Create New Features skeleton [Serverless] (#93)

* Investigations: re-nest pages * Add "Manage Osquery" page * Update landing page - Investigations * Add Assets page * Rename top-level sections * Add "Manage ML settings" page * Add placeholder to Dev Tools page * Reorder Dev Tools * Add link to Manage Osquery * Reorganize settings section
elastic · Sep 12, 2023 · 6443ecd · 6443ecd
1 parent 59b3b2e
commit 6443ecd
Show file tree

Hide file tree

Showing 14 changed files with 156 additions and 65 deletions.
diff --git a/docs/alerts/alerts-overview.mdx b/docs/alerts/alerts-overview.mdx
@@ -1,8 +1,8 @@
 ---
 id: serverlessSecurityAlertsOverview
 slug: /serverless/security/alerts-overview
-title: "Alerts: triage and respond"
-# description: Description to be written
+title: Alerts
+description: Triage and respond to detection alerts.
 tags: [ 'serverless', 'security', 'overview' ]
 status: rough content
 ---
@@ -11,4 +11,6 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
-This is a placeholder for future documentation.
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/docs/assets/asset-management.mdx b/docs/assets/asset-management.mdx
@@ -0,0 +1,19 @@
+---
+id: serverlessSecurityAssetManagement
+slug: /serverless/security/asset-management
+title: Asset management
+# description: Description to be written
+tags: [ 'serverless', 'security', 'overview', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+The **Assets** page allows you to manage the following features:
+
+* [((fleet))](((fleet-guide))/manage-agents-in-fleet.html)
+* [((integrations))](((fleet-guide))/integrations.html)
+* <DocLink id="serverlessSecuritySecManageIntro">Endpoint protection</DocLink>
+* <DocLink id="serverlessSecurityCloudNativeSecurityOverview">Cloud security</DocLink>
diff --git a/docs/dev-tools/developer-tools.mdx b/docs/dev-tools/developer-tools.mdx
@@ -11,6 +11,8 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
+Navigate to **Dev tools** for additional tools for interacting with your data. Refer to [Dev Tools docs](((kibana-ref))/devtools-kibana.html) for more information.
+
 <DocCallOut>
 <DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
 </DocCallOut>
diff --git a/docs/investigate/investigate-events.mdx b/docs/investigate/investigate-events.mdx
@@ -13,7 +13,12 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <div id="investigate-events"></div>
 
-The following sections describe tools for investigating security events and tracking security issues directly in the ((security-app)).
+The following sections describe tools for investigating security events and tracking security issues directly in ((elastic-sec)).
 
