Ofer Shezaf
ee97399b42
Revert "Revert "Merge branch 'master' of https://github.com/Azure/Azure-Sentinel ""
...
This reverts commit ff69f85224
.
2022-01-03 16:21:46 +02:00
Ofer Shezaf
ff69f85224
Revert "Merge branch 'master' of https://github.com/Azure/Azure-Sentinel "
...
This reverts commit c929df845a
, reversing
changes made to 53e6c92e3e
.
2022-01-03 16:04:13 +02:00
aprakash13
bea143b5ae
Merge pull request #3681 from socprime/digital_guardian_content
...
add analytic content for Digital Guardian
2021-12-30 13:30:55 -08:00
aprakash13
cbf1b99627
Merge pull request #3513 from socprime/cisco_duo_content
...
ciscoduo content
2021-12-30 12:39:41 -08:00
NikTripathi
f90f82ec80
Merge pull request #3555 from socprime/cisco_wsa_content
...
add cisco wsa content
2021-12-31 00:52:17 +05:30
NikTripathi
ec69accb5f
Merge pull request #3683 from socprime/trendmicro_cas_content
...
analytic content TrendMicro CAS
2021-12-31 00:46:32 +05:30
aprakash13
8abdea0878
Merge pull request #3750 from socprime/sentinelone_content
...
sentinel1 analytic content
2021-12-30 01:30:44 -08:00
v-rucdu
ce13459bfb
updated schema
2021-12-29 16:07:28 +05:30
v-rucdu
026f06122d
Initial commit for adding AzureDiagnostics support
2021-12-29 10:00:30 +05:30
Amit Bergman
f4a5fb738f
Merge pull request #3794 from Azure/Amitbergman-patch-20
...
Update AttackTactic.cs
2021-12-28 10:01:07 +02:00
Shain Wray (MSTIC)
26ba1999e1
removing validation skip and trailing comma
2021-12-27 10:54:31 -08:00
Amit Bergman
7294ec923d
Update AttackTactic.cs
2021-12-27 18:46:17 +02:00
Amit Bergman
0c997aa822
Update AttackTactic.cs
2021-12-27 16:30:42 +02:00
Amit Bergman
6f303cfe8d
Update AttackTactic.cs
2021-12-27 14:26:18 +02:00
NikTripathi
6f7747e98f
Merge pull request #3567 from socprime/vmware_esxi_content
...
add analytic content for VMwareESXi
2021-12-23 23:59:59 +05:30
NikTripathi
552eda23a7
Merge pull request #3439 from socprime/imperva_cl_waf_content
...
add imperva content
2021-12-23 12:39:52 +05:30
rpressburger
0801e848c7
Added KQL syntax validations test for insights base queries. ( #3708 )
...
* support tests for insights base query
* fix test name
* comment out insights tests
* update dotnet version
* dotnet version
* typo
* version5
* try fix tests output
* kql tests config
* fix tests names and revert dotnet version
* comment out insights tests
* leave one test up
* might fix azure devops display bug
* might fix azure devops display bug
* override to string to empty
* pass encoded file path to tests
* code review
* GetYamlFilesPaths static
* use folder path as const
* better GetDir implementation
2021-12-21 13:28:45 +02:00
sp
558c3afafa
fixed queries; workbook
2021-12-21 12:27:12 +02:00
sp
204eace7e7
ad parser schema; fix entity
2021-12-21 12:01:08 +02:00
yaronMSFT
ca9b2fa9f7
ASim NW detections batch 2 ( #3515 )
2021-12-19 12:05:27 +02:00
sp
ff5c9d2519
sentinel1 analytic content
2021-12-17 19:18:49 +02:00
sp
dea5e4a9d3
add parser schema
2021-12-17 14:23:10 +02:00
v-jayakal
689caa0b1b
Merge pull request #3702 from rheabansal/rheabansal/updating_purview_solution
...
