Updated readme format

bhargavnariyanicrest · Dec 12, 2024 · 64d6520 · 64d6520
1 parent 724567b
commit 64d6520
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 61 deletions.
diff --git a/mimecast/README.md b/mimecast/README.md
@@ -1,3 +1,5 @@
+# Mimecast
+
 ## Overview
 
 [Mimecast][1] is a cloud-based solution designed to protect organizations from a wide range of email-based threats. The product offers a comprehensive set of security features that help to safeguard against advanced threats, such as phishing, malware, spam, and targeted attacks, while also providing data leak prevention and email continuity services.
@@ -15,13 +17,9 @@ The Mimecast integration seamlessly collects all the above listed logs, channeli
 
 ## Setup
 
-### Configuration
-
-#### Get Credentials of Mimecast
-
-To find your application's details in Mimecast Email Security:
+### Generate API Credentials in Mimecast
 
-1. Sign into Mimecast Email Security with your credentials.
+1. Log in to your **Mimecast account**.
 2. Navigate to the **Administration Console**, select **Services**, and then choose the **API and Platform Integrations** section.
 3. Proceed to Your **API 2.0 Applications**.
 4. Search for your application in the list provided.
@@ -30,27 +28,26 @@ To find your application's details in Mimecast Email Security:
    - Click the **Generate keys** button of Mimecast API 2.0 tile.
    - Check the **I accept** checkbox, click on **Next**.
    - In **Application Details** step, fill out the following details according to the instructions:
-     - Application Name: Enter the application name of your choice
+     - Application Name: Enter a meaningful name of application
      - Category: Select **SIEM Integration**
      - Products: Click **Select all** option
      - Application Role: Select **Basic Administrator**
      - Description: Enter the description of your choice
    - In **Notifications**, provide the contact details of your technical administrator and click on **Next**
-   - After clicking on **Add and Generate Keys** there will be pop up window showing Client ID and Client Secret. Please copy those keys to a safe place as they won't be displayed again.
+   - After clicking on **Add and Generate Keys**. There will be a pop up window showing Client ID and Client Secret. Copy and store **Client ID** and **Client Secret** in a secure location.
 6. If the application is present, click on its name.
-7. Click the **Manage API 2.0 credentials** button and click **Generate**. This generates a new Client ID and Client Secret. Please copy those keys to a safe place as they won't be displayed again.
+7. Click the **Manage API 2.0 credentials** button and click **Generate**. This generates a new Client ID and Client Secret. Copy and store **Client ID** and **Client Secret** in a secure location.
 
-#### Mimecast DataDog Integration Configuration
+### Connect your Mimecast Account to Datadog
 
-Configure the Datadog endpoint to forward Mimecast logs to Datadog.
+1. Add your Mimecast credentials.
 
-1. Navigate to `Mimecast`.
-2. Add your Mimecast credentials.
+    | Parameters | Description                                                           |
+    | ------------------- | ------------------------------------------------------------ |
+    | Client ID           | The Client ID of your registered application on Mimecast     |
+    | Client Secret       | The Client Secret of your registered application on Mimecast |
 
-| Mimecast Parameters | Description                                                  |
-| ------------------- | ------------------------------------------------------------ |
-| Client ID           | The Client ID of your registered application on mimecast     |
-| Client Secret       | The Client Secret of your registered application on mimecast |
+2. Click the Save button to save your settings.
 
 ## Data Collected
 
@@ -72,7 +69,7 @@ The Mimecast integration does not include any events.
 
 ## Support
 
-For further assistance, contact [Datadog Support][2].
+Need help? Contact [Datadog Support][2].
 
 [1]: https://www.mimecast.com/
 [2]: https://docs.datadoghq.com/help/
diff --git a/palo_alto_cortex_xdr/README.md b/palo_alto_cortex_xdr/README.md
@@ -1,26 +1,23 @@
-# Palo Alto Cortex XDR Integration For Datadog
+# Palo Alto Cortex XDR
 
 ## Overview
 
 [Palo Alto Cortex XDR][1] is a comprehensive detection and response platform that provides advanced threat protection across endpoints, networks, and cloud environments. It integrates endpoint protection, network security, and analytics to offer real-time visibility and response capabilities and combat sophisticated cyber threats effectively.
 
