0f58f1c9ef
name changes
2020-11-24 23:15:59 +01:00
99cc7ed628
Adding rule templates for all kinds
2020-11-24 23:09:38 +01:00
eff9979719
Adding Analytics Rules
2020-11-24 22:32:18 +01:00
dbf90ec480
typo
2020-11-24 16:37:30 +01:00
80c9e3f2b2
modified guid
2020-11-24 15:39:00 +01:00
cbf84620f9
fixed typo
2020-11-24 15:36:04 +01:00
3998baf088
changed mcas ID
2020-11-24 15:34:08 +01:00
8029efc4f3
removed parameter
2020-11-24 15:24:14 +01:00
0ec93d9c11
included REAMDE
2020-11-24 13:17:00 +01:00
aaea902fa6
Adding sample ARM templates for Data Connectors onboarding (AATP, ASC, MCAS, MDATP, O365)
2020-11-19 15:32:08 +01:00
f784fc30d1
Merge pull request #1334 from necoh/patch-1
...
Fix requiredDataType in KnownPHOSPHORUSDomainsIP-October2020.yaml template
2020-11-19 11:40:36 +02:00
1beae7fec4
Update KnownPHOSPHORUSDomainsIP-October2020.yaml
...
The current requieredDataType(SecurityAlert (Office 365 Security & Compliance)) is incorrect.
According to OfficeATP it should be SecurityAlert (OATP).
2020-11-19 10:49:15 +02:00
49ffbf2173
Merge pull request #1316 from NoamLandress/bugfix/FixMultipleMockDataSent
...
Bugfix/fix multiple mock data sent
2020-11-19 10:44:53 +02:00
17d71834a5
Merge pull request #1300 from liatlishams/patch-15
...
Update IncidentOverview.json
2020-11-18 09:32:53 +02:00
90e1af93f3
Merge pull request #1326 from liatlishams/patch-17
...
Update WorkbooksMetadata.json
2020-11-18 09:31:39 +02:00
a89b7bbc65
Update WorkbooksMetadata.json
2020-11-18 09:10:52 +02:00
61e4b32bb9
ACN_CD_VMwareESXi_DataConnector01 ( #1309 )
...
* VMware ESXi connector
* revisions
2020-11-17 15:22:51 -08:00
5b425eef98
Update the function name from VMWareESXi to VMwareESXi ( #1323 )
...
Update the function name from VMWareESXi to VMwareESXi as provided in the data connector file.
2020-11-17 15:06:36 -08:00
1edc82d88a
Squid Proxy Parser ( #1232 )
...
Co-authored-by: Shain <45466083+shainw@users.noreply.github.com>
2020-11-17 15:00:02 -08:00
17d0feb193
Merge pull request #1310 from chicduong/acn_cd_vmwareesxiparser01
...
ACN_CD_VMwareESXi_Parser01
2020-11-17 14:35:36 -08:00
9f0fa91b90
Feature/lahisham/migrate scheduled templates to new entity mapping ( #1319 )
...
* migrate scheduled templates to new entity mapping model
* add validation for missing new entity mappings
2020-11-17 17:27:25 +02:00
e4d2a7a670
Salesforce Service Cloud Connector ( #1292 )
...
* saleforce sc connector - initial commit
* salesforce sc - added python file
* salesforce sc - updated zip file
* salesforce sc - updated connector template
* salesforce sc - added logo
* Salesforce SC: delete Preview
* Salesforce SC: change chunksize
* Salesforce SC: add proxies.json
* Salesforce SC: add handling of nextRecordsUrl
* Salesforce SC: update zip file
Co-authored-by: Alex Verbniak <ov@socprime.com>
2020-11-16 19:31:20 -08:00
eed6ea29bf
cisco umbrella data connector - fixed resolving s3 bucket name for cisco managed s3 buckets ( #1317 )
...
Co-authored-by: Vitalii Uslystyi <vu@socprime.com>
2020-11-16 18:27:34 -08:00
9ad5ea9a2d
Updated Trend Micro logo for the data connectors ( #1321 )
...
* Create Trend_Micro_Logo.svg
* Update Trend_Micro_Logo.svg
2020-11-16 18:26:48 -08:00
de1b7d40ae
Merge pull request #1322 from andedevsecops/az-func-github-dataconnector
...
Az func GitHub dataconnector
2020-11-17 13:28:56 +13:00
fa0d9e2fc6
Merge pull request #1264 from ehudk-msft/patch-11
...
Update Sign-in Burst from Multiple Locations.yaml
2020-11-16 15:53:37 -08:00
cd69fab0ce
corrected typos in README.MD
2020-11-16 14:50:34 -08:00
9ca21fb2a6
Updated README.MD typo
2020-11-16 14:28:21 -08:00
319c931a8c
revisions
2020-11-16 13:32:24 -08:00
ceb1b32d38
Update CEF connector template adding IsPreview attribute ( #1311 )
...
Update CEF connector template adding IsPreview attribute
2020-11-16 13:25:25 -08:00
a2d40e5088
Update Syslog connector template - adding IsPreview attribute ( #1312 )
...
