From 7432c0178905ed829c6b71d6701ec68b321ac938 Mon Sep 17 00:00:00 2001 From: Clement Burtscher Date: Fri, 15 May 2026 16:10:34 +0200 Subject: [PATCH 1/5] Add documentation for Ubika Cloud Protector Next Generation Traffic Logs --- ...a_cloud_protector_next_gen_traffic_logs.md | 35 +++++++++++++++++++ mkdocs.yml | 1 + 2 files changed, 36 insertions(+) create mode 100644 docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md new file mode 100644 index 0000000000..c139c67ddd --- /dev/null +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md @@ -0,0 +1,35 @@ +uuid: 19527522-2653-45dd-acea-49ae725bb435 +name: Ubika Cloud Protector Next Generation Traffic Logs +type: intake + +## Overview + +Ubika Cloud Protector's Next Generation Traffic Logs feature gives organizations real-time visibility into every byte of network activity across their cloud environments. This detailed traffic intelligence empowers teams to optimize network operations and swiftly detect—and respond to—unusual behavior before it impacts their infrastructure. + +- **Vendor**:Ubika +- **Supported environment**: SaaS +- **Detection based on**: Telemetry +- **Supported application or feature**: Web application firewall logs + +## Configure + +### How to create refresh token + +See [Ubika Cloud Protector Next Generation](https://docs.sekoia.io/integration/categories/network_security/ubika_cloud_protector_next_gen/) + + +### Create your intake + +1. Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the `Ubika Cloud Protector Next Generation Traffic Logs`. +2. Set the intake account configuration with the `namespace` and `refresh token` from the `How to create refresh token` step + +### Enjoy your events on the [Events page](https://app.sekoia.io/operations/events) + +{!_shared_content/operations_center/integrations/generated/19527522-2653-45dd-acea-49ae725bb435_sample.md!} + + +{!_shared_content/integration/detection_section.md!} + +{!_shared_content/operations_center/detection/generated/suggested_rules_19527522-2653-45dd-acea-49ae725bb435_do_not_edit_manually.md!} +{!_shared_content/operations_center/integrations/generated/19527522-2653-45dd-acea-49ae725bb435.md!} + diff --git a/mkdocs.yml b/mkdocs.yml index 39aa8a80c3..9794d07c2d 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -497,6 +497,7 @@ nav: - Trellix ePO - On Prem: integration/categories/network_security/trellix_epo_on_prem.md - Trend Micro Deep Security / Workload Security: integration/categories/network_security/trend_micro_deep_security.md - Ubika Cloud Protector Next Generation: integration/categories/network_security/ubika_cloud_protector_next_gen.md + - Ubika Cloud Protector Next Generation Traffic Logs: integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md - Ubika WAAP Gateway: integration/categories/network_security/ubika_waap.md - Umbrella IP Logs: integration/categories/network_security/umbrella_ip.md - Umbrella Proxy Logs: integration/categories/network_security/umbrella_proxy.md From 989565961372819e04a45752b16832bd268e8848 Mon Sep 17 00:00:00 2001 From: Clement Burtscher Date: Fri, 15 May 2026 16:19:27 +0200 Subject: [PATCH 2/5] Fix formatting --- .../ubika_cloud_protector_next_gen_traffic_logs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md index c139c67ddd..fe0b8df5ad 100644 --- a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md @@ -6,7 +6,7 @@ type: intake Ubika Cloud Protector's Next Generation Traffic Logs feature gives organizations real-time visibility into every byte of network activity across their cloud environments. This detailed traffic intelligence empowers teams to optimize network operations and swiftly detect—and respond to—unusual behavior before it impacts their infrastructure. -- **Vendor**:Ubika +- **Vendor**: Ubika - **Supported environment**: SaaS - **Detection based on**: Telemetry - **Supported application or feature**: Web application firewall logs From 89aef16ed4db007d62f0a7e4fc0fc719069e648c Mon Sep 17 00:00:00 2001 From: Clement Burtscher Date: Wed, 20 May 2026 16:54:46 +0200 Subject: [PATCH 3/5] Share section between connectors, add warning for beta --- ..._cloud_protector_next_gen_refresh_token.md | 35 +++++++++++++++++ .../ubika_cloud_protector_next_gen.md | 39 +------------------ ...a_cloud_protector_next_gen_traffic_logs.md | 8 ++-- 3 files changed, 40 insertions(+), 42 deletions(-) create mode 100644 _shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md diff --git a/_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md b/_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md new file mode 100644 index 0000000000..40f6490cd2 --- /dev/null +++ b/_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md @@ -0,0 +1,35 @@ +=== "Manual