Repackage - Network Threat Protection Essentials
This commit is contained in:
v-rusraut
Родитель
dfa826f812
Коммит
9aa8d17036
|
|
@ -13,7 +13,7 @@
|
|||
"Analytic Rules/NewUserAgentLast24h.yaml"
|
||||
],
|
||||
"BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Network Threat Protection Essentials",
|
||||
"Version": "3.0.1",
|
||||
"Version": "3.0.2",
|
||||
"Metadata": "SolutionMetadata.json",
|
||||
"TemplateSpec": true,
|
||||
"Is1PConnector": true
|
||||
|
|
|
|||
Двоичный файл не отображается.
|
|
@ -6,7 +6,7 @@
|
|||
"config": {
|
||||
"isWizard": false,
|
||||
"basics": {
|
||||
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Network%20Threat%20Protection%20Essentials/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe **Network Threat Protection Essentials** solution contain queries that identifies suspicious network behavior based on various data sources ingested in Sentinel. The solution contains queries to detect common network-based attacks - things like malicious user agents, mining pools, Base64 encoded IPv4 address in request URL etc. The solution will be constantly updated to add more detection/hunting query as well as other sentinel content.\r\n \r\n**Pre-requisites:**\r\n \r\nThis is a [domain solution](https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions) and does not include any data connectors. The content in this solution supports the connectors listed below. Install one or more of the listed solutions, to unlock the value provided by this solution.\r\n \r\n 1.[Microsoft 365](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-office365azure-sentinel-solution-office365)\r\n \r\n 2.[Amazon Web Services](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-amazonwebservicesazure-sentinel-solution-amazonwebservices)\r\n \r\n 3.[Windows Server DNS](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-dnsazure-sentinel-solution-dns)\r\n \r\n4.[Azure Firewall](https://ms.portal.azure.com/#create/sentinel4azurefirewall.sentinel4azurefirewallsentinel4azurefirewall)\r\n \r\n5.[Windows Forwarded Events](https://ms.portal.azure.com/#create/azuresentinel.azure-sentinel-solution-windowsforwardedeventsazure-sentinel-solution-windowsforwardedevents)\r\n \r\n6.[ZScaler Internet Access](https://ms.portal.azure.com/#create/zscaler1579058425289.zscaler_internet_access_msszia_msentinel_v1)\r\n \r\n7.[Palo Alto Networks](https://ms.portal.azure.com/#create/azuresentinel.azure-sentinel-solution-paloaltopanosazure-sentinel-solution-paloaltopanos)\r\n \r\n8.[Fortinet FortiGate](https://ms.portal.azure.com/#create/azuresentinel.azure-sentinel-solution-fortinetfortigateazure-sentinel-solution-fortinetfortigate)\r\n \r\n9.[Check Point](https://ms.portal.azure.com/#create/checkpoint.checkpoint-sentinel-solutionssentinel-1)\r\n \r\n**Keywords:** Malicious IP/User agent, DNS, TOR, mining\n\n**Analytic Rules:** 2, **Hunting Queries:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
|
||||
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Network%20Threat%20Protection%20Essentials/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe **Network Threat Protection Essentials** solution contain queries that identifies suspicious network behavior based on various data sources ingested in Sentinel. The solution contains queries to detect common network-based attacks - things like malicious user agents, mining pools, Base64 encoded IPv4 address in request URL etc. The solution will be constantly updated to add more detection/hunting query as well as other sentinel content.\r\n \r\n**Pre-requisites:**\r\n \r\nThis is a [domain solution](https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions) and does not include any data connectors. The content in this solution supports the connectors listed below. Install one or more of the listed solutions, to unlock the value provided by this solution.\r\n \r\n 1.Microsoft 365\r\n \r\n 2.Amazon Web Services\r\n \r\n 3.Windows Server DNS\r\n \r\n4.Azure Firewall\r\n \r\n5.Windows Forwarded Events\r\n \r\n6.ZScaler Internet Access\r\n \r\n7.Palo Alto Networks\r\n \r\n8.Fortinet FortiGate\r\n \r\n9.Check Point\r\n \r\n**Keywords:** Malicious IP/User agent, DNS, TOR, mining\n\n**Analytic Rules:** 2, **Hunting Queries:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
|
||||
"subscription": {
|
||||
"resourceProviders": [
|
||||
"Microsoft.OperationsManagement/solutions",
|
||||
|
|
@ -138,7 +138,7 @@
|
|||
