Commit Graph

37 Commits

Author SHA1 Message Date
Naarcha-AWS b5fdaf2acd
Correct SA findings alerts API (#6179)
* Correct SA findings alerts API

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Apply suggestions from code review

Co-authored-by: Heather Halter <HDHALTER@AMAZON.COM>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Heather Halter <HDHALTER@AMAZON.COM>
2024-01-16 18:01:55 -06:00
kolchfa-aws 699cb9ac20
Change navigation for index pages of collections (#6039)
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
2024-01-04 14:55:05 -05:00
Naarcha-AWS b94f704b73
Fix Get Mappings example (#5670)
* Update mappings-api.md

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Update mappings-api.md

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-11-30 12:33:42 -06:00
Chris Moore 67cabe1ec5
Add documentation for config file settings (#4058)
* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 os.yml config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 os.yml config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 os.yml config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 os.yml config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 os.yml config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 os.yml config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#214 config file settings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Refactor settings documentation

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Add more settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* remove bad commits (#5505)

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Format security settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Add plugin settings and dashboards settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Specify json code highlighter

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Add gateway and network settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Change heading level

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Heading text change

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Fix link

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Add Notifications plugin settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Implemented tech review comments for search settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Rename directory and implement latest search setting review comment

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Remove non-existent ml circuit breaker settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Add file system and s3 settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Update nav order

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Add security analytics settings and specify static/dynamic for security settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Reword correlation time window

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Implemented tech review comments for network and discovery settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Apply suggestions from code review

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>

* Implemented editorial comments

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Clarify security settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Apply suggestions from code review

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>

* Update _install-and-configure/configuring-opensearch/security-settings.md

Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>

* Add cross links to static and dynamic settings

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Fix link

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: Fanit Kolchina <kolchfa@amazon.com>
Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
2023-11-16 16:33:15 -05:00
Heather Halter 9a33429c77
Update log-types.md (#5352)
Pls change “Security plugin” to “with security analytics” - as per Jimish

Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
2023-10-23 16:21:45 -07:00
Heather Halter b8c53f67c5
Adds documentation for log type categories (#5181)
* new log categories

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* fixed topic name in link

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* added log names to table

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* Update log-types.md

minor changes needed in the names would be Microsoft Azure for Azure,  Linux System logs instead of Sys logs

Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update log-types.md

Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* remove log name column

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* remove table column formatting

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* Update _security-analytics/sec-analytics-config/custom-log-type.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Apply suggestions from code review

Editorial updates.

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update log-types.md

Fixed case in table.

Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update log-types.md

Double-checked the UI and category names are capitalized.

Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/log-types.md

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

---------

Signed-off-by: Heather Halter <hdhalter@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: Nathan Bower <nbower@amazon.com>
2023-10-16 09:19:36 -07:00
Heather Halter 346c52dd2f
Add updates to creating a detector UX (#5176)
* detector draft

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* updated screen shots and fixed links

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* fix links

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* remove strange character

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* Update _security-analytics/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/usage/findings.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/detectors-config.md

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/sec-analytics-config/detectors-config.md

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _security-analytics/usage/findings.md

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* fixed substep formatting problem

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* Update _security-analytics/sec-analytics-config/detectors-config.md

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

---------

Signed-off-by: Heather Halter <hdhalter@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Nathan Bower <nbower@amazon.com>
2023-10-13 07:49:08 -07:00
Chris Moore 8ee9554998
Add a new table to list and describe supported log types for detector creation (#4946)
* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4945 add log types table

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-09-26 15:35:47 -07:00
Chris Moore e74831d6e8
Add documentation for automatic Alerting workflows from detector creation (#5003)
* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4999 auto alerting workflows

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-09-19 14:45:37 -07:00
Chris Moore dde7c02b8d
Add documentation that supports custom log types (#4969)
* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4741 custom logtype updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-09-19 14:36:56 -07:00
Chris Moore b9b21e1e30
Add documentation to provide a link from detector creation to detection rule creation in using rules docs (#4829)
* fix#4828 link to detection rule creation

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4828 link to detection rule creation

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4828 link to detection rule creation

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4828 link to detection rule creation

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-08-17 17:22:04 -07:00
kolchfa-aws c0f7315158
Update mappings-api.md (#4692)
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
2023-08-03 20:04:58 -04:00
Chris Moore 169f71427c
Fix correlation engine documentation by removing all instances of the experimental flag for 2.9 (#4635)
* fix#4631 correlation rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4631 correlation rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4631 correlation rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4631 correlation rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4631 correlation rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-07-25 14:03:50 -07:00
Chris Moore 837a0f5c89
Fix links in Alerting documentation and other for 2.9 release (#4606)
* fix#4056 fix links for 2.9

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4056 fix links for 2.9

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-07-24 10:56:07 -07:00
Chris Moore 22fd96e80b
Add documentation for detector rule creation updates (#4499)
* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4413 detection rule updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-07-19 17:44:07 -07:00
Chris Moore 49e8391d86
Add documentation for OCSF field mapping and correlation engine API (#4549)
* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* add missing param descriptions (#4555)

Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Revert "fix#4500 ocsf fields and api"

This reverts commit c6db296b2e30dd9e201cdf510d77e1af7335801d.

merge conflict with same edits on another branch#

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Revert "fix#4500 ocsf fields and api"

This reverts commit 7a70dc39644b5020685015245d755131c2264e03.

merge conflict with second branch
:wq

* Revert "fix#4500 ocsf fields and api"

This reverts commit ef13a74b403984e0c205a79119ec301f90b7dcc1.

