Merge pull request #3349 from Azure/v-manoj/CreatingPackageInfoSecGlobal
Solution Package for InfoSecGlobal
This commit is contained in:
v-jayakal
GitHub
Коммит
84c1e11fd2
Двоичный файл не отображается.
|
|
@ -0,0 +1,144 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#",
|
||||
"handler": "Microsoft.Azure.CreateUIDef",
|
||||
"version": "0.1.2-preview",
|
||||
"parameters": {
|
||||
"config": {
|
||||
"isWizard": false,
|
||||
"basics": {
|
||||
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/InfoSecGlobal/Workbooks/Images/Logo/infosecglobal.svg\" width=\"75px\" height=\"75px\">\n\n**Important:** _This Azure Sentinel Solution is currently in public preview. This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/)._\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nUse this data connector to integrate with InfoSec Crypto Analytics and get data sent directly to Azure Sentinel.\n\nAzure Sentinel Solutions provide a consolidated way to acquire Azure Sentinel content like data connectors, workbooks, analytics, and automations in your workspace with a single deployment step.\n\n**Data Connectors:** 1, **Workbooks:** 1\n\n[Learn more about Azure Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
|
||||
"subscription": {
|
||||
"resourceProviders": [
|
||||
"Microsoft.OperationsManagement/solutions",
|
||||
"Microsoft.OperationalInsights/workspaces/providers/alertRules",
|
||||
"Microsoft.Insights/workbooks",
|
||||
"Microsoft.Logic/workflows"
|
||||
]
|
||||
},
|
||||
"location": {
|
||||
"metadata": {
|
||||
"hidden": "Hiding location, we get it from the log analytics workspace"
|
||||
},
|
||||
"visible": false
|
||||
},
|
||||
"resourceGroup": {
|
||||
"allowExisting": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"basics": [
|
||||
{
|
||||
"name": "getLAWorkspace",
|
||||
"type": "Microsoft.Solutions.ArmApiControl",
|
||||
"toolTip": "This filters by workspaces that exist in the Resource Group selected",
|
||||
"condition": "[greater(length(resourceGroup().name),0)]",
|
||||
"request": {
|
||||
"method": "GET",
|
||||
"path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "workspace",
|
||||
"type": "Microsoft.Common.DropDown",
|
||||
"label": "Workspace",
|
||||
"placeholder": "Select a workspace",
|
||||
"toolTip": "This dropdown will list only workspace that exists in the Resource Group selected",
|
||||
"constraints": {
|
||||
"allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(filter.id, toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]",
|
||||
"required": true
|
||||
},
|
||||
"visible": true
|
||||
}
|
||||
],
|
||||
"steps": [
|
||||
{
|
||||
"name": "dataconnectors",
|
||||
"label": "Data Connectors",
|
||||
"bladeTitle": "Data Connectors",
|
||||
"elements": [
|
||||
{
|
||||
"name": "dataconnectors1-text",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"text": "This Solution installs the data connector for InfoSecGlobal. You can get InfoSecGlobal custom log data in your Azure Sentinel workspace. Configure and enable this data connector in the Data Connector gallery after this Solution deploys. This data connector creates custom log table(s) InfoSecAnalytics_CL in your Azure Sentinel / Azure Log Analytics workspace."
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "dataconnectors-link1",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"link": {
|
||||
"label": "Learn more about normalized format",
|
||||
"uri": "https://docs.microsoft.com/azure/sentinel/normalization-schema"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "dataconnectors-link2",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"link": {
|
||||
"label": "Learn more about connecting data sources",
|
||||
"uri": "https://docs.microsoft.com/azure/sentinel/connect-data-sources"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "workbooks",
|
||||
"label": "Workbooks",
|
||||
"subLabel": {
|
||||
"preValidation": "Configure the workbooks",
|
||||
"postValidation": "Done"
|
||||
},
|
||||
"bladeTitle": "Workbooks",
|
||||
"elements": [
|
||||
{
|
||||
"name": "workbooks-text",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"text": "This Azure Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Azure Sentinel and combine them into unified interactive experiences.",
|
||||
"link": {
|
||||
"label": "Learn more",
|
||||
"uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "workbook1",
|
||||
"type": "Microsoft.Common.Section",
|
||||
"label": "InfoSecGlobal",
|
||||
"elements": [
|
||||
{
|
||||
"name": "workbook1-text",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"text": "Gain insights into InfoGlobal logs."
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "workbook1-name",
|
||||
"type": "Microsoft.Common.TextBox",
|
||||
"label": "Display Name",
|
||||
"defaultValue": "InfoSecGlobal",
|
||||
"toolTip": "Display name for the workbook.",
|
||||
"constraints": {
|
||||
"required": true,
|
||||
"regex": "[a-z0-9A-Z]{1,256}$",
|
||||
"validationMessage": "Please enter a workbook name"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"workspace-location": "[resourceGroup().location]",
|
||||
"location": "[location()]",
|
||||
"workspace": "[basics('workspace')]",
|
||||
"workbook1-name": "[steps('workbooks').workbook1.workbook1-name]"
|
||||
}
|
||||
}
|
||||
}
|
||||
Различия файлов скрыты, потому что одна или несколько строк слишком длинны
|
|
@ -0,0 +1,14 @@
|
|||
{
|
||||
"publisherId": "publisherId_test",
|
||||
"planId": "planId_test",
|
||||
"providers": ["InfoSecGlobal"],
|
||||
"categories": {
|
||||
"domains": ["IT Operations"],
|
||||
"verticals": []
|
||||
},
|
||||
"support": {
|
||||
"tier": "Partner",
|
||||
"name": "InfoSecGlobal",
|
||||
"link": "https://www.infosecglobal.com/"
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
{
|
||||
"Name": "InfoSecGlobal",
|
||||
"Author": "ManojReddy Arimanda - v-marimanda@microsoft.com",
|
||||
"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/InfoSecGlobal/Workbooks/Images/Logo/infosecglobal.svg\" width=\"75px\" height=\"75px\">",
|
||||
"Description": "Use this data connector to integrate with InfoSec Crypto Analytics and get data sent directly to Azure Sentinel.",
|
||||
"WorkbookDescription": "Gain insights into InfoGlobal logs.",
|
||||
"Workbooks": [
|
||||
"Workbooks/InfoSecGlobal.json"
|
||||
],
|
||||
"Data Connectors": [
|
||||
"Data Connectors/Connector_Analytics_InfoSec.json"
|
||||
],
|
||||
"BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\InfoGlobal",
|
||||
"Version": "1.0.0",
|
||||
"Metadata": "SolutionMetadata.json"
|
||||
}
|
||||
Загрузка…
Ссылка в новой задаче