CyberArk EPM Source doc update

Author: JV0812

docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cyberark-source.md

@@ -29,6 +29,7 @@ The integration with CyberArk EPM's API allows for retrieving administrative, de
 | 10 minutes | Detailed Raw Events |
 | 10 minutes | Aggregated Policy Audit Events |
 | 10 minutes | Policy Audit Raw Events |
+| 10 minutes | Aggregated Events |
 
 ## Setup
 
@@ -60,9 +61,10 @@ To configure a CyberArk EPM Source, follow the steps below:
     * For the US datacenter, the dispatch server URL is `https://login.epm.cyberark.com`.
     * For the EU datacenter, the dispatch server URL is `https://eu.epm.cyberark.com`.
 1. **Application ID**. An application ID is a unique identifier that helps an API recognize which application or program is accessing it. It's like a name tag that allows the API to keep track of different applications using it. For example, *sumologic*.
-1. **Collect Detailed Raw Events**. This option enables the CyberArk C2C Source to collect detailed raw events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Detailed Raw Events](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/GetDetailedRawEvents.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm). Use below options to adjust this settings.
-1. **Collect Aggregated Policy Audit Events**. This option enables the C2C Source to collect aggregated policy audit events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Aggregated Policy Audit Events](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/GetAggregatedPolicyAudits.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm). Use below options to adjust this settings.
-1. **Collect Policy Audit Raw Events**. This option enables the C2C Source to collect policy audit raw events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Policy Audit Raw Events](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/GetPolicyAuditRawEventDetails.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm). Use below options to adjust this settings.
+1. **Collect Detailed Raw Events**. Select this checkbox to enable the CyberArk C2C Source to collect detailed raw events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Detailed Raw Events](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/GetDetailedRawEvents.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm).
+1. **Collect Aggregated Policy Audit Events**. Select this checkbox to enable the C2C Source to collect aggregated policy audit events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Aggregated Policy Audit Events](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/GetAggregatedPolicyAudits.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm). 
+1. **Collect Policy Audit Raw Events**. Select this checkbox to enable  the C2C Source to collect policy audit raw events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Policy Audit Raw Events](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/GetPolicyAuditRawEventDetails.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm).
+1. **Collect Aggregated Events**. Select this checkbox to enable  the C2C Source to collect aggregated events from the CyberArk EPM. By default, the source can make 1000 requests every 5 minutes to [Aggregated Events](https://docs.cyberark.com/epm/latest/en/content/webservices/getaggregatedevents.htm) endpoint, as stated in the [CyberArk API documentation](https://docs.cyberark.com/EPM/Latest/en/Content/WebServices/WebServicesIntro.htm).
 1. **Polling Interval**. The polling interval is the frequency at which the CyberArk C2C Source will check for updates from the CyberArk EPM (Endpoint Privilege Manager). This field is pre-filled with 600.
 1. When you are finished configuring the Source, click **Save**.
 
@@ -100,6 +102,7 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma
 | detailed_raw_events | boolean | No  | False | Collects detailed raw events. |  |
 | aggregated_policy_audits | boolean | No | False | Collects aggregated policy audits events. |  |
 | policy_audit_raw_events | boolean | No | False | Collects policy audit raw events. |  |
+| aggregated_events | boolean | No | False | Collects policy aggregated events. |  |
 | polling_interval | integer | Yes | 600 | Frequency of C2C updates from EPM. |  |  
 
 ### JSON example

static/files/c2c/cyberark/example.json

@@ -10,6 +10,7 @@
 			"detailed_raw_events": false,
 			"aggregated_policy_audits": false,
 			"policy_audit_raw_events": false,
+			"aggregated_events": false,
 			"polling_interval": 600
 		},
 		"schemaRef": {

static/files/c2c/cyberark/example.tf

@@ -12,6 +12,7 @@ resource "sumologic_cloud_to_cloud_source" "cyberark_test_source" {
 			"detailed_raw_events": false,
 			"aggregated_policy_audits": false,
 			"policy_audit_raw_events": false,
+			"aggregated_events": false,
 			"polling_interval": 600
   })
 }