Typo: archived -> archive

source/cloud-service/apis/index.rst

@@ -8,7 +8,7 @@
 Wazuh Cloud API
 ===============
 
-Wazuh Cloud provides a Wazuh Cloud API that allows you to perform some operations with your cloud environments, such as downloading archived data.
+Wazuh Cloud provides a Wazuh Cloud API that allows you to perform some operations with your cloud environments, such as downloading archive data.
 
 This section provides information on the following:
 

source/cloud-service/archived-data/access.rst → source/cloud-service/archive-data/access.rst

@@ -1,25 +1,25 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
 .. meta::
-  :description: Wazuh provides two types of storage for your data: indexed and archived. Learn more about the archived data in this section. 
+  :description: Wazuh provides two types of storage for your data: indexed and archive. Learn more about the archive data in this section. 
 
-.. _cloud_archived_data_access:
+.. _cloud_archive_data_access:
 
 Access
 ======
 
-To access your archived data, you need an AWS token that grants permission on the AWS S3 bucket of your environment. This token can be generated using the Wazuh Cloud API.
+To access your archive data, you need an AWS token that grants permission on the AWS S3 bucket of your environment. This token can be generated using the Wazuh Cloud API.
 
    .. note::
-      See the :doc:`Wazuh Cloud CLI </cloud-service/cli/index>` section to learn how to list and download your archived data automatically.
+      See the :doc:`Wazuh Cloud CLI </cloud-service/cli/index>` section to learn how to list and download your archive data automatically.
 
 
-The following example describes the steps to follow to list the files of your archived data:
+The following example describes the steps to follow to list the files of your archive data:
 
 
 1. Before your start using the Wazuh Cloud API, you need an API key. To generate your API key, see the :ref:`Authentication <cloud_apis_auth>` section.
 
-2. Use the ``POST /storage/token`` endpoint of the :cloud-api-ref:`Wazuh Cloud API <tag/storage>` to get the AWS token and access the archived data of a specific environment. In this example, we generate an AWS token valid for 3600 seconds for environment `0123456789ab`.
+2. Use the ``POST /storage/token`` endpoint of the :cloud-api-ref:`Wazuh Cloud API <tag/storage>` to get the AWS token and access the archive data of a specific environment. In this example, we generate an AWS token valid for 3600 seconds for environment `0123456789ab`.
 
    .. code-block::
 
@@ -61,4 +61,4 @@ The following example describes the steps to follow to list the files of your ar
       
       $ aws --profile wazuh_cloud_storage --region us-east-1 s3 ls wazuh-cloud-cold-us-east-1/0123456789ab
 
-You now have access to your archived data.
+You now have access to your archive data.

source/cloud-service/archive-data/configuration.rst

@@ -0,0 +1,25 @@
+.. Copyright (C) 2015, Wazuh, Inc.
+
+.. meta::
+  :description: Wazuh provides two types of storage for your data: indexed and archive. Learn more about the archive data in this section. 
+
+
+Configuration
+=============
+
+Your environment is configured by default to send Wazuh output files to archive data.
+
+
+There are two Wazuh output files in JSON format:
+
+- ``/var/ossec/logs/archives/archives.json``: If  you set ``logall_json`` to ``yes``, Wazuh stores all events in this file and sends it to archive data, regardless of whether they triggered an alert.
+
+- ``/var/ossec/logs/alerts/alerts.json``: This file contains only events that tripped a rule with high enough priority, according to a configurable threshold. This is always sent to archive data.
+
+Both files are delivered to archive data as soon as they are rotated and compressed. This process usually takes between 10 and 30 minutes from the moment the event is received.
+
+The oldest files in the archive data are rotated based on the **archive data** setting.
+
+.. note::
+
+  Files with a ``.log`` extension are never sent to archive data.

source/cloud-service/archived-data/filename-format.rst → source/cloud-service/archive-data/filename-format.rst

@@ -1,13 +1,13 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
 .. meta::
-  :description: Wazuh provides two types of storage for your data: indexed and archived. Learn more about the archived data in this section. 
+  :description: Wazuh provides two types of storage for your data: indexed and archive. Learn more about the archive data in this section. 
 
