09284f2f63
Merge branch 'Azure:master' into master
2021-09-08 17:29:43 -05:00
2f2bfaa8bb
Add files via upload
2021-09-08 17:17:21 -05:00
e0e6f00c73
Delete WriteToLA - AIPMassDowngrade.ps1.csv
2021-09-08 17:16:46 -05:00
358b3ba413
Adding the Az.EventHub module
...
This is a dependincy for the New-AzEventHubNamespace cmdLet used in the New-EventHubNamespace function.
This fonction will fail if that module isn't installed.
2021-08-31 12:21:05 -04:00
b4b4a97667
pipeline
2021-08-31 15:24:02 +10:00
78f62b6b8a
Merge pull request #2748 from IllusiveNetworks-Labs/Illusive
...
Illusive
2021-08-27 10:32:33 +05:30
d430bfc5f9
Update README.md
2021-08-26 15:06:44 -05:00
834674e2f0
Update README.md
...
Format
2021-08-26 15:00:45 -05:00
66343a177a
Add files via upload
2021-08-26 14:48:13 -05:00
3469719982
Update README.md
2021-08-26 14:46:06 -05:00
ddca37f3a1
Update README.md
...
Changed to include more feature/capability areas.
2021-08-26 14:32:53 -05:00
4b697c05e6
Update README.md
2021-08-26 13:04:32 -05:00
67e02da45a
Update README.md
...
Correct image path
2021-08-25 22:03:16 -05:00
48b65172be
Update README.md
2021-08-25 21:53:26 -05:00
fe192f5123
Anomaly Simulator moved to Sentinel Tools
2021-08-25 21:30:58 -05:00
181de292a3
Delete Tools/Simulators/Anomalies/Unusual-Mass-Downgrade-AIP-Label directory
2021-08-25 21:22:50 -05:00
5e50c94b63
Updated README.MD
2021-08-25 16:06:17 -07:00
bd67ff3b80
Added new script to create only tables on ADX
2021-08-25 15:50:25 -07:00
faa650388f
Updated README.MD with instructions
2021-08-25 15:49:57 -07:00
845acc443a
Update README.md
2021-08-25 15:33:38 -05:00
50990d6234
Update README.md
2021-08-25 13:46:13 -05:00
7948ff9b42
Add files via upload
2021-08-25 13:44:57 -05:00
ab7699560d
Merge pull request #2536 from mburrough/mburrough-AlertRuleAction-script
...
Add bulk Alert Rule Action PowerShell script sample
2021-08-19 21:28:04 -07:00
68f56dd255
reverting to OperationName as verified
2021-08-17 13:55:42 -07:00
da5a2ed8ad
modified package using powershell 7
2021-08-12 19:23:23 +05:30
b38617c554
created package and made review comment changes
2021-08-12 12:40:32 +05:30
de95ee53de
Update README.md
2021-08-11 17:03:32 +03:00
a03a7a9c33
Update README.md
2021-08-11 17:02:26 +03:00
4ea995649c
Update and rename readmemd.txt to README.md
2021-08-11 16:50:45 +03:00
01f488f0b8
removing readme from scrip
2021-08-11 16:36:28 +03:00
29001a5b9b
Adding readme sgeneration and better reference to templates
2021-08-11 15:53:50 +03:00
c5a25f5c82
Fixing argument description
2021-08-11 12:34:37 +03:00
e4e967d0dd
Adding Parser yaml 2 ARM tool lite
2021-08-11 12:30:18 +03:00
34380c09bf
Update README.md
2021-08-10 11:40:11 -07:00
580262dafd
Update README.md
2021-08-10 11:38:57 -07:00
de78be7e5b
Merge branch 'Azure:master' into master
2021-08-10 11:23:43 -07:00
aedd5c361e
Fixed an accidental typo
2021-08-06 11:44:55 +02:00
514aef4f6f
Fixed a weird "feature" which requires the description field in the solutions yaml to be single quotes.
2021-08-06 10:33:52 +02:00
03a382307a
Updated README with better explanation
2021-07-27 12:49:26 +02:00
a469fee118
Adding new Sentinel onboarding ARM template
2021-07-27 11:31:37 +02:00
76567e8269
Added deployment package with latest code fixes
2021-07-14 15:03:10 -07:00
98333337d2
Updated variable name
2021-07-14 15:02:11 -07:00
df105eb918
Merge pull request #2654 from anigan/anigan-fixLAtoADX
...