"name": "huntingquery1-text",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"text": "There are several exploit and pen test frameworks that are being used by pen testers as well as attackers to \ncompromise an environment and achieve their objective. The query tries to detect suspicious user agent strings \nused by these frameworks in some of the data sources that contain UserAgent field. \nThis is based out of sigma rules described in references.\nReferences: https://github.com/SigmaHQ/sigma/blob/master/rules/web/proxy_generic/proxy_ua_frameworks.yml This hunting query depends on Office365 AWS AzureMonitor(IIS) data connector (OfficeActivity AWSCloudTrail W3CIISLog Parser or Table)"
|
||||
"text": "This query detects suspicious user agent strings used by exploit and pen test frameworks. This hunting query depends on Office365 AWS AzureMonitor(IIS) data connector (OfficeActivity AWSCloudTrail W3CIISLog Parser or Table)"
|
||||
}
|
||||
}
|
||||
]
|
||||
|
|
@ -152,7 +152,7 @@
|
|||
"name": "huntingquery2-text",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"text": "This hunting query will detect when a Base64 IPv4 address is seen in a outbound request URL. This query uses pre-computed base64 offsets for IPv4 sequences allowing detection\nof an IPv4 address under base64 without the need to decode. After identifying a candidate this query will decode the base64 into an array of longs where a regex will extract\nthe ip candidate into plaintext. Finally the query will extract the plaintext IPv4 address pattern from the IP candidate. This hunting query depends on Zscaler Fortinet CheckPoint PaloAltoNetworks data connector (CommonSecurityLog CommonSecurityLog CommonSecurityLog CommonSecurityLog Parser or Table)"
|
||||
"text": "This query detects Base64-encoded IPv4 addresses in outbound request URLs. It uses pre-computed base64 offsets for IPv4 sequences, eliminating the need for decoding. After identifying a candidate,the query extracts the plaintext IPv4 address pattern. This hunting query depends on Zscaler Fortinet CheckPoint PaloAltoNetworks data connector (CommonSecurityLog CommonSecurityLog CommonSecurityLog CommonSecurityLog Parser or Table)"
|
||||
}
|
||||
}
|
||||
]
|
||||
|
|
@ -166,7 +166,7 @@
|
|||
"name": "huntingquery3-text",
|
||||
"type": "Microsoft.Common.TextBlock",
|
||||
"options": {
|
||||
"text": "This hunting query will detect risky base64 encoded commands are seen in web requests. Some threat actors transmit base64 commands from the target host\nback to the C2 servers so they know which command has been executed. This query also reguarly illumniates base64 encoded webshells being injected.\nThe limitation of this query is that base64 is case sensitive, so different case versions of each command need generating for full coverage. This query\ncomputes base64 permutations for each command, resulting in 3 possible permutations depending on padding. This hunting query depends on Zscaler Fortinet CheckPoint PaloAltoNetworks data connector (CommonSecurityLog CommonSecurityLog CommonSecurityLog CommonSecurityLog Parser or Table)"
|
||||
"text": "This query detects risky Base64-encoded commands in web requests. It identifies potential C2 server communication and illuminates injected webshells. Note that base64 is case-sensitive, requiring multiple permutations for full coverage. This hunting query depends on Zscaler Fortinet CheckPoint PaloAltoNetworks data connector (CommonSecurityLog CommonSecurityLog CommonSecurityLog CommonSecurityLog Parser or Table)"
|
||||
}
|
||||
}
|
||||
]
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@
|
|||
"email": "support@microsoft.com",
|
||||
"_email": "[variables('email')]",
|
||||
"_solutionName": "Network Threat Protection Essentials",
|
||||
"_solutionVersion": "3.0.0",
|
||||
"_solutionVersion": "3.0.1",
|
||||
"solutionId": "azuresentinel.azure-sentinel-solution-networkthreatdetection",
|
||||
"_solutionId": "[variables('solutionId')]",
|
||||
"huntingQueryObject1": {
|
||||
|
|
@ -77,7 +77,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "UseragentExploitPentest_HuntingQueries Hunting Query with template version 3.0.0",
|
||||
"description": "UseragentExploitPentest_HuntingQueries Hunting Query with template version 3.0.1",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('huntingQueryObject1').huntingQueryVersion1]",
|
||||
|
|
@ -98,7 +98,7 @@
|
|||
"tags": [
|
||||
{
|
||||
"name": "description",
|
||||
"value": "There are several exploit and pen test frameworks that are being used by pen testers as well as attackers to \ncompromise an environment and achieve their objective. The query tries to detect suspicious user agent strings \nused by these frameworks in some of the data sources that contain UserAgent field. \nThis is based out of sigma rules described in references.\nReferences: https://github.com/SigmaHQ/sigma/blob/master/rules/web/proxy_generic/proxy_ua_frameworks.yml"
|
||||
"value": "This query detects suspicious user agent strings used by exploit and pen test frameworks."