 
 Filename format
 ===============
 
-The files are stored in a directory structure that indicates the date and time the file was delivered to the archived data.
+The files are stored in a directory structure that indicates the date and time the file was delivered to the archive data.
 
 The main path follows this format:
 

source/cloud-service/archived-data/index.rst → source/cloud-service/archive-data/index.rst

@@ -2,17 +2,17 @@
 
 
 .. meta::
-  :description: Wazuh provides two types of storage for your data: indexed and archived. Learn more about the archived data in this section. 
+  :description: Wazuh provides two types of storage for your data: indexed and archive. Learn more about the archive data in this section. 
 
-Archived data
+Archive data
 =============
 
 Wazuh provides two types of storage for your data:
 
 -  **Indexed data**, formerly known as hot storage.
--  **Archived data**, formerly known as cold storage.
+-  **Archive data**, formerly known as cold storage.
 
-When Wazuh ingests and indexes events from agents, the data becomes searchable and analyzable in the Wazuh WUI. This information is stored in indexed data, which is limited by your :ref:`indexed data retention and indexed data capacity <cloud_settings_indexed_data>` (formerly known as tier) settings. Simultaneously, the data is sent to archived data with a maximum delay of 30 minutes after initial processing by Wazuh. Archived data is stored in an AWS S3 bucket, allowing you to store logs for extended periods and meet compliance requirements. Additionally, you can reindex the data to other environments for further investigations.
+When Wazuh ingests and indexes events from agents, the data becomes searchable and analyzable in the Wazuh WUI. This information is stored in indexed data, which is limited by your :ref:`indexed data retention and indexed data capacity <cloud_settings_indexed_data>` (formerly known as tier) settings. Simultaneously, the data is sent to archive data with a maximum delay of 30 minutes after initial processing by Wazuh. Archive data is stored in an AWS S3 bucket, allowing you to store logs for extended periods and meet compliance requirements. Additionally, you can reindex the data to other environments for further investigations.
 
 Environment example for data storage
 ------------------------------------
@@ -21,13 +21,13 @@ This example environment is configured with the following settings:
 
 - Indexed data retention: 3 months
 - Indexed data capacity (formerly known as tier): 100 GB
-- Archived data: 1 year
+- Archive data: 1 year
 
-Assuming that Wazuh ingests 5GB of data daily, with 20% of events generating alerts, it indexes 1GB per day. In this scenario, the indexed data can retain alerts for up to 100 days (1GB per day - 100GB), but it will be rotated to maintain only 3 months of data as specified in the indexed data retention setting. However, all information from the past year is still accessible in the archived data according to the archived data setting.
+Assuming that Wazuh ingests 5GB of data daily, with 20% of events generating alerts, it indexes 1GB per day. In this scenario, the indexed data can retain alerts for up to 100 days (1GB per day - 100GB), but it will be rotated to maintain only 3 months of data as specified in the indexed data retention setting. However, all information from the past year is still accessible in the archive data according to the archive data setting.
 
-This configuration ensures that recent alerts are readily available in the indexed data, while older data is securely stored in the archived data for compliance and historical purposes.
+This configuration ensures that recent alerts are readily available in the indexed data, while older data is securely stored in the archive data for compliance and historical purposes.
 
-For more information about the archived data feature in the Wazuh Cloud service, please refer to the following sections:
+For more information about the archive data feature in the Wazuh Cloud service, please refer to the following sections:
 
 .. toctree::
   :maxdepth: 1

source/cloud-service/cli/index.rst

@@ -76,10 +76,10 @@ A non-default location can be specified for the config file by setting the `WAZU
 Examples
 --------
 
-Getting S3 token for archived data
+Getting S3 token for archive data
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-This command generates an AWS token to access the archived data of the environment with Cloud ID `012345678ab`.
+This command generates an AWS token to access the archive data of the environment with Cloud ID `012345678ab`.
 
 .. code-block:: console
 
@@ -94,10 +94,10 @@ This command generates an AWS token to access the archived data of the environme
   aws_secret_access_key = A...E
   aws_session_token = F...Q==
 
-Listing archived data
+Listing archive data
 ^^^^^^^^^^^^^^^^^^^^^
 
-This command lists the archived data files of the environment `012345678ab` between the specified dates.
+This command lists the archive data files of the environment `012345678ab` between the specified dates.
 
