Azure-Sentinel/Sample Data/Custom
Devika Mehra ce4e48d6c7
Adding new ASim Network Parser for Cisco Meraki (#5127)
* Adding new ASim Network Parser for Cisco Meraki

* [ASIM Parsers] Generate deployable ARM templates from KQL function YAML files.

Co-authored-by: github-actions[bot] <>
2022-05-26 14:02:27 +05:30
..
Group IB TIA Sanitizing email, name 2021-08-02 12:33:03 +05:30
ABNORMAL_CASES_CL.json sanitized emails 2021-10-11 16:12:58 +08:00
ABNORMAL_THREAT_MESSAGES_CL.json sanitised more emails 2021-10-11 16:19:24 +08:00
AIShield_CL.json Bosch AIShield connector, parser, Analytics Rules 2021-12-17 19:04:46 +05:30
AIX_Audit_CL.json * Regenerated input data and sent it to Azure Sentinel due to the required field name changes 2021-09-10 01:07:01 -05:00
ARGOS_CL.json clean up sample data 2022-01-25 11:39:52 +11:00
ApacheHTTPServer_CL.json Apache HTTP Server Data Connector (#1373) 2020-12-08 17:32:56 -08:00
ApigeeX_CL.json apigeex - add sample data 2021-10-27 18:39:30 +03:00
Armorblox_CL.json added date_t update 2022-02-16 21:05:24 +05:30
BSMmacOS_CL.json NXLog BSM macOS (Custom) data connector 2021-01-07 12:35:54 -06:00
BetterMTDAppLog_CL.csv Added BETTER MTD sample data for each custom logs 2020-10-13 22:59:36 +04:00
BetterMTDAppLog_CL.json Added json sample BETTER MTD data 2020-10-28 11:35:36 +03:00
BetterMTDDeviceLog_CL.csv Added BETTER MTD sample data for each custom logs 2020-10-13 22:59:36 +04:00
BetterMTDDeviceLog_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
BetterMTDIncidentLog_CL.csv Added BETTER MTD sample data for each custom logs 2020-10-13 22:59:36 +04:00
BetterMTDIncidentLog_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
BetterMTDNetflowLog_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
BitglassLogs_CL.json Bitglass: first commit 2021-09-24 11:41:28 +03:00
BoxEvents_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
CarbonBlackAuditLogs_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
CarbonBlackEvents_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
CarbonBlackNotifications_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
CiscoDuo_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
CiscoMerakiNativePoller_CL.json Adding new ASim Network Parser for Cisco Meraki (#5127) 2022-05-26 14:02:27 +05:30
CiscoSecureEndpoint_CL.json cisco se - add sample data 2021-10-04 18:55:57 +03:00
Cisco_Umbrella_cloudfirewall_CL.json Cisco umbrella connector (#1261) 2020-11-13 07:16:25 -08:00
Cisco_Umbrella_dns_CL.json Cisco umbrella connector (#1261) 2020-11-13 07:16:25 -08:00
Cisco_Umbrella_ip_CL.json Cisco umbrella connector (#1261) 2020-11-13 07:16:25 -08:00
Cisco_Umbrella_proxy_CL.json Updated function code and added latest sample data 2021-10-04 19:15:17 +05:30
Cloudflare_CL.json cloudflare - updated sample data 2021-03-19 17:52:16 +02:00
CognniIncidents_CL.json Add Cognni data connector including: 2021-02-22 10:43:16 +02:00
Confluence_Audit_CL.json ConfluenceAudit: table schema,parser,samples 2021-03-22 15:34:21 +02:00
Corelight_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
CrowdstrikeReplicatorLogs_CL.json CrowdstrikeFDR: Samples,parser,table-schema 2021-03-09 12:33:14 +02:00
CyberArkEPM_CL.json CyberArkEPM: sample and parser upd 2022-03-28 12:38:18 +03:00
CyberpionActionItems_CL.json add is_acknowledged, acknowledged_by, acknowledged_reason, acknowledged_date to action item's fields 2021-10-18 10:18:37 +03:00
DNS_Logs_CL.json NXLog LinuxAudit data connector: Initial Commit (#1280) 2020-12-01 23:44:20 -08:00
DSMAzureBlobStorageLogs.json Add RequesterObjectId to the schema 2022-01-18 12:48:14 +02:00
DSMDataClassificationLogs.json Update DSTIM workbook to work with injectes log analytics queries 2022-01-03 23:07:23 +02:00
DSMDataLabelingLogs.json Update DSTIM workbook to work with injectes log analytics queries 2022-01-03 23:07:23 +02:00
DuoSecurityAdministrator_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
DuoSecurityAuthentication_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
DuoSecurityOfflineEnrollment_CL.json adding sample data 2021-02-19 15:54:16 +00:00