|
||||
},
|
||||
{
|
||||
"name": "tactics",
|
||||
|
|
@ -162,7 +162,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "B64IPInURL_HuntingQueries Hunting Query with template version 3.0.0",
|
||||
"description": "B64IPInURL_HuntingQueries Hunting Query with template version 3.0.1",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('huntingQueryObject2').huntingQueryVersion2]",
|
||||
|
|
@ -183,7 +183,7 @@
|
|||
"tags": [
|
||||
{
|
||||
"name": "description",
|
||||
"value": "This hunting query will detect when a Base64 IPv4 address is seen in a outbound request URL. This query uses pre-computed base64 offsets for IPv4 sequences allowing detection\nof an IPv4 address under base64 without the need to decode. After identifying a candidate this query will decode the base64 into an array of longs where a regex will extract\nthe ip candidate into plaintext. Finally the query will extract the plaintext IPv4 address pattern from the IP candidate."
|
||||
"value": "This query detects Base64-encoded IPv4 addresses in outbound request URLs. It uses pre-computed base64 offsets for IPv4 sequences, eliminating the need for decoding. After identifying a candidate,the query extracts the plaintext IPv4 address pattern."
|
||||
},
|
||||
{
|
||||
"name": "tactics",
|
||||
|
|
@ -247,7 +247,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "RiskyCommandB64EncodedInUrl_HuntingQueries Hunting Query with template version 3.0.0",
|
||||
"description": "RiskyCommandB64EncodedInUrl_HuntingQueries Hunting Query with template version 3.0.1",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('huntingQueryObject3').huntingQueryVersion3]",
|
||||
|
|
@ -268,7 +268,7 @@
|
|||
"tags": [
|
||||
{
|
||||
"name": "description",
|
||||
"value": "This hunting query will detect risky base64 encoded commands are seen in web requests. Some threat actors transmit base64 commands from the target host\nback to the C2 servers so they know which command has been executed. This query also reguarly illumniates base64 encoded webshells being injected.\nThe limitation of this query is that base64 is case sensitive, so different case versions of each command need generating for full coverage. This query\ncomputes base64 permutations for each command, resulting in 3 possible permutations depending on padding."
|
||||
"value": "This query detects risky Base64-encoded commands in web requests. It identifies potential C2 server communication and illuminates injected webshells. Note that base64 is case-sensitive, requiring multiple permutations for full coverage."
