Logo path corrected

2024-07-25 12:50:54 +05:30 · 2024-07-25 12:50:54 +05:30 · 5251a02a7f
--- a/Logos/DomainTools.svg
+++ b/Logos/DomainTools.svg
--- a/Solutions/DomainTools/Data/Solution_DomainTools.json
+++ b/Solutions/DomainTools/Data/Solution_DomainTools.json
@ -1,7 +1,7 @@
 {
  "Name": "DomainTools",
  "Author": "DomainTools - memberservices@domaintools.com",
-  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/DomainTools/Playbooks/DomainTools_Iris_Enrich-Domain_Playbook/graphics/DomainTools.png\"width=\"75px\"height=\"75px\">",
+  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/DomainTools.svg\"width=\"75px\"height=\"75px\">",
  "Description": "The [Domaintools Iris investigate](https://www.domaintools.com/products/platform/iris-investigate/) solution for Microsoft Sentinel contains Playbooks that can help Enrich domain & investigate domain, domain risk score, Malicious tags, URL's and DNS from Domain tools. This enriched / investigated information can help drive better analysis in security Operations.",
  "Playbooks": [
    "Playbooks/CustomConnector/DomainTools_FunctionAppConnector/azuredeploy.json",
--- a/Solutions/DomainTools/Package/3.0.1.zip
+++ b/Solutions/DomainTools/Package/3.0.1.zip
--- a/Solutions/DomainTools/Package/createUiDefinition.json
+++ b/Solutions/DomainTools/Package/createUiDefinition.json
@ -6,7 +6,7 @@
    "config": {
      "isWizard": false,
      "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/DomainTools/Playbooks/DomainTools_Iris_Enrich-Domain_Playbook/graphics/DomainTools.png\"width=\"75px\"height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/DomainTools/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Domaintools Iris investigate](https://www.domaintools.com/products/platform/iris-investigate/) solution for Microsoft Sentinel contains Playbooks that can help Enrich domain & investigate domain, domain risk score, Malicious tags, URL's and DNS from Domain tools. This enriched / investigated information can help drive better analysis in security Operations.\n\n**Parsers:** 1, **Function Apps:** 1, **Playbooks:** 8\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/DomainTools.svg\"width=\"75px\"height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/DomainTools/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Domaintools Iris investigate](https://www.domaintools.com/products/platform/iris-investigate/) solution for Microsoft Sentinel contains Playbooks that can help Enrich domain & investigate domain, domain risk score, Malicious tags, URL's and DNS from Domain tools. This enriched / investigated information can help drive better analysis in security Operations.\n\n**Parsers:** 1, **Function Apps:** 1, **Playbooks:** 8\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
        "subscription": {
          "resourceProviders": [
            "Microsoft.OperationsManagement/solutions",
--- a/Solutions/DomainTools/Package/mainTemplate.json
+++ b/Solutions/DomainTools/Package/mainTemplate.json
@ -7622,10 +7622,10 @@
              "location": "[parameters('workspace-location')]",
              "properties": {
                "eTag": "*",
-                "displayName": "Parser for all DomainTools",
-                "category": "DomainToolsParser",
+                "displayName": "DomainTools ASIM DNS Schema",
+                "category": "Microsoft Sentinel Parser",
                "functionAlias": "DomainToolsDNSActivity",
-                "query": "DomainToolsDomainEnrichment_CL\n| extend EventVendor = 'DomainTools'\n| extend EventProduct = 'Iris'\n| extend EventSchema = \"Dns\"\n| extend EventSchemaVersion = \"0.1.7\"\n| extend EventCount = 1\n| extend EventType = \"Query\"\n| extend EventSubType = \"response\"\n| project-rename\n    SrcGeoCountry = Contact_Country_Code_s\n    Domain = Domain_s\n    ThreatFirstReportedTime = First_Seen_t [UTC]\n    ThreatIpAddr = IP_Address_s\n    DnsResponseIpCountry = IP_Country_s\n",
