make doc more explicitit on initial collection install

docs/getting_started/crowdsec-tour.md

@@ -2,9 +2,17 @@
 
 ## Finding configurations
 
-As stated, {{crowdsec.name}} efficiency is dictated by installed parsers and scenarios.
+{{crowdsec.Name}} efficiency is dictated by installed parsers and scenarios, so [take a look at the {{hub.name}}]({{hub.url}}) to find the appropriated ones !
 
-[Please take a look at the {{hub.name}}]({{hub.url}}) to find the appropriated ones !
+If you didn't perform the setup with the wizard, or if you are reading logs from other machines, you will have to pick the right {{collections.htmlname}}. This will ensure that {{crowdsec.name}} can parse the logs and has the corresponding scenarios.
+
+For example, if you're processing [nginx](http://nginx.org) logs, you might want to install the [nginx collection](https://hub.crowdsec.net/author/crowdsecurity/collections/nginx).
+
+A collection can be installed by typing `cscli install collection crowdsecurity/nginx`, and provides all the necessary parsers and scenarios to handle said log source. `systemctl reload crowdsec` to ensure the new scenarios are loaded.
+
+In the same spirit, the [crowdsecurity/sshd](https://hub.crowdsec.net/author/crowdsecurity/collections/sshd)'s collection will fit most sshd setups !
+
+While {{crowdsec.name}} is running, a quick look at [`cscli metrics`](/observability/metrics/) should help you ensure that your log sources are correctly parsed.
 
 ## List installed configurations
 

docs/index.md

@@ -17,9 +17,9 @@ Besides detecting and stopping attacks in real time based on your logs, it allow
 
 ## Components
 
-{{crowdsec.name}} ecosystem is based on the following tools :
+{{crowdsec.name}} ecosystem is based on the following components :
 
- - {{crowdsec.name}} is the "service" that runs in the background, processes logs and keeps track of attacks
+ - {{crowdsec.name}} is the lightweight service that processes logs and keeps track of attacks.
  - [{{cli.name}}]({{cli.main_doc}}) is the command line interface for humans, it allows you to view, add, or remove bans as well as to install, find ,or update scenarios and parsers
  - [{{blockers.name}}]({{hub.plugins_url}}) are the components that block malevolent traffic, and can be deployed anywhere in your stack
 

mkdocs.yml

@@ -39,18 +39,18 @@ nav:
     - Nginx:
       - Installation : "https://github.com/crowdsecurity/cs-nginx-blocker#installation"
       - Configuration : "https://github.com/crowdsecurity/cs-nginx-blocker#configuration"
-    - Wordpress:
-      - Installation : "https://github.com/crowdsecurity/cs-wordpress-plugin/#installation"
-      - Configuration : "https://github.com/crowdsecurity/cs-wordpress-plugin/#configuration"
     - Netfilter:
       - Installation : "https://github.com/crowdsecurity/cs-netfilter-blocker#installation"
       - Configuration : "https://github.com/crowdsecurity/cs-netfilter-blocker#configuration"
-    - Cloudflare:
-      - Installation: "https://github.com/crowdsecurity/cs-cloudflare-blocker#installation"
-      - Configuration: "https://github.com/crowdsecurity/cs-cloudflare-blocker#configuration"
     - Custom:
       - Installation: "https://github.com/crowdsecurity/cs-custom-blocker#installation"
       - Configuration: "https://github.com/crowdsecurity/cs-custom-blocker#configuration"
+    - Cloudflare:
+      - Installation: "https://github.com/crowdsecurity/cs-cloudflare-blocker#installation"
+      - Configuration: "https://github.com/crowdsecurity/cs-cloudflare-blocker#configuration"
+    - Wordpress:
+      - Installation : "https://github.com/crowdsecurity/cs-wordpress-plugin/#installation"
+      - Configuration : "https://github.com/crowdsecurity/cs-wordpress-plugin/#configuration"
   - Contributing: contributing/
   - Cscli commands:
     - API: cscli/cscli_api.md