Ashwin Patil
|
d6e8d304e7
|
fix typo
|
2021-12-03 14:13:12 -08:00 |
|
Ashwin Patil
|
b5479d5b4c
|
adding exceptions for imwebsession
|
2021-12-03 13:54:58 -08:00 |
v-rucdu
|
8ce74fe042
|
Merge pull request #3540 from Azure/MaturityModelForEventLogManagement_M2131
Maturity Model for Event Log Management (M-21-31) Solution
|
2021-12-03 10:20:54 +05:30 |
Vitalii Uslystyi
|
581c000464
|
add connector id to ValidConnectors.json
|
2021-12-01 13:20:40 +02:00 |
|
Vitalii Uslystyi
|
d0e9b0a612
|
add table to custom tables folder
|
2021-12-01 13:18:09 +02:00 |
|
Vitalii Uslystyi
|
cf949929e5
|
add table custom tables folder
|
2021-12-01 13:13:38 +02:00 |
|
Ashwin Patil
|
eb6bda30f3
|
adding exception for imDns
|
2021-11-30 17:52:02 -08:00 |
sp
|
41417b3ec6
|
upd parser schema; fix rule query
|
2021-11-30 18:19:37 +02:00 |
|
sp
|
f9e1493f5d
|
add parser schema
|
2021-11-30 17:52:55 +02:00 |
Shain
|
56750bbe24
|
Merge pull request #3286 from Azure/Amitbergman-patch-16
Remove unneeded kinds from alertRuleKind enum
|
2021-11-29 22:59:14 -08:00 |
Amit Bergman
|
41abee61dd
|
Delete microsoft.azure.sentinel.kustoservices.2.2.0.nupkg
|
2021-11-29 22:46:08 +02:00 |
|
sp
|
95a2d37566
|
fix table name
|
2021-11-29 16:04:15 +02:00 |
|
sp
|
61ea9296bf
|
add custom table file
|
2021-11-29 15:16:28 +02:00 |
sschuur
|
d5b1cfe510
|
Added CustomTable
|
2021-11-28 21:55:35 -08:00 |
|
Amit Bergman
|
542fa76be0
|
Update Kqlvalidations.Tests.csproj
|
2021-11-28 16:22:26 +02:00 |
|
Amit Bergman
|
52713ce7ea
|
Add new version of kustoServices nuget
|
2021-11-28 16:19:39 +02:00 |
ShaniFelig
|
ff539f4bf0
|
Merge pull request #3289 from Azure/feature/t-shfeli/CreateInformativeErrorMessage
Create informative error message for invalid template kind
|
2021-11-28 11:09:08 +02:00 |
|
sp
|
9bb09db92b
|
add cisco wsa content
|
2021-11-26 18:58:20 +02:00 |
|
sp
|
b3711d1479
|
add custom table schema file
|
2021-11-25 11:39:40 +02:00 |
thbanasi
|
11cf655962
|
Updates for Validation Tests
|
2021-11-24 17:27:57 -05:00 |
|
thbanasi
|
97c416cf94
|
Create AzureActivity.json
|
2021-11-24 16:45:36 -05:00 |
|
thbanasi
|
1e44fb31f8
|
Create Usage.json
|
2021-11-24 16:28:58 -05:00 |
v-jayakal
|
f122f86d8e
|
Merge pull request #3382 from rheabansal/rheabansal/purview_solution
Creating Azure Purview Solution. Added Workbook, Data Connector, and …
|
2021-11-22 23:35:58 -08:00 |
|
sp
|
1b568b7601
|
add ciscoduo content
|
2021-11-22 18:15:23 +02:00 |
|
Amit Bergman
|
6b89553092
|
Update checkThatTemplatesVersionWasChanged.sh
|
2021-11-22 12:37:59 +02:00 |
|
Shain
|
063c6382e5
|
Create AADServicePrincipalSignInLogs.json
Adding in to support #3425
|
2021-11-21 10:41:00 -08:00 |
|
sp
|
e9f26a2f4d
|
fix rules add version;kind upd validconnectorIds
|
2021-11-18 09:17:27 +02:00 |
|
sp
|
a0f37b8b72
|
add impervawafcliudapi connector
|
2021-11-18 09:01:16 +02:00 |
Pete Bryan
|
97d1ed31ac
|