+                "query": "DomainToolsDomainEnrichment_CL\n| extend EventVendor = \"DomainTools\"\n| extend EventProduct = \"Iris Enrich\"\n| extend EventSchema = \"Dns\"\n| extend EventSchemaVersion = \"0.1.7\"\n| extend EventCount = 1\n| extend EventType = \"Query\"\n| extend EventSubType = \"response\"\n| extend\n\tEventStartTime = TimeGenerated,\n\tEventEndTime = TimeGenerated,\n\tDvc = EventVendor,\n\tEventResult = 'Success',\n    SrcGeoCountry = column_ifexists('Contact_Country_Code_s', ''),\n    Domain = column_ifexists('Domain_s', ''),\n    IpAddr = column_ifexists('IP_Address_s', ''),\n    DnsResponseIpCountry = column_ifexists('IP_Country_s', ''),\n    SrcRiskLevel = column_ifexists('Risk_Score_d', '')\n | project\n    TimeGenerated,\n    EventVendor,\n    EventProduct,\n    EventType,\n    SrcGeoCountry,\n    Domain,\n    IpAddr,\n    DnsResponseIpCountry,\n    SrcRiskLevel\n",
                "functionParameters": "",
                "version": 2,
                "tags": [
@ -7674,7 +7674,7 @@
        "contentSchemaVersion": "3.0.0",
        "contentId": "[variables('parserObject1').parserContentId1]",
        "contentKind": "Parser",
-        "displayName": "Parser for all DomainTools",
+        "displayName": "DomainTools ASIM DNS Schema",
        "contentProductId": "[concat(take(variables('_solutionId'),50),'-','pr','-', uniqueString(concat(variables('_solutionId'),'-','Parser','-',variables('parserObject1').parserContentId1,'-', '1.0.0')))]",
        "id": "[concat(take(variables('_solutionId'),50),'-','pr','-', uniqueString(concat(variables('_solutionId'),'-','Parser','-',variables('parserObject1').parserContentId1,'-', '1.0.0')))]",
        "version": "[variables('parserObject1').parserVersion1]"
@ -7687,10 +7687,10 @@
      "location": "[parameters('workspace-location')]",
      "properties": {
        "eTag": "*",
-        "displayName": "Parser for all DomainTools",
-        "category": "DomainToolsParser",
+        "displayName": "DomainTools ASIM DNS Schema",
+        "category": "Microsoft Sentinel Parser",
        "functionAlias": "DomainToolsDNSActivity",
-        "query": "DomainToolsDomainEnrichment_CL\n| extend EventVendor = 'DomainTools'\n| extend EventProduct = 'Iris'\n| extend EventSchema = \"Dns\"\n| extend EventSchemaVersion = \"0.1.7\"\n| extend EventCount = 1\n| extend EventType = \"Query\"\n| extend EventSubType = \"response\"\n| project-rename\n    SrcGeoCountry = Contact_Country_Code_s\n    Domain = Domain_s\n    ThreatFirstReportedTime = First_Seen_t [UTC]\n    ThreatIpAddr = IP_Address_s\n    DnsResponseIpCountry = IP_Country_s\n",
+        "query": "DomainToolsDomainEnrichment_CL\n| extend EventVendor = \"DomainTools\"\n| extend EventProduct = \"Iris Enrich\"\n| extend EventSchema = \"Dns\"\n| extend EventSchemaVersion = \"0.1.7\"\n| extend EventCount = 1\n| extend EventType = \"Query\"\n| extend EventSubType = \"response\"\n| extend\n\tEventStartTime = TimeGenerated,\n\tEventEndTime = TimeGenerated,\n\tDvc = EventVendor,\n\tEventResult = 'Success',\n    SrcGeoCountry = column_ifexists('Contact_Country_Code_s', ''),\n    Domain = column_ifexists('Domain_s', ''),\n    IpAddr = column_ifexists('IP_Address_s', ''),\n    DnsResponseIpCountry = column_ifexists('IP_Country_s', ''),\n    SrcRiskLevel = column_ifexists('Risk_Score_d', '')\n | project\n    TimeGenerated,\n    EventVendor,\n    EventProduct,\n    EventType,\n    SrcGeoCountry,\n    Domain,\n    IpAddr,\n    DnsResponseIpCountry,\n    SrcRiskLevel\n",
        "functionParameters": "",
        "version": 2,
        "tags": [
@ -7745,7 +7745,7 @@
        "contentKind": "Solution",
        "contentProductId": "[variables('_solutioncontentProductId')]",
        "id": "[variables('_solutioncontentProductId')]",
-        "icon": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/DomainTools/Playbooks/DomainTools_Iris_Enrich-Domain_Playbook/graphics/DomainTools.png\"width=\"75px\"height=\"75px\">",
+        "icon": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/DomainTools.svg\"width=\"75px\"height=\"75px\">",
        "contentId": "[variables('_solutionId')]",
        "parentId": "[variables('_solutionId')]",
        "source": {