diff --git a/content/nim/monitoring/security-monitoring/configure/_index.md b/content/nim/monitoring/security-monitoring/configure/_index.md
index 0abd112a1..f2c40cdbe 100644
--- a/content/nim/monitoring/security-monitoring/configure/_index.md
+++ b/content/nim/monitoring/security-monitoring/configure/_index.md
@@ -1,6 +1,5 @@
---
title: Configure
description:
-weight: 100
-url: /nginx-instance-manager/monitoring/security-monitoring/configure/
+weight: 200
---
\ No newline at end of file
diff --git a/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md b/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md
index b010c215d..a3e26dc77 100644
--- a/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md
+++ b/content/nim/monitoring/security-monitoring/configure/create-role-security-monitoring.md
@@ -1,16 +1,13 @@
---
+title: Add user access to Security Monitoring dashboards
description: Learn how to grant users access to the F5 NGINX Security Monitoring dashboards.
-docs: DOCS-1026
-doctypes:
-- task
-tags:
-- docs
-title: Give Users Access to Security Monitoring Dashboards
toc: true
weight: 200
----
+doctype: how-to
+product: NIM
+docs: DOCS-1026
-{{< shortversions "1.0.0" "latest" "secvers" >}}
+---
## Overview
@@ -18,13 +15,15 @@ You can use F5 NGINX Security Monitoring to monitor NGINX App Protect WAF instan
By completing the steps in this topic, you will create a role that gives users access to the Security Monitoring module and logs, and assign it to user accounts or groups.
-{{}}The recommendations in this guide follow the principle of least privilege and do not grant users access to NGINX Instance Manager. You can create additional roles with custom modules, features, and permissions to suit your use case.{{}}
+{{< note >}} The recommendations in this guide follow the principle of least privilege and do not grant users access to NGINX Instance Manager. You can create additional roles with custom modules, features, and permissions to suit your use case. {{ note >}}
+
+---
-## Before You Begin
+## Before you begin
Complete the following prerequisites before proceeding with this guide:
-- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md" >}}) and running.
+- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running.
- Your user account needs to be able to access the User Management settings in NGINX Instance Manager.
The minimum required role permissions are:
@@ -44,19 +43,26 @@ Complete the following prerequisites before proceeding with this guide:
{{}}
+---
-## Create a Role
+## Create a role
{{< include "nim/rbac/create-roles.md" >}}
-## Assign the Role
+---
+
+## Assign the role
After you've created a role for Security Monitoring, assign the role to one or more users or to a user group.
-### Assign the Role to Users
+---
+
+### Assign the role to users
{{< include "nim/rbac/assign-roles-to-users.md" >}}
-### Assign the Role to User Groups
+---
+
+### Assign the role to user groups
{{< include "nim/rbac/assign-roles-to-user-groups.md" >}}
diff --git a/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md b/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md
index 0f82488ea..4b252c247 100644
--- a/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md
+++ b/content/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances.md
@@ -1,14 +1,12 @@
---
+title: Create App Protect WAF instances for Security Monitoring
description: Learn how to set up F5 NGINX App Protect data plane instances for use with
the NGINX Security Monitoring and NGINX Instance Manager.
-docs: DOCS-1107
-doctypes:
-- task
-tags:
-- docs
-title: Set Up App Protect Instances for Security Monitoring
toc: true
weight: 100
+type: how-to
+product: NIM
+docs: DOCS-1107
---
## Overview
@@ -18,7 +16,9 @@ F5 NGINX Security Monitoring supports the following use cases:
- **Security Monitoring only**: Use only the Security Monitoring module to monitor data from NGINX App Protect WAF instances. You will be able to review the security dashboards to assess potential threats and identify opportunities to fine-tune your policies. Your NGINX App Protect WAF configurations are managed outside of the NGINX Instance Manager context.
- **Security Monitoring and Instance Manager**: Use the Security Monitoring module with the NGINX Instance Manager. In addition to monitoring your application security, you will be able to manage your NGINX App Protect WAF configurations and security policies in a single location and push pre-compiled updates to an instance or instance group.