installation" + + !!! warning + The device code is valid during 10 minutes only + + 1. Log in the [Ubika console](https://console.ubika.io/) + 2. Execute the following command to get the device code + + ``` + curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device -d "client_id=rest-api" -d "grant_type=device" -d "scope=offline_access" + ``` + + 3. Copy the `user code`, provided in the response, and paste it [on the Ubika authentication](https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device) + 4. Copy the `device code`, provided in the curl response + 5. Execute the following command to get the `refresh token` + + ``` + curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/token -d "client_id=rest-api" -d "grant_type=urn:ietf:params:oauth:grant-type:device_code" -d "device_code=" + ``` + + 6. Copy the `refresh token` + +=== "With the script" + + 1. Log in the [Ubika console](https://console.ubika.io/) + 2. Save [the script](/assets/operation_center/integration_catalog/network_security/ubika/get_token.py) as `get_token.py` + 3. Create a virtual environment and execute the script + + ``` + python3 -m venv /tmp/venv + /tmp/venv/bin/pip install requests + /tmp/venv/bin/python3 get_token.py + ``` + + 4. Copy the `refresh token` diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md index e960768684..91b41ea42c 100644 --- a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md @@ -15,42 +15,7 @@ Ubika Cloud Protector Next Generation offers cutting-edge security for cloud env ### How to create refresh token -=== "Manual installation" - - !!! warning - The device code is valid during 10 minutes only - - 1. Log in the [Ubika console](https://console.ubika.io/) - 2. Execute the following command to get the device code - - ``` - curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device -d "client_id=rest-api" -d "grant_type=device" -d "scope=offline_access" - ``` - - 3. Copy the `user code`, provided in the response, and paste it [on the Ubika authentication](https://login.ubika.io/auth/realms/main/protocol/openid-connect/auth/device) - 4. Copy the `device code`, provided in the curl response - 5. Execute the following command to get the `refresh token` - - ``` - curl https://login.ubika.io/auth/realms/main/protocol/openid-connect/token -d "client_id=rest-api" -d "grant_type=urn:ietf:params:oauth:grant-type:device_code" -d "device_code=" - ``` - - 6. Copy the `refresh token` - -=== "With the script" - - 1. Log in the [Ubika console](https://console.ubika.io/) - 2. Save [the script](/assets/operation_center/integration_catalog/network_security/ubika/get_token.py) as `get_token.py` - 3. Create a virtual environment and execute the script - - ``` - python3 -m venv /tmp/venv - /tmp/venv/bin/pip install requests - /tmp/venv/bin/python3 get_token.py - ``` - - 4. Copy the `refresh token` - +{!_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md!} ### Create your intake @@ -61,9 +26,7 @@ Ubika Cloud Protector Next Generation offers cutting-edge security for cloud env {!_shared_content/operations_center/integrations/generated/e04c988c-cbb7-4b6a-8025-7b80a301ac28_sample.md!} - {!_shared_content/integration/detection_section.md!} {!_shared_content/operations_center/detection/generated/suggested_rules_e04c988c-cbb7-4b6a-8025-7b80a301ac28_do_not_edit_manually.md!} {!_shared_content/operations_center/integrations/generated/e04c988c-cbb7-4b6a-8025-7b80a301ac28.md!} - diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md index fe0b8df5ad..fe13f727e3 100644 --- a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md @@ -6,6 +6,9 @@ type: intake Ubika Cloud Protector's Next Generation Traffic Logs feature gives organizations real-time visibility into every byte of network activity across their cloud environments. This detailed traffic intelligence empowers teams to optimize network operations and swiftly detect—and respond to—unusual behavior before it impacts their infrastructure. +!!! Warning + Important note - This format is currently in beta. We highly value your feedback to improve its performance. + - **Vendor**: Ubika - **Supported environment**: SaaS - **Detection based on**: Telemetry @@ -15,8 +18,7 @@ Ubika Cloud Protector's Next Generation Traffic Logs feature gives organizations ### How to create refresh token -See [Ubika Cloud Protector Next Generation](https://docs.sekoia.io/integration/categories/network_security/ubika_cloud_protector_next_gen/) - +{!_shared_content/operations_center/integrations/ubika_cloud_protector_next_gen_refresh_token.md!} ### Create your intake @@ -27,9 +29,7 @@ See [Ubika Cloud Protector Next Generation](https://docs.sekoia.io/integration/c {!_shared_content/operations_center/integrations/generated/19527522-2653-45dd-acea-49ae725bb435_sample.md!