updated package for solutions
This commit is contained in:
Родитель
754d9371b8
Коммит
1dee511fd5
|
@ -26,7 +26,7 @@
|
|||
],
|
||||
"WatchlistDescription": "ExchOnlineVIP Watchlists contains a list of VIP users identified in Exchange Online that would be more monitored than others. This watchlist is used in the Audit log workbooks to filter activities on those users.",
|
||||
"BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Microsoft Exchange Security - Exchange Online",
|
||||
"Version": "3.1.2",
|
||||
"Version": "3.1.3",
|
||||
"Metadata": "SolutionMetadata.json",
|
||||
"TemplateSpec": true,
|
||||
"Is1Pconnector": false
|
||||
|
|
Двоичные данные
Solutions/Microsoft Exchange Security - Exchange Online/Package/3.1.3.zip
Normal file
Двоичные данные
Solutions/Microsoft Exchange Security - Exchange Online/Package/3.1.3.zip
Normal file
Двоичный файл не отображается.
Различия файлов скрыты, потому что одна или несколько строк слишком длинны
|
@ -10,19 +10,19 @@ FunctionParams:
|
|||
- Name: SpecificSectionList
|
||||
Type: string
|
||||
Description: The list of section to query. Default is all.
|
||||
DefaultValue: ''
|
||||
Default: ''
|
||||
- Name: SpecificConfigurationDate
|
||||
Type: string
|
||||
Description: The date to query. Default is last 7 days.
|
||||
DefaultValue: 'lastdate'
|
||||
Default: 'lastdate'
|
||||
- Name: SpecificConfigurationEnv
|
||||
Type: string
|
||||
Description: The environment to query. Default is all.
|
||||
DefaultValue: 'All'
|
||||
Default: 'All'
|
||||
- Name: Target
|
||||
Type: string
|
||||
Description: The target environment to query. Valid values are "On-Premises" or "Online". Default is "On-Premises".
|
||||
DefaultValue: 'On-Premises'
|
||||
Default: 'On-Premises'
|
||||
FunctionQuery: |
|
||||
// Version: 1.6.1
|
||||
// Last Updated: 19/12/2023
|
||||
|
|
|
@ -10,7 +10,7 @@ FunctionParams:
|
|||
- Name: Target
|
||||
Type: string
|
||||
Description: The target environment to query. Valid values are "On-Premises" or "Online". Default is "On-Premises".
|
||||
DefaultValue: 'On-Premises'
|
||||
Default: 'On-Premises'
|
||||
FunctionQuery: |
|
||||
// Parameters simulation
|
||||
// If you need to test the parser execution without saving it as a function, uncomment the bellow variable to simulate parameters values.
|
||||
|
|
|
@ -10,7 +10,7 @@ FunctionParams:
|
|||
- Name: UserToCheck
|
||||
Type: string
|
||||
Description: The user to verifiy if is a VIP or not. Default value is "all".
|
||||
DefaultValue: 'All'
|
||||
Default: 'All'
|
||||
FunctionQuery: |
|
||||
//let UserToCheck = "SampleEntry";
|
||||
let _UserToCheck = iif(UserToCheck == "" or UserToCheck == "All","All",tolower(UserToCheck));
|
||||
|
|
|
@ -10,7 +10,7 @@ FunctionParams:
|
|||
- Name: UserToCheck
|
||||
Type: string
|
||||
Description: The user to verifiy if is a VIP or not. Default value is "all".
|
||||
DefaultValue: 'All'
|
||||
Default: 'All'
|
||||
FunctionQuery: |
|
||||
//let UserToCheck = "SampleEntry";
|
||||
let _UserToCheck = iif(UserToCheck == "" or UserToCheck == "All","All",tolower(UserToCheck));
|
||||
|
|
|
@ -10,31 +10,31 @@ FunctionParams:
|
|||
- Name: SectionCompare
|
||||
Type: string
|
||||
Description: The Section to compare. Default value is "".
|
||||
DefaultValue: ''
|
||||
Default: ''
|
||||
- Name: DateCompare
|
||||
Type: string
|
||||
Description: The date of the source comparison. Default value is "lastdate".
|
||||
DefaultValue: 'lastdate'
|
||||
Default: 'lastdate'
|
||||
- Name: CurrentDate
|
||||
Type: string
|
||||
Description: The date of the target comparison. Default value is "lastdate".
|
||||
DefaultValue: 'lastdate'
|
||||
Default: 'lastdate'
|
||||
- Name: EnvList
|
||||
Type: string
|
||||
Description: List of environments to compare. Default value is "All".
|
||||
DefaultValue: 'All'
|
||||
Default: 'All'
|
||||
- Name: TypeEnv
|
||||
Type: string
|
||||
Description: Type of environment to compare. Default value is "Online".
|
||||
DefaultValue: 'Online'
|
||||
Default: 'Online'
|
||||
- Name: CurrentRole
|
||||
Type: string
|
||||
Description: A specific role to compare. Default value is "".
|
||||
DefaultValue: ''
|
||||
Default: ''
|
||||
- Name: ExclusionsAcct
|
||||
Type: dynamic
|
||||
Description: List of actors to exclude. Default value is "dynamic('')".
|
||||
DefaultValue: dynamic('')
|
||||
Default: dynamic('')
|
||||
FunctionQuery: |
|
||||
// Version: 1.0.0
|
||||
// Last Updated: 25/02/2024
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|
||||
|-------------|--------------------------------|---------------------------------------------|
|
||||
| 3.1.3 | 25-04-2024 | Repackaged for parser issue with old names |
|
||||
| 3.1.2 | 18-04-2024 | Repackaged for parser issue while update |
|
||||
| 3.1.1 | 19-03-2024 | Manually updated package content |
|
||||
| 3.0.5 | 20-02-2024 | Correct DataConnector last Log indicator |
|
||||
|
|
Двоичный файл не отображается.