-{/* The include that was here is another page */}
-{/* The include that was here is another page */}
+
+These features are available in the ((security-app))'s side navigation menu:
+
+* <DocLink id="serverlessSecurityCasesOverview">**Cases**</DocLink>: Track investigation details about security issues.
+* **Investigations** -> <DocLink id="serverlessSecurityTimelinesUi">**Timelines**</DocLink>: Workspace for investigations and threat hunting.
+* **Investigations** -> <DocLink id="serverlessSecurityUseOsquery">**Osquery**</DocLink>: Run live and scheduled queries on operating systems.
+* <DocLink id="serverlessSecurityIndicatorsOfCompromise">**Intelligence**</DocLink>: Indicators of compromise used for threat intelligence.
diff --git a/docs/machine-learning/manage-machine-learning.mdx b/docs/machine-learning/manage-machine-learning.mdx
@@ -0,0 +1,18 @@
+---
+id: serverlessSecurityManageMachineLearning
+slug: /serverless/security/manage-machine-learning
+title: Manage machine learning settings
+description: Manage ((ml)) settings for your ((elastic-sec)) project.
+tags: [ 'serverless', 'security', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+Navigate to **Machine learning** to manage ((ml)) jobs and project-level settings. Refer to [((ml-cap)) docs](((ml-docs))/ml-ad-overview.html) for more information.
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/docs/osquery/manage-osquery.mdx b/docs/osquery/manage-osquery.mdx
@@ -0,0 +1,18 @@
+---
+id: serverlessSecurityManageOsquery
+slug: /serverless/security/manage-osquery
+title: Manage Osquery
+description: Manage Osquery for your ((elastic-sec)) project.
+tags: [ 'serverless', 'security', 'how-to', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+Navigate to **Investigations** -> **Osquery** to manage project-level [Osquery settings](((kibana-ref))/osquery.html).
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/docs/osquery/use-osquery.mdx b/docs/osquery/use-osquery.mdx
@@ -20,4 +20,4 @@ Osquery is supported for Linux, macOS, and Windows. You can use it with ((elasti
 * **<DocLink id="serverlessSecurityOsqueryResponseAction">Osquery Response Actions</DocLink>** - Use Osquery Response Actions to add live queries to custom query rules.
 * **<DocLink id="serverlessSecurityInvestGuideRunOsquery">Live queries from investigation guides</DocLink>** - Incorporate live queries into investigation guides to enhance your research capabilities while investigating possible security issues.
 * **<DocLink id="serverlessSecurityAlertsRunOsquery">Live queries from alerts</DocLink>** - Run live queries against an alert's host to learn more about your infrastructure and operating systems.
-
+* **<DocLink id="serverlessSecurityManageOsquery">Manage Osquery</DocLink>** - Manage project-level Osquery settings.
diff --git a/docs/rules/detection-rule-management.mdx b/docs/rules/detection-rule-management.mdx
@@ -1,7 +1,7 @@
 ---
-id: serverlessSecurityDetectionRuleManagement
-slug: /serverless/security/detection-rule-management
-title: Detection rule management
+id: serverlessSecurityDetectionRules
+slug: /serverless/security/detection-rules
+title: Detection rules
 # description: Description to be written
 tags: [ 'serverless', 'security', 'overview' ]
 status: rough content
@@ -11,4 +11,6 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
-This is a placeholder for future documentation.
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/docs/settings/advanced-settings.mdx b/docs/settings/advanced-settings.mdx
@@ -1,7 +1,7 @@
 ---
 id: serverlessSecurityAdvancedSettings
 slug: /serverless/security/advanced-settings
-title: Configure advanced settings
+title: Advanced settings
 description: Update advanced ((elastic-sec)) settings.
 tags: ["serverless","security","reference","manage"]
 status: rough content
@@ -11,6 +11,10 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
+<DocCallOut>
+<DocText textAlign="center"><br />**These settings are not yet available for Serverless.**<br /><br /></DocText>
+</DocCallOut>
+
 <div id="advanced-settings"></div>
 
 The advanced settings determine:

