Core functionality (#1)

README.md

@@ -1,14 +1,11 @@
+# Security and Management Insights Connector
 
-# Contributing
+This connector is still under development, which mean function signatures could change without notice. As work continues additional documentation and features will be added. 
 
-This project welcomes contributions and suggestions.  Most contributions require you to agree to a
-Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
+## Contributing
 
-When you submit a pull request, a CLA bot will automatically determine whether you need to provide
-a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
-provided by the bot. You will only need to do this once across all repos using our CLA.
+This project welcomes contributions and suggestions.  Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit <https://cla.opensource.microsoft.com>.
 
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
-contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.

SecMgmt-Insights-Connector.sln

@@ -0,0 +1,39 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.30204.135
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{406D48B9-EC36-49F3-A89F-761926CB5AA1}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{1A657FB5-C08A-42EC-9966-C0605A99684C}"
+EndProject
+Project("{4DF76451-A46A-4C0B-BE03-459FAAFA07E6}") = "SecMgmtInsights", "src\SecMgmtInsights\SecMgmtInsights.mproj", "{A7D11851-1E6A-4C9E-9E63-D007A50CD38B}"
+EndProject
+Project("{4DF76451-A46A-4C0B-BE03-459FAAFA07E6}") = "SecMgmtInsights.PowerShell", "src\SecMgmtInsights.PowerShell\SecMgmtInsights.PowerShell.mproj", "{B35ED3A4-09B3-48FC-BBCE-4A1FD36A0571}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x86 = Debug|x86
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{A7D11851-1E6A-4C9E-9E63-D007A50CD38B}.Debug|x86.ActiveCfg = Debug|x86
+		{A7D11851-1E6A-4C9E-9E63-D007A50CD38B}.Debug|x86.Build.0 = Debug|x86
+		{A7D11851-1E6A-4C9E-9E63-D007A50CD38B}.Release|x86.ActiveCfg = Release|x86
+		{A7D11851-1E6A-4C9E-9E63-D007A50CD38B}.Release|x86.Build.0 = Release|x86
+		{B35ED3A4-09B3-48FC-BBCE-4A1FD36A0571}.Debug|x86.ActiveCfg = Debug|x86
+		{B35ED3A4-09B3-48FC-BBCE-4A1FD36A0571}.Debug|x86.Build.0 = Debug|x86
+		{B35ED3A4-09B3-48FC-BBCE-4A1FD36A0571}.Release|x86.ActiveCfg = Release|x86
+		{B35ED3A4-09B3-48FC-BBCE-4A1FD36A0571}.Release|x86.Build.0 = Release|x86
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{A7D11851-1E6A-4C9E-9E63-D007A50CD38B} = {406D48B9-EC36-49F3-A89F-761926CB5AA1}
+		{B35ED3A4-09B3-48FC-BBCE-4A1FD36A0571} = {406D48B9-EC36-49F3-A89F-761926CB5AA1}
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {826393DF-0200-4655-BBC5-16A88740CF8B}
+	EndGlobalSection
+EndGlobal

repo.props

@@ -0,0 +1,10 @@
+<Project>
+
+  <!-- Custom -->
+  <PropertyGroup>
+    <RepoRoot>$(MSBuildThisFileDirectory)</RepoRoot>
+    <RepoSrc>$(RepoRoot)src/</RepoSrc>
+    <RepoArtifacts>$(RepoRoot)artifacts/</RepoArtifacts>
+  </PropertyGroup>
+
+</Project>

