updated package for solutions

2024-04-26 11:50:10 +05:30 · 2024-04-26 11:50:10 +05:30 · 1dee511fd5
--- a/Online/Data/Solution_MicrosoftExchangeSecurityExchangeOnline.json
+++ b/Online/Data/Solution_MicrosoftExchangeSecurityExchangeOnline.json
@ -26,7 +26,7 @@
  ],
  "WatchlistDescription": "ExchOnlineVIP Watchlists contains a list of VIP users identified in Exchange Online that would be more monitored than others. This watchlist is used in the Audit log workbooks to filter activities on those users.",
  "BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Microsoft Exchange Security - Exchange Online",
-  "Version": "3.1.2",
+  "Version": "3.1.3",
  "Metadata": "SolutionMetadata.json",
  "TemplateSpec": true,
  "Is1Pconnector": false
--- a/Online/Package/3.1.3.zip
+++ b/Online/Package/3.1.3.zip
--- a/Online/Package/mainTemplate.json
+++ b/Online/Package/mainTemplate.json
--- a/Online/Parsers/ExchangeConfiguration.yaml
+++ b/Online/Parsers/ExchangeConfiguration.yaml
@ -10,19 +10,19 @@ FunctionParams:
    - Name: SpecificSectionList
      Type: string
      Description: The list of section to query. Default is all.
-      DefaultValue: ''
+      Default: ''
    - Name: SpecificConfigurationDate
      Type: string
      Description: The date to query. Default is last 7 days.
-      DefaultValue: 'lastdate'
+      Default: 'lastdate'
    - Name: SpecificConfigurationEnv
      Type: string
      Description: The environment to query. Default is all.
-      DefaultValue: 'All'
+      Default: 'All'
    - Name: Target
      Type: string
      Description: The target environment to query. Valid values are "On-Premises" or "Online". Default is "On-Premises".
-      DefaultValue: 'On-Premises'
+      Default: 'On-Premises'
 FunctionQuery: |
    // Version:         1.6.1
    // Last Updated:    19/12/2023
--- a/Online/Parsers/ExchangeEnvironmentList.yaml
+++ b/Online/Parsers/ExchangeEnvironmentList.yaml
@ -10,7 +10,7 @@ FunctionParams:
  - Name: Target
    Type: string
    Description: The target environment to query. Valid values are "On-Premises" or "Online". Default is "On-Premises".
-    DefaultValue: 'On-Premises'
+    Default: 'On-Premises'
 FunctionQuery: |
    // Parameters simulation
    // If you need to test the parser execution without saving it as a function, uncomment the bellow variable to simulate parameters values.
--- a/Online/Parsers/MESCheckOnlineVIP.yaml
+++ b/Online/Parsers/MESCheckOnlineVIP.yaml
@ -10,7 +10,7 @@ FunctionParams:
  - Name: UserToCheck
    Type: string
    Description: The user to verifiy if is a VIP or not. Default value is "all".
-    DefaultValue: 'All'
+    Default: 'All'
 FunctionQuery: |
  //let UserToCheck = "SampleEntry";
  let _UserToCheck = iif(UserToCheck == "" or UserToCheck == "All","All",tolower(UserToCheck));
--- a/Online/Parsers/MESCheckVIP.yaml
+++ b/Online/Parsers/MESCheckVIP.yaml
@ -10,7 +10,7 @@ FunctionParams:
  - Name: UserToCheck
    Type: string
    Description: The user to verifiy if is a VIP or not. Default value is "all".
-    DefaultValue: 'All'
+    Default: 'All'
 FunctionQuery: |
  //let UserToCheck = "SampleEntry";
  let _UserToCheck = iif(UserToCheck == "" or UserToCheck == "All","All",tolower(UserToCheck));
--- a/Online/Parsers/MESCompareDataMRA.yaml
+++ b/Online/Parsers/MESCompareDataMRA.yaml
@ -10,31 +10,31 @@ FunctionParams:
  - Name: SectionCompare
    Type: string
    Description: The Section to compare. Default value is "".
-    DefaultValue: ''
+    Default: ''
  - Name: DateCompare
    Type: string
    Description: The date of the source comparison. Default value is "lastdate".
-    DefaultValue: 'lastdate'
+    Default: 'lastdate'
  - Name: CurrentDate
    Type: string
    Description: The date of the target comparison. Default value is "lastdate".
-    DefaultValue: 'lastdate'
+    Default: 'lastdate'
  - Name: EnvList
    Type: string
    Description: List of environments to compare. Default value is "All".
-    DefaultValue: 'All'
+    Default: 'All'
  - Name: TypeEnv
    Type: string
    Description: Type of environment to compare. Default value is "Online".
-    DefaultValue: 'Online'
+    Default: 'Online'
  - Name: CurrentRole
    Type: string
    Description: A specific role to compare. Default value is "".
-    DefaultValue: ''
+    Default: ''
  - Name: ExclusionsAcct
    Type: dynamic
    Description: List of actors to exclude. Default value is "dynamic('')".
