docs: refactor audit logs page DOC-2535 (#9519)

* docs: refactor audit logs page DOC-2535

* docs: fix vale

* docs: add stream description

* Apply suggestions from code review

Co-authored-by: Ben Radstone <[email protected]>

* ci: auto-formatting prettier issues

* docs: rename cloudwatch

---------

Co-authored-by: Ben Radstone <[email protected]>
(cherry picked from commit 2708c83)

Author: addetz

docs/docs-content/audit-logs/audit-logs.md

@@ -15,56 +15,47 @@ The audit log contains information about the resource and the user who performed
 action on the resource is classified as _Create_, _Update_, and _Delete_. Every resource is categorized as a type that
 helps the user to scope down the audit logs.
 
-Audit logs are retained for the last one year.
-
-## Accessing Audit Logs
+## View Audit Logs
 
 Audits can be accessed for the tenant scope and the project scope. The tenant scope audits show all the activity logs
 across all projects and tenant actions. The project scope audits show the activity logs for the specific project.
 
-- The tenant scope audit logs can be accessed in the Spectro Cloud console under the **Admin > Audit Logs**. The user
-  should have the _Tenant Admin_ role or at least the `audit.get` and `audit.list` permissions at the tenant scope to
-  access the audit logs.
-- The project scope audit logs can be accessed under the **Project** _selection_ > **Audit Logs**. The user should have
-  at least the _Project Viewer_ role with `audit.get` and `audit.list` permissions for the selected project to access
-  the audit logs.
-- Tenant admins (or users with appropriate permissions) can download the audit logs as a \*.csv file.
-
-## Filtering Audit Logs
+1.  Log in to [Palette](https://console.spectrocloud.com).
 
-The audit logs can be filtered based on user and resource attributes. The following attributes can be used to filter the
-audit logs:
+2.  Select a project to view project scope audit logs or select **Tenant Admin** to view tenant scope audit logs.
 
-- Type - The action type on the resource.
-- Resource Type - The resource type. (The resources are grouped based on the type).
-- Start Date and End Date - Period range for the audit logs.
+    - Users must have the **Project Viewer** role with `audit.get` and `audit.list` permissions for the selected project
+      to access the audit logs.
+    - Users must have the **Tenant Admin** role or the `audit.get` and `audit.list` permissions at the tenant scope to
+      access the audit logs.
 
-## Adding Update Note
+3.  Navigate to the left main menu and select **Audit Logs**.
 
-For certain resources like the Cluster Profile, users can associate a custom update note in addition to the generic
-audit event log. On a successful save of the Cluster Profile, the user will be prompted to provide an update note about
-the changes made on the profile. This message will be shown when the user selects an audit log from the list.
+4.  You can filter audit logs based on user and resource attributes. The following attributes can be used to filter the
+    audit logs.
 
-## Pushing the Audit Log to the AWS Cloud Trail
+    - **Project**
+    - **Log Type**
+    - **User**
+    - **Resource Type**
 
-Spectro Cloud users can now push the compliance, management, operational, and risk audit logs to the AWS CloudTrail.
-This enables continuous monitoring, security analysis, resource tracking, and troubleshooting of the workload cluster
-using the event history.
+5.  You can also download audit logs as CSV files.
 
-<br />
+## Add Update Note
 
-:::warning
+For certain resources, like cluster profiles, you can associate a custom update note in addition to the generic audit
+event log. On a successful save of a cluster profile, you will be prompted to provide an update note about the changes
+made to the profile. This message will be shown when you select an audit log from the list.
 
-An AWS account with cloud trail created is the prerequisite.
+## Push Audit Trails to Amazon CloudWatch
 
-The permissions listed need to be enabled for CloudWatch.
+You can push the compliance, management, operational, and risk audit logs to
+[Amazon CloudWatch](https://aws.amazon.com/cloudwatch/). This enables continuous monitoring, security analysis, resource
+tracking, and troubleshooting of the workload cluster using the event history.
 
-:::
+### Prerequisites
 
-### Permission List
-
-Ensure that the IAM user or the ROOT user role created should have the following IAM policy included for Amazon
-CloudWatch:
+Ensure that the IAM user or the ROOT user role created has the following IAM policy included for Amazon CloudWatch.
 
 ```json
 {
@@ -86,27 +77,32 @@ CloudWatch:
 }
 ```
 
-### Instructions to Push Cluster Audit Logs to AWS Trails
+### Enablement
+
+1. Log in to [Palette](https://console.spectrocloud.com) as a tenant admin.
 
-- Go to Admin Settings and select Audit Trails.
-- Select the wizard ‘Add new Audit Trail’ and fill in the following details:
+2. Navigate to the left main menu and select **Tenant Settings**. Then, select **Audit Trails** from the
+   **Infrastructure** section.
 
-  - Audit Name: Custom name to identify the logs
-  - Type: Choice of monitoring service (currently set to AWS Cloud Watch)
-  - Group: The log group name obtained from cloud watch logs of AWS cloud trail creation
-  - Region: The region of the AWS account
-  - Method of verification: _ Credentials: Use the AWS Access Key and Secret Access Key to validate the AWS account for
-    pushing the Audit log trails from Spectro Cloud console. _ STS: Use Amazon’s unique resource identifier- ARN, to
-    validate the AWS account for pushing the Audit log trails from Spectro Cloud console.
+3. Select **Add new Audit Trail**. The **Add audit trail** window appears.
 
-- Stream Optional.
-- Confirm the information to complete the audit trail creation wizard.
-- The audit trail could be edited and deleted using the **three-dot Menu**.
+4. Fill in the following details.
+
+   - **Audit Name**: Custom name to identify the logs.
+   - **Type**: Choice of monitoring service. Currently, CloudWatch is available.
+   - **Group**: The log group name obtained from CloudWatch logs for audit trail creation.
+   - **Region**: The region of the AWS account.
+   - **Credentials** : Use an **Access Key** and **Secret Access Key** to validate the AWS account for pushing the audit
+     trails from Palette.
+   - **STS**: Use Amazon's unique resource identifier, ARN, to validate the AWS account for pushing the audit trails
+     from Palette.
+   - **Stream (Optional)**: CloudWatch log stream for audit trail creation.
+
+5. Select **Confirm** to complete the audit trail configuration. Audit trails can be edited and deleted using the
+   **three-dot Menu**.
 
 ## Resources
 
 - [Kubernetes API parameters](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/)
 
 - [Kubernetes Auditing Documentation](https://kubernetes.io/docs/tasks/debug/debug-cluster/audit/)
-
-<br />