-### Before You Begin
+---
+
+## Before you begin
Complete the following prerequisites before proceeding with the steps in this guide.
@@ -32,10 +32,11 @@ Complete the following prerequisites before proceeding with the steps in this gu
{{< include "nim/tech-specs/security-data-plane-dependencies.md" >}}
1. Determine your use case: **Security Monitoring only** or **Security Monitoring and Configuration Management**.
-1. [Install the NGINX Security Monitoring module]({{< relref "/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md" >}}) and [upload your license]({{< relref "/nim/admin-guide/license/add-license.md" >}}).
+1. [Install the NGINX Security Monitoring module]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and [upload your license]({{< relref "/nim/admin-guide/license/add-license.md" >}}).
+---
-## Install NGINX Agent {#agent-config}
+## Install NGINX Agent
NGINX Agent is a companion daemon for NGINX Open Source or NGINX Plus instance that provides:
@@ -144,7 +145,9 @@ sudo sh ./install.sh --nap-monitoring true --nginx-app-protect-mode precompiled-
sudo systemctl restart nginx-agent
```
-## Set Up Instances for Security Monitoring Only {#monitor-only}
+---
+
+## Create instances for Security Monitoring only
Complete the steps in this section if you are only using the Security Monitoring module to monitor your application security. In this use case, you are **not using Instance Manager** to manage your WAF security policies.
@@ -198,7 +201,9 @@ Repeat the steps below on each NGINX App Protect WAF data plane instance.
You should now be able to view data from your NGINX App Protect instances in the NGINX Security Monitoring dashboards.
-## Set up Instances for Security Monitoring with Instance Manager {#monitor-and-manage}
+---
+
+## Create instances for Security Monitoring with Instance Manager
Complete the steps in this section if you want to use the Security Monitoring module **and** Instance Manager. In this use case, you will use NGINX Instance Manager to monitor threats and to manage your NGINX App Protect WAF configurations and security policies.
@@ -235,7 +240,7 @@ Take the steps below to update your NGINX App Protect WAF configurations by usin
You should now be able to view data from your NGINX App Protect WAF instances in the Security Monitoring dashboard.
-## What's Next
+## See also
- [Grant Users Access to the Security Monitoring Dashboards]({{< relref "create-role-security-monitoring" >}}): Follow the steps in this guide to allow other users in your organization to access the Security Monitoring Dashboards.
diff --git a/content/nim/monitoring/security-monitoring/configure/update-geo-db.md b/content/nim/monitoring/security-monitoring/configure/update-geo-db.md
index a2d03eadc..7eadcef1d 100644
--- a/content/nim/monitoring/security-monitoring/configure/update-geo-db.md
+++ b/content/nim/monitoring/security-monitoring/configure/update-geo-db.md
@@ -1,42 +1,39 @@
---
+title: Update the geolocation database used in dashboards
description: Learn how to update the Geolocation Database used in F5 NGINX Management
Suite Security Monitoring dashboards.
-docs: DOCS-1108
-doctypes:
-- task
-tags:
-- docs
-title: Update Geolocation Database used in Security Monitoring Dashboards
toc: true
-weight: 200
+weight: 400
+type: how-to
+product: NIM
+docs: DOCS-1108
---
-{{< shortversions "1.0.0" "latest" "secvers" >}}
-
-
-
## Overview
You can use F5 NGINX Security Monitoring to monitor NGINX App Protect WAF instances. The Security Monitoring analytics dashboard uses MaxMind's GeoLite2 Free Database to provide extra Geolocation data for Security Violations.
By completing the steps in this topic, you will be able to update the Security Monitoring module to get the latest Geolocation database such that the dashboards can provide accurate data.
-## Before You Begin
+---
+
+## Before you begin
Complete the following prerequisites before proceeding with this guide:
-- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md" >}}) and running.
+- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running.