Issue 2652: Fixing issues with comparing LA tables to supported tables
2021-07-14 14:50:49 -07:00
ade6e55026
Deleted Zip
2021-07-14 14:47:04 -07:00
8bdd55b110
deleting zip
2021-07-15 03:12:58 +05:30
7d386ca706
creating a fresh ZIP
2021-07-15 02:58:39 +05:30
0657da2653
removing zip
2021-07-15 02:54:05 +05:30
e80e849289
Removed Locale
2021-07-14 14:11:03 -07:00
33b398e9a7
explicityly defining nugetPackageLocation to a string type
2021-07-15 02:30:27 +05:30
57031e90a7
Fixes issue in JSON
2021-07-14 13:59:51 -07:00
c3bc66eb25
Added Deployment Package
2021-07-14 13:52:40 -07:00
9762c4f597
Fixed AzureDataExplorer
2021-07-14 13:50:59 -07:00
d12e14cc87
adding the missing \ in the nugetlocationpath
2021-07-13 18:20:57 +05:30
78ffb5c334
defining $nugetPackageLocation as a global variable
2021-07-13 17:58:32 +05:30
750e05c520
reverting
2021-07-12 09:34:58 -07:00
7e7fec18dc
Updated README.MD
2021-07-12 08:31:01 -07:00
55aea07414
Updated deployment package
2021-07-12 08:27:11 -07:00
6f3967491d
Finding values in supported tables array with case sensitive
2021-07-12 08:23:27 -07:00
aa5bc3b052
Added SecurityEvent Table to supported tables
2021-07-12 08:22:34 -07:00
9fb7da1a46
$nugetPackageLocation was never defined and is not required to be defined
...
$decision is used but is not passed as a parameter. It is required.
2021-07-10 21:45:25 +05:30
ec9a2ca1b2
Updated date
...
Updated last edit date
2021-06-30 12:57:30 -05:00
38c58550cd
Minor Migrate-LA-to-ADX.ps1 updates
...
- Fixed issue where $ADXTables.Trim() could fail by adding ToString().Trim()
- Moved Try/Catch in New-AdxRawMappingTables to just around Invoke-KustoCLI as this would be only section where an error might occur that we would want to hide.
- Added test to make sure ADXSupportedTables.json is available
- Completed adding basic help for all functions.
- Updated main parameter help to make sure parameters matched the parameter names.
- Made the unsupported table output easier to read.
- fixed EventHub to be Event Hub and similar for for various product features to match Microsoft.com documentation.
2021-06-30 12:39:28 -05:00
cc251e33a8
Update LAW Filtering Method
2021-06-29 14:08:16 -07:00
5d987949e6
Solution Packaging Fix
2021-06-29 09:44:36 -07:00
8d7b1b36d0
Updated last modified date
2021-06-28 15:56:28 -07:00
eb03e11f44
Package updated
2021-06-28 14:46:05 -07:00
e3dd38553a
deleted unwanted logic
2021-06-28 14:13:44 -07:00
711a320883
Added logic to verify PowerShell Version
2021-06-28 12:13:53 -07:00
9031a5600f
Updated deployment package with latest code fixes
2021-06-26 00:30:32 -07:00
214a1b6f69
Removed extra Write-host
2021-06-26 00:29:47 -07:00
8f4eae86bb
Updated deployment package
2021-06-26 00:25:34 -07:00
54a7af40a9
Fixed coded issue
2021-06-26 00:24:38 -07:00
f333785724
Added downloadable package
2021-06-26 00:03:16 -07:00
3e0b88c10a
Updated Migrate LA to ADX script
2021-06-26 00:02:09 -07:00
362c8c551b
Merge pull request #1768 from TobiKr/master
...
Added PowerShell that creates alert rules from rule templates
2021-06-24 12:02:01 -07:00
0a2f4d388f
Leaderboard update
2021-06-22 17:07:05 -07:00
ca47768bbb
Merge pull request #2435 from elforb/v-eliforbes/watchlistAutomation
...