|
||||
},
|
||||
{
|
||||
"name": "tactics",
|
||||
|
|
@ -332,7 +332,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "NetworkEndpointCorrelation_AnalyticalRules Analytics Rule with template version 3.0.0",
|
||||
"description": "NetworkEndpointCorrelation_AnalyticalRules Analytics Rule with template version 3.0.1",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]",
|
||||
|
|
@ -360,28 +360,28 @@
|
|||
"status": "Available",
|
||||
"requiredDataConnectors": [
|
||||
{
|
||||
"connectorId": "TrendMicro",
|
||||
"dataTypes": [
|
||||
"CommonSecurityLog"
|
||||
],
|
||||
"connectorId": "TrendMicro"
|
||||
]
|
||||
},
|
||||
{
|
||||
"connectorId": "SecurityEvents",
|
||||
"dataTypes": [
|
||||
"SecurityEvent"
|
||||
],
|
||||
"connectorId": "SecurityEvents"
|
||||
]
|
||||
},
|
||||
{
|
||||
"connectorId": "WindowsSecurityEvents",
|
||||
"dataTypes": [
|
||||
"SecurityEvents"
|
||||
],
|
||||
"connectorId": "WindowsSecurityEvents"
|
||||
]
|
||||
},
|
||||
{
|
||||
"connectorId": "WindowsForwardedEvents",
|
||||
"dataTypes": [
|
||||
"WindowsEvent"
|
||||
],
|
||||
"connectorId": "WindowsForwardedEvents"
|
||||
]
|
||||
}
|
||||
],
|
||||
"tactics": [
|
||||
|
|
@ -485,7 +485,7 @@
|
|||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "NewUserAgentLast24h_AnalyticalRules Analytics Rule with template version 3.0.0",
|
||||
"description": "NewUserAgentLast24h_AnalyticalRules Analytics Rule with template version 3.0.1",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]",
|
||||
|
|
@ -513,22 +513,22 @@
|
|||
"status": "Available",
|
||||
"requiredDataConnectors": [
|
||||
{
|
||||
"connectorId": "AWS",
|
||||
"dataTypes": [
|
||||
"AWSCloudTrail"
|
||||
],
|
||||
"connectorId": "AWS"
|
||||
]
|
||||
},
|
||||
{
|
||||
"connectorId": "Office365",
|
||||
"dataTypes": [
|
||||
"OfficeActivity"
|
||||
],
|
||||
"connectorId": "Office365"
|
||||
]
|
||||
},
|
||||
{
|
||||
"connectorId": "AzureMonitor(IIS)",
|
||||
"dataTypes": [
|
||||
"W3CIISLog"
|
||||
],
|
||||
"connectorId": "AzureMonitor(IIS)"
|
||||
]
|
||||
}
|
||||
],
|
||||
"tactics": [
|
||||
|
|
@ -614,12 +614,12 @@
|
|||
"apiVersion": "2023-04-01-preview",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"properties": {
|
||||
"version": "3.0.0",
|
||||
"version": "3.0.1",
|
||||
"kind": "Solution",
|
||||
"contentSchemaVersion": "3.0.0",
|
||||
"displayName": "Network Threat Protection Essentials",
|
||||
"publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation",
|
||||
"descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p>The <strong>Network Threat Protection Essentials</strong> solution contain queries that identifies suspicious network behavior based on various data sources ingested in Sentinel. The solution contains queries to detect common network-based attacks - things like malicious user agents, mining pools, Base64 encoded IPv4 address in request URL etc. The solution will be constantly updated to add more detection/hunting query as well as other sentinel content.</p>\n<p><strong>Pre-requisites:</strong></p>\n<p>This is a <a href=\"https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions\">domain solution</a> and does not include any data connectors. The content in this solution supports the connectors listed below. Install one or more of the listed solutions, to unlock the value provided by this solution.</p>\n<p>1.<a href=\"https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-office365azure-sentinel-solution-office365\">Microsoft 365</a></p>\n<p>2.<a href=\"https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-amazonwebservicesazure-sentinel-solution-amazonwebservices\">Amazon Web Services</a></p>\n<p>3.<a href=\"https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-dnsazure-sentinel-solution-dns\">Windows Server DNS</a></p>\n<p>4.<a href=\"https://ms.portal.azure.com/#create/sentinel4azurefirewall.sentinel4azurefirewallsentinel4azurefirewall\">Azure Firewall</a></p>\n<p>5.<a href=\"https://ms.portal.azure.com/#create/azuresentinel.azure-sentinel-solution-windowsforwardedeventsazure-sentinel-solution-windowsforwardedevents\">Windows Forwarded Events</a></p>\n<p>6.