DuoSecurityTelephony_CL.json adding sample data 2021-02-19 15:54:16 +00:00
DuoSecurityTrustMonitor_CL.json Sanitizing Email & Name. 2021-07-30 17:21:22 +05:30
ESETEnterpriseInspector_CL.csv Add ESET Enterprise Inspector REST API connector (#1417) 2020-12-11 15:58:33 -08:00
ESETEnterpriseInspector_CL.json Add ESET Enterprise Inspector REST API connector (#1417) 2020-12-11 15:58:33 -08:00
ElasticAgentLogs_CL.json elastic agent - add sample data 2021-09-24 15:37:42 +03:00
Firework_CL.json Solutions: Add Flare Systems Firework connector 2021-05-20 16:23:40 -04:00
ForcepointDLPEvents_CL.json update custom file name (#660) 2020-05-06 15:39:58 -07:00
GCP_DNS_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
GCP_IAM_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
GCP_MONITORING_CL.json gcp monitor - update sample data 2021-06-22 11:33:16 +03:00
GWorkspace_ReportsAPI_admin_CL.json GWorkspace-update samples 2021-08-20 11:25:06 +03:00
GWorkspace_ReportsAPI_calendar_CL.json GWorkspace: fix sampl_sanitization 2021-08-27 09:55:49 +03:00
GWorkspace_ReportsAPI_drive_CL.json GWorkspace-update samples 2021-08-20 11:25:06 +03:00
GWorkspace_ReportsAPI_login_CL.json GWorkspace-update samples 2021-08-20 11:25:06 +03:00
GWorkspace_ReportsAPI_mobile_CL.json GWorkspace-update samples 2021-08-20 11:25:06 +03:00
GWorkspace_ReportsAPI_token_CL.json GWorkspace: fix sampl_sanitization 2021-08-27 09:55:49 +03:00
GWorkspace_ReportsAPI_user_accounts_CL.json GWorkspace-update samples 2021-08-20 11:25:06 +03:00
ImpervaWAFCloud_CL.json ImpervaWAFCloud: sanitize sample 2021-10-06 14:25:46 +03:00
InfoSecAnalytics_CL.csv add sample data for InfoSecGlobal 2021-10-04 10:19:13 +02:00
JBossLogs_CL.json jboss - add sample data 2021-09-30 17:11:45 +03:00
Jira_Audit_CL.json JiraAudit: data sample 2021-01-28 16:47:35 +02:00
JuniperIDP_CL.json JuniperIDP: data connector, parser, samples 2021-06-07 12:02:25 +03:00
LastPassNativePoller_CL.csv Update Sample Data 2022-03-08 09:20:01 +01:00
LastPassNativePoller_CL.csv.bak Update Sample Data 2022-03-08 09:20:01 +01:00
LinuxAudit_CL.json NXLog LinuxAudit data connector: Initial Commit (#1280) 2020-12-01 23:44:20 -08:00
Lookout_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
NCProtectUAL_CL.csv Update sample data in csv 2021-04-14 13:12:24 +05:30
NCProtectUAL_CL.json Sanitizing Email & Name. 2021-07-30 17:21:22 +05:30
NGINX_CL.json Added NGINX data connector 2021-01-20 14:14:14 +02:00
NXLog_DNS_Server_CL.json Renamed the parser from NXLog_parsed_DNS_Server_ASim_view to ASimDnsMicrosoftNXLog 2021-10-04 08:55:10 -05:00
Netskope_CL.json ACN_CD_Netskope_DataConnector01 (#1313) 2020-11-24 14:29:06 -08:00
NexposeInsightVMCloud_assets_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
NexposeInsightVMCloud_vulnerabilities_CL.json InsightVMCloud: data_connector,parsers,datasamples 2021-06-17 15:09:20 +03:00
OCI_Logs_CL.json oci connector - update sample data 2021-09-09 13:49:40 +03:00
Okta_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
OracleWebLogicServer_CL.json oracle web logic server - rename sample file 2021-03-31 10:41:41 +03:00
OrcaAlerts_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
PaloAltoPrismaCloudAlert_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
PaloAltoPrismaCloudAudit_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
ProofPointTAPClicksBlocked_CL_sample_data.json sanitized email 2021-08-02 18:20:14 +05:30
ProofPointTAPClicksPermitted_CL_sample_data.json sanitized email 2021-08-02 18:20:14 +05:30
ProofPointTAPMessagesBlocked_CL_sample_data.json sanitized email 2021-08-02 18:20:14 +05:30
ProofPointTAPMessagesDelivered_CL_sample_data.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
ProofpointPOD_maillog_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
ProofpointPOD_message_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
QualysHostDetection_CL.json ACNCD_Custom_DataConnector_v2 (#729) 2020-06-19 14:00:16 -07:00
QualysKB_CL.json qualys KB parser 2020-12-04 22:56:36 -08:00
ReadMe.md Structuring sample data 2020-05-01 07:15:41 -07:00
