Improve GCP wodle options descriptions

source/cloud-security/gcp/supported-services/access_logs.rst

@@ -10,7 +10,7 @@ Usage logs & storage logs
 
 Google Cloud Storage offers `usage logs and storage logs <https://cloud.google.com/storage/docs/access-logs>`__, also known as access logs, in the form of CSV files that can be downloaded. Usage logs provide information for all of the requests made on a specified bucket and are created hourly. Storage logs provide information about the storage consumption of that bucket for the last day and are created daily. Once set up, usage logs and storage logs are automatically created as new objects in the specified bucket.
 
-To process Storage and Access logs, Wazuh makes use of the ``gcp-bucket`` module. Configure the ``gcp-bucket`` module either in the Wazuh manager or the Wazuh agent. To do so,  modify the :doc:`ossec.conf </user-manual/reference/ossec-conf/index>` configuration file. Check the :ref:`gcp-bucket configuration reference <gcp-bucket>` to learn more.
+To process Storage and Access logs, Wazuh makes use of the ``gcp-bucket`` module. Configure the ``gcp-bucket`` module either in the Wazuh manager or the Wazuh agent. To do so,  modify the :doc:`ossec.conf </user-manual/reference/ossec-conf/index>` configuration file. Check the :doc:`gcp-bucket configuration reference </user-manual/reference/ossec-conf/gcp-bucket>` to learn more.
 
 
 Setting up log delivery to a Google Cloud Storage bucket

source/cloud-security/gcp/supported-services/dns_queries.rst

@@ -8,7 +8,7 @@
 DNS queries
 ===========
 
-Wazuh has default rules for `DNS queries <https://cloud.google.com/monitoring/api/resources#tag_dns_query>`__ made to a private DNS handled by the `Google Cloud DNS <https://cloud.google.com/dns/docs>`__ service. Those logs can be collected using the ``gcp-pubsub`` module. Details on how to configure the module can be found in the :ref:`gcp-pubsub configuration reference <gcp-pubsub>`.
+Wazuh has default rules for `DNS queries <https://cloud.google.com/monitoring/api/resources#tag_dns_query>`__ made to a private DNS handled by the `Google Cloud DNS <https://cloud.google.com/dns/docs>`__ service. Those logs can be collected using the ``gcp-pubsub`` module. Details on how to configure the module can be found in the :doc:`gcp-pubsub configuration reference </user-manual/reference/ossec-conf/gcp-pubsub>`.
 
 Configure Google DNS logs collection
 ------------------------------------

source/cloud-security/gcp/supported-services/index.rst

@@ -28,7 +28,7 @@ The following GCP services are supported by the Wazuh GCP module by pulling the
    firewall
    load_balancing
 
-To check the ``gcp-pubsub`` configuration used to pull data from Google Cloud Pub/Sub, see the :ref:`gcp-pubsub <gcp-pubsub>` section.
+To check the ``gcp-pubsub`` configuration used to pull data from Google Cloud Pub/Sub, see the :doc:`gcp-pubsub </user-manual/reference/ossec-conf/gcp-pubsub>` section.
 
 Supported services using Google Cloud Storage buckets
 -----------------------------------------------------
@@ -40,5 +40,5 @@ The following GCP services are supported by the Wazuh GCP module by pulling the
 
    access_logs
 
-To check the `gcp-bucket` configuration used to pull data from Google Cloud Storage buckets, see the :ref:`gcp-bucket <gcp-bucket>` section.
+To check the `gcp-bucket` configuration used to pull data from Google Cloud Storage buckets, see the :doc:`gcp-bucket </user-manual/reference/ossec-conf/gcp-bucket>` section.
 

source/user-manual/reference/ossec-conf/gcp-bucket.rst

@@ -3,8 +3,6 @@
 .. meta::
   :description: The Wazuh GCP Storage module allows you to process logs stored in Google Cloud Storage buckets. Learn more about how to configure the module in this section.
 
-.. _gcp-bucket:
-
 gcp-bucket
 ==========
 
@@ -15,30 +13,28 @@ gcp-bucket
 		<gcp-bucket>
 		</gcp-bucket>
 
-This configuration section is used to configure the Google Cloud Storage bucket module.
+   This configuration section is used to configure the Google Cloud Storage bucket module.
 
-Options
--------
+.. topic:: Main options:
 
-Main options
-^^^^^^^^^^^^
+   - `enabled`_
+   - `bucket`_
 
-- `enabled`_
-- `bucket type`_
+.. topic:: Scheduling options:
 
-Scheduling options
-^^^^^^^^^^^^^^^^^^
+   - `run_on_start`_
+   - `interval`_
+   - `day`_
+   - `wday`_
+   - `time`_
 
-- `run_on_start`_
-- `interval`_
-- `day`_
-- `wday`_
-- `time`_
+Main options
+------------
 
 enabled
 ^^^^^^^
 
-This indicates if the module is enabled or disabled.
+Enables or disables the module.
 
 +--------------------+--------------+
 | **Default value**  | n/a          |
@@ -55,46 +51,75 @@ logging
 This option has no effect. The module now uses the :ref:`wazuh_modules.debug <wazuh_modules_options>` level to set its logging level.
 
 
-bucket type
-^^^^^^^^^^^
+bucket
+^^^^^^
 
 Defines a bucket to process. It must have its ``type`` attribute defined. It supports multiple instances of this option.
 
