Fix more issues in validations

Playbooks/.template/incident-trigger/azuredeploy.json

@@ -9,8 +9,8 @@
         "2. step"],
         "prerequisites": ["1.preq", "2. preq"],
         "lastUpdateTime": "2021-11-25T00:00:00.000Z", 
-        "entities": [""], 
-        "tags": [""], 
+        "entities": [], 
+        "tags": [], 
         "support": {
             "tier": "community" 
         },

Playbooks/Get-MDEStatistics/incident-trigger/azuredeploy.json

@@ -6,7 +6,7 @@
         "description": "This playbook will get IP, File and Domain statistics from Microsoft Defender for Endpoint and them to a comment on the Incident in Azure Sentinel.",
         "prerequisites": "You will need to grant Ip.Read.All, Url.Read.All, and File.Read.All permissions to the managed identity.",
         "lastUpdateTime": "2021-07-14T00:00:00.000Z",
-        "entities": [ "Ip", "Dns", "File" ],
+        "entities": [ "Ip", "dnsresolution", "File" ],
         "tags": [ "Enrich" ],
         "support": {
             "tier": "Community"

Playbooks/IdentityProtection-TeamsBotResponse/azuredeploy.json

@@ -10,7 +10,7 @@
         "lastUpdateTime": "2021-07-14T00:00:00.000Z", 
         "entities": ["Account"], 
         "tags": ["Identity protection", "Response from teams"], 
-        "source": {
+        "support": {
             "tier": "community" 
         },
         "author": {

Playbooks/Resolve-McasInfrequentCountryAlerts/azuredeploy.json

@@ -2,7 +2,7 @@
     "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
     "contentVersion": "1.0.0.1",
     "parameters": {
-        "logicAppName": {
+        "PlaybookName": {
             "defaultValue": "InfrequentCountryTriage",
             "type": "String",
             "metadata": {
@@ -46,7 +46,7 @@
         {
             "type": "Microsoft.Logic/workflows",
             "apiVersion": "2016-06-01",
-            "name": "[parameters('logicAppName')]",
+            "name": "[parameters('PlaybookName')]",
             "location": "[parameters('location')]",
             "dependsOn": [
                 "[parameters('azuresentinel_Connection_Name')]"
@@ -723,7 +723,7 @@
         
         "logicAppUrl": {
             "type": "string",
-            "value": "[listCallbackURL(concat(resourceId('Microsoft.Logic/workflows/', parameters('logicAppName')), '/triggers/When_a_response_to_an_Azure_Sentinel_alert_is_triggered'), '2016-06-01').value]"
+            "value": "[listCallbackURL(concat(resourceId('Microsoft.Logic/workflows/', parameters('PlaybookName')), '/triggers/When_a_response_to_an_Azure_Sentinel_alert_is_triggered'), '2016-06-01').value]"
         }
     }
 }

Playbooks/Restrict-MDEDomain/alert-trigger/azuredeploy.json

@@ -6,7 +6,7 @@
         "description": "This play book will take DNS entities and generate alert and block threat indicators for each domain in Microsoft Defender for Endpoint for 90 days.",
         "prerequisites": "You will need to grant Ti.ReadWrite permissions to the managed identity.",
         "lastUpdateTime": "2021-07-14T00:00:00.000Z",
-        "entities": [ "Dns" ],
+        "entities": [ "dnsresolution" ],
         "tags": [ "Remediation" ],
         "support": {
             "tier": "Community"