misc doc updates

airbnb · Feb 20, 2020 · 4b0e068 · 4b0e068
1 parent 80390d9
commit 4b0e068
Show file tree

Hide file tree

Showing 13 changed files with 96 additions and 100 deletions.
diff --git a/docs/source/apps.rst b/docs/source/apps.rst
@@ -76,7 +76,7 @@ To get help configuring a new App, use:
 
 .. code-block:: bash
 
-  $ python manage.py app new --help
+  python manage.py app new --help
 
 
 Configuring an App
@@ -85,7 +85,7 @@ The StreamAlert CLI is used to add a new App configuration.
 
 .. code-block:: bash
 
-  $ python manage.py app new \
+  python manage.py app new \
   --type duo_auth \
   --cluster prod \
   --name duo_prod_collector \
@@ -150,7 +150,7 @@ The recommended process is to deploy both the `apps` function and the `classifie
 
 .. code-block:: bash
 
-  $ python manage.py deploy --function classifier apps
+  python manage.py deploy --function classifier apps
 
 
 Authorizing the Slack App
@@ -198,7 +198,7 @@ To list currently configured Apps (grouped by cluster), use the CLI command:
 
 .. code-block:: bash
 
-  $ python manage.py app list
+  python manage.py app list
 
 Example output::
 
@@ -221,7 +221,7 @@ To update an App's credentials, run the the following command:
 
 .. code-block:: bash
 
-  $ python manage.py app update-auth --cluster <cluster> --name <app_name>
+  python manage.py app update-auth --cluster <cluster> --name <app_name>
 
 
 This will have you follow a process similar to `configuring a new App <app-configuration.html#example-prompts-for-duo-auth>`_.

diff --git a/docs/source/config-clusters.rst b/docs/source/config-clusters.rst
@@ -24,8 +24,8 @@ Changes to cluster configuration can be applied with one of the following:
 
 .. code-block:: bash
 
-  $ python manage.py build  # Apply all changes
-  $ python manage.py build --target cloudwatch_monitoring_*  # Only apply changes to CloudWatch Monitoring module for all clusters
+  python manage.py build  # Apply all changes
+  python manage.py build --target cloudwatch_monitoring_*  # Only apply changes to CloudWatch Monitoring module for all clusters
 
 *****************
 Required Settings
@@ -638,7 +638,7 @@ First, update the Kinesis Stream shard count with the following command:
 
 .. code-block:: bash
 
-  $ aws kinesis update-shard-count \
+  aws kinesis update-shard-count \
     --stream-name <prefix>_<cluster>_streamalert_kinesis \
     --target-shard-count <new_shard_count> \
     --scaling-type UNIFORM_SCALING
@@ -657,7 +657,7 @@ Finally, apply the Terraform changes to ensure a consistent state.
 
 .. code-block:: bash
 
-  $ python manage.py build --target kinesis
+  python manage.py build --target kinesis
 
 
 Kinesis Events

diff --git a/docs/source/config-global.rst b/docs/source/config-global.rst
@@ -42,8 +42,8 @@ Options
 
   .. code-block:: bash
 
-    $ python manage.py configure aws_account_id 111111111111  # Replace with your 12-digit AWS account ID
-    $ python manage.py configure prefix <value>               # Choose a unique name prefix (alphanumeric characters only)
+    python manage.py configure aws_account_id 111111111111  # Replace with your 12-digit AWS account ID
+    python manage.py configure prefix <value>               # Choose a unique name prefix (alphanumeric characters only)
 
   However, if a different `region` is desired, it must be changed manually.
 