Adding AWSGuardDuty Table Schema and removing debugging
|
2021-11-17 21:56:44 -08:00 |
|
Pete Bryan
|
1776382e4e
|
debugging tests
|
2021-11-17 21:32:40 -08:00 |
|
Pete Bryan
|
c50f61dd54
|
debugging
|
2021-11-17 21:23:44 -08:00 |
|
Pete Bryan
|
dd65a24b08
|
more debugging
|
2021-11-17 21:19:36 -08:00 |
|
Pete Bryan
|
896e0a6b44
|
more debugging
|
2021-11-17 21:12:10 -08:00 |
|
Pete Bryan
|
d682c32a84
|
more test debugging
|
2021-11-17 21:06:45 -08:00 |
|
Pete Bryan
|
7ef62d9c5d
|
test update for debugging
|
2021-11-17 21:01:08 -08:00 |
|
Pete Bryan
|
e5794b6cd0
|
Updated imFileEvent schema
|
2021-11-17 20:30:29 -08:00 |
|
v-rucdu
|
220d843b3e
|
Merge pull request #3115 from Azure/v-maudan/CiscoUmbrealla_VersionUpdate
Updated Cisco Umbrella connector code to support Version 5 and Version 6
|
2021-11-17 15:40:23 +05:30 |
Ofer Shezaf
|
1e6dad5527
|
Merge pull request #3438 from Azure/dev/normalization/dns-schema-update
DNS parser updated for schema 1.3
|
2021-11-17 10:03:58 +02:00 |
Ron Marsiano
|
5265ba093d
|
updating ValidConnectorIds.json to support Guard Duty
|
2021-11-16 09:42:41 +02:00 |
Ofer Shezaf
|
121a7be6d1
|
Updating custom testing for imDns
|
2021-11-11 13:01:41 +02:00 |
Scott Craig
|
988ae57081
|
Fix field name and alert severity
|
2021-11-05 13:36:29 -04:00 |
|
Scott Craig
|
adb4b6ad60
|
Add CiscoSecureEndpoint_CL json
|
2021-11-05 13:30:28 -04:00 |
|
Scott Craig
|
a3088e2270
|
Added CSE to valid connectors
|
2021-11-05 13:03:41 -04:00 |
Rhea Bansal
|
ecc8eceb80
|
updating with custom table
|
2021-11-04 16:33:31 -07:00 |
|
Rhea Bansal
|
4b60703e8d
|
adding connectorID to ValidConnectorsIds
|
2021-11-04 13:44:53 -07:00 |
|
v-jayakal
|
c1b9e8b211
|
Merge pull request #3237 from cyberpion-yizhar/cyberpion-add-acknowledgment-fields
add is_acknowledged, acknowledged_by, acknowledged_reason, acknowledg…
|
2021-11-01 15:24:40 -07:00 |
|
Pete Bryan
|
a94c71d6ab
|
Fixed localized URIs and added IdentityInfo table info
|
2021-10-27 17:49:31 -07:00 |
|
v-jayakal
|
149427e1aa
|
Merge pull request #2939 from NikitaGrunskyHolm/holmsecurity
Files to deploy azure function
|
2021-10-26 23:30:00 -07:00 |
|
Pete Bryan
|
c1e1dcc101
|
Added test exclusion for valid KQL
Updated SailPoint queries with kind tags
|
2021-10-26 11:31:12 -07:00 |
|
v-jayakal
|
6a079840dc
|
Merge pull request #3179 from sailpoint-tech-partner-eng/SailPointIdentityNow
SailPoint IdentityNow
|
2021-10-26 03:07:36 -07:00 |
Pete Bryan
|
3255dee7d1
|
Merge pull request #3290 from Azure/pebryan/102221_CrossTenantActivity
Pushing despite failed tests as tests don't recognize valid KQL plugin ipv4_lookup
|
2021-10-24 23:40:31 -07:00 |
|
Pete Bryan
|
f877ee61f9
|
Adding BehaviorAnalytics to valid tables
|
2021-10-24 23:36:09 -07:00 |
|
ShaniFelig
|
d1f80735fc
|
Update AnalyticsTemplateConverter.cs
|
2021-10-25 08:25:03 +03:00 |
|
ShaniFelig
|
774bb5647b
|
