **Traces** tab includes all of the spans in this deployment, including the following:
 
@@ -310,7 +310,7 @@ For each tab, you can change the time frame chosen by clicking on the date bar a
 
 
 ### Pod quick view
-{:.no_toc}
+
 
 Click on a pod to access its quick view menu and gain access to this additional information:
 
@@ -335,12 +335,12 @@ Click on a pod to access its quick view menu and gain access to this additional
 At the top of the quick view menu, there are links that can take you directly to the relevant logs (**See Logs**), open Logz.io's Livetail for quick troubleshooting (**Open Livetail**), or see the relevant metrics (**See Metrics**).
 
 ### Pod Logs View
-{:.no_toc}
+
 
 At the bottom of the quick view menu's **Logs** tab you can review all relevant logs with their timestamp, log level, and message for each one. You can search for specific logs using the search bar, which supports free text and Lucene queries. 
 
 ### Pod Metrics View
-{:.no_toc}
+
 
 The **Metrics** tab presents useful data in graph form, including:
 
@@ -353,7 +353,7 @@ The **Metrics** tab presents useful data in graph form, including:
 * Pod dropped packets
 
 ### Pod Traces View
-{:.no_toc}
+
 
 And the **Traces** tab includes all of the spans in this deployment, including the following:
 
@@ -367,7 +367,6 @@ And the **Traces** tab includes all of the spans in this deployment, including t
 For each tab, you can change the time frame chosen by clicking on the date bar at the top.
 
 ### Dameonset, Statefulset, and Job quick view
-{:.no_toc}
 
 All 3 views include the following information as part of their quick view menu:
 
@@ -383,19 +382,19 @@ All 3 views include the following information as part of their quick view menu:
 At the top of the quick view menu, there are links that can take you directly to the relevant metrics (**See Metrics**).
 
 ### Dameonset, Statefulset, and Job Pods View
-{:.no_toc}
+
 
 At the bottom of the quick view menu's **Pods** tab, you'll find a list of all pods related to this node. The table includes each pod's status, the number of containers they’re in, and how much CPU and memory they use. Clicking on one of the pods will lead you to that pod's quick view menu. 
 
 In addition, you can browse through the following tabs:
 
 ### Dameonset, Statefulset, and Job Logs View
-{:.no_toc}
+
 
 **Logs** include the time, log level, and message for each log in this node. You can search for specific logs using the search bar, which supports free text and Lucene queries. 
 
 ### Dameonset, Statefulset, and Job Metrics View
-{:.no_toc}
+
 
 The **Metrics** tab presents useful data in graph form, including:
 
@@ -408,7 +407,7 @@ The **Metrics** tab presents useful data in graph form, including:
 * Received & Transmitted Bytes
 
 ### Dameonset, Statefulset, and Job Traces View
-{:.no_toc}
+
 
 The **Traces** tab includes all of the spans in this deployment, including the following:
 
@@ -493,7 +492,7 @@ To activate the **Go to Commit** button, go to **your app or service** and add t
 
 
 <!-- ##### Locate
-{:.no_toc}
+
 
 To re-focus your view, click the **Locate** button at the top of the quick view menu. This will scroll back to the specific deployment, node, or pod you're investigating.
 
@@ -502,7 +501,7 @@ To re-focus your view, click the **Locate** button at the top of the quick view
 <!-- ![Locate button](https://dytvr9ot2sszz.cloudfront.net/logz-docs/k360/locate-button.gif)-->
 
 <!-- ##### Logs tab
-{:.no_toc}
+
 
 Nodes and pods quick view menu has an additional **Logs** tab containing a table with all the logs related to the chosen node or pod. The table includes the total number of logs, the time they were ingested, the log level, and its message.
 

docs/user-guide/log-management/cold-tier.md

@@ -123,6 +123,6 @@ Otherwise, you can update your plan and adjust your daily volume on the [Plan an
 
 
 <!-- ###### Additional resources
-{:.no_toc}
+
 
 * [Read more](https://logz.io/blog/kibana-advanced/) about creating and running advanced searches in OpenSearch Dashboards.  -->

docs/user-guide/telemetry-collector/azure-native-integration.md

@@ -13,7 +13,7 @@ Azure Native Integration offers a fast and efficient way to sync your Azure data
 Azure may **charge additional fees** for using this integration. [Read more about Azure API costs](https://azure.microsoft.com/en-us/pricing/details/api-management/).
 :::
 
-## Set up Azure Native Integration 
+## Set up Azure Native Integration in Azure 
 
 
 ### Create a new app in Azure
@@ -32,7 +32,7 @@ In your main app screen, click on **Add a certificate or secret**.
 
 Next, create a **New client secret**. Give it a description and choose the expiration date, such as the 730 days option. Click **Add** to create the secret.
 
-Copy your secret's **Value** and save if for later use. This is needed to complete the setup process with Logz.io.
+Copy your secret's **Value** and save it for later use. This is needed to complete the setup process with Logz.io.
 
 :::caution Important
 Client secret values **cannot be viewed except immediately after creation**. Be sure to save the secret when created before leaving the page. If you didn't keep the value, create a new client secret to continue the setup process.
@@ -67,7 +67,7 @@ Azure Native Integration collects metrics data by default. If you wish to collec
 1. [Create a workspace in Azure](https://learn.microsoft.com/en-us/azure/machine-learning/quickstart-create-resources?view=azureml-api-2)
 2. Ship logs to your log analytics workspace via Diagnostic Settings / Data Collection Rules / Application Insights
 
-You must configure your logs through the relevant settings according to your Azure account. Once configured, Logz.io can collect and monitor the desired logs.
+You must configure your logs through the relevant settings based on your Azure account. Once configured, Logz.io can collect and monitor the desired logs.
 
 For example, if you have a **Kubernetes service**, you can configure your logs via Diagnostic Settings.
 
@@ -108,9 +108,9 @@ Once your Azure app is ready, navigate to Logz.io to continue the setup process.
 
 ### Setup Azure Native Integration integration
 
-Open **[Logz.io > Send data > Telemetry Collector](https://app.logz.io/#/dashboard/send-your-data/agent/new)** and Choose Azure.
+Open **[Logz.io > Integration hub](https://app.logz.io/#/dashboard/integrations/collectors)** and Choose Azure.
 
-![Azure telemetry collector](https://dytvr9ot2sszz.cloudfront.net/logz-docs/fetcher/choose-azure-cloud.png)
+![Azure telemetry collector](https://dytvr9ot2sszz.cloudfront.net/logz-docs/telemetry-agent/quick-setup-azure-dec.png)
 
 
 ### Enter your credentials
@@ -128,7 +128,7 @@ Next, select the resource type you'd like to send. You can select **All services
 
 Click **Next** to continue.
 
-![Enter Azure details](https://dytvr9ot2sszz.cloudfront.net/logz-docs/fetcher/configure-azure-fetcher.png)
+![Enter Azure details](https://dytvr9ot2sszz.cloudfront.net/logz-docs/fetcher/azure-telemetry-dec.png)
 
 ### Finish setting up your collector
 
@@ -140,7 +140,7 @@ Click **Generate collector** to continue.
 
 To get started with Azure Native Integration, toggle the **Enable Connection** on. You might have to wait a few minutes to see your data.
 
-![Toggle fetcher](https://dytvr9ot2sszz.cloudfront.net/logz-docs/fetcher/toggle-fetcher.png)
+![Toggle fetcher](https://dytvr9ot2sszz.cloudfront.net/logz-docs/fetcher/azure-telemetry-finalize-dec.png)
 
 If you encounter an error and can't enable the connection, click **Advanced settings** to return to the configuration screen and verify the values you've entered are correct.
 

docusaurus.config.js

@@ -4,6 +4,7 @@
 const lightCodeTheme = require('prism-react-renderer/themes/github');
 const darkCodeTheme = require('prism-react-renderer/themes/dracula');
 
+
 /** @type {import('@docusaurus/types').Config} */
 const config = {
   title: 'Logz.io Docs',
@@ -234,7 +235,7 @@ const config = {
       },
       prism: {
         theme: lightCodeTheme,
-        darkTheme: darkCodeTheme,
+        //darkTheme: darkCodeTheme.dracula,
       },
     }),
 };