diff --git a/crowdsec-docs/docs/log_processor/data_sources/introduction.md b/crowdsec-docs/docs/log_processor/data_sources/introduction.md
index 591ab2c6d..000f37dbd 100644
--- a/crowdsec-docs/docs/log_processor/data_sources/introduction.md
+++ b/crowdsec-docs/docs/log_processor/data_sources/introduction.md
@@ -1,6 +1,6 @@
---
id: intro
-title: Introduction
+title: Acquisition Datasources Introduction
sidebar_position: 1
---
@@ -12,19 +12,19 @@ DataSources are configured via the [acquisition](/configuration/crowdsec_configu
Name | Type | Stream | One-shot
-----|------|--------|----------
-[Appsec](/data_sources/appsec.md) | expose HTTP service for the Appsec component | yes | no
-[AWS cloudwatch](/data_sources/cloudwatch.md) | single stream or log group | yes | yes
-[AWS kinesis](/data_sources/kinesis.md)| read logs from a kinesis strean | yes | no
-[AWS S3](/data_sources/s3.md)| read logs from a S3 bucket | yes | yes
-[docker](/data_sources/docker.md) | read logs from docker containers | yes | yes
-[file](/data_sources/file.md) | single files, glob expressions and .gz files | yes | yes
-[HTTP](/data_sources/http.md) | read logs from an HTTP endpoint | yes | no
-[journald](/data_sources/journald.md) | journald via filter | yes | yes
-[Kafka](/data_sources/kafka.md)| read logs from kafka topic | yes | no
-[Kubernetes Audit](/data_sources/kubernetes_audit.md) | expose a webhook to receive audit logs from a Kubernetes cluster | yes | no
-[Loki](/data_sources/loki.md) | read logs from loki | yes | yes
-[syslog service](/data_sources/syslog_service.md) | read logs received via syslog protocol | yes | no
-[Windows Event](/data_sources/windows_event_log.md)| read logs from windows event log | yes | yes
+[Appsec](/log_processor/data_sources/appsec.md) | expose HTTP service for the Appsec component | yes | no
+[AWS cloudwatch](/log_processor/data_sources/cloudwatch.md) | single stream or log group | yes | yes
+[AWS kinesis](/log_processor/data_sources/kinesis.md)| read logs from a kinesis strean | yes | no
+[AWS S3](/log_processor/data_sources/s3.md)| read logs from a S3 bucket | yes | yes
+[docker](/log_processor/data_sources/docker.md) | read logs from docker containers | yes | yes
+[file](/log_processor/data_sources/file.md) | single files, glob expressions and .gz files | yes | yes
+[HTTP](/log_processor/data_sources/http.md) | read logs from an HTTP endpoint | yes | no
+[journald](/log_processor/data_sources/journald.md) | journald via filter | yes | yes
+[Kafka](/log_processor/data_sources/kafka.md)| read logs from kafka topic | yes | no
+[Kubernetes Audit](/log_processor/data_sources/kubernetes_audit.md) | expose a webhook to receive audit logs from a Kubernetes cluster | yes | no
+[Loki](/log_processor/data_sources/loki.md) | read logs from loki | yes | yes
+[syslog service](/log_processor/data_sources/syslog_service.md) | read logs received via syslog protocol | yes | no
+[Windows Event](/log_processor/data_sources/windows_event_log.md)| read logs from windows event log | yes | yes
## Common configuration parameters
diff --git a/crowdsec-docs/unversioned/console/blocklists/integrations/firewall.md b/crowdsec-docs/unversioned/console/blocklists/integrations/firewall.md
index 10aadad79..39abb25fc 100644
--- a/crowdsec-docs/unversioned/console/blocklists/integrations/firewall.md
+++ b/crowdsec-docs/unversioned/console/blocklists/integrations/firewall.md
@@ -36,7 +36,7 @@ Every product product has its way to handle external blocklists. We provide a si
