fix: broken links / anchors

crowdsec-docs/docs/appsec/configuration.md

@@ -22,7 +22,7 @@ The AppSec Component configuration consists of three main parts:
 
 The goals of the acquisition file are:
 - To specify the **address** and **port** where the AppSec-enabled Remediation Component(s) will forward the requests to.
-- And specify one or more [AppSec configuration files](#appsec-configuration) to use as definition of what rules to apply and how. 
+- And specify one or more [AppSec configuration files](#appsec-configuration-files) to use as definition of what rules to apply and how. 
 
 Details can be found in the [AppSec Datasource page](/log_processor/data_sources/appsec.md).
 

crowdsec-docs/docs/appsec/quickstart/general.mdx

@@ -203,4 +203,4 @@ If the AppSec Component fails to start:
 3. **Check configuration syntax**: Validate your `appsec.yaml` file
 4. **Review logs**: Check `/var/log/crowdsec.log` for error messages
 
-For detailed troubleshooting, see the [AppSec Troubleshooting Guide](/appsec/troubleshooting).
+For detailed troubleshooting, see the [AppSec Troubleshooting Guide](/appsec/troubleshooting.md).

crowdsec-docs/docs/appsec/quickstart/nginxopenresty.mdx

@@ -59,7 +59,7 @@ sudo cscli collections install crowdsecurity/appsec-virtual-patching crowdsecuri
 Executing this command will install the following items:
 
 - The [*AppSec Rules*](/appsec/rules_syntax.md) contain the definition of malevolent requests to be matched and stopped
-- The [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration) links together a set of rules to provide a coherent set
+- The [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration-files) links together a set of rules to provide a coherent set
 - The <UnderlineTooltip tooltip="YAML files that extract relevant data from logs, such as IP addresses, timestamps, or request paths.">CrowdSec Parser</UnderlineTooltip> and <UnderlineTooltip tooltip="Behavioral rules written in a domain-specific language that define what malicious activity looks like, such as multiple failed logins in a short time.">CrowdSec Scenario(s)</UnderlineTooltip> bans for a longer duration repeating offenders
 
 ### Setup the Acquisition
@@ -82,7 +82,7 @@ Steps:
 
 The two important directives in this configuration file are:
 
- - `appsec_config` is the name of the [*AppSec Configuration*](appsec/configuration.md#appsec-configuration) that was included in the <UnderlineTooltip tooltip="Collections are bundle of parsers, scenarios, postoverflows that form a coherent package.">Collection</UnderlineTooltip> we just installed.
+ - `appsec_config` is the name of the [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration-files) that was included in the <UnderlineTooltip tooltip="Collections are bundle of parsers, scenarios, postoverflows that form a coherent package.">Collection</UnderlineTooltip> we just installed.
  - the `listen_addr` is the IP and port the AppSec Component will listen to.
 
 :::warning

crowdsec-docs/docs/appsec/quickstart/traefik.mdx

@@ -63,7 +63,7 @@ docker exec -it crowdsec cscli collections install crowdsecurity/appsec-virtual-
 Executing this command or updating the compose will install the following items:
 
 - The [*AppSec Rules*](/appsec/rules_syntax.md) contain the definition of malevolent requests to be matched and stopped.
-- The [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration) links together a set of rules to provide a coherent set.
+- The [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration-files) links together a set of rules to provide a coherent set.
 - The <UnderlineTooltip tooltip="YAML files that extract relevant data from logs, such as IP addresses, timestamps, or request paths.">CrowdSec Parser</UnderlineTooltip> and <UnderlineTooltip tooltip="Behavioral rules written in a domain-specific language that define what malicious activity looks like, such as multiple failed logins in a short time.">CrowdSec Scenario(s)</UnderlineTooltip> are used to detect and remediate persistent attacks.
 
 Once you have updated your compose or installed via the command line, will we need to restart the container. However, before we do that, we need to setup the acquisition for the AppSec Component.

crowdsec-docs/docs/appsec/quickstart/wordpress.mdx

@@ -53,7 +53,7 @@ sudo cscli collections install crowdsecurity/appsec-virtual-patching crowdsecuri
 Executing this command will install the following items:
 
 - The [*AppSec Rules*](/appsec/rules_syntax.md) contain the definition of malevolent requests to be matched and stopped
-- The [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration) links together a set of rules to provide a coherent set
+- The [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration-files) links together a set of rules to provide a coherent set
 - The <UnderlineTooltip tooltip="YAML files that extract relevant data from logs, such as IP addresses, timestamps, or request paths.">CrowdSec Parser</UnderlineTooltip> and <UnderlineTooltip tooltip="Behavioral rules written in a domain-specific language that define what malicious activity looks like, such as multiple failed logins in a short time.">CrowdSec Scenario(s)</UnderlineTooltip> bans for a longer duration repeating offenders
 