Watchlist Automation
2021-06-22 11:30:27 -07:00
c3b80d8050
Update README.md
2021-06-21 22:44:57 -07:00
c0453d0701
Add files via upload
2021-06-21 22:44:10 -07:00
aeba354476
Create README.md
2021-06-21 22:43:50 -07:00
e13fb94e0c
Create README.md
2021-06-21 22:43:03 -07:00
147b3c5be4
Leaderboard update
2021-06-21 16:06:05 -07:00
5af35de0bf
Leaderboard update
2021-06-21 15:06:00 -07:00
6ac07f1748
fixed new line issue
2021-06-16 14:02:43 -07:00
92a99178f5
Updated typo
2021-06-16 14:00:40 -07:00
d1b7e279e5
Updated README instructions
2021-06-16 13:57:52 -07:00
58fbf6e6bc
Updated README
2021-06-16 13:45:53 -07:00
bd807bd275
Updated README
2021-06-16 13:16:38 -07:00
b229190dd8
Added download icon
2021-06-16 13:15:41 -07:00
d72df3062e
Updated Typo in README
2021-06-16 10:20:35 -07:00
c9090470f8
Updated README Instructions
2021-06-15 21:09:46 -07:00
abfe903798
Merge pull request #2485 from Azure/dicolanl-59
...
Updating Deploy buttons and links part 2
2021-06-16 13:48:43 +12:00
4a23af9be0
Updating Deploy buttons and links part 2
2021-06-16 01:40:49 +00:00
cc64fdb1a0
Removed localization
2021-06-15 18:02:37 -07:00
97f4d7fc91
Removed en-us in links
2021-06-15 17:56:19 -07:00
afcbbc576b
Added script in zip format to download from tools
2021-06-15 17:35:12 -07:00
ebf77f4c70
Removed hardcoded values for testing
2021-06-15 17:34:27 -07:00
4f30898934
Updated README aka.ms link
2021-06-15 17:33:55 -07:00
43917ba6aa
Added aka.ms link to download the tool
2021-06-15 17:12:34 -07:00
4c11fba522
Fixed bug in creating DataConnection rule
2021-06-15 13:34:09 -07:00
01686954a2
aka.ms link
2021-06-15 09:43:54 -07:00
e4a8edb269
Added comments to script file
2021-06-14 21:40:27 -07:00
7d7053f085
Added script to integrate Azure Data Explorer using PowerShell Script
2021-06-14 21:29:36 -07:00
ba511af373
Added Supported Tables Json
2021-06-14 21:27:49 -07:00
654c872a1c
Updated README.MD
2021-06-14 21:24:54 -07:00
bfcc3a7335
Created README.MD and updated with Instructions
2021-06-14 20:20:05 -07:00
4c98a3c186
Merge pull request #2402 from Azure/v-rucdu/PRValidationFixesForSolutionsFolder
...
Extension of PR Validations to solutions folder
2021-06-13 22:18:59 -07:00
2cad1a602c
Merge pull request #2281 from t-shaviv/shaharBranch2
...
Azure Activity columns alignments
2021-06-13 09:57:18 -07:00
3a11ce8b70
Merge pull request #2462 from elforb/v-eliforbes/solutionAutomationUpdate2
...
Update Solution Automation Documentation + Minor Fixes
2021-06-11 10:18:29 -07:00
3b9282204d
Remove URL Locale
2021-06-11 10:11:53 -07:00
e0c3428c60
Common Issue: YAML Conversion
2021-06-10 16:26:53 -07:00
7af75762c8
Minor Template Creation Fixes
2021-06-10 16:17:32 -07:00
63b4a5fab9
Add Instructions for Setup, TTK Validation + Extra Common Issue
2021-06-10 16:17:16 -07:00
548f342528
Leaderboard update
2021-06-10 11:02:43 -07:00
2236761be6
Watchlist Example Template
2021-06-08 10:02:38 -07:00
771b2886eb
Watchlist text fix
2021-06-08 10:02:17 -07:00
8a90d3f02c
Dev/generic parser ( #2410 )
...