src/SecMgmtInsights.PowerShell/SecMgmtInsights.PowerShell.mproj

@@ -0,0 +1,125 @@
+<Project DefaultTargets="BuildExtension" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildThisFileDirectory)..\..\repo.props" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <SchemaVersion>2.0</SchemaVersion>
+    <ProjectGuid>
+    </ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <RootNamespace>MyRootNamespace</RootNamespace>
+    <AssemblyName>MyAssemblyName</AssemblyName>
+    <EnableUnmanagedDebugging>False</EnableUnmanagedDebugging>
+    <AllowNativeQuery>False</AllowNativeQuery>
+    <AsAction>False</AsAction>
+    <FastCombine>False</FastCombine>
+    <ClearLog>False</ClearLog>
+    <ShowEngineTraces>False</ShowEngineTraces>
+    <ShowUserTraces>False</ShowUserTraces>
+    <LegacyRedirects>False</LegacyRedirects>
+    <SuppressRowErrors>False</SuppressRowErrors>
+    <SuppressCellErrors>False</SuppressCellErrors>
+    <MaxRows>1000</MaxRows>
+    <ExtensionProject>Yes</ExtensionProject>
+    <Name>SecMgmtInsights.PowerShell</Name>
+    <OutputPath>$(RepoArtifacts)$(Configuration)\</OutputPath>
+    <PublishDir>$(OutputPath)</PublishDir>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
+    <DebugSymbols>false</DebugSymbols>
+    <!--Should be true, fix this when the debugger is implemented -->
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'Release' ">
+    <DebugSymbols>false</DebugSymbols>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="mscorlib" />
+    <Reference Include="System" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="SecMgmtInsights.PowerShell.pq">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell16.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell20.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell24.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell32.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell40.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell48.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell64.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights.PowerShell80.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="resources.resx">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="api_uri">
+      <SubType>Content</SubType>
+    </Compile>
+    <Compile Include="client_id">
+      <SubType>Content</SubType>
+    </Compile>
+    <Content Include="SecMgmtInsights.PowerShell.query.pq">
+      <SubType>Code</SubType>
+    </Content>
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+  <UsingTask TaskName="BuildExtension" TaskFactory="CodeTaskFactory" AssemblyFile="$(MSBuildToolsPath)\Microsoft.Build.Tasks.v12.0.dll">
+    <ParameterGroup>
+      <InputDirectory ParameterType="System.String" Required="true" />
+      <OutputFile ParameterType="System.String" Required="true" />
+    </ParameterGroup>
+    <Task>
+      <Reference Include="System.IO.Compression" />
+      <Reference Include="System.IO.Compression.FileSystem" />
+      <Using Namespace="System.Globalization" />
+      <Using Namespace="System.IO.Compression " />
+      <Code Type="Fragment" Language="cs"><![CDATA[    
+    using(FileStream fileStream = File.Create(OutputFile))
+    using(ZipArchive archiveOut = new ZipArchive(fileStream, ZipArchiveMode.Create, false))
+    {
+        foreach(string fullPath in Directory.EnumerateFiles(InputDirectory))
+        {
+            string filename = Path.GetFileName(fullPath);
+        
+            archiveOut.CreateEntryFromFile(fullPath, filename, CompressionLevel.Optimal);
+        }
+    }
+]]></Code>
+    </Task>
+  </UsingTask>
+  <Target Name="BuildExtension" DependsOnTargets="ExtensionClean">
+    <ItemGroup>
+      <PQFiles Include="@(Compile)" Condition="'%(Extension)' == '.pq'" />
+    </ItemGroup>
+    <ItemGroup>
+      <NonPQFiles Include="@(Compile)" Condition="'%(Extension)' != '.pq'" />
+    </ItemGroup>
+    <MakeDir Directories="$(IntermediateOutputPath)" />
+    <MakeDir Directories="$(OutputPath)" />
+    <Copy SourceFiles="@(NonPQFiles)" DestinationFolder="$(IntermediateOutputPath)" />
+    <Copy SourceFiles="@(PQFiles)" DestinationFiles="@(PQFiles->'$(IntermediateOutputPath)%(RecursiveDir)%(FileName).m')" />
+    <BuildExtension InputDirectory="$(IntermediateOutputPath)" OutputFile="$(OutputPath)\$(ProjectName).mez" />
+  </Target>
+  <Target Name="ExtensionClean">
+    <!-- Remove obj folder -->
+    <RemoveDir Directories="$(BaseIntermediateOutputPath)" />
+    <!-- Remove bin folder -->
+    <RemoveDir Directories="$(OutputPath)" />
+  </Target>
+</Project>

