Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Update SysmonFullDeployment.json

This commit is contained in:
Ofer Shezaf 2022-03-03 09:52:11 +02:00 коммит произвёл GitHub
Родитель 4c6f90340f
Коммит ab0622cae6
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 7 добавлений и 87 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

94
Parsers/ASim Sysmon for Windows/SysmonFullDeployment.json
Просмотреть файл

@ -51,26 +51,6 @@
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"name": "linkedFileEventEmpty",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventEmpty/FileEventEmpty.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"value": "[parameters('workspaceName')]"
},
"location": {
"value": "[parameters('location')]"
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
@ -78,14 +58,14 @@
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimProcessEvent/ARM/ProcessEventMicrosoftSysmonCreate/ProcessEventMicrosoftSysmonCreate.json",
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimProcessEvent/ARM/vimProcessCreateMicrosoftSysmon/vimProcessCreateMicrosoftSysmon.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"Workspace": {
"value": "[parameters('workspaceName')]"
},
"location": {
"Workspace Region": {
"value": "[parameters('location')]"
}
}
@ -98,39 +78,19 @@
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimProcessEvent/ARM/ProcessEventMicrosoftSysmonTerminate/ProcessEventMicrosoftSysmonTerminate.json",
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimProcessEvent/ARM/vimProcessTerminateMicrosoftSysmon/vimProcessTerminateMicrosoftSysmon.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"Workspace": {
"value": "[parameters('workspaceName')]"
},
"location": {
"Workspace Region": {
"value": "[parameters('location')]"
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"name": "linkedEmptyimProcess",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimProcessEvent/ARM/ProcessEventEmpty/ProcessEventEmpty.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"value": "[parameters('workspaceName')]"
},
"location": {
"value": "[parameters('location')]"
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
@ -151,26 +111,6 @@
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"name": "linkedEmptyimRegistry",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimRegistry/ARM/RegistryEventEmpty/RegistryEventEmpty.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"value": "[parameters('workspaceName')]"
},
"location": {
"value": "[parameters('location')]"
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
@ -210,27 +150,7 @@
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"name": "linkedDnsEmpty",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimDns/ARM/DnsEmpty/DnsEmpty.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"value": "[parameters('workspaceName')]"
},
"location": {
"value": "[parameters('location')]"
}
}
}
}
}
],
"outputs": {
}