* Custom parser deployer
2021-06-08 12:05:14 +03:00
cf52659535
Update Watchlist Tab Text+Uri
2021-06-04 10:07:32 -07:00
3f151ac0d1
Update config.txt
2021-06-04 17:49:33 +05:30
d6a0fbde60
Update SampleDataPath.cs
2021-06-04 17:46:51 +05:30
c480159566
Update config.txt
2021-06-04 17:27:58 +05:30
2875e51a4b
Handled validation for parsers under solutions folder
2021-06-04 17:17:13 +05:30
3b7aaa3eef
Base Watchlist Automation
2021-05-27 13:22:20 -07:00
d7058a0fb1
Created Registry Data Access Protocol (RDAP)
...
As top level domains (and domains in general) have increased, there is a need to be able to lookup information about domains. This project is designed to solve this need (in an albeit limited use case for now) by retrieving domain(s) from Azure Sentinel / Log Analytics, querying the RDAP network for registration information, and then writing that resolution information back in to Azure Sentinel / Log Analytics.
2021-05-27 11:40:30 -07:00
c72129459a
Readme Example Update + Added Note
2021-05-20 10:33:40 -07:00
f64a2499bd
Fix Playbook UIDef Label Handling
2021-05-20 10:31:56 -07:00
2217cb6ecf
Handle operationIds in Custom Connectors
2021-05-20 10:31:22 -07:00
0c6c4fecb2
Merge branch 'master' into shaharBranch2
2021-05-19 10:12:21 +03:00
d97d696fbf
Merge pull request #2232 from pkhabazi/ThreatIntelligence-connector-SentinellAllinOne
...
Threat intelligence connector for sentinel all in one
2021-05-18 20:22:50 -07:00
25ff63717c
Leaderboard update
2021-05-18 12:01:57 -07:00
771a6610c1
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel into v-eliforbes/solutionAutomationUpdate
2021-05-14 13:13:56 -07:00
242b8255a4
Leaderboard update
2021-05-14 10:02:27 -07:00
1bfc7a1c43
Merge branch 'master' into shaharBranch2
2021-05-13 11:10:21 +03:00
e8b01c74e0
Parameter Replacement Fixes
2021-05-12 11:28:29 -07:00
0b1d624b91
fixed AlertRulePayload
2021-05-12 19:20:51 +03:00
2c215dbb9f
Update README.md
2021-05-10 16:15:52 -07:00
0b155fac34
Solution Automation ( #2213 )
...
* Solution Automation
* Remove URL Locale
* Update Pathing in Automation-runner
* Fix connection id variable reference
* Move Tool Folder and Rename
* Add Version Input + Rename Script
* Tool Readme with Description+Instructions+Troubleshooting
* Send all generated files to Package folder
* Update Example Input + Misc. Cleanup
* Update Readme json comment style
* Update readme commenting
* Condense Readme Input Commenting
* Added Common Issues: Parameter References + Outputs
* Input format fix
* Input file format update
Co-authored-by: Eli Forbes <v-elforb@microsoft.com>
2021-05-10 16:08:35 -07:00
1c73e89f52
Leaderboard update
2021-05-09 16:25:44 -07:00
dcb3dbc486
Leaderboard update
2021-05-08 08:01:43 -07:00
66f954a9eb
Leaderboard update
2021-05-07 23:02:40 -07:00
d1ac912023
Adding ThreatIntelligence to dataconnectors
2021-04-30 10:04:48 +02:00
bace93befc
Enabling fusion by default
2021-04-06 11:50:20 -07:00
ccf1abd9ef
Resolved a description field parsing issue
...
Fixes some description fields not being imported
2021-03-26 17:45:05 +01:00
10f0610f40
type in linked template
...