src/SecMgmtInsights.PowerShell/SecMgmtInsights.PowerShell.pq

@@ -0,0 +1,196 @@
+section SecMgmtInsights.PowerShell;
+
+// Global Variables
+
+api_uri = Text.FromBinary(Extension.Contents("api_uri"));
+authorize_uri = "https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize";
+client_id = Text.FromBinary(Extension.Contents("client_id")); 
+logout_uri = "https://login.microsoftonline.com/logout.srf";
+redirect_uri = "https://oauth.powerbi.com/views/oauthredirect.html";
+token_uri = "https://login.microsoftonline.com/organizations/oauth2/v2.0/token";
+
+// Data Source Kind description
+
+SecMgmtInsights.PowerShell = [
+    Authentication = [
+        OAuth = [
+            FinishLogin = FinishLogin,
+            Logout = Logout,
+            Refresh = Refresh,
+            StartLogin = StartLogin
+        ]
+    ],
+    Label = Extension.LoadString("DataSourceLabel")
+];
+
+// Data Source UI publishing description
+
+SecMgmtInsights.PowerShell.Publish = [
+    Beta = true,
+    Category = "Other",
+    ButtonText = { Extension.LoadString("ButtonTitle"), Extension.LoadString("ButtonHelp") },
+    LearnMoreUrl = "https://github.com/microsoft/secmgmt-insights-connector",
+    SourceImage = SecMgmtInsights.PowerShell.Icons,
+    SourceTypeImage = SecMgmtInsights.PowerShell.Icons
+];
+
+SecMgmtInsights.PowerShell.Icons = [
+    Icon16 = { Extension.Contents("SecMgmtInsights.PowerShell16.png"), Extension.Contents("SecMgmtInsights.PowerShell20.png"), Extension.Contents("SecMgmtInsights.PowerShell24.png"), Extension.Contents("SecMgmtInsights.PowerShell32.png") },
+    Icon32 = { Extension.Contents("SecMgmtInsights.PowerShell32.png"), Extension.Contents("SecMgmtInsights.PowerShell40.png"), Extension.Contents("SecMgmtInsights.PowerShell48.png"), Extension.Contents("SecMgmtInsights.PowerShell64.png") }
+];
+
+// Authentication
+
+FinishLogin = (context, callbackUri, state) =>
+    let
+        parts = Uri.Parts(callbackUri)[Query],
+        result = if (Record.HasFields(parts, {"error", "error_description"})) then 
+                    error Error.Record(parts[error], parts[error_description], parts)
+                 else
+                    TokenMethod(token_uri, "authorization_code", "code", parts[code])
+    in
+        result;
+
+Logout = (token) => logout_uri;
+
+Refresh = (resourceUrl, refresh_token) => TokenMethod(token_uri, "refresh_token", "refresh_token", refresh_token);
+
+StartLogin = (resourceUrl, state, display) =>
+    let
+        authorizeUrl = authorize_uri & "?" & Uri.BuildQueryString([
+            client_id = client_id,  
+            redirect_uri = redirect_uri,
+            state = state,
+            scope = "offline_access https://graph.microsoft.com/.default",
+            response_type = "code",
+            response_mode = "query",
+            login = "login"
+        ])
+    in
+        [
+            LoginUri = authorizeUrl,
+            CallbackUri = redirect_uri,
+            WindowHeight = 860,
+            WindowWidth = 1024,
+            Context = null
+        ];
+
+TokenMethod = (tokenUri, grantType, tokenField, parameter, optional scope as text) =>
+    let
+        queryString = [
+            client_id = client_id,
+            scope = if (scope <> null) then scope else "offline_access https://graph.microsoft.com/.default",
+            grant_type = grantType,
+            redirect_uri = redirect_uri
+        ],
+        queryWithCode = Record.AddField(queryString, tokenField, parameter),
+
+        tokenResponse = Web.Contents(tokenUri, [
+            Content = Text.ToBinary(Uri.BuildQueryString(queryWithCode)),
+            Headers = [
+                #"Content-type" = "application/x-www-form-urlencoded",
+                #"Accept" = "application/json"
+            ],
+            ManualStatusHandling = {400} 
+        ]),
+        body = Json.Document(tokenResponse),
+        result = if (Record.HasFields(body, {"error", "error_description"})) then 
+                    error Error.Record(body[error], body[error_description], body)
+                 else
+                    body
+    in 
