Azure-Sentinel/Solutions/PaloAlto-PAN-OS/data/system_generated_metadata.json

{
  "Name": "PaloAlto-PAN-OS",
  "Author": "Microsoft - support@microsoft.com",
  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/PaloAlto-PAN-OS/logo/Palo-alto-logo.png\" width=\"75px\" height=\"75px\">",
  "Description": "The [Palo Alto Networks (Firewall)](https://www.paloaltonetworks.com/network-security/next-generation-firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.\n\r\n1. **PaloAlto-PAN-OS via AMA** - This data connector helps in ingesting PaloAlto-PAN-OS logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**.\n\r\n2. **PaloAlto-PAN-OS via Legacy Agent** - This data connector helps in ingesting PaloAlto-PAN-OS logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n**NOTE:** Microsoft recommends installation of PaloAlto-PAN-OS via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024,** and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
  "BasePath": "C:\\One\\Azure\\Azure-Sentinel",
  "Version": "3.0.0",
  "Metadata": "SolutionMetadata.json",
  "TemplateSpec": true,
  "Is1Pconnector": false,
  "publisherId": "azuresentinel",
  "offerId": "azure-sentinel-solution-paloaltopanos",
  "providers": [
    "Palo Alto Networks"
  ],
  "categories": {
    "domains": [
      "Security - Automation (SOAR)",
      "Security - Network"
    ]
  },
  "firstPublishDate": "2021-08-09",
  "lastPublishDate": "2021-09-20",
  "support": {
    "name": "Microsoft Corporation",
    "email": "support@microsoft.com",
    "tier": "Microsoft",
    "link": "https://support.microsoft.com"
  },
  "Data Connectors": "[\n  \"PaloAltoNetworks.json\",\n  \"template_PaloAlto-PAN-OSAMA.json\"\n]",
  "Playbooks": [
    "Playbooks/PaloAltoCustomConnector/PaloAlto_PAN-OS_Rest_API_CustomConnector/azuredeploy.json",
    "Playbooks/PaloAltoCustomConnector/PaloAlto_PAN-OS_XML_API_CustomConnector/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockIP-EntityTrigger/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockIP/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockURL-EntityTrigger/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockURL/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-GetSystemInfo/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-GetThreatPCAP/azuredeploy.json",
    "Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-GetURLCategoryInfo/azuredeploy.json"
  ],
  "Workbooks": "[\n  \"PaloAltoOverview.json\",\n  \"PaloAltoNetworkThreat.json\"\n]",
  "Analytic Rules": "[\n  \"PaloAlto-UnusualThreatSignatures.yaml\",\n  \"FileHashEntity_Covid19_CommonSecurityLog.yaml\",\n  \"PaloAlto-NetworkBeaconing.yaml\",\n  \"PaloAlto-PortScanning.yaml\"\n]",
  "Hunting Queries": "[\n  \"PaloAlto-HighRiskPorts.yaml\",\n  \"Palo Alto - potential beaconing detected.yaml\"\n]"
}
[skip ci] Github Bot Added package to Pull Request! 2023-09-25 13:26:19 +03:00			`{`
			`"Name": "PaloAlto-PAN-OS",`
			`"Author": "Microsoft - support@microsoft.com",`
			`"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/PaloAlto-PAN-OS/logo/Palo-alto-logo.png\" width=\"75px\" height=\"75px\">",`
			"Description": "The [Palo Alto Networks (Firewall)](https://www.paloaltonetworks.com/network-security/next-generation-firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.\n\r\n1. PaloAlto-PAN-OS via AMA - This data connector helps in ingesting PaloAlto-PAN-OS logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). Microsoft recommends using this Data Connector.\n\r\n2. PaloAlto-PAN-OS via Legacy Agent - This data connector helps in ingesting PaloAlto-PAN-OS logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\nNOTE: Microsoft recommends installation of PaloAlto-PAN-OS via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by Aug 31, 2024, and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
			`"BasePath": "C:\\One\\Azure\\Azure-Sentinel",`
			`"Version": "3.0.0",`
			`"Metadata": "SolutionMetadata.json",`
			`"TemplateSpec": true,`
			`"Is1Pconnector": false,`
			`"publisherId": "azuresentinel",`
			`"offerId": "azure-sentinel-solution-paloaltopanos",`
			`"providers": [`
			`"Palo Alto Networks"`
			`],`
			`"categories": {`
			`"domains": [`
			`"Security - Automation (SOAR)",`
			`"Security - Network"`
			`]`
			`},`
			`"firstPublishDate": "2021-08-09",`
			`"lastPublishDate": "2021-09-20",`
			`"support": {`
			`"name": "Microsoft Corporation",`
			`"email": "support@microsoft.com",`
			`"tier": "Microsoft",`
			`"link": "https://support.microsoft.com"`
			`},`
			`"Data Connectors": "[\n \"PaloAltoNetworks.json\",\n \"template_PaloAlto-PAN-OSAMA.json\"\n]",`
			`"Playbooks": [`
			`"Playbooks/PaloAltoCustomConnector/PaloAlto_PAN-OS_Rest_API_CustomConnector/azuredeploy.json",`
			`"Playbooks/PaloAltoCustomConnector/PaloAlto_PAN-OS_XML_API_CustomConnector/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockIP-EntityTrigger/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockIP/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockURL-EntityTrigger/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-BlockURL/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-GetSystemInfo/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-GetThreatPCAP/azuredeploy.json",`
			`"Playbooks/PaloAltoPlaybooks/PaloAlto-PAN-OS-GetURLCategoryInfo/azuredeploy.json"`
			`],`
			`"Workbooks": "[\n \"PaloAltoOverview.json\",\n \"PaloAltoNetworkThreat.json\"\n]",`
			`"Analytic Rules": "[\n \"PaloAlto-UnusualThreatSignatures.yaml\",\n \"FileHashEntity_Covid19_CommonSecurityLog.yaml\",\n \"PaloAlto-NetworkBeaconing.yaml\",\n \"PaloAlto-PortScanning.yaml\"\n]",`
			`"Hunting Queries": "[\n \"PaloAlto-HighRiskPorts.yaml\",\n \"Palo Alto - potential beaconing detected.yaml\"\n]"`
			`}`