fixed a typo in linked template
2021-03-17 11:15:00 +01:00
91f0a23520
Localization links fixed
2021-03-15 10:32:20 +03:00
ecdfb87089
Rule migration resource uploads
2021-03-15 10:02:47 +03:00
10c34da5d7
Added new image and modified markdown file
2021-03-12 14:38:42 +11:00
1fe26fd7de
Added RuleMigration folder and files
2021-03-12 11:35:48 +11:00
c0b63f7a6c
added YAML rule import sample
2021-03-08 19:27:58 +01:00
c4c357d814
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel
2021-03-08 19:21:07 +01:00
1da3ac7cf9
adding sample script to import GitHub YAML rules
2021-03-08 19:20:51 +01:00
3383d88584
modified README
2021-02-23 15:48:04 +01:00
4182f2edd3
troubleshooting
2021-02-23 14:58:39 +01:00
759015533b
added RG box
2021-02-23 14:54:36 +01:00
1690553ee5
added RG
2021-02-23 14:51:55 +01:00
9c56e67d11
adding UI
2021-02-23 14:46:15 +01:00
e164532649
changes
2021-02-23 13:02:54 +01:00
9b477fc923
added linked templates
2021-02-23 12:33:16 +01:00
8f8bc5668f
rg change
2021-02-22 23:00:26 +01:00
a80e031985
right branch
2021-02-22 13:09:02 +01:00
88fe0d83fa
add artifactsLocation
2021-02-22 13:08:33 +01:00
c4bd6c402e
MSSP version
2021-02-22 12:23:58 +01:00
289ab2c09d
removed
2021-02-22 11:40:59 +01:00
3429fe8242
MSSP version
2021-02-22 11:34:48 +01:00
abd45e7732
MSSP version
2021-02-22 11:33:14 +01:00
e5a4b7bce8
Added PowerShell that creates alert rules from rule templates for all configured data sources
2021-02-14 16:59:02 +01:00
7a54eaa256
Updated README with latest product names
2021-02-05 21:30:19 -08:00
f9e5bc3c03
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel
2021-02-05 21:09:12 -08:00
165d38c919
Deleted AzSentinel command to add Sentinel Solution; 2. Added Azure Monitor module to add Sentinel; 3. Updated CheckModules function
2021-02-05 21:08:35 -08:00
a040ac5f17
Added import and export samples for the Az.SecurityInsights module
2021-02-05 20:48:34 +01:00
1be04b1c21
added Az.SecurityInsights import and export samples
...
For the Azure Sentinel PowerShell module
2021-02-05 20:44:52 +01:00
fadd05abb8
Added sample scripts for Az.SecurityInsights
...
sample scripts for the Azure Sentinel PowerShell module
2021-02-05 20:25:51 +01:00
7f885ff8db
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel
2021-02-05 20:10:14 +01:00
1eda0a5510
Added importAzureSentinelRules script
...
This sample script allows bulk import of Azure Sentinel rules
2021-02-05 20:10:06 +01:00
df1889e40e
Merge pull request #1727 from happy-jo/patch-26
...
Sentinel-All-In-One Tool fix for PowerShell script location
2021-02-05 10:20:23 -08:00
73d42db748
Merge pull request #1726 from javiersoriano/allinone
...
Sentinel-All-in-One bug fixes
2021-02-05 10:12:37 -08:00
5bb711ac42
Adjusting target PowerShell script
...
This link was pointing to the developers Github repo
2021-02-05 10:45:21 -05:00
718b152272
point to master
2021-02-05 15:26:19 +01:00
d26d2d9e5c
pointing to my repo
2021-02-05 15:04:46 +01:00
b43599e364
fixed boolean format
2021-02-05 14:57:36 +01:00
53eb7ce16c
fixing some bool variables
2021-02-05 14:54:21 +01:00
5df3c52c71
change location
2021-02-05 13:21:06 +01:00
abae96aac1
test location
2021-02-05 11:43:59 +01:00
a7ec619ba9
Update HuntingQuery.json
...
with new etag * line we will also be able to update via arm (instead of only deploy)
2021-02-03 13:40:03 +01:00
4554ada28c
Merge remote-tracking branch 'origin/master' into allinone
2021-02-02 15:30:02 +01:00
5e7777b1f0
changed artifacts location to point to Azure-Sentinel repo
2021-02-02 15:14:37 +01:00
44944f3b8c
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel into allinone
2021-02-02 15:01:31 +01:00
07a0b55873
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel
2021-02-01 09:39:05 +01:00
b9c891aed7
added exportAzureSentinelRules.ps1
2021-02-01 09:38:54 +01:00
990dffd1b6
Updated PowerShell module to Official Powershell & fixed logic issues
2021-01-30 10:50:22 -08:00
508357970e
Export Sentinel Analtyics Rules sample
2021-01-29 18:20:17 +01:00
5a644a55ff
Update README.md
2021-01-29 17:49:26 +01:00
483add1749
Added Export Sentinel Rules sample
2021-01-29 17:45:54 +01:00
f2087d6c27
Create Az.SecurityInsights-Samples
2021-01-29 17:42:29 +01:00
0d60a0c699
Merge pull request #1682 from javiersoriano/patch-2
...
