clarify usage of fdr

rephrase words in menifest.yml

Author: navnit-elastic

packages/crowdstrike/_dev/build/docs/README.md

@@ -40,7 +40,7 @@ The integration collects and ingests events from multiple CrowdStrike Falcon dat
 
 4. **Falcon Data Replicator (FDR)**:
 
-    This collects events in near real time from your endpoints, cloud workloads, identities, via the Falcon platform’s lightweight agent. CrowdStrike Falcon Data Replicator (FDR) enables you with actionable insights to improve SOC performance.
+    The FDR feed consists of regular transfers of data (data dumps) rather than ongoing streams of data from your endpoints, cloud workloads, identities, via the Falcon platform’s lightweight agent. CrowdStrike Falcon Data Replicator (FDR) enables you with actionable insights to improve SOC performance. FDR isn't useful for real-time alerts because it's not an ongoing stream of data.
 
     Logs received from the Falcon Data Replicator are indexed into the `fdr` dataset in Elasticsearch.
 

packages/crowdstrike/data_stream/falcon/manifest.yml

@@ -40,12 +40,12 @@ streams:
           Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
 
     template_path: log.yml.hbs
-    title: Falcon events
-    description: Collect Falcon events via Falcon SIEM Connector.
+    title: CrowdStrike Falcon events
+    description: Collect CrowdStrike Falcon events through Falcon SIEM Connector.
   - input: streaming
     template_path: streaming.yml.hbs
-    title: Falcon events
-    description: Collect Falcon events via Event Streams API.
+    title: CrowdStrike Falcon events
+    description: Collect CrowdStrike Falcon events using Event Streams API.
     enabled: false
     vars:
       - name: url

packages/crowdstrike/data_stream/fdr/manifest.yml

@@ -226,7 +226,7 @@ streams:
           `event.timezone` and `log.offset`.
   - input: logfile
     title: Falcon Data Replicator logs
-    description: Collect Falcon Data Replicator logs via file system.
+    description: Collect Falcon Data Replicator logs through file system.
     enabled: false
     vars:
       - name: paths

packages/crowdstrike/docs/README.md

@@ -40,7 +40,7 @@ The integration collects and ingests events from multiple CrowdStrike Falcon dat
 
 4. **Falcon Data Replicator (FDR)**:
 
-    This collects events in near real time from your endpoints, cloud workloads, identities, via the Falcon platform’s lightweight agent. CrowdStrike Falcon Data Replicator (FDR) enables you with actionable insights to improve SOC performance.
+    The FDR feed consists of regular transfers of data (data dumps) rather than ongoing streams of data from your endpoints, cloud workloads, identities, via the Falcon platform’s lightweight agent. CrowdStrike Falcon Data Replicator (FDR) enables you with actionable insights to improve SOC performance. FDR isn't useful for real-time alerts because it's not an ongoing stream of data.
 
     Logs received from the Falcon Data Replicator are indexed into the `fdr` dataset in Elasticsearch.
 

packages/crowdstrike/manifest.yml

@@ -60,17 +60,17 @@ policy_templates:
         team: security-service-integrations
     inputs:
       - type: logfile
-        title: Collect Falcon events and Falcon Data Replicator logs via file system
-        description: Collecting logs from Falcon SIEM Connector and Falcon Data Replicator via file system.
+        title: Collect Falcon events and Falcon Data Replicator logs through file system
+        description: Collecting logs from Falcon SIEM Connector and Falcon Data Replicator through file system.
       - type: aws-s3
-        title: Collect Falcon Data Replicator logs via AWS S3
-        description: Collecting logs from Falcon Data Replicator via AWS S3.
+        title: Collect Falcon Data Replicator logs using AWS S3
+        description: Collecting logs from Falcon Data Replicator using AWS S3.
       - type: streaming
-        title: Collect Falcon events via Event Streams API
-        description: Collecting Falcon events via Event Streams API.
+        title: Collect CrowdStrike Falcon events using Event Streams API
+        description: Collecting CrowdStrike Falcon logs using Event Streams API.
       - type: cel
-        title: Collect Falcon Alerts, Hosts and Vulnerabilities
-        description: Collect Falcon Alerts, Hosts and Vulnerabilities.
+        title: Collect CrowdStrike Falcon Alerts, Hosts and Vulnerabilities
+        description: Collect CrowdStrike Falcon Alerts, Hosts and Vulnerabilities.
         vars:
           - name: client_id
             type: text