Refresh intakes documentation

Author: sekoia-io-cross-repo-comm-app[bot]

_shared_content/operations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd.md

@@ -1397,6 +1397,54 @@ This section demonstrates how the raw logs will be transformed by our parsers. I
 	```
 
 
+=== "test_drive_sample3.json"
+
+    ```json
+	
+    {
+        "message": "{\"kind\": \"admin#reports#activity\", \"id\": {\"time\": \"2025-02-18T17:10:20.317Z\", \"uniqueQualifier\": \"-12345678\", \"applicationName\": \"drive\", \"customerId\": \"CUSTO1\"}, \"etag\": \"\\\"ABCDEF123\\\"\", \"actor\": {\"email\": \"\", \"profileId\": \"105250506097979753968\"}, \"events\": [{\"type\": \"access\", \"name\": \"sheets_import_range\", \"parameters\": [{\"name\": \"primary_event\", \"boolValue\": true}, {\"name\": \"billable\", \"boolValue\": false}, {\"name\": \"sheets_import_range_recipient_doc\", \"value\": \"123qwerty456\"}, {\"name\": \"owner_is_shared_drive\", \"boolValue\": true}, {\"name\": \"owner_team_drive_id\", \"value\": \"asdf678\"}, {\"name\": \"owner\", \"value\": \"johndoe\"}, {\"name\": \"doc_id\", \"value\": \"zxcv890\"}, {\"name\": \"doc_type\", \"value\": \"spreadsheet\"}, {\"name\": \"is_encrypted\", \"boolValue\": false}, {\"name\": \"doc_title\", \"value\": \"TPS report\"}, {\"name\": \"visibility\", \"value\": \"people_with_link\"}, {\"name\": \"shared_drive_id\", \"value\": \"asdf678\"}, {\"name\": \"actor_is_collaborator_account\", \"boolValue\": false}, {\"name\": \"owner_is_team_drive\", \"boolValue\": true}, {\"name\": \"team_drive_id\", \"value\": \"asdf678\"}]}]}",
+        "event": {
+            "action": "sheets_import_range",
+            "category": [
+                "file"
+            ],
+            "dataset": "admin#reports#activity",
+            "type": [
+                "access"
+            ]
+        },
+        "@timestamp": "2025-02-18T17:10:20.317000Z",
+        "cloud": {
+            "account": {
+                "id": "CUSTO1"
+            }
+        },
+        "file": {
+            "gid": "asdf678",
+            "name": "TPS report",
+            "owner": "johndoe",
+            "type": "spreadsheet"
+        },
+        "google": {
+            "report": {
+                "parameters": {
+                    "visibility": "people_with_link"
+                }
+            }
+        },
+        "network": {
+            "application": "drive"
+        },
+        "related": {
+            "user": [
+                "johndoe"
+            ]
+        }
+    }
+    	
+	```
+
+
 === "test_drive_view_document.json"
 
     ```json
@@ -1559,6 +1607,45 @@ This section demonstrates how the raw logs will be transformed by our parsers. I
 	```
 
 
+=== "test_groups_enterprise_1.json"
+
+    ```json
+	
+    {
+        "message": "{\"kind\": \"admin#reports#activity\", \"id\": {\"time\": \"2025-02-18T16:00:24.311Z\", \"uniqueQualifier\": \"-123456\", \"applicationName\": \"groups_enterprise\", \"customerId\": \"CUSTOMER1\"}, \"etag\": \"\\\"ABCDEF123\\\"\", \"actor\": {\"callerType\": \"KEY\", \"key\": \"SYSTEM\"}, \"events\": [{\"type\": \"moderator_action\", \"name\": \"remove_user\", \"parameters\": [{\"name\": \"member_id\", \"value\": \"[email protected]\"}, {\"name\": \"group_id\", \"value\": \"[email protected]\"}, {\"name\": \"member_type\", \"value\": \"user\"}]}, {\"type\": \"moderator_action\", \"name\": \"remove_member\", \"parameters\": [{\"name\": \"member_id\", \"value\": \"[email protected]\"}, {\"name\": \"group_id\", \"value\": \"[email protected]\"}, {\"name\": \"member_type\", \"value\": \"user\"}]}]}",
+        "event": {
+            "action": [
+                "remove_member",
+                "remove_user"
+            ],
+            "category": [
+                "iam"
+            ],
+            "dataset": "admin#reports#activity",
+            "type": [
+                "admin"
+            ]
+        },
+        "@timestamp": "2025-02-18T16:00:24.311000Z",
+        "cloud": {
+            "account": {
+                "id": "CUSTOMER1"
+            }
+        },
+        "network": {
+            "application": "groups_enterprise"
+        },
+        "user": {
+            "email": "[email protected]",
+            "group": {
+                "id": "[email protected]"
+            }
+        }
+    }
+    	
+	```
+
+
 === "test_groups_entre_sample1.json"
 