@@ -450,7 +450,7 @@ Options
 
   .. code-block:: bash
 
-    $ python manage.py rule-staging enable --true
+    python manage.py rule-staging enable --true
 
 
 S3 Access Logging

diff --git a/docs/source/deployment.rst b/docs/source/deployment.rst
@@ -12,7 +12,7 @@ To initialize StreamAlert:
 
 .. code-block:: bash
 
-  $ python manage.py init
+  python manage.py init
 
 This will perform the following:
 
@@ -35,32 +35,32 @@ To deploy new changes for all AWS Lambda functions:
 
 .. code-block:: bash
 
-  $ python manage.py deploy --function all
+  python manage.py deploy --function all
 
 Optionally, to deploy changes for only a specific AWS Lambda function:
 
 .. code-block:: bash
 
-  $ python manage.py deploy --function alert
-  $ python manage.py deploy --function alert_merger
-  $ python manage.py deploy --function apps
-  $ python manage.py deploy --function athena
-  $ python manage.py deploy --function classifier
-  $ python manage.py deploy --function rule
-  $ python manage.py deploy --function rule_promo
-  $ python manage.py deploy --function threat_intel_downloader
+  python manage.py deploy --function alert
+  python manage.py deploy --function alert_merger
+  python manage.py deploy --function apps
+  python manage.py deploy --function athena
+  python manage.py deploy --function classifier
+  python manage.py deploy --function rule
+  python manage.py deploy --function rule_promo
+  python manage.py deploy --function threat_intel_downloader
 
 To apply infrastructure level changes (additional Kinesis Shards, new CloudTrails, etc), run:
 
 .. code-block:: bash
 
-  $ python manage.py build
+  python manage.py build
 
 To apply specific changes to speed up terraform run, use the ``list-targets`` command and the ``build`` command with the ``--target`` option:
 
 .. code-block:: bash
 
-  $ python manage.py list-targets
+  python manage.py list-targets
 
     Target                                                                                Type
     ----------------------------------------------------------------------------------------------
@@ -75,9 +75,9 @@ To apply specific changes to speed up terraform run, use the ``list-targets`` co
     metric_filters_Classifier_FirehoseRecordsSent_PROD                                    module
     ...
 
-  $ python manage.py build --target cloudwatch_monitoring_prod        # apply to single module
-  $ python manage.py build --target kinesis_prod classifier_prod_iam  # apply to two modules
-  $ python manage.py build --target metric_filters_Classifier_*_PROD  # apply to three modules
+  python manage.py build --target cloudwatch_monitoring_prod        # apply to single module
+  python manage.py build --target kinesis_prod classifier_prod_iam  # apply to two modules
+  python manage.py build --target metric_filters_Classifier_*_PROD  # apply to three modules
 
 
 Monitoring Functions
@@ -95,8 +95,8 @@ to point to the previous version:
 
 .. code-block:: bash
 
-  $ python manage.py rollback --function rule
-  $ python manage.py rollback --function alert
-  $ python manage.py rollback --function all
+  python manage.py rollback --function rule
+  python manage.py rollback --function alert
+  python manage.py rollback --function all
 
 This is helpful to quickly revert changes to Lambda functions, e.g. if a bad rule was deployed.
diff --git a/docs/source/getting-started.rst b/docs/source/getting-started.rst
@@ -17,16 +17,13 @@ Install Dependencies
   brew install terraform  # MacOS Homebrew
   terraform --version     # Must be >= v0.12.9
 
-.. note:: Terraform versions lower than 0.12 are not supported. Recommend to install terraform version 0.12.9 or up.
+.. note::
 
-3. Install `virtualenv <https://virtualenv.pypa.io/en/stable/installation/>`_:
+  Terraform versions lower than 0.12 are not supported. We recommend installing Terraform
+  version 0.12.9 or greater.
 