Azure Sentinel-All0In-One Accelerator fix
2021-01-28 12:39:32 -08:00
a70f36c0a1
Fixing deployment link
2021-01-28 18:14:12 +01:00
f799ff1888
Update README.md
2021-01-28 18:11:44 +01:00
94f159abc1
Update createUiDefinition.json
2021-01-28 15:03:12 +01:00
451ad86df9
Update azuredeploy.json
2021-01-28 14:59:44 +01:00
a8087ec6ee
Update scheduledAlerts.json
2021-01-28 14:29:48 +01:00
22807f2979
Delete AzCreateUiDef.ps1
2021-01-28 14:27:49 +01:00
f96bc98ece
Update alertRules.json
2021-01-28 14:25:57 +01:00
7c7e18ae9b
Adding Sentinel All-In-One
2021-01-28 14:17:00 +01:00
badf587d0c
Leaderboard update
2021-01-23 09:02:09 -08:00
3f47372566
Leaderboard update
2021-01-23 03:02:21 -08:00
c1182a04e7
Merge pull request #1431 from javiersoriano/javier-arm
...
Added ARM templates for AzureAD and Azure Activity
2021-01-18 21:30:37 +13:00
426e8b305f
Update README.md
2021-01-18 09:26:30 +01:00
36a78fa693
Merge pull request #1585 from Nchristis/patch-4
...
Create README.md
2021-01-18 20:48:47 +13:00
7cc77bf98e
Create README.md
...
Readme for the hunting arm template
2021-01-15 12:40:30 +01:00
9778ae9a5c
Create HuntingQuery.json
...
json file for the upload
2021-01-15 12:31:41 +01:00
a8d2dff844
Leaderboard update
2021-01-11 05:21:39 -08:00
fffbe3f3d7
Leaderboard update
2021-01-11 03:52:53 -08:00
54e401b035
Adding auto comments for PRs and Issues submitted to the Sentinel repo ( #1426 )
...
* Create comment.yml
* Update comment.yml
* Update comment.yml
* Update comment.yml
* Add files via upload
* Add files via upload
* Delete comment pr v2.yml.txt
* Delete comment.yml
* Delete comment pr v3.yml
* Add files via upload
* test
* Delete comment pr v4.yml
* Add files via upload
* Add files via upload
* Delete comment pr v3.yml
* Create PRcomment.yml
* Delete comment pr v5.yml
* Create IssueComment.yml
Co-authored-by: ngchi <ngchi@DESKTOP-5TA29SV>
2020-12-14 14:39:26 -08:00
7ac6ad2d4a
updated Data Connectors table
2020-12-09 22:58:09 +01:00
19a0979e4d
added documentation link and formatted README file
2020-12-09 22:54:24 +01:00
a7e1c3aa27
Update readme for Sample-Data-Ingest-Tool ( #1407 )
...