Update Syslog connector template - adding IsPreview attribute
2020-11-16 13:24:47 -08:00
733a375b9c
Update Rest API connector template - adding IsPreview attribute ( #1314 )
...
Update Rest API connector template - adding IsPreview attribute
2020-11-16 13:24:16 -08:00
1124101a35
Palo Alto data connector fixes ( #1201 )
...
* add PAN connector, replace query operator
* fix corrupt workbook file
* formatting
* fix indent
* update workbook version
* fix invalid chars, fix typo
* replace contains with has
* remove overview workbook from PR
* fix script command
2020-11-16 13:21:17 -08:00
cac1016803
Palo Alto Overview Workbook fix ( #1256 )
...
* replace string operator for query
* delete and re-create json
* move to workbook folder
* fix indent
2020-11-16 13:06:32 -08:00
abaa441629
with mock max
2020-11-16 12:57:34 +02:00
ea09966717
Fix multiple mock messages sent
2020-11-16 12:55:20 +02:00
c285d71217
Merge pull request #1295 from happy-jo/patch-25
...
Fixed a VT Schema change.
2020-11-16 10:56:45 +13:00
dc82775d05
Merge pull request #1299 from ShirSabag/shir-intsights-post-tag-playbook
...
Add playbook - Post-Tags-And-Comments-To-Your-Intsights-Account
2020-11-16 10:56:06 +13:00
63965e4ecb
Merge pull request #1304 from Azure/dicolanl-40
...
bug fix to Get-MDATPInvestigationPackage playbook
2020-11-16 10:52:51 +13:00
b17aebb52d
Thycotic ( #1144 )
...
* Add new data connector
* Add example source data for ThycoticCEF dataconnector.
Add logo for dataconnector.
* Add workbook for Thycotic.
* Add workbook for Thycotic Secret Server.
* Add preview for Thycotic workbook
* Fix bug
* Add Thycotic dashboard and preview images and logo.
* Fix name dataconnector
* Add newline to json file
* Change workbook name in template
* Back file
* Add to Dashboard new block for event 'Login Failure'
* Change TemplateId
* Change link to base documentation for Secret Server
* Change link to documentation for configure Secret Server Syslog
* Changed data connector for Thycotic Secret Server
* Change Workbook , query add params
* Change format logo
* Add change to meta file
* Modify
* Update Logo for Dashboard, Dataconnector and Workbook
* Modify meta file
* Reset changes
* Reset Meta data
* Change meta file
* Change Logo for Thycotic
* Review image and changes Logo
Co-authored-by: unknown <andy@andy-nb.softwarium.net>
2020-11-13 15:15:49 -08:00
37d8d8164f
ACN_CD_CiscoUCS_Connector01 ( #1281 )
...
* cisco ucs connector
* revisions
* update parser links
2020-11-13 15:03:22 -08:00
14d38e5f37
VMware ESXi parser
2020-11-13 13:12:27 -08:00
7d4a0bac88
ACN_CD_CiscoUCS_Parser01 ( #1282 )
...
* cisco ucs parser
* revisions
Co-authored-by: Shain <45466083+shainw@users.noreply.github.com>
2020-11-13 12:58:51 -08:00
a90ff862f6
Cisco umbrella connector ( #1261 )
...
* added table schemas
* added function app
* added parser
* added logo
* added azuredeploy arm template
* updated links in azuredeploy arm template
* added connector template
* added sample data
* updated links to github in templates
* improved logging in function app
* updated connector template
* cisco umbrella: updated links
* cisco umbrella: removed logo to avoid duplication
* cisco umbrella connector - changed AWSSecretAccesKey variable name
* cisco umbrella connector - removed CiscoUmbrella.md file
* cisco umbrella connector - updated connector template
* cisco umbrella connector - updated connector template
* cisco umbrella - renamed parser func and updated connector template
* cisco umbrella - updated sample queries in connector template
* cisco umbrella - added proxies.json file
Co-authored-by: Vitalii Uslystyi <vu@socprime.com>
2020-11-13 07:16:25 -08:00
be3c75dae5
Merge pull request #1213 from x3nc0n/bind9-dns-syslog
...
Bind9 dns syslog
2020-11-12 22:53:45 -08:00
63ea90e9c0
Merge branch 'master' into bind9-dns-syslog
2020-11-12 22:46:00 -08:00
c204ee5fa8
Merge pull request #1233 from ThijsLecomte/patch-1
...
Update in order to remove error with Entity Mapping
2020-11-12 22:44:55 -08:00
cc7ef943dc
Merge branch 'master' into patch-1
2020-11-12 22:29:28 -08:00
c677d25d60
Merge pull request #1235 from Azure/Expansions_Strongify
...
Strengthening returned Host entity by mapping strong identifier fields
2020-11-12 22:29:12 -08:00
78feaff743
Merge branch 'master' into patch-1
2020-11-12 22:27:23 -08:00
Javier Soriano
ehudk-msft
necoh
morshabi
liatlishams
chicduong
v-jayakal
Shain
laithhisham
SOC Prime
Mike
Sarah Young
Sreedhar Ande
Eran Toledano
Noam Landress
Andrey Nikolaev