| [F5](https://techdocs.f5.com/kb/en-us/products/big-ip-afm/manuals/product/big-ip-network-firewall-policies-and-implementations-14-0-0/07.html) | Custom | `192.168.38.187,32,BL,crowdsec-myf5Integration`
`192.168.38.188,32,BL,crowdsec-myf5Integration` |
| [Fortinet](https://docs.fortinet.com/document/fortigate/6.4.5/administration-guide/891236/external-blocklist-policy) | Plain text | `192.168.38.187`
`192.168.38.186` |
| [Palo Alto](https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/external-dynamic-list#idf36cb80a-77f1-4d17-9c4b-7efe9fe426af) | Plain text | `192.168.38.187`
`192.168.38.186` |
-| [Sophos](https://docs.sophos.com/nsg/sophos-firewall/21.0/help/en-us/webhelp/onlinehelp/AdministratorHelp/ActiveThreatResponse/ThirdPartyThreatFeeds/index.html) | Plain text | `192.168.38.187`
`192.168.38.186` |
+| [Sophos](https://docs.sophos.com/nsg/sophos-firewall/latest/Help/en-us/webhelp/onlinehelp/AdministratorHelp/ActiveThreatResponse/ConfigureFeeds/ThirdPartyThreatFeeds/index.html) | Plain text | `192.168.38.187`
`192.168.38.186` |
| Generic vendor | Plain text | `192.168.38.187`
`192.168.38.186` |
## How to bypass provider limit?
diff --git a/crowdsec-docs/unversioned/integrations/sophos.mdx b/crowdsec-docs/unversioned/integrations/sophos.mdx
index 28e42c519..7009325a4 100644
--- a/crowdsec-docs/unversioned/integrations/sophos.mdx
+++ b/crowdsec-docs/unversioned/integrations/sophos.mdx
@@ -48,7 +48,7 @@ Once the integration is generated you will be presented with a credentials scree
}}
/>
-[Sophos Documentation](https://docs.sophosnetworks.com/pan-os/11-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/external-dynamic-list#idf36cb80a-77f1-4d17-9c4b-7efe9fe426af)
+[Sophos Documentation ↗️](https://docs.sophos.com/nsg/sophos-firewall/latest/Help/en-us/webhelp/onlinehelp/AdministratorHelp/ActiveThreatResponse/ConfigureFeeds/ThirdPartyThreatFeeds/index.html)
## Format example
diff --git a/crowdsec-docs/unversioned/service_api/integrations.md b/crowdsec-docs/unversioned/service_api/integrations.md
index e25c389ed..3322243b0 100644
--- a/crowdsec-docs/unversioned/service_api/integrations.md
+++ b/crowdsec-docs/unversioned/service_api/integrations.md
@@ -14,7 +14,7 @@ For some constructors, the integrations can generate vendor-specific format, see
| F5 | Basic Auth | Yes | [F5 doc](https://techdocs.f5.com/kb/en-us/products/big-ip-afm/manuals/product/big-ip-network-firewall-policies-and-implementations-14-0-0/07.html ) | `f5` |
| Fortinet | Basic Auth | Yes | [Fortinet doc](https://docs.fortinet.com/document/fortigate/6.4.5/administration-guide/891236/external-blocklist-policy) | `fortigate` |
| Palo alto | Basic Auth | Yes | [PaloAlto doc](https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/configure-the-firewall-to-access-an-external-dynamic-list) | `paloalto` |
-| Sophos | Basic Auth | Yes | [Sophos doc](https://docs.sophos.com/nsg/sophos-firewall/21.0/help/en-us/webhelp/onlinehelp/AdministratorHelp/ActiveThreatResponse/ThirdPartyThreatFeeds/index.html) | `sophos` |
+| Sophos | Basic Auth | Yes | [Sophos doc](https://docs.sophos.com/nsg/sophos-firewall/latest/Help/en-us/webhelp/onlinehelp/AdministratorHelp/ActiveThreatResponse/ConfigureFeeds/ThirdPartyThreatFeeds/index.html) | `sophos` |
For all the other providers, the `plain_text` format consists of one ip per line, and should be supported by most devices. If a specific format is missing, reach out to us and we'll help you support it!