 ### Setup the Acquisition
@@ -76,7 +76,7 @@ Steps:
 
 The two important directives in this configuration file are:
 
- - `appsec_config` is the name of the [*AppSec Configuration*](appsec/configuration.md#appsec-configuration) that was included in the <UnderlineTooltip tooltip="Collections are bundle of parsers, scenarios, postoverflows that form a coherent package.">Collection</UnderlineTooltip> we just installed.
+ - `appsec_config` is the name of the [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration-files) that was included in the <UnderlineTooltip tooltip="Collections are bundle of parsers, scenarios, postoverflows that form a coherent package.">Collection</UnderlineTooltip> we just installed.
  - the `listen_addr` is the IP and port the AppSec Component will listen to.
 
 :::warning

crowdsec-docs/docs/appsec/troubleshooting.md

@@ -63,7 +63,7 @@ DEBU[2023-12-06 15:40:26] Finish evaluating rule                        band=inb
 ## Authenticating with the AppSec Component
 
 :::note
-We are assuming the AppSec engine is running on `127.0.0.1:7422`. See [installation directives](/docs/next/appsec/installation)
+We are assuming the AppSec engine is running on `127.0.0.1:7422`. See [installation directives](/appsec/quickstart/general.mdx)
 :::
 
 > Create a valid API Key

crowdsec-docs/docs/central_api/intro.md

@@ -15,7 +15,7 @@ The [Central API](https://crowdsecurity.github.io/api_doc/capi/) is the service
 This information is *only* going to be pushed when a scenario is coming from the hub and is unmodified. Custom scenarios, tainted scenarios and manual decisions are *not* pushed unless enrolled into the console.
 :::
 
-When the Security Engine generates an alert, [unless you opt-out of it](/u/troubleshooting/intro#how-to-disable-the-central-api), it will push "signal meta-data". The meta-data are :
+When the Security Engine generates an alert, [unless you opt-out of it](/u/troubleshooting/security_engine#how-to-disable-the-central-api), it will push "signal meta-data". The meta-data are :
  - The name of the scenario that was triggered
  - The hash & version of the scenario that was triggered
  - The timestamp of the decision

crowdsec-docs/docs/concepts.md

@@ -12,7 +12,7 @@ sidebar_position: 1
 > The Security Engine is CrowdSec's IDS/IPS (Intrusion Detection System/Intrusion Prevention System)
 > It is a rules and behavior detection engine comprised of Log Processor and the Local API.
 
-A Security Engine can operate [independently](/intro#architecture) or in a [distributed manner](/intro#deployment-options), adapting to the specific needs and constraints of your infrastructure. For more information on CrowdSec's distributed approach, visit our documentation on collaborative operations and distributed deployments.
+A Security Engine can operate [independently](intro.mdx#architecture) or in a [distributed manner](intro.mdx#deployment-options), adapting to the specific needs and constraints of your infrastructure. For more information on CrowdSec's distributed approach, visit our documentation on collaborative operations and distributed deployments.
 
 
 # Log Processor (LP)
@@ -50,7 +50,7 @@ Remediations components leverage existing components of your infrastructure to b
 
 > The Central API (CAPI) serves as the gateway for network participants to connect and communicate with CrowdSec's network.
 
-The Central API (abreviated as `CAPI`) receives attack signals from all participating Security Engines and signal partners, then re-distribute them curated community decisions ([Community Blocklist](/central_api/community_blocklist/)).   
+The Central API (abreviated as `CAPI`) receives attack signals from all participating Security Engines and signal partners, then re-distribute them curated community decisions ([Community Blocklist](/central_api/blocklist.md)).   
 It's also at the heart of CrowdSec centralized [Blocklist services](/u/blocklists/intro).
 
 # Console
@@ -61,4 +61,4 @@ The [Console](https://app.crowdsec.net) allows you to:
  - [Manage alerts](/u/console/alerts/intro) of your security stack
  - [Manage decisions](/u/console/decisions/decisions_intro) in real-time
  - View and use [blocklists and integrations](/u/blocklists/intro)
- - Manage your API keys ([CTI API](/u/cti_api/intro), [Service API](/u/service_api/getting_started))
+ - Manage your API keys ([CTI API](/u/cti_api/intro), [Service API](/u/console/service_api/getting_started))

crowdsec-docs/docs/configuration/network_management.md

@@ -17,7 +17,7 @@ id: network_management
  - Local API connects to `tcp/443` on `papi.api.crowdsec.net` (console management)
  - `cscli` connects to `tcp/443` on `hub-cdn.crowdsec.net` to fetch scenarios, parsers etc. (1)
  - `cscli` connects to `tcp/443` on `version.crowdsec.net` to check latest version available. (1)
- - [`cscli dashboard`](/cscli/cscli_dashboard.md) fetches metabase configuration from a s3 bucket (`https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/`)
+ - Dashboard-related functionality may connect to external services for configuration
  - Installation script is hosted on `install.crowdsec.net` over HTTPS.
  - Repositories are hosted on `packagecloud.io` over HTTPS.
 