+        result;
+
+// Network
+
+SecMgmtInsights.PowerShell.Request = (tenantId as text) => 
+    let 
+        source = Web.Contents(api_uri,
+            [
+                Headers = [ #"Accept" = "application/json" ], 
+                ManualCredentials = true,
+                ManualStatusHandling = {401},
+                RelativePath = "api/" & tenantId
+            ]), 
+            document = Json.Document(source)
+    in 
+        document;
+
+// Office 365
+
+[DataSource.Kind="SecMgmtInsights.PowerShell"]
+shared SecMgmtInsights.PowerShell.Office365AtpPolicies = (customers as table) =>
+    let
+        configs = SecMgmtInsights.PowerShell.Office365Configs(customers),
+        data = Table.SelectColumns(configs, {"customerId", "AtpPolicyForO365"}),
+        expandedRecord = Table.ExpandRecordColumn(data, "AtpPolicyForO365", {"AdminDisplayName", "TrackClicks", "AllowClickThrough", "EnableSafeLinksForClients", "EnableSafeLinksForWebAccessCompanion", "EnableSafeLinksForO365Clients", "BlockUrls", "EnableATPForSPOTeamsODB", "EnableSafeDocs", "AllowSafeDocsOpen", "Identity", "Id", "IsValid", "Name", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "ExchangeObjectId", "Guid", "ObjectState"}, {"AdminDisplayName", "TrackClicks", "AllowClickThrough", "EnableSafeLinksForClients", "EnableSafeLinksForWebAccessCompanion", "EnableSafeLinksForO365Clients", "BlockUrls", "EnableATPForSPOTeamsODB", "EnableSafeDocs", "AllowSafeDocsOpen", "Identity", "Id", "IsValid", "Name", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "ExchangeObjectId", "Guid", "ObjectState"}),
+        changedType = Table.TransformColumnTypes(expandedRecord, {{"TrackClicks", type logical}, {"AllowClickThrough", type logical}, {"EnableSafeLinksForClients", type logical}, {"EnableSafeLinksForWebAccessCompanion", type logical}, {"EnableSafeLinksForO365Clients", type logical}, {"EnableATPForSPOTeamsODB", type logical}, {"EnableSafeDocs", type logical}, {"AllowSafeDocsOpen", type logical}, {"IsValid", type logical}, {"WhenChanged", type datetimezone}, {"WhenCreated", type datetimezone}, {"WhenChangedUTC", type datetimezone}, {"WhenCreatedUTC", type datetimezone}})
+    in
+        changedType;
+
+[DataSource.Kind="SecMgmtInsights.PowerShell", Publish="SecMgmtInsights.PowerShell.Publish"]
+shared SecMgmtInsights.PowerShell.Office365Configs = (customers as table) =>
+    let 
+        GetData = (tenantId as text) => 
+            let 
+                source = SecMgmtInsights.PowerShell.Request("tenant/" & tenantId & "/office365data")
+            in 
+                source,
+
+        columnsRemoved = Table.RemoveColumns(customers, {"id", "deletedDateTime", "contractType", "defaultDomainName", "displayName"}),
+        data = Table.AddColumn(columnsRemoved, "Custom", each try GetData([customerId]) otherwise null),
+        expandedCustom = Table.ExpandRecordColumn(data, "Custom", {"MailDetailAtpReport", "MailTrafficAtpReport", "AtpPolicyForO365", "MalwareFilterPolicy", "AdminAuditLogConfig", "AntiPhishPolicy"}, {"MailDetailAtpReport", "MailTrafficAtpReport", "AtpPolicyForO365", "MalwareFilterPolicy", "AdminAuditLogConfig", "AntiPhishPolicy"})
+    in 
+        expandedCustom;
+
+[DataSource.Kind="SecMgmtInsights.PowerShell"]
+shared SecMgmtInsights.PowerShell.AdminAuditLogConfigs = (customers as table) =>
+    let
+        configs = SecMgmtInsights.PowerShell.Office365Configs(customers),
+        data = Table.SelectColumns(configs, {"customerId", "AdminAuditLogConfig"}),
+        expandedRecord = Table.ExpandRecordColumn(data, "AdminAuditLogConfig", {"AdminAuditLogEnabled", "LogLevel", "TestCmdletLoggingEnabled", "AdminAuditLogCmdlets", "AdminAuditLogParameters", "AdminAuditLogExcludedCmdlets", "AdminAuditLogAgeLimit", "LoadBalancerCount", "RefreshInterval", "PartitionInfo", "UnifiedAuditLogIngestionEnabled", "UnifiedAuditLogFirstOptInDate", "AdminDisplayName", "Name", "Identity", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "ExchangeObjectId", "Id", "Guid", "IsValid", "ObjectState"}, {"AdminAuditLogEnabled", "LogLevel", "TestCmdletLoggingEnabled", "AdminAuditLogCmdlets", "AdminAuditLogParameters", "AdminAuditLogExcludedCmdlets", "AdminAuditLogAgeLimit", "LoadBalancerCount", "RefreshInterval", "PartitionInfo", "UnifiedAuditLogIngestionEnabled", "UnifiedAuditLogFirstOptInDate", "AdminDisplayName", "Name", "Identity", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "ExchangeObjectId", "Id", "Guid", "IsValid", "ObjectState"}),
