Azure-Sentinel/Solutions/Dynamics 365/Package/createUiDefinition.json

{
  "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#",
  "handler": "Microsoft.Azure.CreateUIDef",
  "version": "0.1.2-preview",
  "parameters": {
    "config": {
      "isWizard": false,
      "basics": {
        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/DynamicsLogo.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Dynamics 365](https://dynamics.microsoft.com) continuous Threat Monitoring Solution for Microsoft Sentinel provides you with ability to collect Dynamics 365 CRM logs, gain visibility of activities within Dynamics 365 and analyze them to detect threats and malicious activities. You can view admin, user and support activities, as well as Microsoft Social Engagement logging events data in workbooks, use it to create custom alerts, and improve your investigation process.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\n a. [Office 365 Management APIs](https://docs.microsoft.com/office/office-365-management-api/office-365-management-apis-overview)\n\n**Data Connectors:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
        "subscription": {
          "resourceProviders": [
            "Microsoft.OperationsManagement/solutions",
            "Microsoft.OperationalInsights/workspaces/providers/alertRules",
            "Microsoft.Insights/workbooks",
            "Microsoft.Logic/workflows"
          ]
        },
        "location": {
          "metadata": {
            "hidden": "Hiding location, we get it from the log analytics workspace"
          },
          "visible": false
        },
        "resourceGroup": {
          "allowExisting": true
        }
      }
    },
    "basics": [
      {
        "name": "getLAWorkspace",
        "type": "Microsoft.Solutions.ArmApiControl",
        "toolTip": "This filters by workspaces that exist in the Resource Group selected",
        "condition": "[greater(length(resourceGroup().name),0)]",
        "request": {
          "method": "GET",
          "path": "[concat(subscription().id,'/providers/Microsoft.OperationalInsights/workspaces?api-version=2020-08-01')]"
        }
      },
      {
        "name": "workspace",
        "type": "Microsoft.Common.DropDown",
        "label": "Workspace",
        "placeholder": "Select a workspace",
        "toolTip": "This dropdown will list only workspace that exists in the Resource Group selected",
        "constraints": {
          "allowedValues": "[map(filter(basics('getLAWorkspace').value, (filter) => contains(toLower(filter.id), toLower(resourceGroup().name))), (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]",
          "required": true
        },
        "visible": true
      }
    ],
    "steps": [
      {
        "name": "dataconnectors",
        "label": "Data Connectors",
        "bladeTitle": "Data Connectors",
        "elements": [
          {
            "name": "dataconnectors1-text",
            "type": "Microsoft.Common.TextBlock",
            "options": {
              "text": "This solution installs the data connector for ingesting Dynamics 365 CRM logs into Microsoft Sentinel. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
            }
          },
          {
            "name": "dataconnectors-link2",
            "type": "Microsoft.Common.TextBlock",
            "options": {
              "link": {
                "label": "Learn more about connecting data sources",
                "uri": "https://docs.microsoft.com/azure/sentinel/connect-data-sources"
              }
            }
          }
        ]
      }
    ],
    "outputs": {
      "workspace-location": "[first(map(filter(basics('getLAWorkspace').value, (filter) => and(contains(toLower(filter.id), toLower(resourceGroup().name)),equals(filter.name,basics('workspace')))), (item) => item.location))]",
      "location": "[location()]",
      "workspace": "[basics('workspace')]"
    }
  }
}