diff --git a/docs/settings/manage-elastic-security-settings.mdx b/docs/settings/manage-elastic-security-settings.mdx
diff --git a/docs/settings/manage-settings.mdx b/docs/settings/manage-settings.mdx
@@ -0,0 +1,22 @@
+---
+id: serverlessSecurityManageSettings
+slug: /serverless/security/manage-settings
+title: Manage settings
+# description: Description to be written
+tags: [ 'serverless', 'security', 'overview' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+These pages explain how to manage settings in various areas of the ((security-app)):
+
+* <DocLink id="serverlessSecurityProjectSettings" />: Configure project-wide settings related to users, billing, data management, and more.
+* <DocLink id="serverlessSecurityAdvancedSettings" />: Update advanced ((elastic-sec)) settings.
+* <DocLink id="serverlessSecuritySecRequirements" />: Learn about index and user privilege requirements for specific features.
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/docs/settings/project-settings.mdx b/docs/settings/project-settings.mdx
@@ -0,0 +1,18 @@
+---
+id: serverlessSecurityProjectSettings
+slug: /serverless/security/project-settings
+title: Project settings
+description: Configure project-wide settings related to users, billing, data management, and more.
+tags: [ 'serverless', 'security', 'overview', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+Navigate to **Project settings** to configure project-wide settings related to users, billing, data management, and more.
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/docs/settings/security-stack-management.mdx b/docs/settings/security-stack-management.mdx
diff --git a/serverless-security.docnav.json b/serverless-security.docnav.json
@@ -291,7 +291,7 @@
       ]
     },
     {
-      "pageId": "serverlessSecurityDetectionRuleManagement",
+      "pageId": "serverlessSecurityDetectionRules",
       "items": [
         {
           "id": "serverlessSecurityDetectionEngineOverview",
@@ -423,6 +423,9 @@
         {
           "id": "serverlessSecurityTuningAnomalyResults",
           "classic-sources": [ "enSecurityTuningAnomalyResults" ]
+        },
+        {
+          "id": "serverlessSecurityManageMachineLearning"
         }
       ]
     },
@@ -457,11 +460,17 @@
       "items": [
         {
           "id": "serverlessSecurityTimelinesUi",
-          "classic-sources": [ "enSecurityTimelinesUi" ]
-        },
-        {
-          "id": "serverlessSecurityTimelineTemplatesUi",
-          "classic-sources": [ "enSecurityTimelineTemplatesUi" ]
+          "classic-sources": [ "enSecurityTimelinesUi" ],
+          "items": [
+            {
+              "id": "serverlessSecurityTimelineTemplatesUi",
+              "classic-sources": [ "enSecurityTimelineTemplatesUi" ]
+            },
+            {
+              "id": "serverlessSecurityTimelineObjectSchema",
+              "classic-sources": [ "enSecurityTimelineObjectSchema" ]
+            }   
+          ]
         },
         {
           "id": "serverlessSecurityCasesOverview",
@@ -470,20 +479,16 @@
             {
               "id": "serverlessSecurityCasesOpenManage",
               "classic-sources": [ "enSecurityCasesOpenManage" ]
+            },
+            {
+              "id": "serverlessSecurityCasesUiIntegrations",
+              "classic-sources": [ "enSecurityCasesUiIntegrations" ]
             }
           ]
         },
-        {
-          "id": "serverlessSecurityCasesUiIntegrations",
-          "classic-sources": [ "enSecurityCasesUiIntegrations" ]
-        },
         {
           "id": "serverlessSecurityIndicatorsOfCompromise",
           "classic-sources": [ "enSecurityIndicatorsOfCompromise" ]
-        },
-        {
-          "id": "serverlessSecurityTimelineObjectSchema",
-          "classic-sources": [ "enSecurityTimelineObjectSchema" ]
         }
       ]
     },
@@ -510,6 +515,9 @@
         {
           "id": "serverlessSecurityOsqueryPlaceholderFields",
           "classic-sources": [ "enSecurityOsqueryPlaceholderFields" ]
+        },
+        {
+          "id": "serverlessSecurityManageOsquery"
         }
       ]
     },
@@ -566,11 +574,18 @@
       ]
     },
     {
-      "pageId": "serverlessSecurityDeveloperTools"
+      "pageId": "serverlessSecurityAssetManagement"
     },
     {
-      "pageId": "serverlessSecurityManageElasticSecuritySettings",
+      "pageId": "serverlessSecurityManageSettings",
       "items": [
+        {
+          "id": "serverlessSecurityProjectSettings"
+        },
+        {
+          "id": "serverlessSecurityAdvancedSettings",
+          "classic-sources": [ "enSecurityAdvancedSettings" ]
+        },
         {
           "id": "serverlessSecuritySecRequirements",
           "classic-sources": [ "enSecuritySecRequirements" ],
@@ -596,16 +611,12 @@
               "classic-sources": [ "enSecurityConfMapUi" ]
             }
           ]
-        },
-        {
-          "id": "serverlessSecurityAdvancedSettings",
-          "classic-sources": [ "enSecurityAdvancedSettings" ]
-        },
-        {
-          "id": "serverlessSecurityStackManagement"
         }
       ]
     },
+    {
+      "pageId": "serverlessSecurityDeveloperTools"
+    },
     {
       "label": "API docs",
       "pageId": "serverlessSecuritySecurityApis",