typos

Author: mmetc

crowdsec-docs/docs/appsec/alerts_and_scenarios.md

@@ -115,7 +115,7 @@ We can now create a scenario that will trigger when a single IPs triggers this r
 type: leaky
 format: 3.0
 name: crowdsecurity/foobar-enum
-description: "Ban IPs repeateadly triggering out of band rules"
+description: "Ban IPs repeatedly triggering out of band rules"
 filter: "evt.Meta.log_type == 'appsec-info' && evt.Meta.rule_name == 'crowdsecurity/foobar-access'"
 distinct: evt.Meta.target_uri
 leakspeed: "60s"

crowdsec-docs/docs/appsec/configuration.md

@@ -6,7 +6,7 @@ sidebar_position: 6
 
 ## Overview
 
-This page explains the interraction between various files involved in AppSec configuration and the details about the processing pipeline AppSec request processing.
+This page explains the interaction between various files involved in AppSec configuration and the details about the processing pipeline AppSec request processing.
 
 **Prerequisites**: 
 - Familiarity with [AppSec concepts](/appsec/intro.md)
@@ -24,7 +24,7 @@ The goals of the acquisition file are:
 - To specify the **address** and **port** where the AppSec-enabled Remediation Component(s) will forward the requests to.
 - And specify one or more [AppSec configuration files](#appsec-configuration) to use as definition of what rules to apply and how. 
 
-Details can be found in the [AppSec Datasource page](/log_processor/data_sources/apps).
+Details can be found in the [AppSec Datasource page](/log_processor/data_sources/appsec.md).
 
 ### Defining Multiple AppSec Configurations
 

crowdsec-docs/docs/appsec/quickstart/traefik.mdx

@@ -25,7 +25,7 @@ Additionally, we'll show how to monitor these alerts through the [console](https
    -  Traefik Plugin **[Remediation Component](/u/bouncers/intro)**: Thanks to [maxlerebourg](https://github.com/maxlerebourg) and team they created a [Traefik Plugin](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) that allows you to block requests directly from Traefik.
 
 :::info
-Prior to starting the guide ensure you are using the [Traefik Plugin](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and **NOT** the older [traefik-crowdsec-bouncer](https://app.crowdsec.net/hub/author/fbonalair/remediation-components/traefik-crowdsec-bouncer) as it hasnt recieved updates to use the new AppSec Component.
+Prior to starting the guide ensure you are using the [Traefik Plugin](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and **NOT** the older [traefik-crowdsec-bouncer](https://app.crowdsec.net/hub/author/fbonalair/remediation-components/traefik-crowdsec-bouncer) as it hasnt received updates to use the new AppSec Component.
 :::
 
 :::warning
@@ -77,7 +77,7 @@ If you have a folder in which you are persisting the configuration files, you ca
 There steps will change depending on how you are running the Security Engine. If you are running via `docker run` then you should launch the container within the same directory as the `appsec.yaml` file. If you are using `docker-compose` you can use a relative file mount to mount the `appsec.yaml` file.
 
 Steps:
-    1. Change to the location where you exectued the `docker run` or `docker compose` command.
+    1. Change to the location where you executted the `docker run` or `docker compose` command.
     2. Create a `appsec.yaml` file at the base of the directory.
     3. Add the following content to the `appsec.yaml` file.
 
@@ -96,11 +96,11 @@ Since CrowdSec is running inside a container you must set the `listen_addr` to `
 
 <FormattedTabs
     docker={`# Note if you have a docker run already running you will need to stop it before running this command
-docker run -d --name crowdsec -v /path/to/orginal:/etc/crowdsec -v ./appsec.yaml:/etc/crowdsec/acquis.d/appsec.yaml crowdsecurity/crowdsec`}
+docker run -d --name crowdsec -v /path/to/original:/etc/crowdsec -v ./appsec.yaml:/etc/crowdsec/acquis.d/appsec.yaml crowdsecurity/crowdsec`}
     dockerCompose={`services:
   crowdsec:
     volumes:
-      - /path/to/orginal:/etc/crowdsec ## or named volumes
+      - /path/to/original:/etc/crowdsec ## or named volumes
       - ./appsec.yaml:/etc/crowdsec/acquis.d/appsec.yaml`}
 />
 

crowdsec-docs/docs/getting_started/crowdsec_tour.mdx

@@ -250,7 +250,7 @@ Those metrics are a great way to know if your configuration is correct:
 The `Acquisition Metrics` is a great way to know if your parsers are setup correctly:
 