-Bucket options
-~~~~~~~~~~~~~~
+   .. code-block:: xml
 
-- `bucket\\name`_
-- `bucket\\credentials_file`_
-- `bucket\\path`_
-- `bucket\\only_logs_after`_
-- `bucket\\remove_from_bucket`_
+      <bucket type="access_logs">
 
-type
-^^^^
+      </bucket>
+
+.. topic:: Bucket attributes
+
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+   | Attributes                             | Allowed values                                              | Mandatory/Optional                            |
+   +========================================+=============================================================+===============================================+
+   | :ref:`type_attribute`                  | ``access_logs``                                             | Mandatory                                     |
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+
+.. topic:: Bucket options
+
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+   | Options                                | Allowed values                                              | Mandatory/Optional                            |
+   +========================================+=============================================================+===============================================+
+   | :ref:`gcp_bucket_name`                 | Any valid bucket name                                       | Mandatory                                     |
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+   | :ref:`gcp_bucket_credentials_file`     | Path to a credentials file.                                 | Mandatory                                     |
+   |                                        | It can be absolute or relative to ``WAZUH_HOME``            |                                               |
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+   | :ref:`gcp_bucket_path`                 | Any valid path                                              | Optional                                      |
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+   | :ref:`gcp_bucket_only_logs_after`      | Valid date in YYYY-MM-DD format                             | Optional                                      |
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
+   | :ref:`gcp_bucket_remove_from_bucket`   | A value to determine if each log file is deleted once it    | Optional                                      |
+   |                                        | has been collected by the module                            |                                               |
+   +----------------------------------------+-------------------------------------------------------------+-----------------------------------------------+
 
-Specifies the type of bucket. It is an attribute of the ``bucket`` tag.
+.. _type_attribute:
+
+type (attribute)
+~~~~~~~~~~~~~~~~
+
+Specifies the type of bucket.
 
 +--------------------+-------------+
 | **Default value**  | N/A         |
 +--------------------+-------------+
 | **Allowed values** | access_logs |
 +--------------------+-------------+
 
-bucket\\name
-^^^^^^^^^^^^
+.. _gcp_bucket_name:
+
+name
+~~~~
 
-Name of the Google Cloud Storage bucket from where logs are read.
+Name of the Google Cloud Storage bucket from which logs are read.
 
 +--------------------+-----------------------------+
 | **Default value**  | N/A                         |
 +--------------------+-----------------------------+
 | **Allowed values** | Any valid bucket name       |
 +--------------------+-----------------------------+
 
-bucket\\credentials_file
-^^^^^^^^^^^^^^^^^^^^^^^^
+.. _gcp_bucket_credentials_file:
 
-This setting specifies the path to the Google Cloud credentials file in JW Tokens. It allows both relative (to $HOME_INSTALLATION) and absolute paths.
+credentials_file
+~~~~~~~~~~~~~~~~
+
+Path to the Google Cloud credentials file. It can be an absolute path or relative to ``WAZUH_HOME``.
 
 +--------------------+--------------------------------+
 | **Default value**  | n/a                            |
@@ -104,45 +129,52 @@ This setting specifies the path to the Google Cloud credentials file in JW Token
 
 For example ``<credentials_file>wodles/gcp-bucket/credentials.json</credentials_file>``.
 
-bucket\\path
-^^^^^^^^^^^^
+.. _gcp_bucket_path:
+
+path
+~~~~
 
-If defined, the path or prefix for the bucket.
+Bucket path or prefix.
 
 +--------------------+---------------+
 | **Default value**  | N/A           |
 +--------------------+---------------+
 | **Allowed values** | Valid path    |
 +--------------------+---------------+
 
-bucket\\only_logs_after
-^^^^^^^^^^^^^^^^^^^^^^^
+.. _gcp_bucket_only_logs_after:
 
-A valid date, in YYYY-MMM-DD format. Only logs from that date onwards will be parsed.
+only_logs_after
+~~~~~~~~~~~~~~~
+
+Parse logs from a specific date onwards. It must follow the YYYY-MM-DD format. 
 
 +--------------------+-----------------------------------+
 | **Default value**  | Date of execution at ``00:00:00`` |
 +--------------------+-----------------------------------+
-| **Allowed values** | Valid date                        |
+| **Allowed values** | Valid date [YYYY-MM-DD]           |
 +--------------------+-----------------------------------+
 
-bucket\\remove_from_bucket
-^^^^^^^^^^^^^^^^^^^^^^^^^^
+.. _gcp_bucket_remove_from_bucket:
+
+remove_from_bucket
+~~~~~~~~~~~~~~~~~~
 
-Define if logs from the Google Cloud Storage bucket should be removed after they are read by the module.
+Remove the logs from the Google Cloud Storage bucket once the module reads them.
 
 +--------------------+---------+
 | **Default value**  | no      |
 +--------------------+---------+
 | **Allowed values** | yes, no |
 +--------------------+---------+
 
-
+Scheduling options
+------------------
 
 run_on_start
 ^^^^^^^^^^^^^
 
-Trigger the module in case the Wazuh service starts or restarts.
+Run the module on Wazuh service start or restart.
 
 +--------------------+---------+
 | **Default value**  | yes     |
@@ -153,7 +185,7 @@ Trigger the module in case the Wazuh service starts or restarts.
 interval
 ^^^^^^^^
 
-The interval between module executions.
+Time interval between module executions.
 
 +--------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------+
 | **Default value**  | 1h                                                                                                                                                             |
@@ -164,7 +196,7 @@ The interval between module executions.
 day
 ^^^
 
-Day of the month to run the script to fetch logs from GCP.
+Day of the month to retrieve logs from GCP.
 
 +--------------------+--------------------------+
 | **Default value**  | n/a                      |
@@ -179,7 +211,7 @@ Day of the month to run the script to fetch logs from GCP.
 wday
 ^^^^
 
-Day of the week to run the script to fetch logs. This option is **not compatible** with the ``day`` option.
+Day of the week to retrieve logs from GCP. This option is **not compatible** with the ``day`` option.
 
 +--------------------+--------------------------+
 | **Default value**  | n/a                      |