 .. code-block:: console
 
@@ -109,10 +109,10 @@ This command lists the archived data files of the environment `012345678ab` betw
   Environment '012345678ab' files from 2021-05-07 to 2021-05-07:
   012345678ab/output/alerts/2021/05/07/012345678ab_output_alerts_20210507T1040_mXSoDTf5Pgyr8b8D.json.gz
 
-Downloading archived data
+Downloading archive data
 ^^^^^^^^^^^^^^^^^^^^^^^^^
 
-This command downloads in the `/home/test` directory the archived data files of the environment `012345678ab` between the specified dates.
+This command downloads in the `/home/test` directory the archive data files of the environment `012345678ab` between the specified dates.
 
 .. code-block:: console
 

source/cloud-service/getting-started/starting-faq.rst

@@ -33,7 +33,7 @@ Cloud service FAQ
 
 - `What is the indexed data?`_
 
-- `What is the archived data?`_
+- `What is the archive data?`_
 
 - `What is a tier?`_
 
@@ -101,10 +101,10 @@ What is the indexed data?
 
 The indexed data, previously known as hot storage, includes the data available on the Wazuh dashboard, which corresponds to the information Wazuh indexed. This information becomes searchable and analyzable as soon as Wazuh ingests and indexes the events sent by the agents.
 
-What is the archived data?
+What is the archive data?
 --------------------------
 
-The data generated by Wazuh is archived in an AWS S3 bucket for long-term storage purposes. Unlike the indexed data, this archived data is not searchable or analyzable. It simply consists of a collection of compressed files. For more information, please see the :ref:`Archived data <cloud_your_environment_accessing_archived_data>` section.
+The data generated by Wazuh is archive in an AWS S3 bucket for long-term storage purposes. Unlike the indexed data, this archive data is not searchable or analyzable. It simply consists of a collection of compressed files. For more information, please see the :ref:`Archive data <cloud_your_environment_accessing_archive_data>` section.
 
 What is a tier?
 ---------------
@@ -121,7 +121,7 @@ See :ref:`What happens if the indexed data capacity setting is reached? <cloud_s
 What happens if the indexed data capacity setting is reached?
 -------------------------------------------------------------
 
-When the selected **indexed data capacity** is reached, the oldest events will be automatically removed from your index regardless of the **index data time**. This data is available in archived data for you to access. See the :ref:`Archived data <cloud_your_environment_accessing_archived_data>` section to learn more about data logging and storage.
+When the selected **indexed data capacity** is reached, the oldest events will be automatically removed from your index regardless of the **index data time**. This data is available in archive data for you to access. See the :ref:`Archive data <cloud_your_environment_accessing_archive_data>` section to learn more about data logging and storage.
 
 How is indexed data rotated?
 ----------------------------

source/cloud-service/glossary.rst

@@ -16,7 +16,7 @@ Here is a list of terms related to Wazuh Cloud.
 
 - `Environment`_
 
-- `Archived data`_
+- `Archive data`_
 
 - `Indexed data`_
 
@@ -53,9 +53,9 @@ Environment
 
 An environment is a deployment that contains all the Wazuh components ready to use and running on Wazuh Cloud.
 
-.. _cloud_glossary_archived_data:
+.. _cloud_glossary_archive_data:
 
-Archived data
+Archive data
 ----------------------------------------------
 
 Formerly known as cold storage, it's the data containing the output generated by Wazuh, such as alerts and archives. It's an AWS S3 bucket to store your logs for a longer time and meet compliance requirements.
@@ -118,7 +118,7 @@ Available regions:
 Wazuh Cloud API
 ---------------
 
-The Wazuh Cloud API is an application programming interface used to interact with Wazuh Cloud. The Wazuh Cloud API is used, for example, to provide access to an environment's archived data.
+The Wazuh Cloud API is an application programming interface used to interact with Wazuh Cloud. The Wazuh Cloud API is used, for example, to provide access to an environment's archive data.
 