* fix#4500 edits post merge conflict

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4500 ocsf fields and api

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
Co-authored-by: Subhobrata Dey <sbcd90@gmail.com>
2023-07-17 13:52:13 -07:00
Chris Moore 4f0fb7e9c6
Add documentation for Security Analytics UI updates for 2.8 (#4208)
* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4134 SecAnalytics UI updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-06-02 13:19:55 -07:00
Heather Halter ee7d1efd02
More redirects and spelling fixes (#4093)
* redirects and spelling

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* Update _observing-your-data/ad/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _observing-your-data/ad/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _search-plugins/knn/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

---------

Signed-off-by: Heather Halter <hdhalter@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-05-17 09:57:14 -07:00
Naarcha-AWS 1962ae96d4
Fix typo on correlation page (#4073)
* Fix typo on correlation page

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Update correlation-config.md

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-05-15 11:25:05 -05:00
astephanus 1fb5252cd6
Adds collections landing page configuration and navigation header linking (#3812)
* Adds collections landing page configuration and navigation header linking

Signed-off-by: Aaron Stephanus <taoist.futility@pm.me>

* Removes unnecessary collection property from the configuration.

Signed-off-by: Aaron Stephanus <taoist.futility@pm.me>

* Adds links to navigation collection headers to collection index pages based on the collection name

Signed-off-by: Aaron Stephanus <taoist.futility@pm.me>

* Hide index pages from view and add info to formatting guide

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

---------

Signed-off-by: Aaron Stephanus <taoist.futility@pm.me>
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
Co-authored-by: Fanit Kolchina <kolchfa@amazon.com>
2023-05-11 13:56:08 -04:00
Chris Moore cffae76ac2
Add correlation engine to Security Analytics documentation (#3814)
* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3566 correlation engine

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-05-02 10:36:27 -07:00
Chris Moore ede72716a5
Add Security information to Security Analytics documentation (#3184)
* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3183-sec-for-sec-a

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3183-sec-for-sec-a

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3183 for merge main

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3183 fixing links-breaking links

Signed-off-by: cwillum <cwmmoore@amazon.com>

* sec permissions for SA

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3183-sec-for-sec-a

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-04-05 09:53:30 -07:00
kolchfa-aws c9e372f053
Link fix (#3223)
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2023-03-06 11:41:22 -05:00
Chris Moore 7bc7f0e5e9
Add formatting fixes for Security Analytics (#3128)
* fix#3126-sec-analytics-formatting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3126-sec-analytics-formatting

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-02-28 16:16:45 -08:00
Chris Moore b49f5fcd76
Add documentation for log type updates in Security Analytics - pt. 2 (#3083)
* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6-II

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-02-28 10:13:59 -08:00
Chris Moore 2baa0aa05c
Add documentation for log type updates in Security Analytics (#3066)
* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3018-sec-analytics-2.6

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-02-24 16:14:44 -08:00
Chris Moore 07ff1abad6
fix#2061-detector-API-second-try (#2992)
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-02-21 09:38:55 -08:00
kolchfa-aws 3da7598c0c
Change sample to example (#2972)
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2023-02-20 11:34:20 -05:00
Chris Moore a6503a51ba
fix#2400-new-forum-link (#2568)
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-02-02 08:22:18 -08:00
Chris Moore 8b8d9685d7
Security Analytics—additional updates following 2.5 release (#2515)
* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Update _security-analytics/sec-analytics-config/detectors-config.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Update _security-analytics/sec-analytics-config/detectors-config.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-updates-revisit

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-01-31 17:58:14 -08:00
Chris Moore e98ee6d833
Update field mapping documentation for Security Analytics (#2422)
* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-field-mappings

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-01-23 10:31:46 -08:00
Chris Moore f89e111983
Updates to Security Analytics documentation (#2408)
* fix#2400-revisions-to-current

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-SecAnalytics-updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-SecAnalytics-updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-SecAnalytics-updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-SecAnalytics-updates

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-01-18 09:46:44 -08:00
Chris Moore e641a3bb0c
Add new Rules documentation that covers YAML Editor view (#2407)
* fix#2400-yaml-editor-rules

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-yaml-editor-rules

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2400-yaml-editor-rules

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-01-13 17:24:40 -08:00
Chris Moore 074963223d
fix#2399-SecAnalytics-remove-experi-flag (#2401)
Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-01-12 14:12:52 -08:00
Chris Moore 892c189685
Update index.md (#2081)
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2022-12-01 14:36:45 -08:00
Naarcha-AWS 74ce536233
Create OpenSearch documentation main section (#2080)
* Create OpenSearch documentation main section

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Fix dead links

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Fix Neural Search link

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Fix link text

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-12-01 16:25:02 -06:00
Chris Moore 605edd5ac3
Add documentation for Security Analytics plugin (#1824)
* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Delete admin-api.md

* Delete api-index.md

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics (#1901)

Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>

Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#939-sec-analytics

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
Co-authored-by: Subhobrata Dey <sbcd90@gmail.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2022-11-18 10:19:06 -08:00