 This integration ingests the following logs:
 
-- Incident
-- Alert
+- Incident: Represents information of artifacts, assets, and alerts from a threat event, including their severity, status, and the users who handle them.
+- Alert: Represents real-time analysis of alerts, including their severity, frequency, and source.
 
-The Palo Alto Cortex XDR integration seamlessly collect the data of Palo Alto Cortex XDR logs using REST APIs.
-Before ingesting the data, it normalizes and enriches the logs, ensuring a consistent data format and enhancing information content for downstream processing and analysis. The integration provides insights into incidents and alerts using out-of-the-box dashboards.
+The Palo Alto Cortex XDR integration seamlessly collects the data of Palo Alto Cortex XDR logs using REST APIs. Before ingesting the data, it normalizes and enriches the logs, ensuring a consistent data format and enhancing information content for downstream processing and analysis. The integration provides insights into incidents and alerts using out-of-the-box dashboards.
 
 ## Setup
 
-### Configuration
+### Generate API credentials in Palo Alto Cortex XDR
 
-#### Get Credentials of Palo Alto Cortex XDR
+#### Steps to generate API key
 
-#### Steps to create API key
-
-1. Sign into your **Palo Alto Cortex XDR** instance.
+1. Log in to your **Palo Alto Cortex XDR account**.
 2. Navigate to **Settings** > **Configurations** > **Integrations** > **API Keys**.
 3. Click on **New Key**.
 4. Choose the type of API key based on your desired security level, **Advanced** or **Standard**.
@@ -30,7 +27,7 @@ Before ingesting the data, it normalizes and enriches the logs, ensuring a consi
 8. Click **Generate** to generate the API key.
 9. Copy the API key, and then click **Done**. This value represents your unique **Authorization:{key}**
 
-#### Steps to get Cortex XDR API Key ID
+#### Steps to get API Key ID
 
 1. In the API Keys table, locate the ID field.
 2. Note your corresponding ID number. This value represents the **x-xdr-auth-id:{key_id}** token.
@@ -40,24 +37,23 @@ Before ingesting the data, it normalizes and enriches the logs, ensuring a consi
 1. Right-click your API key and select **View Examples**.
 2. Copy the **CURL Example** URL. The example contains your unique **FQDN**.
 
-#### Palo Alto Cortex XDR DataDog Integration Configuration
+### Connect your Palo Alto Cortex XDR Account to Datadog
 
-Configure the Datadog endpoint to forward Palo Alto Cortex XDR logs to Datadog.
+1. Add your Palo Alto Cortex XDR credentials.
 
-1. Navigate to `Palo Alto Cortex XDR`.
-2. Add your Palo Alto Cortex XDR credentials.
+    | Parameters   | Description  |
+    | -------------| ------------ |
+    | API key      | The API key from Palo Alto Cortex XDR. |
+    | API Key ID   | The auth id from Palo Alto Cortex XDR. |
+    | FQDN         | The FQDN from Palo Alto Cortex XDR. It is the `baseUrl` part of `baseUrl/public_api/v1/{name of api}/{name of call}/` |
 
-| Palo Alto Cortex XDR Parameters | Description  |
-| ------------------------------- | ------------ |
-| API key                         | The API key from Palo Alto Cortex XDR. |
-| API Key ID                      | The auth id from Palo Alto Cortex XDR. |
-| FQDN                            | The FQDN from Palo Alto Cortex XDR. It is the `baseUrl` part of `baseUrl/public_api/v1/{name of api}/{name of call}/` |
+2. Click the Save button to save your settings.
 
 ## Data Collected
 
 ### Logs
 
-The Palo Alto Cortex XDR integration collects and forwards Palo Alto Cortex XDR Incident and alert logs to Datadog.
+The Palo Alto Cortex XDR integration collects and forwards Palo Alto Cortex XDR incident and alert logs to Datadog.
 
 ### Metrics
 
@@ -69,7 +65,7 @@ The Palo Alto Cortex XDR integration does not include any events.
 
 ## Support
 
-For further assistance, contact [Datadog Support][2].
+Need help? Contact [Datadog Support][2].
 