<a href=\"https://ms.portal.azure.com/#create/zscaler1579058425289.zscaler_internet_access_msszia_msentinel_v1\">ZScaler Internet Access</a></p>\n<p>7.<a href=\"https://ms.portal.azure.com/#create/azuresentinel.azure-sentinel-solution-paloaltopanosazure-sentinel-solution-paloaltopanos\">Palo Alto Networks</a></p>\n<p>8.<a href=\"https://ms.portal.azure.com/#create/azuresentinel.azure-sentinel-solution-fortinetfortigateazure-sentinel-solution-fortinetfortigate\">Fortinet FortiGate</a></p>\n<p>9.<a href=\"https://ms.portal.azure.com/#create/checkpoint.checkpoint-sentinel-solutionssentinel-1\">Check Point</a></p>\n<p><strong>Keywords:</strong> Malicious IP/User agent, DNS, TOR, mining</p>\n<p><strong>Analytic Rules:</strong> 2, <strong>Hunting Queries:</strong> 3</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
|
||||
"descriptionHtml": "<p><strong>Note:</strong><p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p>The <strong>Network Threat Protection Essentials</strong> solution contain queries that identifies suspicious network behavior based on various data sources ingested in Sentinel. The solution contains queries to detect common network-based attacks - things like malicious user agents, mining pools, Base64 encoded IPv4 address in request URL etc. The solution will be constantly updated to add more detection/hunting query as well as other sentinel content.</p>\n<p><strong>Pre-requisites:</strong></p>\n<p>This is a <a href=\"https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions\">domain solution</a> and does not include any data connectors. The content in this solution supports the connectors listed below. Install one or more of the listed solutions, to unlock the value provided by this solution.</p>\n<p>1.Microsoft 365</p>\n<p>2.Amazon Web Services</p>\n<p>3.Windows Server DNS</p>\n<p>4.Azure Firewall</p>\n<p>5.Windows Forwarded Events</p>\n<p>6.ZScaler Internet Access</p>\n<p>7.Palo Alto Networks</p>\n<p>8.Fortinet FortiGate</p>\n<p>9.Check Point</p>\n<p><strong>Keywords:</strong> Malicious IP/User agent, DNS, TOR, mining</p>\n<p><strong>Analytic Rules:</strong> 2, <strong>Hunting Queries:</strong> 3</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
|
||||
"contentKind": "Solution",
|
||||
"contentProductId": "[variables('_solutioncontentProductId')]",
|
||||
"id": "[variables('_solutioncontentProductId')]",
|
||||
|
|
@ -642,7 +642,6 @@
|
|||
"link": "https://support.microsoft.com"
|
||||
},
|
||||
"dependencies": {
|
||||
"operator": "AND",
|
||||
"criteria": [
|
||||
{
|
||||
"kind": "HuntingQuery",
|
||||
|
|
@ -668,6 +667,42 @@
|
|||
"kind": "AnalyticsRule",
|
||||
"contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]",
|
||||
"version": "[variables('analyticRuleObject2').analyticRuleVersion2]"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "azuresentinel.azure-sentinel-solution-office365"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "azuresentinel.azure-sentinel-solution-amazonwebservices"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "azuresentinel.azure-sentinel-solution-dns"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "sentinel4azurefirewall.sentinel4azurefirewall"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "azuresentinel.azure-sentinel-solution-windowsforwardedevents"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "zscaler1579058425289.zscaler_internet_access_mss"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "azuresentinel.azure-sentinel-solution-paloaltopanos"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "azuresentinel.azure-sentinel-solution-fortinetfortigate"
|
||||
},
|
||||
{
|
||||
"kind": "Solution",
|
||||
"contentId": "checkpoint.checkpoint-sentinel-solutions"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|
||||
|-------------|--------------------------------|--------------------------------------------------------------------------------|
|
||||
| 3.0.0 | 19-12-2023 | Corrected typo mistake *Microsoft Windows DNS* to *Windows Server DNS* |
|
||||
| 3.0.1 | 23-02-2024 | Tagged for dependent solutions for deployment |
|
||||
| 3.0.0 | 19-12-2023 | Corrected typo mistake *Microsoft Windows DNS* to *Windows Server DNS* |
|
||||
Загрузка…
Ссылка в новой задаче