diff --git a/docs/content/en/docs/getting-started/enforcement.md b/docs/content/en/docs/getting-started/enforcement.md
index bfc23664888..3bad986ea92 100644
--- a/docs/content/en/docs/getting-started/enforcement.md
+++ b/docs/content/en/docs/getting-started/enforcement.md
@@ -6,8 +6,8 @@ description: "Policy Enforcement"
 
 This adds a network and file policy enforcement on top of execution, file tracing
 and networking policy already deployed in the quick start.  In this use case we use
-a namespace filter to limit the scope of the enforcement policy to just the `darkstar`
-cluster we installed the demo application in from the
+a namespace filter to limit the scope of the enforcement policy to just the `default`
+namespace we installed the demo application in from the
 [Quick Kubernetes Install]({{< ref "docs/getting-started/install-k8s" >}}).
 
 This highlights two important concepts of Tetragon. First in kernel filtering
@@ -49,7 +49,7 @@ export PODCIDR=`kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}'`
 
 {{< tabpane lang=shell-session >}}
 {{< tab GKE >}}
-export SERVICECIDR=$(gcloud container clusters describe ${NAME} --zone ${ZONE} --project ${PROJECT} | awk '/servicesIpv4CidrBlock/ { print $2; }')
+export SERVICECIDR=$(gcloud container clusters describe ${NAME} --zone ${ZONE} | awk '/servicesIpv4CidrBlock/ { print $2; }')
 {{< /tab >}}
 
 {{< tab Kind >}}
@@ -99,10 +99,6 @@ a Sigkill. The successful internal connect is filtered and will not be shown.
 🚀 process default/xwing /usr/bin/curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
 ```
 
-The enforces TCP connects see [Enforce Sandbox]({{< ref "#enforce-common-security-policy" >}})
-below to further restrict possible workaround such as writing through /dev
-devices and raw sockets application may attempt.
-
 ### Enforce File Access Monitoring
 
 The following extends the example from [File Access Monitoring]({{< ref "docs/getting-started/file-events" >}})
diff --git a/docs/content/en/docs/getting-started/execution.md b/docs/content/en/docs/getting-started/execution.md
index 6cbae6c4e1b..d03e305e060 100644
--- a/docs/content/en/docs/getting-started/execution.md
+++ b/docs/content/en/docs/getting-started/execution.md
@@ -53,7 +53,7 @@ For the complete exec event in JSON format remove the compact option.
 
 {{< tabpane lang=shel-session >}}
 {{< tab Kubernetes >}}
-kubectl exec -ti -n kube-system ds/tetragon -c tetragon -- tetra getevents
+kubectl exec -ti -n kube-system ds/tetragon -c tetragon -- tetra getevents --pods xwing
 {{< /tab >}}
 {{< tab Docker >}}
 docker exec tetragon-container tetra getevents
diff --git a/docs/content/en/docs/getting-started/file-events.md b/docs/content/en/docs/getting-started/file-events.md
index 2441f1a38df..e891c6cfc01 100644
--- a/docs/content/en/docs/getting-started/file-events.md
+++ b/docs/content/en/docs/getting-started/file-events.md
@@ -70,6 +70,17 @@ This will generate a read event (Docker events will omit Kubernetes metadata),
 Attempts to write in sensitive directories will similar create an event. For
 example attempting to write in `/etc`.
 
+{{< tabpane lang=shell-session >}}
+{{< tab Kubernetes >}}
+kubectl exec -ti xwing -- bash -c 'echo foo >> /etc/bar'
+{{< /tab >}}
+{{< tab Docker >}}
+cat /etc/shadow
+{{< /tab >}}
+{{< /tabpane >}}
+
+Will result in the following output in the tetra CLI.
+
 ```
 🚀 process default/xwing /bin/bash -c "echo foo >>  /etc/bar"
 📝 write   default/xwing /bin/bash /etc/bar
diff --git a/docs/content/en/docs/getting-started/install-k8s.md b/docs/content/en/docs/getting-started/install-k8s.md
index ff253e11e21..4089a1ef2c3 100644
--- a/docs/content/en/docs/getting-started/install-k8s.md
+++ b/docs/content/en/docs/getting-started/install-k8s.md
@@ -12,15 +12,16 @@ to create a Kubernetes cluster locally or using a managed Kubernetes service:
 {{< tabpane text=true >}}
 {{% tab GKE %}}
 
-The following commands create a Kubernetes cluster using [Google
+The following commands create a single node Kubernetes cluster using [Google
 Kubernetes Engine](https://cloud.google.com/kubernetes-engine). See
 [Installing Google Cloud SDK](https://cloud.google.com/sdk/install) for
 instructions on how to install `gcloud` and prepare your account.
 
 ```shell-session
 export NAME="$(whoami)-$RANDOM"
-gcloud container clusters create "${NAME}" --zone us-west2-a
-gcloud container clusters get-credentials "${NAME}" --zone us-west2-a
+export ZONE="us-west2-a"
+gcloud container clusters create "${NAME}" --zone ${ZONE} --num-nodes=1
+gcloud container clusters get-credentials "${NAME}" --zone ${ZONE}
 ```
 {{% /tab %}}
 
diff --git a/docs/content/en/docs/getting-started/network.md b/docs/content/en/docs/getting-started/network.md
index 1c3170f2c30..418df71ec9f 100644
--- a/docs/content/en/docs/getting-started/network.md
+++ b/docs/content/en/docs/getting-started/network.md
@@ -18,12 +18,12 @@ export PODCIDR=`kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}'`
 ```
 
 The services CIDR can then be fetched depending on environment. We
-require environment variables ZONE, PROJECT, and NAME from install steps.
+require environment variables ZONE and NAME from install steps.
 
 {{< tabpane lang=shell-session >}}
 
 {{< tab GKE >}}
-export SERVICECIDR=$(gcloud container clusters describe ${NAME} --zone ${ZONE} --project ${PROJECT} | awk '/servicesIpv4CidrBlock/ { print $2; }')
+export SERVICECIDR=$(gcloud container clusters describe ${NAME} --zone ${ZONE} | awk '/servicesIpv4CidrBlock/ { print $2; }')
 {{< /tab >}}
 
 {{< tab Kind >}}