Deleted GitHubFunction parser

Parsers/GitHubFunction/GitHubAuditLog.txt

@@ -1,40 +0,0 @@
-// GitHub Enterprise Audit Entry Data Parser
-// Last Updated Date: Jun 7, 2020
-//
-//This parser parses GitHub Enterprise Audit Entry extract the infromation from their various components. It is assumed that the playbook to ingest audit entry data into Sentinel is enabled
-//
-// Parser Notes:
-// 1. This parser assumes logs are collected into a custom log table entitled GitHub_CL
-//
-// Usage Instruction : 
-// Paste below query in log analytics, click on Save button and select as Function from drop down by specifying function name and alias. 
-// To work with pre-built GitHub queries this Function should be given the alias of GitHubAudit.
-// Functions usually takes 10-15 minutes to activate. You can then use function alias from any other queries (e.g. GitHubAudit | take 10).
-//
-// References : 
-// Using functions in Azure monitor log queries : https://docs.microsoft.com/azure/azure-monitor/log-query/functions
-// Tech Community Blog on KQL Functions : https://techcommunity.microsoft.com/t5/Azure-Sentinel/Using-KQL-functions-to-speed-up-analysis-in-Azure-Sentinel/ba-p/712381
-// Tech Community Blog on GitHub data: <>
-//
-//
-
-GitHub_CL  
-| extend AuditEntries = todynamic(parse_json(value_s)) 
-| mv-expand AuditEntries 
-| evaluate bag_unpack(AuditEntries) 
-| project Organization=tostring(parse_json(node).organizationName),
-    Action=tostring(parse_json(node).action),
-    OperationType=tostring(parse_json(node).operationType),
-    Repository=tostring(parse_json(node).repositoryName),
-    Actor=tostring(parse_json(node).actorLogin),    
-    IPaddress=tostring(parse_json(node).actorIp),
-    City=tostring(parse_json(node).actorLocation.city),
-    Country=tostring(parse_json(node).actorLocation.country),
-    ImpactedUser=tostring(parse_json(node).userLogin),
-    ImpactedUserEmail=tostring(parse_json(node).user.email),
-    InvitedUserPermission=tostring(parse_json(node).permission),
-    Visibility=tostring(parse_json(node).visibility),
-    TeamName=tostring(parse_json(node).teamName), TimeGenerated
-
-
-

Parsers/GitHubFunction/GitHubRepoLog.txt

@@ -1,45 +0,0 @@
-// GitHub Enterprise Repository Data Parser
-// Last Updated Date: Jun 7, 2020
-//
-//This parser parses GitHub Enterprise Repository Data extract the infromation from their various components. It is assumed that the playbook to ingest repository data into Sentinel is enabled
-//
-// Parser Notes:
-// 1. This parser assumes logs are collected into a custom log table entitled GitHubRepoLogs_CL
-//
-// Usage Instruction : 
-// Paste below query in log analytics, click on Save button and select as Function from drop down by specifying function name and alias. 
-// To work with pre-built GitHub queries this Function should be given the alias of GitHubRepo
-// Functions usually takes 10-15 minutes to activate. You can then use function alias from any other queries (e.g. GitHubRepo | take 10).
-//
-// References : 
-// Using functions in Azure monitor log queries : https://docs.microsoft.com/azure/azure-monitor/log-query/functions
-// Tech Community Blog on KQL Functions : https://techcommunity.microsoft.com/t5/Azure-Sentinel/Using-KQL-functions-to-speed-up-analysis-in-Azure-Sentinel/ba-p/712381
-// Tech Community Blog on GitHub data: <>
-//
-//
-
-GitHubRepoLogs_CL
-| project TimeGenerated = created_at_t,
-    Organization=columnifexists('Organization_s', ""),
-    Repository=columnifexists('Repository_s',""),
-    Action=columnifexists('LogType_s',""),
-    Actor=coalesce(login_s, owner_login_s),
-    ActorType=coalesce(owner_type_s, type_s),
-    IsPrivate=columnifexists('private_b',""),
-    ForksUrl=columnifexists('forks_url_s',""),
-    PushedAt=columnifexists('pushed_at_t',""),
-    IsDisabled=columnifexists('disabled_b',""),
-    AdminPermissions=columnifexists('permissions_admin_b',""),
-    PushPermissions=columnifexists('permissions_push_b',""),
-    PullPermissions=columnifexists('permissions_pull_b',""),
-    ForkCount=columnifexists('forks_count_d',""),
-    Count=columnifexists('count_d,',""),
-    UniqueUsersCount=columnifexists('uniques_d',""),
-    DismmisedAt=columnifexists('dismissedAt_t',""),
-    Reason=columnifexists('dismissReason_s',""),
-    vulnerableManifestFilename = columnifexists('vulnerableManifestFilename_s',""),
-    Description=columnifexists('securityAdvisory_description_s',""),
-    Link=columnifexists('securityAdvisory_permalink_s',""),
-    PublishedAt=columnifexists('securityAdvisory_publishedAt_t ',""),
-    Severity=columnifexists('securityAdvisory_severity_s',""),
-    Summary=columnifexists('securityAdvisory_summary_s',"")