+        changedType = Table.TransformColumnTypes(expandedRecord, {{"AdminAuditLogEnabled", type logical}, {"LoadBalancerCount", Int64.Type}, {"RefreshInterval", Int64.Type}, {"UnifiedAuditLogIngestionEnabled", type logical}, {"UnifiedAuditLogFirstOptInDate", type datetimezone}, {"WhenChanged", type datetimezone}, {"WhenCreated", type datetimezone}, {"WhenChangedUTC", type datetimezone}, {"WhenCreatedUTC", type datetimezone}, {"IsValid", type logical}})
+    in
+        changedType;
+
+[DataSource.Kind="SecMgmtInsights.PowerShell"]
+shared SecMgmtInsights.PowerShell.AntiPhishPolicies = (customers as table) =>
+    let
+        configs = SecMgmtInsights.PowerShell.Office365Configs(customers),
+        data = Table.SelectColumns(configs, {"customerId", "AntiPhishPolicy"}),
+        expandedList = Table.ExpandListColumn(data, "AntiPhishPolicy"),
+        expandedRecord = Table.ExpandRecordColumn(expandedList, "AntiPhishPolicy", {"Enabled", "ImpersonationProtectionState", "EnableTargetedUserProtection", "EnableMailboxIntelligenceProtection", "EnableTargetedDomainsProtection", "EnableOrganizationDomainsProtection", "EnableMailboxIntelligence", "EnableSimilarUsersSafetyTips", "EnableSimilarDomainsSafetyTips", "EnableUnusualCharactersSafetyTips", "TargetedUserProtectionAction", "MailboxIntelligenceProtectionAction", "TargetedDomainProtectionAction", "AuthenticationFailAction", "EnableAntiSpoofEnforcement", "EnableUnauthenticatedSender", "EnableSuspiciousSafetyTip", "PhishThresholdLevel", "TargetedUsersToProtect", "TargetedUserActionRecipients", "MailboxIntelligenceProtectionActionRecipients", "TargetedDomainsToProtect", "TargetedDomainActionRecipients", "ExcludedDomains", "ExcludedSenders", "IsDefault", "AdminDisplayName", "PolicyTag", "RecommendedPolicyType", "Identity", "Id", "IsValid", "Name", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "ExchangeObjectId", "Guid", "ObjectState"}, {"Enabled", "ImpersonationProtectionState", "EnableTargetedUserProtection", "EnableMailboxIntelligenceProtection", "EnableTargetedDomainsProtection", "EnableOrganizationDomainsProtection", "EnableMailboxIntelligence", "EnableSimilarUsersSafetyTips", "EnableSimilarDomainsSafetyTips", "EnableUnusualCharactersSafetyTips", "TargetedUserProtectionAction", "MailboxIntelligenceProtectionAction", "TargetedDomainProtectionAction", "AuthenticationFailAction", "EnableAntiSpoofEnforcement", "EnableUnauthenticatedSender", "EnableSuspiciousSafetyTip", "PhishThresholdLevel", "TargetedUsersToProtect", "TargetedUserActionRecipients", "MailboxIntelligenceProtectionActionRecipients", "TargetedDomainsToProtect", "TargetedDomainActionRecipients", "ExcludedDomains", "ExcludedSenders", "IsDefault", "AdminDisplayName", "PolicyTag", "RecommendedPolicyType", "Identity", "Id", "IsValid", "Name", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "ExchangeObjectId", "Guid", "ObjectState"}),
+        changedType = Table.TransformColumnTypes(expandedRecord,{{"Enabled", type logical}, {"EnableTargetedUserProtection", type logical}, {"EnableMailboxIntelligenceProtection", type logical}, {"EnableTargetedDomainsProtection", type logical}, {"EnableOrganizationDomainsProtection", type logical}, {"EnableMailboxIntelligence", type logical}, {"EnableSimilarUsersSafetyTips", type logical}, {"EnableSimilarDomainsSafetyTips", type logical}, {"EnableUnusualCharactersSafetyTips", type logical}, {"EnableAntiSpoofEnforcement", type logical}, {"EnableUnauthenticatedSender", type logical}, {"EnableSuspiciousSafetyTip", type logical}, {"PhishThresholdLevel", Int64.Type}, {"IsDefault", type logical}, {"IsValid", type logical}, {"WhenChanged", type datetimezone}, {"WhenCreated", type datetimezone}, {"WhenChangedUTC", type datetimezone}, {"WhenCreatedUTC", type datetimezone}})