-.. code-block:: bash
-
-  pip install --user virtualenv
-  virtualenv --version
 
-4. If you're on a Linux system, you may need to install the Python development libraries:
+3. If you are using Linux, you may need to install the Python development libraries:
 
 .. code-block:: bash
 
@@ -48,7 +45,7 @@ Download StreamAlert
 .. code-block:: bash
 
   cd streamalert
-  virtualenv -p python3.7 venv
+  python3.7 -m virtualenv venv
   source venv/bin/activate
 
 3. Install the StreamAlert requirements:
@@ -103,14 +100,14 @@ Deploy
 
 .. code-block:: bash
 
-  $ python manage.py configure aws_account_id 111111111111  # Replace with your 12-digit AWS account ID
-  $ python manage.py configure prefix <value>               # Choose a unique name prefix (alphanumeric characters only)
+  python manage.py configure aws_account_id 111111111111  # Replace with your 12-digit AWS account ID
+  python manage.py configure prefix <value>               # Choose a unique name prefix (alphanumeric characters only)
 
 2. Build the StreamAlert infrastructure for the first time:
 
 .. code-block:: bash
 
-  $ python manage.py init
+  python manage.py init
 
 There will be multiple Terraform prompts, type "yes" at each one to continue.
 
@@ -197,7 +194,7 @@ Open ``conf/clusters/prod.json`` and change the ``data_sources`` section to look
 
 .. code-block:: bash
 
-  $ python manage.py output aws-sns
+  python manage.py output aws-sns
 
   Please supply a short and unique descriptor for this SNS topic: test-email
 
@@ -223,10 +220,10 @@ alerts on any usage of the root AWS account. Change the rule decorator to:
 .. code-block:: bash
 
   # Hook the streamalert-test-data SNS topic up to the StreamAlert Classifier function
-  $ python manage.py build
+  python manage.py build
 
   # Deploy a new version of all of the Lambda functions with the updated rule and config files
-  $ python manage.py deploy --function all
+  python manage.py deploy --function all
 
 .. note:: Use ``build`` and ``deploy`` to apply any changes to StreamAlert's
    configuration or Lambda functions, respectively. Some changes (like this example) require both.

diff --git a/docs/source/historical-search.rst b/docs/source/historical-search.rst
@@ -37,7 +37,7 @@ To create tables for searching data sent to StreamAlert, run:
 
 .. code-block:: bash
 
-  $ python manage.py athena create-table \
+  python manage.py athena create-table \
     --bucket <prefix>-streamalert-data \
     --table-name <log_name>
 
@@ -54,8 +54,8 @@ Once the options above are set, deploy the infrastructure with the following com
 
 .. code-block:: bash
 
-  $ python manage.py build
-  $ python manage.py deploy --function classifier
+  python manage.py build
+  python manage.py deploy --function classifier
 
 
 *******************
@@ -135,7 +135,7 @@ If any of the settings above are changed from the initialized defaults, the Lamb
 
 .. code-block:: bash
 
-  $ python manage.py deploy --function athena
+  python manage.py deploy --function athena
 
 Going forward, if the deploy flag ``--function all`` is used, it will redeploy this function along with the ``rule`` function and ``alert`` function.
 

diff --git a/docs/source/index.rst b/docs/source/index.rst
@@ -1,17 +1,16 @@
-###########
-StreamAlert
-###########
 .. image:: ../images/sa-banner.png
   :align: center
   :alt: StreamAlert
 
-StreamAlert is a serverless, real-time data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using data sources and alerting logic you define.
-Computer security teams use StreamAlert to scan terabytes of log data every day for incident detection and response.
 
-
-********
+########
 Overview
-********
+########
+StreamAlert is a serverless, real-time data analysis framework which empowers you to ingest,
+analyze, and alert on data from any environment, using data sources and alerting logic you define.
+Computer security teams use StreamAlert to scan terabytes of log data every day for incident
+detection and response.
+
 Incoming log data will be classified and then processed by the StreamAlert rules
 engine running in your AWS account. Rule matches are reported to one or more alert outputs:
 

diff --git a/docs/source/lookup-tables.rst b/docs/source/lookup-tables.rst
@@ -168,9 +168,9 @@ It is **not** advisable (yet) for StreamAlert Lambdas to write values into Looku
 advisable for external Lambdas (or other processes) to manage the data in LookupTables.
 
