updated Ermes solution package with 3.0.2
This commit is contained in:
v-amolpatil
Родитель
edaae57966
Коммит
e1646c50ac
|
|
@ -1,7 +1,7 @@
|
|||
[{
|
||||
"type": "Microsoft.SecurityInsights/dataConnectors",
|
||||
"apiVersion": "2022-10-01-preview",
|
||||
"name": "apiRequest",
|
||||
"name": "ErmesBrowserSecurityEvents",
|
||||
"kind": "RestApiPoller",
|
||||
"properties": {
|
||||
"connectorDefinitionName": "ErmesBrowserSecurityEvents",
|
||||
|
|
@ -50,7 +50,7 @@
|
|||
]
|
||||
},
|
||||
"paging": {
|
||||
"type": "LinkHeader"
|
||||
"pagingType": "LinkHeader"
|
||||
}
|
||||
}
|
||||
}]
|
||||
|
|
@ -7,9 +7,8 @@
|
|||
"Data Connectors/ErmesBrowserSecurityEvents_ccp/data_connector_definition.json"
|
||||
],
|
||||
"BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Ermes Browser Security",
|
||||
"Version": "3.0.1",
|
||||
"Version": "3.0.2",
|
||||
"Metadata": "SolutionMetadata.json",
|
||||
"TemplateSpec": true,
|
||||
"Is1PConnector": false,
|
||||
"createPackage": false
|
||||
"Is1PConnector": false
|
||||
}
|
||||
Двоичный файл не отображается.
|
|
@ -28,32 +28,31 @@
|
|||
"description": "Workspace name for Log Analytics where Microsoft Sentinel is setup"
|
||||
}
|
||||
},
|
||||
"subscription": {
|
||||
"defaultValue": "[last(split(subscription().id, '/'))]",
|
||||
"type": "string",
|
||||
"metadata": {
|
||||
"description": "subscription id where Microsoft Sentinel is setup"
|
||||
}
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"defaultValue": "[resourceGroup().name]",
|
||||
"type": "string",
|
||||
"defaultValue": "[resourceGroup().name]",
|
||||
"metadata": {
|
||||
"description": "resource group name where Microsoft Sentinel is setup"
|
||||
}
|
||||
},
|
||||
"subscription": {
|
||||
"type": "string",
|
||||
"defaultValue": "[last(split(subscription().id, '/'))]",
|
||||
"metadata": {
|
||||
"description": "subscription id where Microsoft Sentinel is setup"
|
||||
}
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"_solutionName": "Ermes Browser Security",
|
||||
"_solutionVersion": "3.0.1",
|
||||
"_solutionVersion": "3.0.2",
|
||||
"solutionId": "ermes.azure-sentinel-solution-ermes-browser-security",
|
||||
"_solutionId": "[variables('solutionId')]",
|
||||
"workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
|
||||
"dataConnectorVersionConnectorDefinition1": "1.0.0",
|
||||
"dataConnectorVersionConnections1": "1.0.0",
|
||||
"dataConnectorCCPVersion": "1.0.0",
|
||||
"_dataConnectorContentIdConnectorDefinition1": "ErmesBrowserSecurityEvents",
|
||||
"dataConnectorTemplateNameConnectorDefinition1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentIdConnectorDefinition1')))]",
|
||||
"_dataConnectorContentIdConnections1": "ErmesBrowserSecurityEvents",
|
||||
"_dataConnectorContentIdConnections1": "ErmesBrowserSecurityEventsConnections",
|
||||
"dataConnectorTemplateNameConnections1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentIdConnections1')))]",
|
||||
"dataCollectionEndpointId1": "[concat('/subscriptions/',parameters('subscription'),'/resourceGroups/',parameters('resourceGroupName'),'/providers/Microsoft.Insights/dataCollectionEndpoints/',parameters('workspace'))]",
|
||||
"blanks": "[replace('b', 'b', '')]",
|
||||
|
|
@ -63,7 +62,7 @@
|
|||
{
|
||||
"type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
|
||||
"apiVersion": "2023-04-01-preview",
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/', variables('dataConnectorTemplateNameConnectorDefinition1'), 2117167546)]",
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/', variables('dataConnectorTemplateNameConnectorDefinition1'), variables('dataConnectorCCPVersion'))]",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"dependsOn": [