Различия файлов скрыты, потому что одна или несколько строк слишком длинны
|
@ -1,5 +1,6 @@
|
|||
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|
||||
|-------------|--------------------------------|---------------------------------------------------------------|
|
||||
| 3.0.7 | 25-04-2024 | Repackaged for parser issue with old names |
|
||||
| 3.0.6 | 17-04-2024 | Repackaged solution for parser fix |
|
||||
| 3.0.5 | 08-04-2024 | Added Azure Deploy button for government portal deployments |
|
||||
| 3.0.4 | 18-03-2024 | Updated description in data file, data connector and added logo for ccp data connector |
|
||||
|
|
|
@ -44,7 +44,7 @@
|
|||
],
|
||||
"Metadata": "SolutionMetadata.json",
|
||||
"BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Okta Single Sign-On\\",
|
||||
"Version": "3.0.6",
|
||||
"Version": "3.0.7",
|
||||
"TemplateSpec": true,
|
||||
"Is1PConnector": false
|
||||
}
|
Двоичный файл не отображается.
|
@ -47,12 +47,12 @@
|
|||
"email": "support@microsoft.com",
|
||||
"_email": "[variables('email')]",
|
||||
"_solutionName": "Sophos Endpoint Protection",
|
||||
"_solutionVersion": "3.0.2",
|
||||
"_solutionVersion": "3.0.3",
|
||||
"solutionId": "azuresentinel.azure-sentinel-solution-sophosep",
|
||||
"_solutionId": "[variables('solutionId')]",
|
||||
"parserObject1": {
|
||||
"_parserName1": "[concat(parameters('workspace'),'/','Parser for SophosEPEvent')]",
|
||||
"_parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Parser for SophosEPEvent')]",
|
||||
"_parserName1": "[concat(parameters('workspace'),'/','Sophos Endpoint Protection Data Parser')]",
|
||||
"_parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Sophos Endpoint Protection Data Parser')]",
|
||||
"parserTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pr-',uniquestring('SophosEPEvent-Parser')))]",
|
||||
"parserVersion1": "2.0.1",
|
||||
"parserContentId1": "SophosEPEvent-Parser"
|
||||
|
@ -84,7 +84,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "SophosEPEvent Data Parser with template version 3.0.2",
|
||||
"description": "SophosEPEvent Data Parser with template version 3.0.3",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('parserObject1').parserVersion1]",
|
||||
|
@ -120,7 +120,7 @@
|
|||
"[variables('parserObject1')._parserId1]"
|
||||
],
|
||||
"properties": {
|
||||
"parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Parser for SophosEPEvent')]",
|
||||
"parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Sophos Endpoint Protection Data Parser')]",
|
||||
"contentId": "[variables('parserObject1').parserContentId1]",
|
||||
"kind": "Parser",
|
||||
"version": "[variables('parserObject1').parserVersion1]",
|
||||
|
@ -186,7 +186,7 @@
|
|||
"[variables('parserObject1')._parserId1]"
|
||||
],
|
||||
"properties": {
|
||||
"parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Parser for SophosEPEvent')]",
|
||||
"parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Sophos Endpoint Protection Data Parser')]",
|
||||
"contentId": "[variables('parserObject1').parserContentId1]",
|
||||
"kind": "Parser",
|
||||
"version": "[variables('parserObject1').parserVersion1]",
|
||||
|
@ -216,7 +216,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "Sophos Endpoint Protection data connector with template version 3.0.2",
|
||||
"description": "Sophos Endpoint Protection data connector with template version 3.0.3",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('dataConnectorVersion1')]",
|
||||
|
@ -1303,7 +1303,7 @@
|
|||
"apiVersion": "2023-04-01-preview",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"properties": {
|
||||
"version": "3.0.2",
|
||||
"version": "3.0.3",
|
||||
"kind": "Solution",
|
||||
"contentSchemaVersion": "3.0.0",
|
||||
"displayName": "Sophos Endpoint Protection",
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|
||||
|-------------|--------------------------------|--------------------------------------------------------------------|
|
||||
| 3.0.3 | 25-04-2024 | Repackaged for parser issue with old names |
|
||||
| 3.0.2 | 12-04-2024 | Repackaged for parser fix in solution package |
|
||||
| 3.0.1 | 12-03-2024 | Updated Sophos Endpoint **Function App** and **Parser** <br/>Added new CCP **Data Connector** |
|
||||
| 3.0.0 | 14-08-2023 | Manual deployment instructions updated for **Data Connector** |
|
||||
|
|
Загрузка…
Ссылка в новой задаче