 
-manage.py lookup-tables
-=======================
-Out of the box, there's a new StreamAlert CLI command, ``lookup-tables``, with three subcommands:
+CLI Management
+==============
+There is a StreamAlert CLI command for managing LookupTables, ``python manage.py lookup-tables``, with three subcommands:
 
 * ``describe-tables``
 * ``get``

diff --git a/docs/source/metrics.rst b/docs/source/metrics.rst
@@ -87,14 +87,14 @@ To globally (for all clusters) disable custom metrics for the classifier functio
 
 .. code-block:: bash
 
-  $ python manage.py custom-metrics --disable --functions classifier
+  python manage.py custom-metrics --disable --functions classifier
 
 
 To disable custom metrics for the classifier function within specific cluster:
 
 .. code-block:: bash
 
-  $ python manage.py custom-metrics --disable --functions classifier --clusters <CLUSTER>
+  python manage.py custom-metrics --disable --functions classifier --clusters <CLUSTER>
 
 
 Swap the ``--disable`` flag for ``--enable`` in the above commands to have the inverse affect.
@@ -111,13 +111,13 @@ To get an up-to-date list of metrics to which alarms can be assigned on a cluste
 
 .. code-block:: bash
 
-  $ python manage.py create-cluster-alarm --help
+  python manage.py create-cluster-alarm --help
 
 To get an up-to-date list of metrics to which alarms can be assigned on an aggregate/global level, run:
 
 .. code-block:: bash
 
-  $ python manage.py create-alarm --help
+  python manage.py create-alarm --help
 
 
 The required arguments for the ``create-alarm`` and ``create-cluster-alarm`` commands mimic what is
@@ -130,16 +130,16 @@ FailedParses alarm at the ``prod`` cluster level
 
 .. code-block:: bash
 
-  $ manage.py create-cluster-alarm FailedParsesAlarm \
-  --metric FailedParses \
-  --metric-target cluster \
-  --comparison-operator GreaterThanOrEqualToThreshold \
-  --evaluation-periods 1 \
-  --period 600 \
-  --threshold 5.0 \
-  --alarm-description 'Trigger this alarm if 5 or more failed parses occur within a 10 minute period in the cluster "prod"' \
-  --clusters prod \
-  --statistic Sum
+  python manage.py create-cluster-alarm FailedParsesAlarm \
+    --metric FailedParses \
+    --metric-target cluster \
+    --comparison-operator GreaterThanOrEqualToThreshold \
+    --evaluation-periods 1 \
+    --period 600 \
+    --threshold 5.0 \
+    --alarm-description 'Trigger this alarm if 5 or more failed parses occur within a 10 minute period in the cluster "prod"' \
+    --clusters prod \
+    --statistic Sum
 
 
 Example: TotalRecords, Global
@@ -148,14 +148,14 @@ TotalRecords alarm on a global level
 
 .. code-block:: bash
 
-  $ manage.py create-alarm MinimumTotalRecordsAlarm \
-  --metric TotalRecords \
-  --metric-target aggregate \
-  --comparison-operator LessThanThreshold \
-  --evaluation-periods 3 \
-  --period 600 \
-  --threshold 200000 \
-  --alarm-description 'Trigger this alarm if the total incoming records (aggregate) drops below 200000 for 3 consecutive 10 minute time periods in a row' \
-  --statistic Sum
+  python manage.py create-alarm MinimumTotalRecordsAlarm \
+    --metric TotalRecords \
+    --metric-target aggregate \
+    --comparison-operator LessThanThreshold \
+    --evaluation-periods 3 \
+    --period 600 \
+    --threshold 200000 \
+    --alarm-description 'Trigger this alarm if the total incoming records (aggregate) drops below 200000 for 3 consecutive 10 minute time periods in a row' \
+    --statistic Sum
 
 The custom metric alarms will notify StreamAlert's default SNS topic for monitoring: ``<prefix>_streamalert_monitoring``