Update AnalyticsTemplateConverter.cs
|
2021-10-25 08:16:11 +03:00 |
ShaniFelig
|
7f1e095c1a
|
change error message
|
2021-10-24 18:18:37 +03:00 |
|
Amit Bergman
|
9f3f6e68c7
|
Update AlertRuleKind.cs
|
2021-10-24 16:26:38 +03:00 |
|
ShaniFelig
|
3edd509ed8
|
Merge pull request #3076 from Azure/t-shfeli/addSupportForNrtTemplates
attribute folder, add queryBased + nrt data models
|
2021-10-24 16:05:02 +03:00 |
gitj121
|
b7a8cb6178
|
Adding CustomTable for CoreAzureBackup
|
2021-10-21 11:03:13 -07:00 |
Prashant Kagwad
|
ac5cf6da3d
|
SailPoint IdentityNow Updates
|
2021-10-20 08:39:58 -05:00 |
|
ShaniFelig
|
8977dc3171
|
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel into t-shfeli/addSupportForNrtTemplates
|
2021-10-20 13:30:53 +03:00 |
|
ShaniFelig
|
a1215aa4d0
|
fix per comment
|
2021-10-19 10:01:03 +03:00 |
yizhar
|
f63920eb8b
|
add is_acknowledged, acknowledged_by, acknowledged_reason, acknowledged_date to action item's fields
|
2021-10-18 10:18:37 +03:00 |
v-maudan
|
a69c7a023b
|
Updated custom table name to fix PR KQL validation
|
2021-10-18 09:58:43 +05:30 |
|
ShaniFelig
|
60ffeda2a6
|
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel into t-shfeli/addSupportForNrtTemplates
|
2021-10-17 14:56:22 +03:00 |
|
ShaniFelig
|
29fe3d8f10
|
update data models for kind property + json converter generic draft
|
2021-10-17 14:56:02 +03:00 |
|
v-jayakal
|
a778b2b5d8
|
Merge pull request #3113 from socprime/ImpervaCloudWAF_parse_CEF_inside_function
ImpervaCloudWAF: add CEF parsing inside the function
|
2021-10-14 19:48:30 -07:00 |
|
ShaniFelig
|
031e839c09
|
working draft with hardcoded dictionary + activator.createinstance
|
2021-10-14 15:38:57 +03:00 |
|
ShaniFelig
|
235fa96296
|
working draft with json converter
|
2021-10-14 12:47:48 +03:00 |
|
v-jayakal
|
2fb52d9c72
|
Merge pull request #3101 from socprime/Bitglass
Bitglass Data Connector
|
2021-10-13 22:29:41 -07:00 |
|
v-jayakal
|
a273771062
|
Merge pull request #3147 from Azure/SecurityRegulatoryCompliance
Create SecurityRegulatoryCompliance.json
|
2021-10-13 22:12:43 -07:00 |
|
v-jayakal
|
43dea2f039
|
Merge pull request #3162 from socprime/TheHive
TheHive: first commit
|
2021-10-13 22:09:26 -07:00 |
|
ShaniFelig
|
6846235f7d
|
Merge branch 'master' of https://github.com/Azure/Azure-Sentinel into t-shfeli/addSupportForNrtTemplates
|
2021-10-12 15:22:08 +03:00 |
Luke Fritz
|
f1fae178ae
|
Fix spelling errors in file event schema
|
2021-10-12 00:08:20 -05:00 |
|
v-jayakal
|
7e170ba95c
|
Merge pull request #3169 from quantum-sec/fix/custom-table-json
Fix JSON parsing issues in custom table definitions
|
2021-10-10 22:51:38 -07:00 |
|
v-jayakal
|
53544b249e
|
Merge pull request #3047 from socprime/TrendMicroCAS
TrendMicroCAS:first commit
|
2021-10-09 19:19:25 -07:00 |
|
v-jayakal
|
23492a92a6
|
Merge pull request #3055 from adarshb20/master
Awake Security - Azure Sentinel Solution
