diff --git a/docs/GoIntelOwl/index.md b/docs/GoIntelOwl/index.md index cb6db76..3966ba8 100644 --- a/docs/GoIntelOwl/index.md +++ b/docs/GoIntelOwl/index.md @@ -143,7 +143,7 @@ Licensed under the GNU AFFERO GENERAL PUBLIC LICENSE. - [Intelowl](https://github.com/intelowlproject/IntelOwl) - [Documentation](https://intelowl.readthedocs.io/en/latest/) -- [API documentation](https://intelowl.readthedocs.io/en/latest/Redoc.html) +- [API documentation](https://intelowlproject.github.io/docs/IntelOwl/api_docs) - [Examples](./examples/) # FAQ diff --git a/docs/GreedyBear/Contribute.md b/docs/GreedyBear/Contribute.md index 97477f7..5ce5c63 100644 --- a/docs/GreedyBear/Contribute.md +++ b/docs/GreedyBear/Contribute.md @@ -14,7 +14,7 @@ For this reason it is important to follow some easy rules based on a simple but - When you ask to be assigned to an issue, it means that you are ready to work on it. When you get assigned, take the lock and then you disappear, you are not respecting the maintainers and the other contributors who could be able to work on that. So, after having been assigned, you have a week of time to deliver your first _draft_ PR. After that time has passed without any notice, you will be unassigned. -- Before asking questions regarding how the project works, please read _through all the documentation_ and [install](https://greedybear.readthedocs.io/en/latest/Installation.html) the project on your own local machine to try it and understand how it basically works. This is a form of respect to the maintainers. +- Before asking questions regarding how the project works, please read _through all the documentation_ and [install](https://intelowlproject.github.io/docs/GreedyBear/Installation/) the project on your own local machine to try it and understand how it basically works. This is a form of respect to the maintainers. - Once you started working on an issue and you have some work to share and discuss with us, please raise a draft PR early with incomplete changes. This way you can continue working on the same and we can track your progress and actively review and help. This is a form of respect to you and to the maintainers. @@ -26,7 +26,7 @@ Keeping to a consistent code style throughout the project makes it easier to con ## How to start (Setup project and development instance) -To start with the development setup, make sure you go through all the steps in [Installation Guide](https://greedybear.readthedocs.io/en/latest/Installation.html) and properly installed it. +To start with the development setup, make sure you go through all the steps in [Installation Guide](https://intelowlproject.github.io/docs/GreedyBear/Installation/) and properly installed it. Please create a new branch based on the **develop** branch that contains the most recent changes. This is mandatory. diff --git a/docs/GreedyBear/Usage.md b/docs/GreedyBear/Usage.md index cd5a53b..2167cb8 100644 --- a/docs/GreedyBear/Usage.md +++ b/docs/GreedyBear/Usage.md @@ -79,7 +79,7 @@ The available formats are: - `csv`: CSV-like file (just one line for each IOC) - `json`: JSON file with additional information regarding the IOCs -Check the [Redoc specification](https://greedybear.readthedocs.io/en/latest/Redoc.html) or the to get all the details about how to use the available APIs. +Check the [API specification](https://intelowlproject.github.io/docs/GreedyBear/Api-docs/) or the to get all the details about how to use the available APIs. ## Enrichment diff --git a/docs/IntelOwl/advanced_configuration.md b/docs/IntelOwl/advanced_configuration.md index 49a480d..3d75ef7 100644 --- a/docs/IntelOwl/advanced_configuration.md +++ b/docs/IntelOwl/advanced_configuration.md @@ -115,7 +115,7 @@ For more details on how to configure this file, check the ` -Add the new analyzer in the lists in the docs: [Usage](./Usage.md). Also, if the analyzer provides additional optional configuration, add the available options here: [Advanced-Usage](./Advanced-Usage.html#analyzers-with-special-configuration) +Add the new analyzer in the lists in the docs: [Usage](./Usage.md). Also, if the analyzer provides additional optional configuration, add the available options here: [Advanced-Usage](https://intelowlproject.github.io/docs/IntelOwl/advanced_usage/#analyzers-with-special-configuration) In the Pull Request remember to provide some real world examples (screenshots and raw JSON results) of some successful executions of the analyzer to let us understand how it would work. diff --git a/docs/IntelOwl/installation.md b/docs/IntelOwl/installation.md index 29ae980..3b5bb4e 100644 --- a/docs/IntelOwl/installation.md +++ b/docs/IntelOwl/installation.md @@ -198,7 +198,7 @@ There are 3 options to execute the web server: Then you should call the `./start` script with the parameter `--https` to leverage the right Docker Compose file for HTTPS. - Plus, if you use [Flower](Advanced-Configuration.html#queue-customization), you should change in the `docker/flower.override.yml` the `flower_http.conf` with `flower_https.conf`. + Plus, if you use [Flower](https://intelowlproject.github.io/docs/IntelOwl//advanced_configuration/#queue-customization), you should change in the `docker/flower.override.yml` the `flower_http.conf` with `flower_https.conf`. - **HTTPS with Let's Encrypt** @@ -221,7 +221,7 @@ The CLI provides the primitives to correctly build, run or stop the containers f @@ -376,7 +376,7 @@ IntelOwl v5 introduced some major changes regarding how the plugins and their re Before upgrading, some important things should be checked by the administrator: - A lot of database migrations will need to be applied. Just be patient few minutes once you install the new major release. If you get 500 status code errors in the GUI, just wait few minutes and then refresh the page. -- We moved away from the old big `analyzer_config.json` which was storing all the base configuration of the Analyzers to a database model (we did the same for all the other plugins types too). This allows us to manage plugins creation/modification/deletion in a more reliable manner and via the Django Admin Interface. If you have created custom plugins and changed those `_config.json` file manually, you would need to re-create those custom plugins again from the Django Admin Interface. To do that please follow the [related new documentation](https://intelowl.readthedocs.io/en/develop/Usage.html#analyzers-customization) +- We moved away from the old big `analyzer_config.json` which was storing all the base configuration of the Analyzers to a database model (we did the same for all the other plugins types too). This allows us to manage plugins creation/modification/deletion in a more reliable manner and via the Django Admin Interface. If you have created custom plugins and changed those `_config.json` file manually, you would need to re-create those custom plugins again from the Django Admin Interface. To do that please follow the [related new documentation](https://intelowlproject.github.io/docs/IntelOwl/usage/#analyzers-customization) - We have REMOVED all the analyzers that we deprecated during the v4 releases cycle. Please substitute them with their respective new names, in case they have a replacement. - REMOVED `Pulsedive_Active_IOC` analyzer. Please substitute it with the new `Pulsedive` analyzer. - REMOVED `Fortiguard` analyzer because endpoint does not work anymore. No substitute. diff --git a/docs/IntelOwl/usage.md b/docs/IntelOwl/usage.md index 8ff0850..b520644 100644 --- a/docs/IntelOwl/usage.md +++ b/docs/IntelOwl/usage.md @@ -109,7 +109,7 @@ The following is the list of the available analyzers you can run out-of-the-box. - [Facebook Yara rules](https://github.com/facebook/malware-detection) - [edelucia Yara rules](https://github.com/edelucia/rules/tree/main/yara) - [LOLDrivers Yara Rules](https://github.com/magicsword-io/LOLDrivers) - - your own added signatures. See [Advanced-Usage](./Advanced-Usage.html#analyzers-with-special-configuration) for more details. + - your own added signatures. See [Advanced-Usage](https://intelowlproject.github.io/docs/IntelOwl/advanced_usage/#analyzers-with-special-configuration) for more details. ###### External services @@ -172,7 +172,7 @@ The following is the list of the available analyzers you can run out-of-the-box. - `FileScan_Search`: Finds reports and uploaded files by various tokens, like hash, filename, verdict, IOCs etc via [FileScan.io API](https://www.filescan.io/api/docs). - `FireHol_IPList`: check if an IP is in [FireHol's IPList](https://iplists.firehol.org/) - `GoogleSafebrowsing`: Scan an observable against GoogleSafeBrowsing DB -- `GoogleWebRisk`: Scan an observable against WebRisk API (Commercial version of Google Safe Browsing). Check the [docs](https://intelowl.readthedocs.io/en/develop/Advanced-Usage.html#analyzers-with-special-configuration) to enable this properly +- `GoogleWebRisk`: Scan an observable against WebRisk API (Commercial version of Google Safe Browsing). Check the [docs](https://intelowlproject.github.io/docs/IntelOwl/advanced_usage/#analyzers-with-special-configuration) to enable this properly - `Google_DNS`: Retrieve current domain resolution with Google DoH (DNS over HTTPS) - `GreedyBear`: scan an IP or a domain against the [GreedyBear](https://greedybear.honeynet.org/) API (requires API key) - `GreyNoise`: scan an IP against the [Greynoise](https://www.greynoise.io/) API (requires API key) @@ -273,7 +273,7 @@ Some analyzers require details other than just IP, URL, Domain, etc. We classifi ##### Optional analyzers -[Some analyzers are optional](Advanced-Usage.html#optional-analyzers) and need to be enabled explicitly. +[Some analyzers are optional](https://intelowlproject.github.io/docs/IntelOwl/advanced_usage/#optional-analyzers) and need to be enabled explicitly. ### Connectors @@ -308,7 +308,7 @@ This is a "SOAR" feature that allows the users to connect multiple analysis toge - `TakedownRequestToAbuseIp`: This Plugin leverages results from DNS resolver analyzers to extract a valid IP address to pivot to the Abusix analyzer. - `AbuseIpToSubmission`: This Plugin leverages results from the Abusix analyzer to extract the abuse contacts of an IP address to pivot to the AbuseSubmitter connector. -You can build your own custom Pivot with your custom logic with just few lines of code. See the [Contribute](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-add-a-new-pivot) section for more info. +You can build your own custom Pivot with your custom logic with just few lines of code. See the [Contribute](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-add-a-new-pivot) section for more info. #### Creating Pivots from the GUI @@ -343,7 +343,7 @@ The visualizer adds logic after the computations, allowing to show the final res Visualizers can be executed only during `Scans` through the playbook that has been configured on the visualizer itself. This framework is extremely powerful and allows every user to customize the GUI as they wish. But you know...with great power comes great responsability. To fully leverage this framework, you would need to put some effort in place. You would need to understand which data is useful for you and then write few code lines that would create your own GUI. -To simplify the process, take example from the pre-built visualizers listed below and follow the dedicated [documentation](Contribute.html#how-to-add-a-new-visualizer). +To simplify the process, take example from the pre-built visualizers listed below and follow the dedicated [documentation](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-add-a-new-visualizer). ##### List of pre-built Visualizers @@ -412,7 +412,7 @@ The created Playbook would be available to yourself only. If you want either to ### Generic Plugin Creation, Configuration and Customization -If you want to create completely new Plugins (not based on already existing python modules), please refer to the [Contribute](https://intelowl.readthedocs.io/en/latest/Contribute.html#how-to-add-a-new-plugin) section. This is usually the case when you want to integrate IntelOwl with either a new tool or a new service. +If you want to create completely new Plugins (not based on already existing python modules), please refer to the [Contribute](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-add-a-new-plugin) section. This is usually the case when you want to integrate IntelOwl with either a new tool or a new service. On the contrary, if you would like to just customize the already existing plugins, this is the place. @@ -432,7 +432,7 @@ The following are the most important fields that you can change without touching - `Python Module`: Python path of the class that will be executed. This should not be changed most of the times. - `Maximum TLP`: see [TLP Support](#tlp-support) - `Soft Time Limit`: this is the maximum time (in seconds) of execution for an analyzer. Once reached, the task will be killed (or managed in the code by a custom Exception). Default `300`. -- `Routing Key`: this takes effects only when [multi-queue](Advanced-Configuration.html#multi-queue) is enabled. Choose which celery worker would execute the task: `local` (ideal for tasks that leverage local applications like Yara), `long` (ideal for long tasks) or `default` (ideal for simple webAPI-based analyzers). +- `Routing Key`: this takes effects only when [multi-queue](https://intelowlproject.github.io/docs/IntelOwl/advanced_configuration/#multi-queue) is enabled. Choose which celery worker would execute the task: `local` (ideal for tasks that leverage local applications like Yara), `long` (ideal for long tasks) or `default` (ideal for simple webAPI-based analyzers). For analyzers only: @@ -491,7 +491,7 @@ You can change the Plugin Parameters at 5 different levels: - if you are an IntelOwl superuser, you can go in the Django Admin Interface and change the default values of the parameters for every plugin you like. This option would change the default behavior for every user in the platform. - if you are either Owner or Admin of an org, you can customize the default values of the parameters for every member of the organization by leveraging the GUI in the "Organization Config" section. This overrides the previous option. - if you are a normal user, you can customize the default values of the parameters for your analysis only by leveraging the GUI in the "Plugin config" section. This overrides the previous option. -- You can choose to provide runtime configuration when requesting an analysis that will override the previous options. This override is done only for the specific analysis. See Customize analyzer execution at time of request +- You can choose to provide runtime configuration when requesting an analysis that will override the previous options. This override is done only for the specific analysis. See Customize analyzer execution at time of request

Playbook Exception