 [1]: https://docs-cortex.paloaltonetworks.com/p/XDR
 [2]: https://docs.datadoghq.com/help/
diff --git a/sophos_central_cloud/README.md b/sophos_central_cloud/README.md
@@ -1,49 +1,44 @@
-# Sophos Central Cloud Integration for Datadog
+# Sophos Central Cloud
 
 ## Overview
 
 [Sophos Central][1] is a unified, cloud-based management platform to monitor and secure your organization from threats. It's used by businesses of all sizes to consolidate the Sophos suite of solutions into a single management solution.
 
 This integration ingests the following logs:
 
-* Alerts
-  * Sophos Alert refers to a notification or warning generated by Sophos Central Cloud in response to a security event or potential threat. Alerts are triggered based on predefined security policies, detection rules, or anomalous activities identified by the Sophos Central Cloud.
-* Events
-  * Sophos Event refers to a specific occurrence that is detected and recorded by Sophos Central Cloud. Events can include various security-related activities such as malware detection, unauthorized access attempts, system vulnerabilities, and other security events.
+- Alert: Represents a notification or warning generated by Sophos Central Cloud in response to a security event or potential threat. Alerts are triggered based on predefined security policies, detection rules, or anomalous activities identified by the Sophos Central Cloud.
+- Event: Represents a specific occurrence that is detected and recorded by Sophos Central Cloud. Events can include various security-related activities such as malware detection, unauthorized access attempts, system vulnerabilities, and other security events.
 
 The Sophos Central Cloud integration seamlessly collects all the above listed logs, channeling them into Datadog for analysis. Leveraging the built-in logs pipeline, these logs are parsed and enriched, enabling effortless search and analysis. The integration provides insight into alerts and events through the out-of-the-box dashboards. Additionally, the integration enriches corresponding endpoint details along with alert and event logs through the **get_endpoint_details** flag.
 
 ## Setup
 
-### Configuration
+### Generate API credentials in Sophos Central Cloud
 
-#### Sophos Central Cloud Configuration
-
-1. Login to [**Sophos Central Platform**][2] with your credentials.
+1. Log in to your [**Sophos Central account**][2].
 2. From Sophos Central Admin, go to **My Products** > **General Settings** > **API Credentials Management**.
 3. Click **Add Credential**.
 4. Provide a credential name, select the appropriate role, add an optional description, and click the **Add** button. The **API credential Summary** for this credential is displayed.
 5. Click **Show Client Secret** to display the **Client Secret**.
-6. Copy the **Client ID** and **Client Secret**.
+6. Copy the **Client ID** and **Client Secret** and store them in a secure location.
 
-#### Sophos Central Cloud DataDog Integration Configuration
+### Connect your Sophos Central Cloud Account to Datadog
 
-Configure the Datadog endpoint to forward Sophos Central Cloud events as logs to Datadog.
+1. Add your Sophos Central Cloud credentials.
 
-1. Navigate to `Sophos Central Cloud`.
-2. Add your Sophos Central Cloud credentials.
+    | Parameters | Description                                                                                     |
+    | ------------------------------- | -------------------------------------------------------------------------- |
+    | Client ID                       | The Client ID from Sophos Central Cloud.                                   |
+    | Client Secret                   | The Client Secret from Sophos Central Cloud.                               |
+    | Get Endpoint Details            | Set to "true" to collect endpoint details for Sophos Central Cloud Alert and Event Logs, otherwise set to "false". The Default is "true".                 |
 
-| Sophos Central Cloud Parameters | Description                                                                |
-| ------------------------------- | -------------------------------------------------------------------------- |
-| Client ID                       | The Client ID from Sophos Central Cloud.                                         |
-| Client Secret                   | The Client Secret from Sophos Central Cloud.                                     |
-| Get Endpoint Details            | Set to "true" to collect endpoint details for Sophos Central Cloud Alert and Event Logs, otherwise set to "false". Default is "true".                 |
+2. Click the Save button to save your settings.
 
 ## Data Collected
 
 ### Logs
 
-The integration collects and forwards Sophos Central Cloud Alert and Event logs to Datadog.
+The integration collects and forwards Sophos Central Cloud alert and event logs to Datadog.
 
 ### Metrics
 
@@ -55,7 +50,7 @@ The Sophos Central Cloud integration does not include any events.
 
 ## Support
 
-For further assistance, contact [Datadog Support][3].
+Need help? Contact [Datadog Support][3].
 
 [1]: https://www.sophos.com/en-us/products/sophos-central
 [2]: https://cloud.sophos.com/manage/login