|
2021-10-06 22:39:57 -07:00 |
|
v-jayakal
|
0702ec5655
|
Merge pull request #2995 from armorblox/master
Data Connector for Armorblox Solution
|
2021-10-06 06:04:03 -07:00 |
|
Prashant Kagwad
|
9c3c6ad4bf
|
SailPoint IdentityNow
|
2021-10-05 17:30:56 -05:00 |
|
Luke Fritz
|
98a07ccb9f
|
Remove BOM from Corelight table definition
|
2021-10-04 17:39:51 -05:00 |
|
Luke Fritz
|
b785afea88
|
Remove trailing comma; fix mixed tabs and spaces
|
2021-10-04 17:38:12 -05:00 |
|
v-maudan
|
477b03e322
|
Updated function code and added latest sample data
|
2021-10-04 19:15:17 +05:30 |
Alex Verbniak
|
cd5802e5ab
|
TheHive: first commit
|
2021-10-04 14:34:46 +03:00 |
|
v-rucdu
|
b6cb23d9ff
|
Merge pull request #2728 from Azure/v-maudan/QualysVM_V2
Qualys VM v2 data connector, workbook , detection
|
2021-10-04 12:27:53 +05:30 |
|
TJ Banasik
|
5851d62165
|
Create SecurityRegulatoryCompliance.json
|
2021-10-01 08:14:41 -04:00 |
|
Alex Verbniak
|
739acb1308
|
Bitglass: fixes
|
2021-09-30 11:09:17 +03:00 |
Offir Shvartz
|
bdf622b995
|
Update kql validation nuget to include Security Incident as part of the build in tables (#3127)
* c
* c
Co-authored-by: Offir Shvartz <ofshvart@microsoft.com>
|
2021-09-29 14:51:40 +03:00 |
|
Alex Verbniak
|
ce8b26587d
|
ImpervaCloudWAF: add CEF parsing inside function
|
2021-09-27 11:29:33 +03:00 |
aprakash13
|
488ce96eff
|
Merge pull request #2647 from socprime/gcp_iam_content
GCP IAM Content
|
2021-09-25 17:31:20 -07:00 |
|
Alex Verbniak
|
6081c5e595
|
Bitglass: first commit
|
2021-09-24 11:41:28 +03:00 |
|
aprakash13
|
973946abe8
|
Merge pull request #3085 from Azure/CustomTables_Feed
CustomTables_Feed
|
2021-09-23 12:18:40 -07:00 |
|
TJ Banasik
|
4412cd3c5c
|
SecurityRecommendation Update
|
2021-09-23 07:49:14 -04:00 |
|
v-rucdu
|
3ed23b25ed
|
Merge pull request #2889 from socprime/oci_logs_connector
OCI data connector
|
2021-09-23 16:53:04 +05:30 |
|
TJ Banasik
|
5f5c23ef8c
|
Update InformationProtectionLogs_CL.json
|
2021-09-21 13:35:16 -04:00 |
|
TJ Banasik
|
d52336b6ab
|
Update SecurityRecommendation.json
|
2021-09-21 13:04:47 -04:00 |
|
TJ Banasik
|
9ef52a896c
|
CustomTables_Feed
SecurityIncident
InformationProtectionLogs_CL
SecurityRecommendation
CMMCPolicyMapping
|
2021-09-20 15:38:11 -04:00 |
|
v-rucdu
|
65b413a737
|
Merge pull request #2736 from sonraisecurity/master
Created Sonrai Security Solution for Azure Sentinel
|
2021-09-20 19:16:20 +05:30 |
adarshb20
|
a29146f8c6
|
Added Awake's connector Id to ValidConnectorIds.json
|
2021-09-20 11:45:11 +05:30 |
|
ShaniFelig
|
ab17684a97
|
fix missing bracket
|
2021-09-19 16:41:37 +03:00 |
|
ShaniFelig
|
20eca6a0e0
|
attribute folder, add queryBased + nrt data models
|
2021-09-19 14:24:00 +03:00 |
|
aprakash13
|
825a9d8da3
|
Update SecurityNestedRecommendation.json
Adding VulnerabilityId column that was missed earlier
|
2021-09-16 18:20:13 -07:00 |