* Update ForgeRock queries, CyberArk EPV
* Update CEF based connector permissions
* Revert CyberArk
* Revert CyberArk
* Update CyberArk
* Update to use seperate lines and where clauses
* Update log tool readme
2020-12-04 11:07:26 -08:00
e5ee33a7b9
modified parameters
2020-12-04 16:15:34 +01:00
091a01ee45
change workspace id
2020-12-04 13:38:10 +01:00
96237321e4
adding AzureActivity and AzureAD templates
2020-12-04 13:32:48 +01:00
6d06725a5b
change in links to point to master
2020-12-02 11:04:58 +01:00
f18d280d53
removing comments from templates
2020-12-01 11:04:25 +01:00
a8e1da92d0
pointing to master
2020-11-30 23:36:10 +01:00
9bcf9ab84a
changes in README
2020-11-30 23:32:37 +01:00
40bab87baa
fixes
2020-11-30 23:29:30 +01:00
fdbd3bb92e
fix typo
2020-11-30 23:26:22 +01:00
4a1b8636b0
changing parameter description
2020-11-30 23:20:57 +01:00
402ac7afd6
added parameters
2020-11-30 23:13:38 +01:00
75f4b4dbd9
folder structure change
2020-11-30 21:58:45 +01:00
8060ad9643
format fix
2020-11-30 21:38:28 +01:00
d022b090c3
type
2020-11-30 21:36:48 +01:00
d25d8a40ed
typo
2020-11-30 21:30:27 +01:00
b81d481c92
added connector folders
2020-11-30 21:26:35 +01:00
5b78e9db14
modified uniqueString
2020-11-25 12:34:43 +01:00
0f58f1c9ef
name changes
2020-11-24 23:15:59 +01:00
99cc7ed628
Adding rule templates for all kinds
2020-11-24 23:09:38 +01:00
eff9979719
Adding Analytics Rules
2020-11-24 22:32:18 +01:00
dbf90ec480
typo
2020-11-24 16:37:30 +01:00
80c9e3f2b2
modified guid
2020-11-24 15:39:00 +01:00
cbf84620f9
fixed typo
2020-11-24 15:36:04 +01:00
3998baf088
changed mcas ID
2020-11-24 15:34:08 +01:00
8029efc4f3
removed parameter
2020-11-24 15:24:14 +01:00
0ec93d9c11
included REAMDE
2020-11-24 13:17:00 +01:00
aaea902fa6
Adding sample ARM templates for Data Connectors onboarding (AATP, ASC, MCAS, MDATP, O365)
2020-11-19 15:32:08 +01:00
a4795cf7fc
Leaderboard update
2020-11-12 12:02:34 -08:00
baa5ea2587
Leaderboard update
2020-11-12 09:02:33 -08:00
a892ab8781
create Sentinel API .Net core sample ( #1274 )
...
* add Sentinel API sample
* Update launch.json
* Update ActionPayload.json
* Update BookmarkPayload.json
* Update IncidentPayload.json
* Update ScheduledAlertRulePayload.json
* Update SecurityAlertRulePayload.json
* Update SavedSearchPayload.json
* Update DataConnectorPayload.json
* Update FusionAlertRulePayload.json
* Update IncidentCommentPayload.json
* Update README.md
Co-authored-by: ngchi <ngchi@DESKTOP-5TA29SV>
Co-authored-by: Preeti Krishna <preetikr@microsoft.com>
2020-11-10 17:38:10 -08:00
1ce1f733b8
Leaderboard update
2020-11-07 23:04:08 -08:00
414cece17d
Leaderboard update
2020-11-07 22:04:15 -08:00
1cfd3848a8
Leaderboard update
2020-11-06 17:04:19 -08:00
ad68001610
Leaderboard update
2020-11-06 03:05:15 -08:00
9f92be5521
Leaderboard update
2020-11-05 03:04:42 -08:00
b78013cc70
Leaderboard update
2020-11-05 01:03:35 -08:00
40bd848383
Leaderboard update
2020-11-02 06:08:18 -08:00
0e37e048f7
readme improvements for ingestion tool ( #1183 )
...
* readme improvements for ingestion tool
* spacing
2020-10-21 15:13:46 -07:00
a0f643288b
Leaderboard update
2020-09-29 16:03:55 -07:00
15b02629be
Merge pull request #1128 from tatecksi/ParameterizedFunc
...
Added 2 PS files to create Parameterized Functions
2020-09-29 15:57:02 -07:00
c2d7d57250
Added files
2020-09-30 08:50:48 +10:00
6514259d77
Leaderboard update
2020-09-28 08:09:35 -07:00
c2052fd9c7
Leaderboard update
2020-09-25 14:39:41 -07:00
01f3c946d9
Leaderboard update
2020-09-25 14:30:37 -07:00
a2eaba4b34
Leaderboard update
2020-09-25 10:07:07 -07:00
b04317c5bf
Delete Sentinel_Hunting_Notebook.pbix
2020-09-17 10:27:24 -07:00
9f1c11736a
Add pbix file
...
