Azure Web Application Firewall Repackaging (#7711)

* azure waf * Update zip --------- Co-authored-by: v-atulyadav <104008048+v-atulyadav@users.noreply.github.com>
2023-03-31 16:57:39 +05:30 · 2023-03-31 16:57:39 +05:30 · 8e62dcf051
--- a/(WAF)/Data/Solution_AzureWAF.json
+++ b/(WAF)/Data/Solution_AzureWAF.json
@ -2,7 +2,7 @@
  "Name": "Azure Web Application Firewall (WAF)",
  "Author": "Microsoft - support@microsoft.com",
  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/waf_logo.svg\"width=\"75px\" height=\"75px\">",
-  "Description": "The Azure Web Application Firewall (WAF) solution for Microsoft Sentinel allows you to ingest Diagnostic Metrics from Application Gateway, Front Door and CDN into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Azure Monitor Resource Diagnostics](https://docs.microsoft.com/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal)",
+  "Description": "The Azure Web Application Firewall (WAF) solution for Microsoft Sentinel allows you to ingest Diagnostic Metrics from Application Gateway, Front Door and CDN into Microsoft Sentinel.",
  "Data Connectors": [
    "Solutions/Azure Web Application Firewall (WAF)/Data Connectors/template_WAF.json"
  ],
@ -18,7 +18,7 @@
    "Solutions/Azure Web Application Firewall (WAF)/Workbooks/WebApplicationFirewallWAFTypeEvents.json"
  ],
  "BasePath": "C:\\GitHub\\Azure-Sentinel",
-  "Version": "2.0.3",
+  "Version": "2.0.4",
  "Metadata": "SolutionMetadata.json",
  "TemplateSpec": true,
  "Is1PConnector": true
--- a/(WAF)/Package/2.0.4.zip
+++ b/(WAF)/Package/2.0.4.zip
--- a/(WAF)/Package/createUiDefinition.json
+++ b/(WAF)/Package/createUiDefinition.json
@ -6,7 +6,7 @@
    "config": {
      "isWizard": false,
      "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/waf_logo.svg\"width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe Azure Web Application Firewall (WAF) solution for Microsoft Sentinel allows you to ingest Diagnostic Metrics from Application Gateway, Front Door and CDN into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Azure Monitor Resource Diagnostics](https://docs.microsoft.com/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal)\n\n**Data Connectors:** 1, **Workbooks:** 4, **Analytic Rules:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/waf_logo.svg\"width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe Azure Web Application Firewall (WAF) solution for Microsoft Sentinel allows you to ingest Diagnostic Metrics from Application Gateway, Front Door and CDN into Microsoft Sentinel.\n\n **Data Connectors:** 1, **Workbooks:** 4, **Analytic Rules:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
        "subscription": {
          "resourceProviders": [
            "Microsoft.OperationsManagement/solutions",
@ -194,7 +194,7 @@
                "name": "analytic1-text",
                "type": "Microsoft.Common.TextBlock",
                "options": {
-                  "text": "Detects unobstructed Web Application Firewall (WAF) activity in sessions where the WAF blocked incoming requests by computing the \nratio between blocked requests and unobstructed WAF requests in these sessions (BlockvsSuccessRatio metric). A high ratio value for \na given client IP and hostname calls for further investigation of the WAF data in that session, due to the significantly high number \nof blocked requests and a few unobstructed logs which may be malicious but have passed undetected through the WAF. The successCode \nvariable defines what the detection thinks is a successful status code, and should be altered to fit the environment."
+                  "text": "Detects unobstructed Web Application Firewall (WAF) activity in sessions where the WAF blocked incoming requests by computing the \nratio between blocked requests and unobstructed WAF requests in these sessions (BlockvsSuccessRatio metric). A high ratio value for \na given client IP and hostname calls for further investigation of the WAF data in that session, due to the significantly high number \nof blocked requests and a few unobstructed logs that may be malicious but have passed undetected through the WAF. The successCode \nvariable defines what the detection thinks is a successful status code and should be altered to fit the environment."
                }
              }
            ]
@ -208,7 +208,7 @@
                "name": "analytic2-text",
                "type": "Microsoft.Common.TextBlock",
                "options": {
-                  "text": "Identifies a match for SQL Injection attack in the Front Door Premium WAF logs. The Threshold value in the query can be changed as per your infrastructure's requirement.\n References: https://owasp.org/Top10/A03_2021-Injection/"
+                  "text": "Identifies a match for a SQL Injection attack in the Front Door Premium WAF logs. The threshold value in the query can be changed as per your infrastructure's requirements.\nReferences: https://owasp.org/Top10/A03_2021-Injection/"
                }
              }
            ]
@ -222,7 +222,7 @@
                "name": "analytic3-text",
                "type": "Microsoft.Common.TextBlock",
                "options": {
-                  "text": "Identifies a match for XSS attack in the Front Door Premium WAF logs. The Threshold value in the query can be changed as per your infrastructure's requirement.\n References: https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)"
+                  "text": "Identifies a match for an XSS attack in the Front Door Premium WAF logs. The threshold value in the query can be changed as per your infrastructure's requirements.\n References: https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)"
                }
              }
            ]
--- a/(WAF)/Package/mainTemplate.json
+++ b/(WAF)/Package/mainTemplate.json
--- a/(WAF)/SolutionMetadata.json
+++ b/(WAF)/SolutionMetadata.json
@ -4,7 +4,7 @@
 	"firstPublishDate": "2022-05-18",
 	"providers": [ "Microsoft" ],
 	"categories": {
-		"domains": [ "Security – Network" ]
+		"domains": [ "Security - Network" ]
 	},
 	"support": {
 		"tier": "Microsoft",