- NGINX App Protect is configured, and the Security Monitoring dashboard is gathering security violations
-## How to update Geolocation Database
+
+---
+
+## Update the geolocation database
1. Create a [MaxMind](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data/) account and subscribe to get the latest updates to the Geolocation database.
1. Download the GeoLite2 Country (Edition ID: GeoLite2-Country) database in a GeoIP2 Binary `.mmdb` format from the [MaxMind](https://www.maxmind.com/en/accounts/current/geoip/downloads) website. The database will be present in a `gzip` downloaded file.
1. Unzip the downloaded `gzip` file, which contains the binary data of the GeoLite2 Country database with a filename `GeoLite2-Country.mmdb`
1. Replace the `GeoLite2-Country.mmdb` present on your NGINX Instance Manager's Control Plane at `/usr/share/nms/geolite2/GeoLite2-Country.mmdb` with the newly downloaded GeoLite2 Country database.
- Example:
-
```bash
sudo scp /path/to/GeoLite2-Country.mmdb {user}@{host}:/usr/share/nms/geolite2/GeoLite2-Country.mmdb
```
diff --git a/content/nim/monitoring/security-monitoring/configure/update-signatures.md b/content/nim/monitoring/security-monitoring/configure/update-signatures.md
index 79d69679f..6301708d9 100644
--- a/content/nim/monitoring/security-monitoring/configure/update-signatures.md
+++ b/content/nim/monitoring/security-monitoring/configure/update-signatures.md
@@ -1,37 +1,37 @@
---
+title: Update the Attack Signature Database
description: Learn how to update the Attack Signature Database used in F5 NGINX Management
Suite Security Monitoring dashboards.
-docs: DOCS-1109
-doctypes:
-- task
-tags:
-- docs
-title: Manage the Security Monitoring Signature Database
toc: true
-weight: 200
+weight: 300
+type: how-to
+product: NIM
+docs: DOCS-1109
---
-{{< shortversions "1.0.0" "latest" "secvers" >}}
-
## Overview
-You can use the F5 NGINX Security Monitoring module to monitor NGINX App Protect WAF instances for security. The Security Monitoring module analytics dashboards utilize a Signature Database to give more detail about the Attack Signatures that have caused a Security Violation, like the Signature's name, accuracy, and risk. If the Signature Database is not updated to match the Attack Signature version used for App Protect WAF protection, new signatures may be triggered without a name or other attributes like risk and accuracy.
+You can use the F5 NGINX Security Monitoring module to monitor NGINX App Protect WAF instances for security. The Security Monitoring module analytics dashboards utilize a Signature Database to give more detail about the Attack Signatures that have caused a Security Violation, like the Signature's name, accuracy, and risk.
-Make sure the dashboards show the right info by following the steps in this topic to update the Security Monitoring module with the newest Attack Signature data.
+If the Signature Database is not updated to match the Attack Signature version used for App Protect WAF protection, new signatures may be triggered without a name or other attributes like risk and accuracy.
+
+The steps in this topic ensure that dashboards show the correct information by updating the Security Monitoring module with the newest Attack Signature data.
+
+---
-## Before You Begin
+## Before you begin
Complete the following prerequisites before proceeding with this guide:
-- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md" >}}) and running
+- NGINX Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running
- NGINX App Protect is configured, and the Security Monitoring dashboard is gathering security violations
-## How to Update the Signature Database
+---
-1. Open an SSH connection to the data plane host and log in.
-1. Use the [Attack Signature Report Tool](https://docs.nginx.com/nginx-app-protect/configuration-guide/configuration/#attack-signature-report-tool) to generate a Signature Report file. The filename must be `signature-report.json`.
+## Update the Signature Database
- Example:
+1. Open an SSH connection to the data plane host and log in.
+1. Use the [Attack Signature Report Tool]({{< relref "/nap-waf/v4/configuration-guide/configuration.md#attack-signature-report-tool" >}}) to generate a Signature Report file. The filename must be `signature-report.json`.