Updating Azure Purview Solution
2021-12-16 11:14:54 -08:00
NikTripathi
9bd3b8800a
Merge pull request #3432 from socprime/cisco_secure_endpoint_content
...
add cisco secure endpoint analytic content
2021-12-16 12:39:56 +05:30
NikTripathi
2c3c936fd9
Merge pull request #3397 from socprime/nginx_content
...
Nginx content
2021-12-16 12:38:16 +05:30
Ajeet Prakash (MSTIC)
5fd400eed7
Adding skip validation test for 'imwebsession'
2021-12-15 08:30:19 -08:00
Shain Wray (MSTIC)
dda40644ed
Adding build validation bypass for - HighlySensitivePasswordAccessed.yaml and "The name '_GetWatchlist' does not refer to any known function."
2021-12-14 10:28:56 -08:00
v-rucdu
495b983588
Merge pull request #3673 from ThijsLecomte/master
...
create LastPass Solution
2021-12-14 10:38:10 +05:30
Rhea Bansal
1e1fde3ec3
Updating Azure Purview Solution
2021-12-13 17:03:33 -08:00
sp
2a5bc5232f
add parser schema
2021-12-13 12:07:54 +02:00
NikTripathi
3044bdef85
Merge pull request #3396 from socprime/apache_http_server_content
...
Apache HTTP Server content
2021-12-13 15:00:26 +05:30
v-jayakal
08d29f7fcf
Merge pull request #3327 from sschuur/InfobloxCDC-Oct
...
Update Infoblox CDC
2021-12-13 00:34:34 -08:00
Shain Wray (MSTIC)
7fe032df11
all validations pass, except imDns, exclude per protocol for now
2021-12-11 19:20:40 -08:00
sp
dbbf25326f
analytic content TrendMicro CAS
2021-12-10 17:35:34 +02:00
sp
6c1ac3f276
add analytic content for Digital Guardian
2021-12-10 17:13:29 +02:00
sp
cabfeaa52e
rm conflict file
2021-12-10 15:44:07 +02:00
sp
21f4f74a2c
add parser schema
2021-12-10 15:42:16 +02:00
ThijsLecomte
a6560fc934
Create KQLValidations
2021-12-10 09:32:57 +01:00
ThijsLecomte
599d61906e
create LastPass Solution
2021-12-10 09:21:55 +01:00
Vitalii Uslystyi
c6848a3271
Merge branch 'master' into apache_http_server_content
2021-12-09 15:57:29 +02:00
Vitalii Uslystyi
2bdc5ce59a
Merge branch 'master' into nginx_content
2021-12-09 15:55:36 +02:00
sschuur
3df290fb72
Merge branch 'Azure:master' into InfobloxCDC-Oct
2021-12-08 16:20:05 -08:00
Amit Bergman
60dab5fa30
Merge pull request #3627 from Azure/Amitbergman-patch-12
...
Fix wrong connector ID - the correct value is AwsS3
2021-12-07 17:09:36 +02:00
Amit Bergman
81d793e0b1
Update ValidConnectorIds.json
2021-12-07 12:19:53 +02:00
Amit Bergman
df91ebc00d
Update ValidConnectorIds.json
2021-12-07 11:47:53 +02:00
aprakash13
7f3c8b1428
Merge pull request #3588 from Azure/ashwin/ti-blognov2021
...
TI blog related queries - Nov2021 and bugfixes
The TI blog post is supposed to go out today. Hence, approving and manually merging these even though some of the validations are failing and have errors. A lot of these validations error is due to NPM authentication that the content acceleration team is working on to fix currently.
2021-12-06 09:03:44 -08:00
aprakash13
be31ecb6cc
Merge pull request #3386 from scottymcraig/CiscoSEAnalytics
...
Add CiscoSE High Alert Rule
2021-12-06 07:20:49 -08:00
Ofer Shezaf
930b44436e
Merge pull request #3625 from Azure/dev/normalization/web
...
Dev/normalization/web-frame-only
2021-12-05 14:55:38 +02:00
Ofer Shezaf
74c2950837
custom table validation jsons
2021-12-05 14:46:25 +02:00
Ashwin Patil
37ad5ee072
typos and addng techniques
2021-12-03 14:35:34 -08:00