crowdsec-docs/docs/contributing/bouncers.md

@@ -17,8 +17,8 @@ Sharing on the hub allows other users to find and use it. While increasing your
 #### Specs
 
 Remediation components have mandatory and optional features, they are described in the following sub pages:
-- [Specifications for Remediation Component and AppSec Capabilities](/contributing/specs/bouncer_appsec_specs)
-- [Remediation Component Metrics](/contributing/specs/bouncer_metrics_specs)
+- [Specifications for Remediation Component and AppSec Capabilities](/contributing/specs/bouncer_appsec_specs.mdx)
+- [Remediation Component Metrics](/contributing/specs/bouncer_metrics_specs.mdx)
 
 *Don't hesitate to get in touch with us via discord if anything is unclear to you*
 

crowdsec-docs/docs/contributing/hub.md

@@ -28,12 +28,12 @@ To get involved :
 
 The following explains how to create and test:
 
-- [parsers](/docs/parsers/create/)
-- [scenarios](/docs/scenarios/create/)
+- [parsers](/log_processor/parsers/create.md)
+- [scenarios](/log_processor/scenarios/create.md)
 
 ### Collections
 
-It often makes sense for a new parser or scenario to be added to an existing [collection](/docs/collections/format), or create a new one.
+It often makes sense for a new parser or scenario to be added to an existing [collection](/log_processor/collections/format.md), or create a new one.
 
 If your parsers and/or scenarios cover a new or specific service, having a dedicated collection for this service makes sense.
 In other cases, having a parser for `SpecificWebServer` access logs would justify a collection as it might also include [all the default http related scenarios](https://hub.crowdsec.net/author/crowdsecurity/collections/base-http-scenarios).
@@ -71,7 +71,7 @@ labels:
 
 Before asking for a review of your PR, please ensure you have the following:
 
-- tests: Test creation is covered in [parsers creation](/docs/parsers/create/) and [scenarios creation](/docs/scenarios/create/). Ensure that each of your parser or scenario is properly tested.
+- tests: Test creation is covered in [parsers creation](/log_processor/parsers/create.md) and [scenarios creation](/log_processor/scenarios/create.md). Ensure that each of your parser or scenario is properly tested.
 - documentation: Please provide a `.md` file with the same name as each of your parser, scenario or collection. The markdown is rendered in the [hub](https://hub.crowdsec.net).
 - documentation: If you're creating a collection targeting a specific log file, be sure to provide an acquis example as :
 

crowdsec-docs/docs/contributing/specs/bouncer_appsec_specs.mdx

@@ -163,7 +163,7 @@ If a remediation is found and for the LAPI timeout fallback here are the remedia
 * Remediation priority  
   * There is a priority in the remediation to take in account if an IP has multiple  
   * Default priority order **Ban** then **Captcha**  
-* Metrics see below and in the [detailed metrics specs](/contributing/specs/bouncer_metrics_specs)
+* Metrics see below and in the [detailed metrics specs](/contributing/specs/bouncer_metrics_specs.mdx)
 
 ### Logging 
 
@@ -484,7 +484,7 @@ You can refer to the AppSec documentation to test request forwarding.
 
 ### Metrics payload
 
-More details about metrics in [Metrics specs](/contributing/specs/bouncer_metrics_specs/)
+More details about metrics in [Metrics specs](/contributing/specs/bouncer_metrics_specs.mdx)
 
 ```json
 { 

crowdsec-docs/docs/getting_started/crowdsec_tour.mdx

@@ -280,7 +280,7 @@ Running [metabase](https://www.metabase.com/) (the dashboard deployed by `cscli
 sudo cscli dashboard setup --listen 0.0.0.0
 ```
 
-A metabase [docker container](/observability/dashboard.md) can be deployed with [`cscli dashboard`](/cscli/cscli_dashboard.md).
+CrowdSec provides various observability tools including Prometheus metrics and command-line interfaces.
 It requires docker, [installation instructions are available here](https://docs.docker.com/engine/install/).
 
