diff --git a/_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md b/_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md new file mode 100644 index 0000000000..40f6490cd2 --- /dev/null +++ b/_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md @@ -0,0 +1,35 @@ +=== "Manual installation" + + !!! warning + The device code is valid during 10 minutes only + + 1. Log in the [Ubika console](https://console.ubika.io/) + 2. Execute the following command to get the device code + + ``` + curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device -d "client_id=rest-api" -d "grant_type=device" -d "scope=offline_access" + ``` + + 3. Copy the `user code`, provided in the response, and paste it [on the Ubika authentication](https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device) + 4. Copy the `device code`, provided in the curl response + 5. Execute the following command to get the `refresh token` + + ``` + curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/token -d "client_id=rest-api" -d "grant_type=urn:ietf:params:oauth:grant-type:device_code" -d "device_code=" + ``` + + 6. Copy the `refresh token` + +=== "With the script" + + 1. Log in the [Ubika console](https://console.ubika.io/) + 2. Save [the script](/assets/operation_center/integration_catalog/network_security/ubika/get_token.py) as `get_token.py` + 3. Create a virtual environment and execute the script + + ``` + python3 -m venv /tmp/venv + /tmp/venv/bin/pip install requests + /tmp/venv/bin/python3 get_token.py + ``` + + 4. Copy the `refresh token` diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md deleted file mode 100644 index e960768684..0000000000 --- a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md +++ /dev/null @@ -1,69 +0,0 @@ -uuid: e04c988c-cbb7-4b6a-8025-7b80a301ac28 -name: Ubika Cloud Protector Next Generation -type: intake - -## Overview - -Ubika Cloud Protector Next Generation offers cutting-edge security for cloud environments, leveraging artificial intelligence to detect and neutralize threats in real-time. Its user-friendly interface and seamless integration enhance overall cybersecurity, empowering businesses to safeguard their data effortlessly. Protect your cloud assets with unparalleled reliability and advanced defense capabilities. - -- **Vendor**:Ubika -- **Supported environment**: SaaS -- **Detection based on**: Alert -- **Supported application or feature**: Web application firewall logs - -## Configure - -### How to create refresh token - -=== "Manual installation" - - !!! warning - The device code is valid during 10 minutes only - - 1. Log in the [Ubika console](https://console.ubika.io/) - 2. Execute the following command to get the device code - - ``` - curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device -d "client_id=rest-api" -d "grant_type=device" -d "scope=offline_access" - ``` - - 3. Copy the `user code`, provided in the response, and paste it [on the Ubika authentication](https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device) - 4. Copy the `device code`, provided in the curl response - 5. Execute the following command to get the `refresh token` - - ``` - curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/token -d "client_id=rest-api" -d "grant_type=urn:ietf:params:oauth:grant-type:device_code" -d "device_code=" - ``` - - 6. Copy the `refresh token` - -=== "With the script" - - 1. Log in the [Ubika console](https://console.ubika.io/) - 2. Save [the script](/assets/operation_center/integration_catalog/network_security/ubika/get_token.py) as `get_token.py` - 3. Create a virtual environment and execute the script - - ``` - python3 -m venv /tmp/venv - /tmp/venv/bin/pip install requests - /tmp/venv/bin/python3 get_token.py - ``` - - 4. Copy the `refresh token` - - -### Create your intake - -1. Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the `Ubika Cloud Protector Next Generation`. -2. Set the intake account configuration with the `namespace` and `refresh token` from the `How to create refresh token` step - -### Enjoy your events on the [Events page](https://app.sekoia.io/operations/events) - -{!_shared_content/operations_center/integrations/generated/e04c988c-cbb7-4b6a-8025-7b80a301ac28_sample.md!} - - -{!_shared_content/integration/detection_section.md!} - -{!_shared_content/operations_center/detection/generated/suggested_rules_e04c988c-cbb7-4b6a-8025-7b80a301ac28_do_not_edit_manually.md!} -{!_shared_content/operations_center/integrations/generated/e04c988c-cbb7-4b6a-8025-7b80a301ac28.md!} - diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md new file mode 100644 index 0000000000..d9731a1009 --- /dev/null +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md @@ -0,0 +1,32 @@ +uuid: e04c988c-cbb7-4b6a-8025-7b80a301ac28 +name: Ubika Cloud Protector Next Generation Alerts +type: intake + +## Overview + +Ubika Cloud Protector Next Generation Alerts offers cutting-edge security for cloud environments, leveraging artificial intelligence to detect and neutralize threats in real-time. Its user-friendly interface and seamless integration enhance overall cybersecurity, empowering businesses to safeguard their data effortlessly. Protect your cloud assets with unparalleled reliability and advanced defense capabilities. + +- **Vendor**:Ubika +- **Supported environment**: SaaS +- **Detection based on**: Alert +- **Supported application or feature**: Web application firewall logs + +## Configure + +### How to create refresh token + +{!_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md!} + +### Create your intake + +1. Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the `Ubika Cloud Protector Next Generation Alerts`. +2. Set the intake account configuration with the `namespace` and `refresh token` from the `How to create refresh token` step + +### Enjoy your events on the [Events page](https://app.sekoia.io/operations/events) + +{!_shared_content/operations_center/integrations/generated/e04c988c-cbb7-4b6a-8025-7b80a301ac28_sample.md!} + +{!_shared_content/integration/detection_section.md!} + +{!_shared_content/operations_center/detection/generated/suggested_rules_e04c988c-cbb7-4b6a-8025-7b80a301ac28_do_not_edit_manually.md!} +{!_shared_content/operations_center/integrations/generated/e04c988c-cbb7-4b6a-8025-7b80a301ac28.md!} diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md new file mode 100644 index 0000000000..fe13f727e3 --- /dev/null +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md @@ -0,0 +1,35 @@ +uuid: 19527522-2653-45dd-acea-49ae725bb435 +name: Ubika Cloud Protector Next Generation Traffic Logs +type: intake + +## Overview + +Ubika Cloud Protector's Next Generation Traffic Logs feature gives organizations real-time visibility into every byte of network activity across their cloud environments. This detailed traffic intelligence empowers teams to optimize network operations and swiftly detect—and respond to—unusual behavior before it impacts their infrastructure. + +!!! Warning + Important note - This format is currently in beta. We highly value your feedback to improve its performance. + +- **Vendor**: Ubika +- **Supported environment**: SaaS +- **Detection based on**: Telemetry +- **Supported application or feature**: Web application firewall logs + +## Configure + +### How to create refresh token + +{!_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md!} + +### Create your intake + +1. Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the `Ubika Cloud Protector Next Generation Traffic Logs`. +2. Set the intake account configuration with the `namespace` and `refresh token` from the `How to create refresh token` step + +### Enjoy your events on the [Events page](https://app.sekoia.io/operations/events) + +{!_shared_content/operations_center/integrations/generated/19527522-2653-45dd-acea-49ae725bb435_sample.md!} + +{!_shared_content/integration/detection_section.md!} + +{!_shared_content/operations_center/detection/generated/suggested_rules_19527522-2653-45dd-acea-49ae725bb435_do_not_edit_manually.md!} +{!_shared_content/operations_center/integrations/generated/19527522-2653-45dd-acea-49ae725bb435.md!} diff --git a/mkdocs.yml b/mkdocs.yml index 39aa8a80c3..7681a08637 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -496,7 +496,8 @@ nav: - Trellix ePO: integration/categories/network_security/trellix_epo.md - Trellix ePO - On Prem: integration/categories/network_security/trellix_epo_on_prem.md - Trend Micro Deep Security / Workload Security: integration/categories/network_security/trend_micro_deep_security.md - - Ubika Cloud Protector Next Generation: integration/categories/network_security/ubika_cloud_protector_next_gen.md + - Ubika Cloud Protector Next Generation Alerts: integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md + - Ubika Cloud Protector Next Generation Traffic Logs: integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md - Ubika WAAP Gateway: integration/categories/network_security/ubika_waap.md - Umbrella IP Logs: integration/categories/network_security/umbrella_ip.md - Umbrella Proxy Logs: integration/categories/network_security/umbrella_proxy.md @@ -845,6 +846,7 @@ plugins: xdr/features/collect/integrations/network/watchguard_firebox.md: integration/categories/network_security/watchguard_firebox.md xdr/features/investigate/dork_language.md: xdr/features/investigate/events_query_language.md integration/categories/network/beyondtrust_pra_sessions.md: integration/categories/iam/beyondtrust_pra_sessions.md + integration/categories/network_security/ubika_cloud_protector_next_gen.md: integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md - integration_by_uuid - sass repo_url: https://github.com/SEKOIA-IO/documentation