RedCanaryDetections_CL.json Add sample data 2022-01-05 15:21:34 -05:00
SailPointIDN_Events_CL.json PR Changes 2022-04-05 14:17:50 -05:00
SailPointIDN_Triggers_CL.json PR Updates 2022-04-06 11:37:17 -05:00
SalesforceServiceCloud_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
SecurityBridgeLogs_CL.json Resolved errors in the workbook, logo and sample data 2022-01-24 02:09:56 +05:00
SenservaPro_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
SentinelOne_CL.json SentinelOne: Samples+ fixes 2021-03-30 15:40:18 +03:00
SlackAuditNativePoller_CL.json merge from master 2021-12-08 17:13:09 +02:00
SlackAudit_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
Snowflake_CL.json snowflake - add sample data 2021-10-01 14:02:04 +03:00
Sonrai_Tickets_CL.csv Added new sample data file in csv format 2021-09-13 14:25:09 -03:00
Sonrai_Tickets_CL.json Requested changes 2021-08-12 14:23:08 -03:00
SophosCloudOptix_CL.json Sophos cloud optix (#1391) 2020-12-08 08:27:37 -08:00
SophosEP_CL.json Sophos EP - update sample data 2021-07-01 16:47:51 +03:00
SophosXGFirewall.json ACNCD_DataConnectors_final (#767) 2020-07-07 15:25:53 -07:00
SquidProxy.json Squid Proxy Connector (#1231) 2020-11-10 17:08:31 -08:00
Tenable_IO_Assets_CL.json Committing Tenable.io Data Connector and Parser. 2021-08-09 12:36:47 -05:00
Tenable_IO_Vuln_CL.json Committing Tenable.io Data Connector and Parser. 2021-08-09 12:36:47 -05:00
TheHive_CL.json TheHive: first commit 2021-10-04 14:34:46 +03:00
Tomcat_CL.json tomcat - add sample data 2021-03-22 13:17:36 +02:00
TrendMicroCAS_CL.json TrendMicroCAS:first commit 2021-09-16 15:57:58 +03:00
TrendMicro_XDR_Health_Check_CL.json Fix sample data format. 2022-01-10 17:20:45 +08:00
TrendMicro_XDR_OAT_CL.json Update new version sample data. 2022-02-09 21:43:39 +08:00
TrendMicro_XDR_OAT_Health_Check_CL.json Fix sample data format. 2022-01-10 17:20:45 +08:00
TrendMicro_XDR_RCA_Result_CL.json Update new version data connector. 2022-01-10 15:09:16 +08:00
TrendMicro_XDR_RCA_Task_CL.json Update new version data connector. 2022-01-10 15:09:16 +08:00
TrendMicro_XDR_WORKBENCH_CL.json Update sample email to sanitized@sanitized.com. 2022-01-10 17:33:27 +08:00
UbiquitiAuditEvent.json ubiquiti - added sample data 2021-03-12 16:51:23 +02:00
Workplace_Facebook_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
ZPA_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
ZimperiumMitigationLog_CL.csv Modify sample data file names to match their data types (#656) 2020-05-06 00:39:46 -07:00
ZimperiumMitigationLog_CL.json Modify sample data file names to match their data types (#656) 2020-05-06 00:39:46 -07:00
ZimperiumThreatLog_CL.csv Modify sample data file names to match their data types (#656) 2020-05-06 00:39:46 -07:00
ZimperiumThreatLog_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
Zoom_CL.json Sanitizing email, name 2021-08-02 12:33:03 +05:30
alcide_kaudit_activity_1_CL.json move files in right folders (#642) 2020-05-04 06:11:31 -07:00
alcide_kaudit_detections_1_CL.json move files in right folders (#642) 2020-05-04 06:11:31 -07:00
alcide_kaudit_selections_count_1_CL.json move files in right folders (#642) 2020-05-04 06:11:31 -07:00
alcide_kaudit_selections_details_1_CL.json move files in right folders (#642) 2020-05-04 06:11:31 -07:00
beSECURE_Audit_CL.json Beyond Security beSECURE patch (#745) 2020-07-01 16:48:34 -07:00
beSECURE_ScanEvent_CL.json Beyond Security beSECURE patch (#745) 2020-07-01 16:48:34 -07:00
beSECURE_ScanResults_CL.json Beyond Security beSECURE patch (#745) 2020-07-01 16:48:34 -07:00
net_assets_CL.json added sample data and all files were moved to Solutions folder. 2021-09-09 11:42:06 +02:00
secRMM_CL.json Modify sample data file names to match their data types (#656) 2020-05-06 00:39:46 -07:00
vmray_emails_CL.json sample data: Replace all email adresses with 'sanitize@sanitize.com' 2021-08-18 13:37:38 +02:00
web_assets_CL.json added sample data and all files were moved to Solutions folder. 2021-09-09 11:42:06 +02:00

ReadMe.md

About

This folder tracks sample data of custom format and can be pushed to Azure Log Analytics Custom logs