Initial check in
2020-09-17 10:15:14 -07:00
f6f240884c
Create readme.md
2020-09-17 10:11:06 -07:00
33731dd6d5
Leaderboard update
2020-09-16 11:25:11 -07:00
80835928f0
Leaderboard update
2020-09-16 11:18:42 -07:00
c535e68757
Leaderboard update
2020-09-16 11:09:20 -07:00
ffa26aea94
Merge pull request #982 from richlilly2004/ImportPlaybooks
...
Create Add-PlaybooksToSentinel.ps1
2020-09-04 08:51:56 -07:00
8d91967542
Leaderboard update
2020-08-28 10:48:45 -07:00
224bf0e1ac
Leaderboard update
2020-08-28 10:38:45 -07:00
a9b405af31
Merge branch 'master' into update-plugin-version-v2
2020-08-25 18:45:05 +03:00
e97d6a32c9
Added DefaultParameterSetName
2020-08-20 17:44:30 -05:00
a25cc55c69
Fixed file location (again)
2020-08-20 17:36:23 -05:00
b3437d6018
Moved Playbook script to Tools folder
2020-08-20 17:05:49 -05:00
6a613423e8
Leaderboard update
2020-08-19 09:47:28 -07:00
b8f4b65951
Leaderboard update
2020-08-13 10:06:24 -07:00
a47d9d2779
Leaderboard update
2020-08-13 10:02:09 -07:00
c72d872468
Leaderboard update
2020-08-12 21:33:24 -07:00
31343db560
Leaderboard update
2020-08-12 21:30:07 -07:00
4e9ae260d4
Leaderboard update
2020-08-12 21:01:55 -07:00
ccc168ff3d
Leaderboard update
2020-08-12 20:40:51 -07:00
8f8e353af4
Leaderboard update
2020-08-12 15:18:47 -07:00
486025c921
Leaderboard update
2020-08-12 15:16:09 -07:00
4b6e17ffe0
Leaderboard update
2020-08-12 09:01:50 -07:00
c6369b6b6d
Leaderboard update
2020-08-12 08:49:16 -07:00
f464aa1b4e
Leaderboard update
2020-08-12 08:32:27 -07:00
10f11e6a06
Leaderboard update
2020-08-12 08:06:02 -07:00
dcd2b2ba40
Update Readme for S3-Lamda & reorganize Tools
2020-08-08 00:00:17 -07:00
54a4b13455
add zip file for DevOps template
2020-08-03 10:49:34 -07:00
71ffde3ad1
removed localization in doc links
2020-07-27 15:58:09 -07:00
a5797524e2
replace DevOps template
2020-07-27 14:45:01 -07:00
387c2da8ab
quick readme update ( #836 )
2020-07-08 11:02:36 -07:00
f77ea17243
initial commit ( #831 )
...
Co-authored-by: ngchi <ngchi@DESKTOP-5TA29SV>
2020-07-08 10:37:53 -07:00
e73c6247b2
Update SampleDataPath.cs ( #766 )
2020-06-19 13:56:49 -07:00
e88ccfe649
Merge pull request #720 from Azure/whitelistinblobstorage-azurefunction
...
Centralized LookupTables for enrichment in KQL with Azure Function to upload to blob storage
2020-06-12 08:20:55 -07:00
925dcc40c4
Moved to Tools and updated new paths
2020-06-10 15:45:36 -07:00
7a7a5ef20d
rename Solutions repo to Tools ( #742 )
2020-06-10 14:59:36 -07:00
Chuck Wilcox
Pierre Audonnet
alexandre verkinderen
v-rucdu
Sreedhar Ande
Sreedhar Ande
Ashwin Patil
Caroline Palha
Ofer Shezaf
Yaron Fruchtmann
Matt Egen
0xffhh
Javier Soriano
Anirudh Gandhi
Joel Stidley
Eli Forbes
Azuresentinelgithub
v-jayakal
Matt Burrough
Sarah Young
dicolanl
Shain
Yaron
t-shaviv
Preeti Krishna
elforb
Pouyan Khabazi
Vishal Kumar
Tiander Turpijn
iwafula025
JeremyT
Tobias Kritten
Joe Stahl
Naomi
Matthew Ouellette
Chi Nguyen
Eran Toledano
juliango2100
zhzhao8888
dicolanl
Haim Rubinstein
Tom Lilly
ngchi
Ashwin Patil