```bash
sudo /opt/app_protect/bin/get-signatures -o ./signature-report.json
@@ -40,8 +40,6 @@ Complete the following prerequisites before proceeding with this guide:
1. Open an SSH connection to the management plane host and log in.
1. Replace the `signature-report.json` on your NGINX Instance Manager's control plane at `/usr/share/nms/sigdb/signature-report.json` with the newly generated Signature Report.
- Example:
-
```bash
sudo scp /path/to/signature-report.json {user}@{host}:/usr/share/nms/sigdb/signature-report.json
```
@@ -51,4 +49,4 @@ Complete the following prerequisites before proceeding with this guide:
```bash
sudo systemctl restart nms-ingestion
sudo systemctl restart nms-core
- ```
+ ```
\ No newline at end of file
diff --git a/content/nim/monitoring/security-monitoring/deploy/_index.md b/content/nim/monitoring/security-monitoring/deploy/_index.md
deleted file mode 100644
index 1e50bc359..000000000
--- a/content/nim/monitoring/security-monitoring/deploy/_index.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Deploy
-description:
-weight: 1
-url: /nginx-instance-manager/monitoring/security-monitoring/deploy/
----
\ No newline at end of file
diff --git a/content/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md b/content/nim/monitoring/security-monitoring/install-security-monitoring.md
similarity index 88%
rename from content/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md
rename to content/nim/monitoring/security-monitoring/install-security-monitoring.md
index 317824ee1..db0164269 100644
--- a/content/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md
+++ b/content/nim/monitoring/security-monitoring/install-security-monitoring.md
@@ -1,29 +1,32 @@
---
-description:
-docs: DOCS-1208
-doctypes:
-- tutorial
-tags:
-- docs
-title: "Install or Upgrade Security Monitoring"
+title: "Install or upgrade Security Monitoring"
toc: true
-weight: 40
+weight: 100
+doctype: how-to
+product: NIM
+docs: DOCS-1208
---
## Overview
Follow the steps in this guide to install or upgrade or upgrade the NGINX Security Monitoring module.
-## Before You Begin
+---
+
+## Before you begin
-### Security Considerations
+### Security considerations
{{< include "installation/secure-installation.md" >}}
-### Installation Prerequisites
+---
+
+### Installation prerequisites
{{< include "installation/nms-prerequisites.md" >}}
+---
+
### Dependencies with Instance Manager
{{< include "nim/tech-specs/security-management-plane-dependencies.md" >}}
@@ -77,11 +80,16 @@ Follow the steps in this guide to install or upgrade or upgrade the NGINX Securi
```
-### Accessing the Web Interface
+---
+
+### Access the web interface
{{< include "installation/access-web-ui.md" >}}
-### Add License
+
+---
+
+### Add license
A valid license is required to make full use of all the features in Security Monitoring module.
@@ -89,7 +97,7 @@ Refer to the [Add a License]({{< relref "/nim/admin-guide/license/add-license.md
---
-## Upgrade Security Monitoring {#upgrade-security-monitoring}
+## Upgrade Security Monitoring
{{}}The upgrade process for Security Monitoring **does not** automatically upgrade Instance Manager, which is a package dependency. To ensure compatibility with Security Monitoring, you will need to manually [upgrade Instance Manager]({{< relref "/nim/deploy/vm-bare-metal/install.md#upgrade-nim" >}}) to a version supported by Security Monitoring. For specific version dependencies between Security Monitoring and Instance Manager, refer to the [Security Monitoring release notes]({{< relref "/nim/monitoring/security-monitoring/releases/release-notes.md" >}}).{{}}
@@ -142,10 +150,8 @@ Refer to the [Add a License]({{< relref "/nim/admin-guide/license/add-license.md
---
-## What's Next
-
-### Set Up Data Plane
+## See also
To set up your NGINX App Protect WAF data plane instances for use with Security Monitoring, refer to the following instructions:
-- [Set Up App Protect Instances for Security Monitoring]({{< relref "/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances" >}})
+- [Create App Protect WAF instances for Security Monitoring]({{< relref "/nim/monitoring/security-monitoring/configure/set-up-app-protect-instances" >}})
diff --git a/content/nim/monitoring/security-monitoring/releases/_index.md b/content/nim/monitoring/security-monitoring/releases/_index.md
index fa3c4c338..65ec4e6d0 100644
--- a/content/nim/monitoring/security-monitoring/releases/_index.md
+++ b/content/nim/monitoring/security-monitoring/releases/_index.md
@@ -1,6 +1,5 @@
---
title: Releases
description: "Stay up-to-date with the latest F5 NGINX Security Monitoring releases."