|
||||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
|
|
@ -74,44 +73,10 @@
|
|||
"contentKind": "DataConnector",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('dataConnectorVersionConnectorDefinition1')]",
|
||||
"contentVersion": "[variables('dataConnectorCCPVersion')]",
|
||||
"parameters": {},
|
||||
"variables": {},
|
||||
"resources": [
|
||||
{
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', variables('_dataConnectorContentIdConnectorDefinition1')))]",
|
||||
"apiVersion": "2022-01-01-preview",
|
||||
"type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
|
||||
"properties": {
|
||||
"parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectorDefinitions', variables('_dataConnectorContentIdConnectorDefinition1'))]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnectorDefinition1')]",
|
||||
"kind": "DataConnector",
|
||||
"version": "[variables('dataConnectorVersionConnectorDefinition1')]",
|
||||
"source": {
|
||||
"sourceId": "[variables('_solutionId')]",
|
||||
"name": "[variables('_solutionName')]",
|
||||
"kind": "Solution"
|
||||
},
|
||||
"author": {
|
||||
"name": "dev@ermes.company"
|
||||
},
|
||||
"support": {
|
||||
"name": "Ermes Cyber Security S.p.A.",
|
||||
"email": "support@ermes.company",
|
||||
"tier": "Partner",
|
||||
"link": "https://www.ermes.company"
|
||||
},
|
||||
"dependencies": {
|
||||
"criteria": [
|
||||
{
|
||||
"version": "[variables('dataConnectorVersionConnections1')]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnections1')]",
|
||||
"kind": "ResourcesDataConnector"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentIdConnectorDefinition1'))]",
|
||||
"apiVersion": "2022-09-01-preview",
|
||||
|
|
@ -202,14 +167,48 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', variables('_dataConnectorContentIdConnectorDefinition1')))]",
|
||||
"apiVersion": "2022-01-01-preview",
|
||||
"type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
|
||||
"properties": {
|
||||
"parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectorDefinitions', variables('_dataConnectorContentIdConnectorDefinition1'))]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnectorDefinition1')]",
|
||||
"kind": "DataConnector",
|
||||
"version": "[variables('dataConnectorCCPVersion')]",
|
||||
"source": {
|
||||
"sourceId": "[variables('_solutionId')]",
|
||||
"name": "[variables('_solutionName')]",
|
||||
"kind": "Solution"
|
||||
},
|
||||
"author": {
|
||||
"name": "dev@ermes.company"
|
||||
},
|
||||
"support": {
|
||||
"name": "Ermes Cyber Security S.p.A.",
|
||||
"email": "support@ermes.company",
|
||||
"tier": "Partner",
|
||||
"link": "https://www.ermes.company"
|
||||
},
|
||||
"dependencies": {
|
||||
"criteria": [
|
||||
{
|
||||
"version": "[variables('dataConnectorCCPVersion')]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnections1')]",
|
||||
"kind": "ResourcesDataConnector"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "ErmesOauthDCR1",
|
||||
"apiVersion": "2021-09-01-preview",
|
||||
"apiVersion": "2022-06-01",
|
||||
"type": "Microsoft.Insights/dataCollectionRules",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"kind": "[variables('blanks')]",
|
||||
"properties": {
|
||||
"dataCollectionEndpointId": "[[variables('dataCollectionEndpointId1')]",
|
||||
"dataCollectionEndpointId": "[variables('dataCollectionEndpointId1')]",
|
||||
"streamDeclarations": {
|
||||
"Custom-Ermes_ClientCredentials": {
|
||||
"columns": [
|
||||
|
|
@ -275,7 +274,7 @@
|
|||
},
|
||||
{
|
||||
"name": "ErmesBrowserSecurityEvents_CL",
|
||||
"apiVersion": "2021-03-01-privatepreview",
|
||||
"apiVersion": "2022-10-01",
|
||||