     ```json

_shared_content/operations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd_sample.md

@@ -1718,6 +1718,96 @@ In this section, you will find examples of raw logs as generated natively by the
 
 
 
+=== "test_drive_sample3"
+
+
+    ```json
+	{
+        "kind": "admin#reports#activity",
+        "id": {
+            "time": "2025-02-18T17:10:20.317Z",
+            "uniqueQualifier": "-12345678",
+            "applicationName": "drive",
+            "customerId": "CUSTO1"
+        },
+        "etag": "\"ABCDEF123\"",
+        "actor": {
+            "email": "",
+            "profileId": "105250506097979753968"
+        },
+        "events": [
+            {
+                "type": "access",
+                "name": "sheets_import_range",
+                "parameters": [
+                    {
+                        "name": "primary_event",
+                        "boolValue": true
+                    },
+                    {
+                        "name": "billable",
+                        "boolValue": false
+                    },
+                    {
+                        "name": "sheets_import_range_recipient_doc",
+                        "value": "123qwerty456"
+                    },
+                    {
+                        "name": "owner_is_shared_drive",
+                        "boolValue": true
+                    },
+                    {
+                        "name": "owner_team_drive_id",
+                        "value": "asdf678"
+                    },
+                    {
+                        "name": "owner",
+                        "value": "johndoe"
+                    },
+                    {
+                        "name": "doc_id",
+                        "value": "zxcv890"
+                    },
+                    {
+                        "name": "doc_type",
+                        "value": "spreadsheet"
+                    },
+                    {
+                        "name": "is_encrypted",
+                        "boolValue": false
+                    },
+                    {
+                        "name": "doc_title",
+                        "value": "TPS report"
+                    },
+                    {
+                        "name": "visibility",
+                        "value": "people_with_link"
+                    },
+                    {
+                        "name": "shared_drive_id",
+                        "value": "asdf678"
+                    },
+                    {
+                        "name": "actor_is_collaborator_account",
+                        "boolValue": false
+                    },
+                    {
+                        "name": "owner_is_team_drive",
+                        "boolValue": true
+                    },
+                    {
+                        "name": "team_drive_id",
+                        "value": "asdf678"
+                    }
+                ]
+            }
+        ]
+    }
+    ```
+
+
+
 === "test_drive_view_document"
 
 
@@ -2212,6 +2302,66 @@ In this section, you will find examples of raw logs as generated natively by the
 
 
 
+=== "test_groups_enterprise_1"
+
+
+    ```json
+	{
+        "kind": "admin#reports#activity",
+        "id": {
+            "time": "2025-02-18T16:00:24.311Z",
+            "uniqueQualifier": "-123456",
+            "applicationName": "groups_enterprise",
+            "customerId": "CUSTOMER1"
+        },
+        "etag": "\"ABCDEF123\"",
+        "actor": {
+            "callerType": "KEY",
+            "key": "SYSTEM"
+        },
+        "events": [
+            {
+                "type": "moderator_action",
+                "name": "remove_user",
+                "parameters": [
+                    {
+                        "name": "member_id",
+                        "value": "[email protected]"
+                    },
+                    {
+                        "name": "group_id",
+                        "value": "[email protected]"
+                    },
+                    {
+                        "name": "member_type",
+                        "value": "user"
+                    }
+                ]
+            },
+            {
+                "type": "moderator_action",
+                "name": "remove_member",
+                "parameters": [
+                    {
+                        "name": "member_id",
+                        "value": "[email protected]"
+                    },
+                    {
+                        "name": "group_id",
+                        "value": "[email protected]"
+                    },
+                    {
+                        "name": "member_type",
+                        "value": "user"
+                    }
+                ]
+            }
+        ]
+    }
+    ```
+
+
+
 === "test_groups_entre_sample1"
 
