Merge branch 'v-visodadasi/CTM360' of https://github.com/Azure/Azure-Sentinel into v-visodadasi/CTM360
This commit is contained in:
Vijay-Sodadasi
Коммит
2b2035f68d
Двоичные данные
Solutions/CTM360/Package/3.0.2.zip
Двоичные данные
Solutions/CTM360/Package/3.0.2.zip
Двоичный файл не отображается.
|
|
@ -1063,10 +1063,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1187,10 +1184,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": true,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1311,10 +1305,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1435,10 +1426,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1554,10 +1542,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1673,10 +1658,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1813,10 +1795,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -1951,10 +1930,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2088,10 +2064,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2225,10 +2198,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2346,10 +2316,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2465,10 +2432,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2605,10 +2569,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2728,10 +2689,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -2865,10 +2823,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3003,10 +2958,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3141,10 +3093,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3279,10 +3228,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3416,10 +3362,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3553,10 +3496,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3690,10 +3630,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3827,10 +3764,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -3964,10 +3898,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4070,10 +4001,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4187,10 +4115,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4322,10 +4247,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4457,10 +4379,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4570,10 +4489,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4707,10 +4623,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4830,10 +4743,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -4953,10 +4863,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5092,10 +4999,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5234,10 +5138,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5376,10 +5277,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5518,10 +5416,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5663,10 +5558,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5805,10 +5697,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
@ -5947,10 +5836,7 @@
|
|||
"reopenClosedIncident": false,
|
||||
"enabled": false,
|
||||
"matchingMethod": "AllEntities",
|
||||
"lookbackDuration": "PT5H",
|
||||
"groupByAlertDetails": [],
|
||||
"groupByEntities": [],
|
||||
"groupByCustomDetails": []
|
||||
"lookbackDuration": "PT5H"
|
||||
},
|
||||
"createIncident": true
|
||||
}
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче