Create New Features skeleton [Serverless] (#93)

joepeeples · web-flow · commit 457152f46c19 · 2023-09-12T18:46:10.000-04:00
* Investigations: re-nest pages

* Add "Manage Osquery" page

* Update landing page - Investigations

* Add Assets page

* Rename top-level sections

* Add "Manage ML settings" page

* Add placeholder to Dev Tools page

* Reorder Dev Tools

* Add link to Manage Osquery

* Reorganize settings section
diff --git a/alerts/alerts-overview.mdx b/alerts/alerts-overview.mdx
@@ -1,8 +1,8 @@
 ---
 id: serverlessSecurityAlertsOverview
 slug: /serverless/security/alerts-overview
-title: "Alerts: triage and respond"
-# description: Description to be written
+title: Alerts
+description: Triage and respond to detection alerts.
 tags: [ 'serverless', 'security', 'overview' ]
 status: rough content
 ---
@@ -11,4 +11,6 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
-This is a placeholder for future documentation.
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/assets/asset-management.mdx b/assets/asset-management.mdx
@@ -0,0 +1,19 @@
+---
+id: serverlessSecurityAssetManagement
+slug: /serverless/security/asset-management
+title: Asset management
+# description: Description to be written
+tags: [ 'serverless', 'security', 'overview', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+The **Assets** page allows you to manage the following features:
+
+* [((fleet))](((fleet-guide))/manage-agents-in-fleet.html)
+* [((integrations))](((fleet-guide))/integrations.html)
+* <DocLink id="serverlessSecuritySecManageIntro">Endpoint protection</DocLink>
+* <DocLink id="serverlessSecurityCloudNativeSecurityOverview">Cloud security</DocLink>
diff --git a/dev-tools/developer-tools.mdx b/dev-tools/developer-tools.mdx
@@ -11,6 +11,8 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
+Navigate to **Dev tools** for additional tools for interacting with your data. Refer to [Dev Tools docs](((kibana-ref))/devtools-kibana.html) for more information.
+
 <DocCallOut>
 <DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
 </DocCallOut>
diff --git a/investigate/investigate-events.mdx b/investigate/investigate-events.mdx
@@ -13,7 +13,12 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <div id="investigate-events"></div>
 
-The following sections describe tools for investigating security events and tracking security issues directly in the ((security-app)).
+The following sections describe tools for investigating security events and tracking security issues directly in ((elastic-sec)).
 