+   in
+        changedType;
+
+[DataSource.Kind="SecMgmtInsights.PowerShell"]
+shared SecMgmtInsights.PowerShell.MailDetailAtpReport = (customers as table) =>
+    let 
+        configs = SecMgmtInsights.PowerShell.Office365Configs(customers),
+        data = Table.SelectColumns(configs, {"customerId", "MailDetailAtpReport"}),
+        expandedList = Table.ExpandListColumn(data, "MailDetailAtpReport")
+    in
+        expandedList;
+
+[DataSource.Kind="SecMgmtInsights.PowerShell"]
+shared SecMgmtInsights.PowerShell.MailTrafficAtpReport = (customers as table) =>
+    let 
+        configs = SecMgmtInsights.PowerShell.Office365Configs(customers),
+        data = Table.SelectColumns(configs, {"customerId", "MailTrafficAtpReport"}),
+        expandedList = Table.ExpandListColumn(data, "MailTrafficAtpReport"),
+        expandedColumn = Table.ExpandRecordColumn(expandedList, "MailTrafficAtpReport", {"Domain", "Date", "EventType", "Direction", "Action", "MessageCount", "SubType", "PolicySource", "VerdictSource", "DeliveryStatus", "SummarizeBy", "PivotBy", "StartDate", "EndDate", "AggregateBy", "Index"}, {"Domain", "Date", "EventType", "Direction", "Action", "MessageCount", "SubType", "PolicySource", "VerdictSource", "DeliveryStatus", "SummarizeBy", "PivotBy", "StartDate", "EndDate", "AggregateBy", "Index"}),
+        changedType = Table.TransformColumnTypes(expandedColumn, {{"Date", type datetimezone}, {"MessageCount", Int64.Type}, {"StartDate", type datetimezone}, {"EndDate", type datetimezone}, {"Index", Int64.Type}})
+    in
+        changedType;
+
+[DataSource.Kind="SecMgmtInsights.PowerShell"]
+shared SecMgmtInsights.PowerShell.MalwareFilterPolicies = (customers as table) =>
+    let
+        configs = SecMgmtInsights.PowerShell.Office365Configs(customers),
+        data = Table.SelectColumns(configs, {"customerId", "MalwareFilterPolicy"}),
+        expandedList = Table.ExpandListColumn(data, "MalwareFilterPolicy"),
+        expandedRecord = Table.ExpandRecordColumn(expandedList, "MalwareFilterPolicy", {"CustomAlertText", "AdminDisplayName", "CustomInternalSubject", "CustomInternalBody", "CustomExternalSubject", "CustomExternalBody", "CustomFromName", "CustomFromAddress", "InternalSenderAdminAddress", "ExternalSenderAdminAddress", "BypassInboundMessages", "BypassOutboundMessages", "Action", "IsDefault", "CustomNotifications", "EnableInternalSenderNotifications", "EnableExternalSenderNotifications", "EnableInternalSenderAdminNotifications", "EnableExternalSenderAdminNotifications", "EnableFileFilter", "FileTypes", "ZapEnabled", "RecommendedPolicyType", "Name", "Identity", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "Id", "Guid", "IsValid", "ObjectState"}, {"CustomAlertText", "AdminDisplayName", "CustomInternalSubject", "CustomInternalBody", "CustomExternalSubject", "CustomExternalBody", "CustomFromName", "CustomFromAddress", "InternalSenderAdminAddress", "ExternalSenderAdminAddress", "BypassInboundMessages", "BypassOutboundMessages", "Action", "IsDefault", "CustomNotifications", "EnableInternalSenderNotifications", "EnableExternalSenderNotifications", "EnableInternalSenderAdminNotifications", "EnableExternalSenderAdminNotifications", "EnableFileFilter", "FileTypes", "ZapEnabled", "RecommendedPolicyType", "Name", "Identity", "WhenChanged", "WhenCreated", "WhenChangedUTC", "WhenCreatedUTC", "Id", "Guid", "IsValid", "ObjectState"}),
+        changedType = Table.TransformColumnTypes(expandedRecord, {{"EnableInternalSenderNotifications", type logical}, {"EnableExternalSenderNotifications", type logical}, {"EnableInternalSenderAdminNotifications", type logical}, {"EnableExternalSenderAdminNotifications", type logical}, {"EnableFileFilter", type logical}, {"IsDefault", type logical}, {"BypassInboundMessages", type logical}, {"BypassOutboundMessages", type logical}, {"ZapEnabled", type logical}, {"WhenChanged", type datetimezone}, {"WhenCreated", type datetimezone}, {"WhenChangedUTC", type datetimezone}, {"WhenCreatedUTC", type datetimezone}, {"IsValid", type logical}})
+    in
+        changedType;