 

_shared_content/operations_center/integrations/generated/07c0cac8-f68f-11ea-adc1-0242ac120002.md

@@ -91,6 +91,78 @@ This section demonstrates how the raw logs will be transformed by our parsers. I
 	```
 
 
+=== "accept_ok_v5.json"
+
+    ```json
+	
+    {
+        "message": "5 1234567890 eni-1235b8ca123456789 5.6.7.8 1.2.3.4 50188 4433 6 1 44 1739865042 1739865042 ACCEPT OK vpc-1 subnet-1 - 2 IPv4 5.6.7.8 1.2.3.4 eu-west-1 euw1-az2 - - - - ingress -",
+        "event": {
+            "category": [
+                "network"
+            ],
+            "end": "2025-02-18T07:50:42Z",
+            "outcome": "ok",
+            "start": "2025-02-18T07:50:42Z"
+        },
+        "@timestamp": "2025-02-18T07:50:42Z",
+        "action": {
+            "name": "accept",
+            "outcome": "ok",
+            "target": "network-traffic",
+            "type": "forward"
+        },
+        "aws": {
+            "flowlogs": {
+                "subnet": {
+                    "id": "subnet-1"
+                },
+                "tcp_flags": 2,
+                "vpc": {
+                    "id": "vpc-1"
+                }
+            }
+        },
+        "cloud": {
+            "account": {
+                "id": "1234567890"
+            },
+            "provider": "aws"
+        },
+        "destination": {
+            "address": "1.2.3.4",
+            "ip": "1.2.3.4",
+            "port": 4433
+        },
+        "network": {
+            "iana_number": "6",
+            "transport": "tcp"
+        },
+        "observer": {
+            "ingress": {
+                "interface": {
+                    "name": "eni-1235b8ca123456789"
+                }
+            }
+        },
+        "related": {
+            "ip": [
+                "1.2.3.4",
+                "5.6.7.8"
+            ]
+        },
+        "source": {
+            "address": "5.6.7.8",
+            "bytes": 44,
+            "ip": "5.6.7.8",
+            "packets": 1,
+            "port": 50188
+        }
+    }
+    	
+	```
+
+
 === "accept_structured.json"
 
     ```json
@@ -173,6 +245,17 @@ This section demonstrates how the raw logs will be transformed by our parsers. I
             "target": "network-traffic",
             "type": "forward"
         },
+        "aws": {
+            "flowlogs": {
+                "subnet": {
+                    "id": "subnet-aaaaaaaa012345678"
+                },
+                "tcp_flags": 0,
+                "vpc": {
+                    "id": "vpc-abcdefab012345678"
+                }
+            }
+        },
         "cloud": {
             "account": {
                 "id": "424805057484"
@@ -300,6 +383,7 @@ This section demonstrates how the raw logs will be transformed by our parsers. I
                 "subnet": {
                     "id": "subnet-0123456789abcdefg"
                 },
+                "tcp_flags": 3,
                 "vpc": {
                     "id": "vpc-0123456789abcdefg"
                 }
@@ -518,6 +602,7 @@ The following table lists the fields that are extracted, normalized under the EC
 |`action.target` | `keyword` | The target of the action |
 |`action.type` | `keyword` | The type of the action |
 |`aws.flowlogs.subnet.id` | `keyword` | The ID of the subnet |
+|`aws.flowlogs.tcp_flags` | `number` | TCP flags |
 |`aws.flowlogs.vpc.id` | `keyword` | The ID of the VPC |
 |`cloud.account.id` | `keyword` | The cloud account or organization id. |
 |`cloud.instance.id` | `keyword` | Instance ID of the host machine. |

_shared_content/operations_center/integrations/generated/07c0cac8-f68f-11ea-adc1-0242ac120002_sample.md

@@ -13,6 +13,15 @@ In this section, you will find examples of raw logs as generated natively by the
 
 
 
+=== "accept_ok_v5"
+
+
+    ```json
+	5 1234567890 eni-1235b8ca123456789 5.6.7.8 1.2.3.4 50188 4433 6 1 44 1739865042 1739865042 ACCEPT OK vpc-1 subnet-1 - 2 IPv4 5.6.7.8 1.2.3.4 eu-west-1 euw1-az2 - - - - ingress -
+    ```
+
+
+
 === "accept_structured"