-{/* The include that was here is another page */}
-{/* The include that was here is another page */}
+
+These features are available in the ((security-app))'s side navigation menu:
+
+* <DocLink id="serverlessSecurityCasesOverview">**Cases**</DocLink>: Track investigation details about security issues.
+* **Investigations** -> <DocLink id="serverlessSecurityTimelinesUi">**Timelines**</DocLink>: Workspace for investigations and threat hunting.
+* **Investigations** -> <DocLink id="serverlessSecurityUseOsquery">**Osquery**</DocLink>: Run live and scheduled queries on operating systems.
+* <DocLink id="serverlessSecurityIndicatorsOfCompromise">**Intelligence**</DocLink>: Indicators of compromise used for threat intelligence.
diff --git a/machine-learning/manage-machine-learning.mdx b/machine-learning/manage-machine-learning.mdx
@@ -0,0 +1,18 @@
+---
+id: serverlessSecurityManageMachineLearning
+slug: /serverless/security/manage-machine-learning
+title: Manage machine learning settings
+description: Manage ((ml)) settings for your ((elastic-sec)) project.
+tags: [ 'serverless', 'security', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+Navigate to **Machine learning** to manage ((ml)) jobs and project-level settings. Refer to [((ml-cap)) docs](((ml-docs))/ml-ad-overview.html) for more information.
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/osquery/manage-osquery.mdx b/osquery/manage-osquery.mdx
@@ -0,0 +1,18 @@
+---
+id: serverlessSecurityManageOsquery
+slug: /serverless/security/manage-osquery
+title: Manage Osquery
+description: Manage Osquery for your ((elastic-sec)) project.
+tags: [ 'serverless', 'security', 'how-to', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+Navigate to **Investigations** -> **Osquery** to manage project-level [Osquery settings](((kibana-ref))/osquery.html).
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/osquery/use-osquery.mdx b/osquery/use-osquery.mdx
@@ -20,4 +20,4 @@ Osquery is supported for Linux, macOS, and Windows. You can use it with ((elasti
 * **<DocLink id="serverlessSecurityOsqueryResponseAction">Osquery Response Actions</DocLink>** - Use Osquery Response Actions to add live queries to custom query rules.
 * **<DocLink id="serverlessSecurityInvestGuideRunOsquery">Live queries from investigation guides</DocLink>** - Incorporate live queries into investigation guides to enhance your research capabilities while investigating possible security issues.
 * **<DocLink id="serverlessSecurityAlertsRunOsquery">Live queries from alerts</DocLink>** - Run live queries against an alert's host to learn more about your infrastructure and operating systems.
-
+* **<DocLink id="serverlessSecurityManageOsquery">Manage Osquery</DocLink>** - Manage project-level Osquery settings.
diff --git a/rules/detection-rule-management.mdx b/rules/detection-rule-management.mdx
@@ -1,7 +1,7 @@
 ---
-id: serverlessSecurityDetectionRuleManagement
-slug: /serverless/security/detection-rule-management
-title: Detection rule management
+id: serverlessSecurityDetectionRules
+slug: /serverless/security/detection-rules
+title: Detection rules
 # description: Description to be written
 tags: [ 'serverless', 'security', 'overview' ]
 status: rough content
@@ -11,4 +11,6 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
-This is a placeholder for future documentation.
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/settings/advanced-settings.mdx b/settings/advanced-settings.mdx
@@ -1,7 +1,7 @@
 ---
 id: serverlessSecurityAdvancedSettings
 slug: /serverless/security/advanced-settings
-title: Configure advanced settings
+title: Advanced settings
 description: Update advanced ((elastic-sec)) settings.
 tags: ["serverless","security","reference","manage"]
 status: rough content
@@ -11,6 +11,10 @@ import RoughContent from '../partials/rough-content-notice.mdx'
 
 <RoughContent />
 
+<DocCallOut>
+<DocText textAlign="center"><br />**These settings are not yet available for Serverless.**<br /><br /></DocText>
+</DocCallOut>
+
 <div id="advanced-settings"></div>
 
 The advanced settings determine:
diff --git a/settings/manage-elastic-security-settings.mdx b/settings/manage-elastic-security-settings.mdx
diff --git a/settings/manage-settings.mdx b/settings/manage-settings.mdx
@@ -0,0 +1,22 @@
+---
+id: serverlessSecurityManageSettings
+slug: /serverless/security/manage-settings
+title: Manage settings
+# description: Description to be written
+tags: [ 'serverless', 'security', 'overview' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+These pages explain how to manage settings in various areas of the ((security-app)):
+
+* <DocLink id="serverlessSecurityProjectSettings" />: Configure project-wide settings related to users, billing, data management, and more.
+* <DocLink id="serverlessSecurityAdvancedSettings" />: Update advanced ((elastic-sec)) settings.
+* <DocLink id="serverlessSecuritySecRequirements" />: Learn about index and user privilege requirements for specific features.
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/settings/project-settings.mdx b/settings/project-settings.mdx
@@ -0,0 +1,18 @@
+---
+id: serverlessSecurityProjectSettings
+slug: /serverless/security/project-settings
+title: Project settings
+description: Configure project-wide settings related to users, billing, data management, and more.
+tags: [ 'serverless', 'security', 'overview', 'manage' ]
+status: rough content
+---
+
+import RoughContent from '../partials/rough-content-notice.mdx'
+
+<RoughContent />
+
+Navigate to **Project settings** to configure project-wide settings related to users, billing, data management, and more.
+
+<DocCallOut>
+<DocText textAlign="center"><br />**This is a placeholder for future documentation.**<br /><br /></DocText>
+</DocCallOut>
diff --git a/settings/security-stack-management.mdx b/settings/security-stack-management.mdx