 .. _cloud_glossary_wazuh_cloud_cli:
 

source/cloud-service/index.rst

@@ -24,7 +24,7 @@ Learn more about Wazuh Cloud in the sections below.
    getting-started/index
    your-environment/index
    account-billing/index
-   archived-data/index
+   archive-data/index
    apis/index
    cli/index
    glossary

source/cloud-service/your-environment/limits.rst

@@ -32,4 +32,4 @@ The following APIs have rate limits:
 
 -  **Indexer API**: This limit sets the maximum requests allowed per second to the Wazuh Indexer API, enabling efficient retrieval and manipulation of indexed data.
 
--  **Access to the Archived data**: This limit sets the maximum requests processed per second for accessing archived data, ensuring efficient retrieval when necessary.
+-  **Access to the Archive data**: This limit sets the maximum requests processed per second for accessing archive data, ensuring efficient retrieval when necessary.

source/cloud-service/your-environment/settings.rst

@@ -38,9 +38,9 @@ Two settings define the behavior of the indexed data:
 Data remains indexed until either the indexed data retention or the indexed data capacity is reached. In other words, once either of the settings' values is reached, data rotation will occur (removing the oldest data) until the settings' conditions are met.
 
 
-.. _cloud_settings_archived_data:
+.. _cloud_settings_archive_data:
 
-Archived data
+Archive data
 ^^^^^^^^^^^^^
 
 This basic setting, previously known as cold storage, defines the duration for which the analyzed data generated by Wazuh is stored in an AWS S3 bucket for long-term storage purposes. Unlike the indexed data, this data isn't searchable or analyzable. It simply consists of a collection of compressed files.
@@ -75,7 +75,7 @@ The number of server nodes is automatically determined by the cloud service base
 Adjusting environment settings
 ------------------------------
 
-Managing your environment settings is crucial to meeting your evolving needs and optimizing the performance of your cloud environment. While some settings can be determined upfront, such as the number of active agents, indexed data retention, archived data, and support plan, it's important to note that these requirements may change over time.
+Managing your environment settings is crucial to meeting your evolving needs and optimizing the performance of your cloud environment. While some settings can be determined upfront, such as the number of active agents, indexed data retention, archive data, and support plan, it's important to note that these requirements may change over time.
 
 Advanced settings might be more challenging to determine in advance. While the interface provides recommendations based on our experience, your specific workload might differ. Hence, we recommend deploying, monitoring, and adjusting the settings as needed to align with your evolving requirements.
 

source/cloud-service/your-environment/technical-faq.rst

@@ -16,7 +16,7 @@ Technical FAQ
 
 - `What happens if indexed data capacity setting is reached?`_
 
-- `Can I index the archived data again?`_
+- `Can I index the archive data again?`_
 
 - `What if I need to change the size of my tier?`_
 
@@ -67,12 +67,12 @@ See :ref:`See What happens if *indexed data capacity* setting is reached? <cloud
 What happens if indexed data capacity setting is reached?
 ---------------------------------------------------------
 
-When the selected indexed data capacity is reached, the oldest events will be automatically removed from your index regardless of the index data time. This data is available in archived data for you to access. See the :ref:`Archived data <cloud_your_environment_accessing_archived_data>` section to learn more about data logging and storage.
+When the selected indexed data capacity is reached, the oldest events will be automatically removed from your index regardless of the index data time. This data is available in archive data for you to access. See the :ref:`Archive data <cloud_your_environment_accessing_archive_data>` section to learn more about data logging and storage.
 
-Can I index the archived data again?
+Can I index the archive data again?
 ------------------------------------
 
-It's possible to download the data from the archived data and re-index it into your local environments. However, it isn't possible to re-index it in your cloud environment.
+It's possible to download the data from the archive data and re-index it into your local environments. However, it isn't possible to re-index it in your cloud environment.
 
 What if I need to change the size of my tier?
 ---------------------------------------------
@@ -136,7 +136,7 @@ The Wazuh indexer API is not accessible by default. If you want to access it, co
 How can I forward my logs to another solution or SOC?
 -----------------------------------------------------
 
-You can download your data from archived data. Then, you can push it to other solutions or Security Operations Center (SOC).
+You can download your data from archive data. Then, you can push it to other solutions or Security Operations Center (SOC).
 
 Is my environment shared with other customers?
 ----------------------------------------------