"type": "Microsoft.OperationalInsights/workspaces/tables",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"kind": null,
|
||||
|
|
@ -328,7 +327,7 @@
|
|||
"packageKind": "Solution",
|
||||
"packageVersion": "[variables('_solutionVersion')]",
|
||||
"packageName": "[variables('_solutionName')]",
|
||||
"contentProductId": "[concat(take(variables('_solutionId'), 50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentIdConnectorDefinition1'),'-', variables('dataConnectorVersionConnectorDefinition1'))))]",
|
||||
"contentProductId": "[concat(take(variables('_solutionId'), 50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentIdConnectorDefinition1'),'-', variables('dataConnectorCCPVersion'))))]",
|
||||
"packageId": "[variables('_solutionId')]",
|
||||
"contentSchemaVersion": "3.0.0",
|
||||
"version": "[variables('_solutionVersion')]"
|
||||
|
|
@ -432,7 +431,7 @@
|
|||
"parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectorDefinitions', variables('_dataConnectorContentIdConnectorDefinition1'))]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnectorDefinition1')]",
|
||||
"kind": "DataConnector",
|
||||
"version": "[variables('dataConnectorVersionConnectorDefinition1')]",
|
||||
"version": "[variables('dataConnectorCCPVersion')]",
|
||||
"source": {
|
||||
"sourceId": "[variables('_solutionId')]",
|
||||
"name": "[variables('_solutionName')]",
|
||||
|
|
@ -450,7 +449,7 @@
|
|||
"dependencies": {
|
||||
"criteria": [
|
||||
{
|
||||
"version": "[variables('dataConnectorVersionConnections1')]",
|
||||
"version": "[variables('dataConnectorCCPVersion')]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnections1')]",
|
||||
"kind": "ResourcesDataConnector"
|
||||
}
|
||||
|
|
@ -461,7 +460,7 @@
|
|||
{
|
||||
"type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
|
||||
"apiVersion": "2023-04-01-preview",
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/', variables('dataConnectorTemplateNameConnections1'), 1277598588)]",
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/', variables('dataConnectorTemplateNameConnections1'), variables('dataConnectorCCPVersion'))]",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"dependsOn": [
|
||||
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
|
||||
|
|
@ -472,8 +471,18 @@
|
|||
"contentKind": "ResourcesDataConnector",
|
||||
"mainTemplate": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "[variables('dataConnectorVersionConnections1')]",
|
||||
"contentVersion": "[variables('dataConnectorCCPVersion')]",
|
||||
"parameters": {
|
||||
"ClientId": {
|
||||
"defaultValue": "-NA-",
|
||||
"type": "securestring",
|
||||
"minLength": 1
|
||||
},
|
||||
"ClientSecret": {
|
||||
"defaultValue": "-NA-",
|
||||
"type": "securestring",
|
||||
"minLength": 1
|
||||
},
|
||||
"connectorDefinitionName": {
|
||||
"defaultValue": "Ermes Browser Security Events",
|
||||
"type": "string",
|
||||
|
|
@ -490,16 +499,6 @@
|
|||
},
|
||||
"type": "object"
|
||||
},
|
||||
"ClientId": {
|
||||
"defaultValue": "-NA-",
|
||||
"type": "securestring",
|
||||
"minLength": 1
|
||||
},
|
||||
"ClientSecret": {
|
||||
"defaultValue": "-NA-",
|
||||
"type": "securestring",
|
||||
"minLength": 1
|
||||
},
|
||||
"AuthorizationCode": {
|
||||
"defaultValue": "-NA-",
|
||||
"type": "securestring",
|
||||
|
|
@ -518,7 +517,7 @@
|
|||
"parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentIdConnections1'))]",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnections1')]",
|
||||
"kind": "ResourcesDataConnector",
|
||||
"version": "[variables('dataConnectorVersionConnections1')]",
|
||||
"version": "[variables('dataConnectorCCPVersion')]",
|
||||
"source": {
|
||||
"sourceId": "[variables('_solutionId')]",
|
||||