  - If you have 0 **LINES PARSED** for a source : You are probably *missing* a parser, or you have a custom log format that prevents the parser from understanding your logs.
- - However, it's perfectly OK to have a lot of **LINES UNPARSED** : Crowdsec is not a SIEM, and only parses the logs that are relevant to its scenarios. For example, [ssh parser](https://hub.crowdsec.net/author/crowdsecurity/configurations/sshd-logs),  only cares about failed authentication events (at the time of writting).
+ - However, it's perfectly OK to have a lot of **LINES UNPARSED** : Crowdsec is not a SIEM, and only parses the logs that are relevant to its scenarios. For example, [ssh parser](https://hub.crowdsec.net/author/crowdsecurity/configurations/sshd-logs),  only cares about failed authentication events (at the time of writing).
  - **LINES POURED TO BUCKET** tell you that your scenarios are matching your log sources : it means that some events from this log source made all their way to an actual scenario
 
 

crowdsec-docs/docs/log_processor/data_sources/introduction.md

@@ -34,7 +34,7 @@ Make sure the same data sources are not ingested more than once: duplicating inp
 Examples:
 
 - If an application logs to both `journald` and `/var/log/*`, you usually only need one of them.
-- If an application writes to `/var/log/syslog` or `/var/log/messages`, it’s already acquired by `setup.linux.yaml` (since 1.7) or `acquis.yam`. You don’t need to add a separate acquisition for the same logs.
+- If an application writes to `/var/log/syslog` or `/var/log/messages`, it’s already acquired by `setup.linux.yaml` (since 1.7) or `acquis.yaml`. You don’t need to add a separate acquisition for the same logs.
 
 :::
 
@@ -56,7 +56,7 @@ Name | Type | Stream | One-shot
 -----|------|--------|----------
 [Appsec](/log_processor/data_sources/appsec) | expose HTTP service for the Appsec component | yes | no
 [AWS cloudwatch](/log_processor/data_sources/cloudwatch) | single stream or log group | yes | yes
-[AWS kinesis](/log_processor/data_sources/kinesis)| read logs from a kinesis strean | yes | no
+[AWS kinesis](/log_processor/data_sources/kinesis)| read logs from a kinesis stream | yes | no
 [AWS S3](/log_processor/data_sources/s3)| read logs from a S3 bucket | yes | yes
 [docker](/log_processor/data_sources/docker) | read logs from docker containers | yes | yes
 [file](/log_processor/data_sources/file) | single files, glob expressions and .gz files | yes | yes
@@ -105,7 +105,7 @@ By default, when reading logs in real-time, crowdsec will use the time at which
 
 Setting this option to `true` will force crowdsec to use the timestamp from the log as the time of the event.
 
-It is mandatory to set this if your application buffers logs before writting them (for example, IIS when writing to a log file, or logs written to S3 from almost any AWS service).<br/>
+It is mandatory to set this if your application buffers logs before writing them (for example, IIS when writing to a log file, or logs written to S3 from almost any AWS service).<br/>
 If not set, then crowdsec will think all logs happened at once, which can lead to some false positive detections.
 
 ### `labels`

crowdsec-docs/docs/log_processor/data_sources/syslog_service.md

@@ -51,6 +51,6 @@ This module does not support command-line acquisition.
 
 :::warning
 This syslog datasource is currently intended for small setups, and is at risk of losing messages over a few hundreds events/second.
-To process significant amounts of logs, rely on dedicated syslog server such as [rsyslog](https://www.rsyslog.com/), with this server writting logs to files that Security Engine will read from.
+To process significant amounts of logs, rely on dedicated syslog server such as [rsyslog](https://www.rsyslog.com/), with this server writing logs to files that Security Engine will read from.
 This page will be updated with further improvements of this data source.
-:::
+:::

crowdsec-docs/docs/log_processor/data_sources/troubleshoot.md

@@ -5,7 +5,7 @@ sidebar_position: 10
 ---
 
 The [prometheus](/observability/prometheus.md) instrumentation exposes metrics about acquisition and data sources.
-Those can as well be view via `cscli metrics` :
+Those can as well be viewed via `cscli metrics` :
 
 ```bash
 INFO[19-08-2021 06:33:31 PM] Acquisition Metrics:                         

crowdsec-docs/unversioned/bouncers/haproxy.mdx

@@ -43,7 +43,7 @@ This component is compatible with HAProxy version 2.5 and higher.
 
 ## How does it work ?
 
-This component leverages haproxy lua's API to check e IP address against the local API.
+This component leverages haproxy lua's API to check the IP address against the local API.
 
 Supported features:
 

crowdsec-docs/unversioned/bouncers/ingress-nginx.mdx

@@ -312,7 +312,7 @@ CAPTCHA_PROVIDER=recaptcha
 ```
 
 :::info
-For backwards compatability reasons `recaptcha` is the default if no value is set.
+For backwards compatibility reasons `recaptcha` is the default if no value is set.
 :::
 
 ### `SECRET_KEY`

crowdsec-docs/unversioned/bouncers/nginx.mdx

@@ -515,7 +515,7 @@ CAPTCHA_PROVIDER=<recaptcha
 ```
 
 :::info
-For backwards compatability reasons `recaptcha` is the default if no value is set.
+For backwards compatibility reasons `recaptcha` is the default if no value is set.
 :::
 
 ### `SECRET_KEY`