-    DefaultValue: dynamic('')
+    Default: dynamic('')
 FunctionQuery: |
  // Version:         1.0.0
  // Last Updated:    25/02/2024
--- a/Online/ReleaseNotes.md
+++ b/Online/ReleaseNotes.md
@ -1,5 +1,6 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                          |
 |-------------|--------------------------------|---------------------------------------------|
+| 3.1.3       | 25-04-2024                     | Repackaged for parser issue with old names       |
 | 3.1.2       | 18-04-2024                     | Repackaged for parser issue while update       |
 | 3.1.1       | 19-03-2024                     | Manually updated package content       |
 | 3.0.5       | 20-02-2024                     | Correct DataConnector last Log indicator       |
--- a/Sign-On/Package/3.0.7.zip
+++ b/Sign-On/Package/3.0.7.zip
--- a/Sign-On/Package/mainTemplate.json
+++ b/Sign-On/Package/mainTemplate.json
--- a/Sign-On/ReleaseNotes.md
+++ b/Sign-On/ReleaseNotes.md
@ -1,5 +1,6 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                            |
 |-------------|--------------------------------|---------------------------------------------------------------|
+| 3.0.7       | 25-04-2024                     | Repackaged for parser issue with old names       |
 | 3.0.6       | 17-04-2024                     | Repackaged solution for parser fix   |
 | 3.0.5       | 08-04-2024                     | Added Azure Deploy button for government portal deployments   |
 | 3.0.4       | 18-03-2024                     | Updated description in data file, data connector and added logo for ccp data connector                    |
--- a/Sign-On/data/Solution_Okta.json
+++ b/Sign-On/data/Solution_Okta.json
@ -44,7 +44,7 @@
  ],
  "Metadata": "SolutionMetadata.json",
  "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Okta Single Sign-On\\",
-  "Version": "3.0.6",
+  "Version": "3.0.7",
  "TemplateSpec": true,
  "Is1PConnector": false
 }
--- a/Protection/Package/3.0.3.zip
+++ b/Protection/Package/3.0.3.zip
--- a/Protection/Package/mainTemplate.json
+++ b/Protection/Package/mainTemplate.json
@ -47,12 +47,12 @@
    "email": "support@microsoft.com",
    "_email": "[variables('email')]",
    "_solutionName": "Sophos Endpoint Protection",
-    "_solutionVersion": "3.0.2",
+    "_solutionVersion": "3.0.3",
    "solutionId": "azuresentinel.azure-sentinel-solution-sophosep",
    "_solutionId": "[variables('solutionId')]",
    "parserObject1": {
-      "_parserName1": "[concat(parameters('workspace'),'/','Parser for SophosEPEvent')]",
-      "_parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Parser for SophosEPEvent')]",
+      "_parserName1": "[concat(parameters('workspace'),'/','Sophos Endpoint Protection Data Parser')]",
+      "_parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Sophos Endpoint Protection Data Parser')]",
      "parserTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pr-',uniquestring('SophosEPEvent-Parser')))]",
      "parserVersion1": "2.0.1",
      "parserContentId1": "SophosEPEvent-Parser"
@ -84,7 +84,7 @@
        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
      ],
      "properties": {
-        "description": "SophosEPEvent Data Parser with template version 3.0.2",
+        "description": "SophosEPEvent Data Parser with template version 3.0.3",
        "mainTemplate": {
          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
          "contentVersion": "[variables('parserObject1').parserVersion1]",
@ -120,7 +120,7 @@
                "[variables('parserObject1')._parserId1]"
              ],
              "properties": {
-                "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Parser for SophosEPEvent')]",
+                "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Sophos Endpoint Protection Data Parser')]",
                "contentId": "[variables('parserObject1').parserContentId1]",
                "kind": "Parser",
                "version": "[variables('parserObject1').parserVersion1]",
@ -186,7 +186,7 @@
        "[variables('parserObject1')._parserId1]"
      ],
      "properties": {
-        "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Parser for SophosEPEvent')]",
+        "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'Sophos Endpoint Protection Data Parser')]",
        "contentId": "[variables('parserObject1').parserContentId1]",
        "kind": "Parser",
        "version": "[variables('parserObject1').parserVersion1]",
@ -216,7 +216,7 @@
        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
      ],
      "properties": {
-        "description": "Sophos Endpoint Protection data connector with template version 3.0.2",
+        "description": "Sophos Endpoint Protection data connector with template version 3.0.3",
        "mainTemplate": {
          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
          "contentVersion": "[variables('dataConnectorVersion1')]",
@ -1303,7 +1303,7 @@
      "apiVersion": "2023-04-01-preview",
      "location": "[parameters('workspace-location')]",
      "properties": {
-        "version": "3.0.2",
+        "version": "3.0.3",
        "kind": "Solution",
        "contentSchemaVersion": "3.0.0",
        "displayName": "Sophos Endpoint Protection",
--- a/Protection/ReleaseNotes.md
+++ b/Protection/ReleaseNotes.md
@ -1,5 +1,6 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                 |
 |-------------|--------------------------------|--------------------------------------------------------------------|
+| 3.0.3       | 25-04-2024                     | Repackaged for parser issue with old names       |
 | 3.0.2       | 12-04-2024                     | Repackaged for parser fix in solution package 				|  
 | 3.0.1       | 12-03-2024                     | Updated Sophos Endpoint **Function App** and **Parser** <br/>Added new CCP **Data Connector**		|  
 | 3.0.0       | 14-08-2023                     | Manual deployment instructions updated for **Data Connector**		|