"name": "[variables('_solutionName')]",
|
||||
|
|
@ -537,7 +536,7 @@
|
|||
},
|
||||
{
|
||||
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/', 'ErmesBrowserSecurityEvents')]",
|
||||
"apiVersion": "2022-12-01-preview",
|
||||
"apiVersion": "2023-02-01-preview",
|
||||
"type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"kind": "RestApiPoller",
|
||||
|
|
@ -588,7 +587,7 @@
|
|||
]
|
||||
},
|
||||
"paging": {
|
||||
"type": "LinkHeader"
|
||||
"pagingType": "LinkHeader"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -597,7 +596,7 @@
|
|||
"packageKind": "Solution",
|
||||
"packageVersion": "[variables('_solutionVersion')]",
|
||||
"packageName": "[variables('_solutionName')]",
|
||||
"contentProductId": "[concat(take(variables('_solutionId'), 50),'-','rdc','-', uniqueString(concat(variables('_solutionId'),'-','ResourcesDataConnector','-',variables('_dataConnectorContentIdConnections1'),'-', variables('dataConnectorVersionConnections1'))))]",
|
||||
"contentProductId": "[concat(take(variables('_solutionId'), 50),'-','rdc','-', uniqueString(concat(variables('_solutionId'),'-','ResourcesDataConnector','-',variables('_dataConnectorContentIdConnections1'),'-', variables('dataConnectorCCPVersion'))))]",
|
||||
"packageId": "[variables('_solutionId')]",
|
||||
"contentSchemaVersion": "3.0.0",
|
||||
"version": "[variables('_solutionVersion')]"
|
||||
|
|
@ -608,7 +607,7 @@
|
|||
"apiVersion": "2023-04-01-preview",
|
||||
"location": "[parameters('workspace-location')]",
|
||||
"properties": {
|
||||
"version": "3.0.1",
|
||||
"version": "3.0.2",
|
||||
"kind": "Solution",
|
||||
"contentSchemaVersion": "3.0.0",
|
||||
"displayName": "Ermes Browser Security",
|
||||
|
|
@ -640,7 +639,7 @@
|
|||
{
|
||||
"kind": "DataConnector",
|
||||
"contentId": "[variables('_dataConnectorContentIdConnections1')]",
|
||||
"version": "[variables('dataConnectorVersionConnections1')]"
|
||||
"version": "[variables('dataConnectorCCPVersion')]"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
|
|||
|
|
@ -0,0 +1,38 @@
|
|||
{
|
||||
"location": {
|
||||
"type": "string",
|
||||
"minLength": 1,
|
||||
"defaultValue": "[resourceGroup().location]",
|
||||
"metadata": {
|
||||
"description": "Not used, but needed to pass arm-ttk test `Location-Should-Not-Be-Hardcoded`. We instead use the `workspace-location` which is derived from the LA workspace"
|
||||
}
|
||||
},
|
||||
"workspace-location": {
|
||||
"type": "string",
|
||||
"defaultValue": "",
|
||||
"metadata": {
|
||||
"description": "[concat('Region to deploy solution resources -- separate from location selection',parameters('location'))]"
|
||||
}
|
||||
},
|
||||
"workspace": {
|
||||
"defaultValue": "",
|
||||
"type": "string",
|
||||
"metadata": {
|
||||
"description": "Workspace name for Log Analytics where Microsoft Sentinel is setup"
|
||||
}
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"type": "string",
|
||||
"defaultValue": "[resourceGroup().name]",
|
||||
"metadata": {
|
||||
"description": "resource group name where Microsoft Sentinel is setup"
|
||||
}
|
||||
},
|
||||
"subscription": {
|
||||
"type": "string",
|
||||
"defaultValue": "[last(split(subscription().id, '/'))]",
|
||||
"metadata": {
|
||||
"description": "subscription id where Microsoft Sentinel is setup"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,4 +1,5 @@
|
|||
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|
||||
|-------------|--------------------------------|---------------------------------------------|
|
||||
| 3.0.2 | 23-01-2024 | Changes in CCP Connector |
|
||||
| 3.0.1 | 28-11-2023 | Changes in CCP Connector |
|
||||
| 3.0.0 | 29-09-2023 | Initial Version Release |
|
||||
Загрузка…
Ссылка в новой задаче