-weight: 800
-url: /nginx-instance-manager/monitoring/security-monitoring/releases/
+weight: 300
---
diff --git a/content/nim/monitoring/security-monitoring/releases/known-issues.md b/content/nim/monitoring/security-monitoring/releases/known-issues.md
index 9621bd342..898f1a037 100644
--- a/content/nim/monitoring/security-monitoring/releases/known-issues.md
+++ b/content/nim/monitoring/security-monitoring/releases/known-issues.md
@@ -1,20 +1,17 @@
---
+title: Known issues
description: This document lists and describes the known issues and possible workarounds
in the F5 NGINX Security Monitoring module. Fixed issues are removed
after **45 days**.
-docs: DOCS-1077
-tags:
-- docs
-title: Known Issues
toc: true
weight: 200
+doctype: reference
+product: NIM
+docs: DOCS-1077
---
-{{}}
-
{{< tip >}}We recommend you upgrade to the latest version of the Security Monitoring module to take advantage of new features, improvements, and bug fixes.{{< /tip >}}
-
---
## 1.7.0
diff --git a/content/nim/monitoring/security-monitoring/releases/release-notes.md b/content/nim/monitoring/security-monitoring/releases/release-notes.md
index 5be52a3f5..1d73b2fbc 100644
--- a/content/nim/monitoring/security-monitoring/releases/release-notes.md
+++ b/content/nim/monitoring/security-monitoring/releases/release-notes.md
@@ -1,18 +1,14 @@
---
+title: Release notes
description: These release notes list and describe the new features, enhancements,
and resolved issues in the F5 NGINX Security Monitoring module.
-docs: DOCS-1078
-doctypes:
-- reference
-tags:
-- docs
-title: Release Notes
toc: true
weight: 100
+doctype: reference
+product: NIM
+docs: DOCS-1078
---
-{{}}
-
---
## 1.7.1
diff --git a/content/nms/acm/how-to/install-acm.md b/content/nms/acm/how-to/install-acm.md
index c52dd941b..9a83bd09c 100644
--- a/content/nms/acm/how-to/install-acm.md
+++ b/content/nms/acm/how-to/install-acm.md
@@ -157,7 +157,7 @@ Complete the following steps for each data plane instance you want to use with A
### Install Other NGINX Management Suite Modules
-- [Install Security Monitoring]({{< relref "/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md" >}})
+- [Install Security Monitoring]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}})
### Get Started with API Connectivity Manager
diff --git a/content/nms/acm/how-to/policies/advanced-security.md b/content/nms/acm/how-to/policies/advanced-security.md
index 1dfbcdbd6..f87ac5445 100644
--- a/content/nms/acm/how-to/policies/advanced-security.md
+++ b/content/nms/acm/how-to/policies/advanced-security.md
@@ -40,7 +40,7 @@ To complete the steps in this guide, you need the following:
- You have one or more [Environments with an API Gateway]({{< relref "/nms/acm/getting-started/add-api-gateway" >}}).
- You have [published one or more API Gateways]({{< relref "/nms/acm/getting-started/publish-api-proxy" >}}).
- You have [installed and set up NGINX App Protect]({{< relref "/nap-waf/v4/admin-guide/install-nms" >}}).
-- NGINX Management Suite Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/deploy/install-security-monitoring.md" >}}) and running.
+- NGINX Management Suite Security Monitoring is [installed]({{< relref "/nim/monitoring/security-monitoring/install-security-monitoring.md" >}}) and running.
---