SecurityThreatEssentilas repackaged

Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_TimeSeriesAnomaly-MultiVendor_DataExfiltration.yaml

@@ -13,6 +13,9 @@ requiredDataConnectors:
   - connectorId: CiscoASA
     dataTypes:
       - CommonSecurityLog
+  - connectorId: CiscoAsaAma
+    dataTypes:
+      - CommonSecurityLog
   - connectorId: PaloAltoNetworks
     dataTypes:
       - CommonSecurityLog
@@ -114,5 +117,5 @@ entityMappings:
     fieldMappings:
       - identifier: Address
         columnName: SourceIPMax
-version: 1.0.3
+version: 1.0.4
 kind: Scheduled

Solutions/SecurityThreatEssentialSolution/Data/Solution_SecurityThreatEssentialSolution.json

@@ -17,7 +17,7 @@
 	"Analytic Rules/PossibleAiTMPhishingAttemptAgainstAAD.yaml"	
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\SecurityThreatEssentialSolution",
-  "Version": "3.0.2",
+  "Version": "3.0.3",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
   "Is1PConnector": true

Solutions/SecurityThreatEssentialSolution/Package/createUiDefinition.json

@@ -128,7 +128,7 @@
                 "name": "analytic4-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "This query generates baseline pattern of cloud resource deletions by an user and generated anomaly \nwhen any unusual spike is detected.\nThese anomalies from unusual or privileged users could be an indication of cloud infrastructure \ntake-down by an adversary "
+                  "text": "This query generates baseline pattern of cloud resource deletions by an user and generated anomaly when any unusual spike is detected.\nThese anomalies from unusual or privileged users could be an indication of cloud infrastructure take-down by an adversary "
                 }
               }
             ]

Solutions/SecurityThreatEssentialSolution/ReleaseNotes.md

@@ -1,5 +1,6 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                        |
 |-------------|--------------------------------|---------------------------------------------------------------------------|
+| 3.0.3       | 05-06-2024                     | Added missing AMA **Data Connector** reference in **Analytic Rule**       |
 | 3.0.2       | 18-03-2024                     | Tagged for dependent solutions for deployment                             |
 | 3.0.1       | 10-11-2023                     | Modified text as there is rebranding from Azure Active Directory to Microsoft Entra ID.  |
 | 3.0.0       | 06-07-2023                     | Updating **Analytic rule** query for KQL failure                          |