 ## Logs

crowdsec-docs/docs/getting_started/install_source.mdx

@@ -9,7 +9,7 @@ import TabItem from '@theme/TabItem';
 import CodeBlock from '@theme/CodeBlock';
 
 :::warning
-This is only for advanced users that wish to compile their own software. If you are not comfortable with this, please use the [official packages](/getting_started/getting_started.md)
+This is only for advanced users that wish to compile their own software. If you are not comfortable with this, please use the [official packages](/u/getting_started/intro)
 :::
 
 We define systems by their underlying distribution rather than a fork or modification of a distribution. For example, Ubuntu and Debian are both Debian based distributions, so they will share the same instructions as the term DEB. Centos and Fedora are both Redhat based distributions, so they will share the same instructions as the term RPM. Arch is just Arch, so it will have its own instructions.

crowdsec-docs/docs/intro.mdx

@@ -32,7 +32,7 @@ In addition to the core "detect and react" mechanism, CrowdSec is committed to s
 -   **Easy Installation**: Effortless out-of-the-box installation on all [supported platforms](/u/getting_started/intro).
 -   **Simplified Daily Operations**: You have access to our Web UI administration via [CrowdSec's console](http://app.crowdsec.net) or the powerful [Command line tool cscli](/cscli/cscli.md) for effortless maintenance and keeping your detection mechanisms up-to-date.
 -   **Reproducibility**: The Security Engine can analyze not only live logs but also [cold logs](/u/user_guides/replay_mode), making it easier to detect potential false triggers, conduct forensic analysis, or generate reports.
--   **Versatile**: The Security Engine can analyze [system logs](/docs/data_sources/intro) and [HTTP Requests](/docs/next/appsec/intro) to exhaustively protect your perimeter.
+-   **Versatile**: The Security Engine can analyze [system logs](/log_processor/data_sources/introduction.md) and [HTTP Requests](/appsec/intro.md) to exhaustively protect your perimeter.
 -   **Observability**: Providing valuable insights into the system's activity:
     -   Users can view/manage alerts from the ([Console](https://app.crowdsec.net/signup)).
     -   Operations personnel have access to detailed Prometheus metrics ([Prometheus](/observability/prometheus.md)).
@@ -49,10 +49,10 @@ In addition to the core "detect and react" mechanism, CrowdSec is committed to s
 
 Under the hood, the Security Engine has various components:
 
--   The [Log Processor](log_processor/intro.mdx) is in charge of detection: it analyzes logs from [various data sources](data_sources/intro) or [HTTP requests](appsec/intro) from web servers.
+-   The [Log Processor](/log_processor/intro.mdx) is in charge of detection: it analyzes logs from [various data sources](/log_processor/data_sources/introduction.md) or [HTTP requests](/appsec/intro.md) from web servers.
 -   The [Appsec](appsec/intro) feature is part of the Log Processor and filters HTTP Requests from the compatible web servers.
 -   The [Local API](local_api/intro.md) acts as a middle man:
-    -   Between the [Log Processors](/docs/data_sources/intro) and the [Remediation Components](/u/bouncers/intro) which are in charge of enforcing decisions.
+    -   Between the [Log Processors](/log_processor/intro.mdx) and the [Remediation Components](/u/bouncers/intro) which are in charge of enforcing decisions.
     -   And with the [Central API](/central_api/intro.md) to share alerts and receive blocklists.
 -   The [Remediation Components](/u/bouncers/intro) - also known as bouncers - block malicious IPs at your chosen level—whether via IpTables, firewalls, web servers, or reverse proxies. [See the full list on our CrowdSec Hub.](https://app.crowdsec.net/hub/remediation-components)
 
@@ -64,7 +64,7 @@ This architecture allows for both simple/standalone setups, or more distributed
 -   Multiple machines? Use the [distributed setup guide](/u/user_guides/multiserver_setup)
 -   Already have a log pit (such as rsyslog or loki)? [Run crowdsec next to it](/u/user_guides/log_centralization), not on the production workloads
 -   Running Kubernetes? Have a look at [our helm chart](/u/getting_started/installation/kubernetes)
--   Running containers? The [docker data source](/docs/data_sources/docker) might be what you need
+-   Running containers? The [docker data source](/log_processor/data_sources/docker.md) might be what you need
 -   Just looking for a WAF? Look at [our quickstart](appsec/intro)
 
 Distributed architecture example:

crowdsec-docs/docs/log_processor/scenarios/create.md

@@ -8,7 +8,7 @@ import AcademyPromo from '@site/src/components/academy-promo';
 
 :::caution
 
-All the examples assume that you have read the [Creating parsers](/docs/next/parsers/create) documentation.
+All the examples assume that you have read the [Creating parsers](/log_processor/parsers/create.md) documentation.
 
 :::
 
@@ -120,7 +120,7 @@ labels:
 
 :::note
 
-We filter on `evt.Meta.log_type == 'myservice_failed_auth'` because in the parser `myservice-logs` (created in the [Creating parsers](/docs/next/parsers/create) part) we set the `log_type` to `myservice_failed_auth` for bad password or bad user attempt.
+We filter on `evt.Meta.log_type == 'myservice_failed_auth'` because in the parser `myservice-logs` (created in the [Creating parsers](/log_processor/parsers/create.md) part) we set the `log_type` to `myservice_failed_auth` for bad password or bad user attempt.
 
 :::