257 строки
8.1 KiB
JSON
257 строки
8.1 KiB
JSON
{
|
|
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
|
"contentVersion": "1.0.0.0",
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"variables": {},
|
|
"resources": [
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventEmpty",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventEmpty/FileEventEmpty.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventGeneric",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventGeneric/FileEventGeneric.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventLinuxSysmonFileCreated",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventLinuxSysmonFileCreated/FileEventLinuxSysmonFileCreated.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventLinuxSysmonFileDeleted",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventLinuxSysmonFileDeleted/FileEventLinuxSysmonFileDeleted.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventM365D",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventM365D/FileEventM365D.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftBlobStorage",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftBlobStorage/FileEventMicrosoftBlobStorage.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftFileStorage",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftFileStorage/FileEventMicrosoftFileStorage.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftQueueStorage",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftQueueStorage/FileEventMicrosoftQueueStorage.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftSharePoint",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftSharePoint/FileEventMicrosoftSharePoint.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftSysmonFileCreated",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftSysmonFileCreated/FileEventMicrosoftSysmonFileCreated.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftSysmonFileDeleted",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftSysmonFileDeleted/FileEventMicrosoftSysmonFileDeleted.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "Microsoft.Resources/deployments",
|
|
"apiVersion": "2020-10-01",
|
|
"name": "linkedFileEventMicrosoftTableStorage",
|
|
"properties": {
|
|
"mode": "Incremental",
|
|
"templateLink": {
|
|
"uri": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Parsers/ASimFileEvent/ARM/FileEventMicrosoftTableStorage/FileEventMicrosoftTableStorage.json",
|
|
"contentVersion": "1.0.0.0"
|
|
},
|
|
"parameters": {
|
|
"workspaceName": {
|
|
"value": "[parameters('workspaceName')]"
|
|
},
|
|
"location": {
|
|
"value": "[parameters('location')]"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"outputs": {}
|
|
}
|