From ffa69a45bdab7ae2b67dd1b7f23d88d45bf8ed55 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Wed, 19 Jul 2023 10:19:31 -0300 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Sandra Ocando --- source/cloud-security/gcp/supported-services/access_logs.rst | 2 +- source/cloud-security/github/monitoring-github-activity.rst | 4 ++-- .../office365/monitoring-office365-activity.rst | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/source/cloud-security/gcp/supported-services/access_logs.rst b/source/cloud-security/gcp/supported-services/access_logs.rst index 68019e8fde..1449687fa7 100644 --- a/source/cloud-security/gcp/supported-services/access_logs.rst +++ b/source/cloud-security/gcp/supported-services/access_logs.rst @@ -10,7 +10,7 @@ Usage logs & storage logs Google Cloud Storage offers `usage logs and storage logs `__, also known as access logs, in the form of CSV files that can be downloaded. Usage logs provide information for all of the requests made on a specified bucket and are created hourly. Storage logs provide information about the storage consumption of that bucket for the last day and are created daily. Once set up, usage logs and storage logs are automatically created as new objects in the specified bucket. -To process Storage and Access logs, Wazuh makes use of the **gcp-bucket** module. To configure manager and agent, check the :doc:`/user-manual/reference/ossec-conf/index` documentation. You can find information regarding the configuration of this module in the :ref:`gcp-bucket configuration reference `. +To process Storage and Access logs, Wazuh makes use of the ``gcp-bucket`` module. Configure the ``gcp-bucket`` module either in the Wazuh manager or the Wazuh agent. To do so, modify the :doc:`ossec.conf ` configuration file. Check the :ref:`gcp-bucket configuration reference ` to learn more. Setting up log delivery to a Google Cloud Storage bucket diff --git a/source/cloud-security/github/monitoring-github-activity.rst b/source/cloud-security/github/monitoring-github-activity.rst index ff82b70ddd..c0a2cde5bd 100644 --- a/source/cloud-security/github/monitoring-github-activity.rst +++ b/source/cloud-security/github/monitoring-github-activity.rst @@ -38,7 +38,7 @@ Wazuh configuration Next, we will see the options we have to configure for the Wazuh integration. -Proceed to configure the ``github`` module in the Wazuh manager or in the Wazuh agent. To configure manager and agent, check the :doc:`/user-manual/reference/ossec-conf/index` documentation. We will use the data that we took previously as the **organization name** and the **PATs**. Through the following configuration, Wazuh is ready to search for logs created by GitHub audit-log. In this case, we will search only the type of ``git`` events within an interval of ``1m``. Those logs will be only those that were created after the module was started: +Configure the ``github`` module either in the Wazuh manager or the Wazuh agent. To do so, modify the :doc:`ossec.conf ` configuration file. We will use the data that we took previously as the **organization name** and the **PATs**. Through the following configuration, Wazuh is ready to search for logs created by GitHub audit-log. In this case, we will search only the type of ``git`` events within an interval of ``1m``. Those logs will be only those that were created after the module was started: .. code-block:: xml @@ -57,7 +57,7 @@ Proceed to configure the ``github`` module in the Wazuh manager or in the Wazuh -Check :ref:`github-module` reference documentation for the module references. +To learn more, check the :ref:`github-module` module reference. Using the configuration mentioned above, we will see an example of monitoring GitHub activity. diff --git a/source/cloud-security/office365/monitoring-office365-activity.rst b/source/cloud-security/office365/monitoring-office365-activity.rst index 54dcf3290b..890c794dc4 100644 --- a/source/cloud-security/office365/monitoring-office365-activity.rst +++ b/source/cloud-security/office365/monitoring-office365-activity.rst @@ -106,7 +106,7 @@ Wazuh configuration Next, we will see the options we have to configure for the Wazuh integration. -Proceed to configure the ``office365`` module in the Wazuh manager or in the Wazuh agent. To configure manager and agent, check the :doc:`/user-manual/reference/ossec-conf/index` documentation. Through the following configuration, Wazuh is ready to search for logs created by Office 365 audit-log. In this case, we will only search for the ``Audit.SharePoint`` type events within an interval of ``1m``. Those logs will be only those that were created after the module was started: +Configure the ``office365`` module either in the Wazuh manager or the Wazuh agent. To do so, modify the :doc:`ossec.conf ` configuration file. Through the following configuration, Wazuh is ready to search for logs created by Office 365 audit-log. In this case, we will only search for the ``Audit.SharePoint`` type events within an interval of ``1m``. Those logs will be only those that were created after the module was started: .. code-block:: xml @@ -125,7 +125,7 @@ Proceed to configure the ``office365`` module in the Wazuh manager or in the Waz -Check :ref:`office365-module` reference documentation for the module references. +To learn more, check the :ref:`office365-module` module reference. Using the configuration mentioned above, we will see an example of monitoring Office 365 activity.