} - {!_shared_content/integration/detection_section.md!} {!_shared_content/operations_center/detection/generated/suggested_rules_19527522-2653-45dd-acea-49ae725bb435_do_not_edit_manually.md!} {!_shared_content/operations_center/integrations/generated/19527522-2653-45dd-acea-49ae725bb435.md!} - From c0dcdfe2702b6cb402b2c4dfbef62d5dd2ea335f Mon Sep 17 00:00:00 2001 From: Clement Burtscher Date: Thu, 21 May 2026 15:41:34 +0200 Subject: [PATCH 4/5] Rename legacy next gen connector --- ...next_gen.md => ubika_cloud_protector_next_gen_alerts.md} | 6 +++--- mkdocs.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) rename docs/integration/categories/network_security/{ubika_cloud_protector_next_gen.md => ubika_cloud_protector_next_gen_alerts.md} (69%) diff --git a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md similarity index 69% rename from docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md rename to docs/integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md index 91b41ea42c..d9731a1009 100644 --- a/docs/integration/categories/network_security/ubika_cloud_protector_next_gen.md +++ b/docs/integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md @@ -1,10 +1,10 @@ uuid: e04c988c-cbb7-4b6a-8025-7b80a301ac28 -name: Ubika Cloud Protector Next Generation +name: Ubika Cloud Protector Next Generation Alerts type: intake ## Overview -Ubika Cloud Protector Next Generation offers cutting-edge security for cloud environments, leveraging artificial intelligence to detect and neutralize threats in real-time. Its user-friendly interface and seamless integration enhance overall cybersecurity, empowering businesses to safeguard their data effortlessly. Protect your cloud assets with unparalleled reliability and advanced defense capabilities. +Ubika Cloud Protector Next Generation Alerts offers cutting-edge security for cloud environments, leveraging artificial intelligence to detect and neutralize threats in real-time. Its user-friendly interface and seamless integration enhance overall cybersecurity, empowering businesses to safeguard their data effortlessly. Protect your cloud assets with unparalleled reliability and advanced defense capabilities. - **Vendor**:Ubika - **Supported environment**: SaaS @@ -19,7 +19,7 @@ Ubika Cloud Protector Next Generation offers cutting-edge security for cloud env ### Create your intake -1. Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the `Ubika Cloud Protector Next Generation`. +1. Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the `Ubika Cloud Protector Next Generation Alerts`. 2. Set the intake account configuration with the `namespace` and `refresh token` from the `How to create refresh token` step ### Enjoy your events on the [Events page](https://app.sekoia.io/operations/events) diff --git a/mkdocs.yml b/mkdocs.yml index 9794d07c2d..ec258da172 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -496,7 +496,7 @@ nav: - Trellix ePO: integration/categories/network_security/trellix_epo.md - Trellix ePO - On Prem: integration/categories/network_security/trellix_epo_on_prem.md - Trend Micro Deep Security / Workload Security: integration/categories/network_security/trend_micro_deep_security.md - - Ubika Cloud Protector Next Generation: integration/categories/network_security/ubika_cloud_protector_next_gen.md + - Ubika Cloud Protector Next Generation Alerts: integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md - Ubika Cloud Protector Next Generation Traffic Logs: integration/categories/network_security/ubika_cloud_protector_next_gen_traffic_logs.md - Ubika WAAP Gateway: integration/categories/network_security/ubika_waap.md - Umbrella IP Logs: integration/categories/network_security/umbrella_ip.md From dbb40bc1a1b4b72d38e435c3d154aeca11176ba1 Mon Sep 17 00:00:00 2001 From: Sebastien Quioc Date: Thu, 21 May 2026 18:32:34 +0200 Subject: [PATCH 5/5] fix(Ubika): add redirection after renaming --- mkdocs.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/mkdocs.yml b/mkdocs.yml index ec258da172..7681a08637 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -846,6 +846,7 @@ plugins: xdr/features/collect/integrations/network/watchguard_firebox.md: integration/categories/network_security/watchguard_firebox.md xdr/features/investigate/dork_language.md: xdr/features/investigate/events_query_language.md integration/categories/network/beyondtrust_pra_sessions.md: integration/categories/iam/beyondtrust_pra_sessions.md + integration/categories/network_security/ubika_cloud_protector_next_gen.md: integration/categories/network_security/ubika_cloud_protector_next_gen_alerts.md - integration_by_uuid - sass repo_url: https://github.com/SEKOIA-IO/documentation