src/SecMgmtInsights.PowerShell/SecMgmtInsights.PowerShell.query.pq

@@ -0,0 +1,5 @@
+// Use this file to write queries to test your data connector
+let
+    result = SecMgmtInsights.PowerShell.Contents()
+in
+    result

src/SecMgmtInsights.PowerShell/api_uri

@@ -0,0 +1 @@
+https://partnerinsightsfunctions.azurewebsites.net/

src/SecMgmtInsights.PowerShell/client_id

@@ -0,0 +1 @@
+723f43ad-733a-4d75-9fbc-817e5a0a066e

src/SecMgmtInsights.PowerShell/resources.resx

@@ -0,0 +1,129 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="ButtonHelp" xml:space="preserve">
+    <value>Connect to SecMgmtInsights.PowerShell</value>
+  </data>
+  <data name="ButtonTitle" xml:space="preserve">
+    <value>SecMgmtInsights.PowerShell</value>
+  </data>
+  <data name="DataSourceLabel" xml:space="preserve">
+    <value>SecMgmtInsights.PowerShell</value>
+  </data>
+</root>

src/SecMgmtInsights/SecMgmtInsights.mproj

@@ -0,0 +1,121 @@
+<Project DefaultTargets="BuildExtension" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildThisFileDirectory)..\..\repo.props" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <SchemaVersion>2.0</SchemaVersion>
+    <ProjectGuid>{a7d11851-1e6a-4c9e-9e63-d007a50cd38b}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <RootNamespace>MyRootNamespace</RootNamespace>
+    <AssemblyName>MyAssemblyName</AssemblyName>
+    <EnableUnmanagedDebugging>False</EnableUnmanagedDebugging>
+    <AllowNativeQuery>False</AllowNativeQuery>
+    <AsAction>False</AsAction>
+    <FastCombine>False</FastCombine>
+    <ClearLog>False</ClearLog>
+    <ShowEngineTraces>False</ShowEngineTraces>
+    <ShowUserTraces>False</ShowUserTraces>
+    <LegacyRedirects>False</LegacyRedirects>
+    <SuppressRowErrors>False</SuppressRowErrors>
+    <SuppressCellErrors>False</SuppressCellErrors>
+    <MaxRows>1000</MaxRows>
+    <ExtensionProject>Yes</ExtensionProject>
+    <Name>SecMgmtInsights</Name>
+    <OutputPath>$(RepoArtifacts)$(Configuration)\</OutputPath>
+    <PublishDir>$(OutputPath)</PublishDir>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
+    <DebugSymbols>false</DebugSymbols>
+    <!--Should be true, fix this when the debugger is implemented -->
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)' == 'Release' ">
+    <DebugSymbols>false</DebugSymbols>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="mscorlib" />
+    <Reference Include="System" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="SecMgmtInsights.pq">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights16.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights20.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights24.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights32.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights40.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights48.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights64.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="SecMgmtInsights80.png">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="resources.resx">
+      <SubType>Code</SubType>
+    </Compile>
+    <Compile Include="client_id">
+      <SubType>Content</SubType>
+    </Compile>
+    <Content Include="SecMgmtInsights.query.pq">
+      <SubType>Code</SubType>
+    </Content>
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+  <UsingTask TaskName="BuildExtension" TaskFactory="CodeTaskFactory" AssemblyFile="$(MSBuildToolsPath)\Microsoft.Build.Tasks.v12.0.dll">
+    <ParameterGroup>
+      <InputDirectory ParameterType="System.String" Required="true" />
+      <OutputFile ParameterType="System.String" Required="true" />
+    </ParameterGroup>
+    <Task>
+      <Reference Include="System.IO.Compression" />
+      <Reference Include="System.IO.Compression.FileSystem" />
+      <Using Namespace="System.Globalization" />
+      <Using Namespace="System.IO.Compression " />
+      <Code Type="Fragment" Language="cs"><![CDATA[    
+    using(FileStream fileStream = File.Create(OutputFile))
+    using(ZipArchive archiveOut = new ZipArchive(fileStream, ZipArchiveMode.Create, false))
+    {
+        foreach(string fullPath in Directory.EnumerateFiles(InputDirectory))
+        {
+            string filename = Path.GetFileName(fullPath);
+        
+            archiveOut.CreateEntryFromFile(fullPath, filename, CompressionLevel.Optimal);
+        }
+    }
+]]></Code>
+    </Task>
+  </UsingTask>
+  <Target Name="BuildExtension" DependsOnTargets="ExtensionClean">
+    <ItemGroup>
+      <PQFiles Include="@(Compile)" Condition="'%(Extension)' == '.pq'" />
+    </ItemGroup>
+    <ItemGroup>
+      <NonPQFiles Include="@(Compile)" Condition="'%(Extension)' != '.pq'" />
+    </ItemGroup>
+    <MakeDir Directories="$(IntermediateOutputPath)" />
+    <MakeDir Directories="$(OutputPath)" />
+    <Copy SourceFiles="@(NonPQFiles)" DestinationFolder="$(IntermediateOutputPath)" />
+    <Copy SourceFiles="@(PQFiles)" DestinationFiles="@(PQFiles->'$(IntermediateOutputPath)%(RecursiveDir)%(FileName).m')" />
+    <BuildExtension InputDirectory="$(IntermediateOutputPath)" OutputFile="$(OutputPath)\$(ProjectName).mez" />
+  </Target>
+  <Target Name="ExtensionClean">
+    <!-- Remove obj folder -->
+    <RemoveDir Directories="$(BaseIntermediateOutputPath)" />
+    <!-- Remove bin folder -->
+    <RemoveDir Directories="$(OutputPath)" />
+  </Target>
+</Project>

src/SecMgmtInsights/SecMgmtInsights.query.pq

@@ -0,0 +1,5 @@
+// Use this file to write queries to test your data connector
+let
+    result = SecMgmtInsights.Contents()
+in
+    result

src/SecMgmtInsights/client_id

@@ -0,0 +1 @@
+723f43ad-733a-4d75-9fbc-817e5a0a066e

src/SecMgmtInsights/resources.resx

@@ -0,0 +1,129 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="ButtonHelp" xml:space="preserve">
+    <value>Connect to SecMgmtInsights</value>
+  </data>
+  <data name="ButtonTitle" xml:space="preserve">
+    <value>SecMgmtInsights</value>
+  </data>
+  <data name="DataSourceLabel" xml:space="preserve">
+    <value>SecMgmtInsights</value>
+  </data>
+</root>