Skip to content

Commit 953f696

Browse files
authored
Merge pull request #14354 from N0ahIE/patch-1
Update SilverfortAma.json
2 parents 25d76f7 + 761ec7a commit 953f696

6 files changed

Lines changed: 28 additions & 25 deletions

File tree

Solutions/Silverfort/Data Connectors/SilverfortAma.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@
6969
},
7070
{
7171
"title": "1.2 Install the CEF collector on the Linux machine",
72-
"description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.",
72+
"description": "Install the Azure Monitoring Agent (AMA) on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python --version.\n\n> 2. You must have elevated permissions (sudo) on your machine.",
7373
"instructions": [
7474
{
7575
"parameters": {

Solutions/Silverfort/Data/Solution_Silverfort.json

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,20 @@
44
"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/silverfort-logo.svg\" width=\"168px\" height=\"168px\">",
55
"Description": "The [Silverfort](https://silverfort.com) ITDR Admin Console connector solution allows ingestion of Silverfort events and logging into Microsoft Sentinel.\n Silverfort provides syslog based events and logging using Common Event Format (CEF). By forwarding your Silverfort ITDR Admin Console CEF data into Microsoft Sentinel, you can take advantage of Sentinels's search & correlation, alerting, and threat intelligence enrichment on Silverfort data. \n Please contact Silverfort or consult the Silverfort documentation for more information.",
66
"Data Connectors": [
7-
"Data Connectors/SilverfortAma.json"
7+
"Solutions/Silverfort/Data Connectors/SilverfortAma.json"
8+
],
9+
"Workbooks": [
10+
"Solutions/Silverfort/Workbooks/SilverfortWorkbook.json"
811
],
9-
"Workbooks": ["Solutions/Silverfort/Workbooks/SilverfortWorkbook.json"],
1012
"Analytic Rules": [
1113
"Solutions/Silverfort/Analytic Rules/Certifried.yaml",
1214
"Solutions/Silverfort/Analytic Rules/Log4Shell.yaml",
1315
"Solutions/Silverfort/Analytic Rules/NoPac_Breach.yaml",
1416
"Solutions/Silverfort/Analytic Rules/User_Brute_Force.yaml"
1517
],
16-
"BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Silverfort",
17-
"Version": "1.0.0",
18+
"BasePath": "C:\\GitHub\\Azure-Sentinel",
19+
"Version": "3.0.1",
1820
"Metadata": "SolutionMetadata.json",
1921
"TemplateSpec": true,
2022
"Is1Pconnector": false
21-
}
23+
}
15.1 KB
Binary file not shown.

Solutions/Silverfort/Package/createUiDefinition.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@
6464
}
6565
},
6666
{
67-
"name": "dataconnectors-link2",
67+
"name": "dataconnectors-link1",
6868
"type": "Microsoft.Common.TextBlock",
6969
"options": {
7070
"link": {

Solutions/Silverfort/Package/mainTemplate.json

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@
3939
},
4040
"variables": {
4141
"_solutionName": "Silverfort",
42-
"_solutionVersion": "3.0.0",
42+
"_solutionVersion": "3.0.1",
4343
"solutionId": "silverfort.microsoft-sentinel-solution-silverfort",
4444
"_solutionId": "[variables('solutionId')]",
4545
"uiConfigId1": "SilverfortAma",
@@ -98,7 +98,7 @@
9898
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
9999
],
100100
"properties": {
101-
"description": "Silverfort data connector with template version 3.0.0",
101+
"description": "Silverfort data connector with template version 3.0.1",
102102
"mainTemplate": {
103103
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
104104
"contentVersion": "[variables('dataConnectorVersion1')]",
@@ -182,7 +182,7 @@
182182
},
183183
{
184184
"title": "1.2 Install the CEF collector on the Linux machine",
185-
"description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.",
185+
"description": "Install the Azure Monitoring Agent (AMA) on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python --version.\n\n> 2. You must have elevated permissions (sudo) on your machine.",
186186
"instructions": [
187187
{
188188
"parameters": {
@@ -391,7 +391,7 @@
391391
},
392392
{
393393
"title": "1.2 Install the CEF collector on the Linux machine",
394-
"description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.",
394+
"description": "Install the Azure Monitoring Agent (AMA) on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python --version.\n\n> 2. You must have elevated permissions (sudo) on your machine.",
395395
"instructions": [
396396
{
397397
"parameters": {
@@ -447,7 +447,7 @@
447447
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
448448
],
449449
"properties": {
450-
"description": "SilverfortWorkbook Workbook with template version 3.0.0",
450+
"description": "SilverfortWorkbook Workbook with template version 3.0.1",
451451
"mainTemplate": {
452452
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
453453
"contentVersion": "[variables('workbookVersion1')]",
@@ -534,7 +534,7 @@
534534
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
535535
],
536536
"properties": {
537-
"description": "Certifried_AnalyticalRules Analytics Rule with template version 3.0.0",
537+
"description": "Certifried_AnalyticalRules Analytics Rule with template version 3.0.1",
538538
"mainTemplate": {
539539
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
540540
"contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]",
@@ -576,13 +576,13 @@
576576
],
577577
"entityMappings": [
578578
{
579-
"entityType": "Account",
580579
"fieldMappings": [
581580
{
582581
"identifier": "Name",
583582
"columnName": "UserName"
584583
}
585-
]
584+
],
585+
"entityType": "Account"
586586
}
587587
]
588588
}
@@ -637,7 +637,7 @@
637637
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
638638
],
639639
"properties": {
640-
"description": "Log4Shell_AnalyticalRules Analytics Rule with template version 3.0.0",
640+
"description": "Log4Shell_AnalyticalRules Analytics Rule with template version 3.0.1",
641641
"mainTemplate": {
642642
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
643643
"contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]",
@@ -679,13 +679,13 @@
679679
],
680680
"entityMappings": [
681681
{
682-
"entityType": "Account",
683682
"fieldMappings": [
684683
{
685684
"identifier": "Name",
686685
"columnName": "UserName"
687686
}
688-
]
687+
],
688+
"entityType": "Account"
689689
}
690690
]
691691
}
@@ -740,7 +740,7 @@
740740
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
741741
],
742742
"properties": {
743-
"description": "NoPac_Breach_AnalyticalRules Analytics Rule with template version 3.0.0",
743+
"description": "NoPac_Breach_AnalyticalRules Analytics Rule with template version 3.0.1",
744744
"mainTemplate": {
745745
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
746746
"contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]",
@@ -783,13 +783,13 @@
783783
],
784784
"entityMappings": [
785785
{
786-
"entityType": "Account",
787786
"fieldMappings": [
788787
{
789788
"identifier": "Name",
790789
"columnName": "UserName"
791790
}
792-
]
791+
],
792+
"entityType": "Account"
793793
}
794794
]
795795
}
@@ -844,7 +844,7 @@
844844
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
845845
],
846846
"properties": {
847-
"description": "User_Brute_Force_AnalyticalRules Analytics Rule with template version 3.0.0",
847+
"description": "User_Brute_Force_AnalyticalRules Analytics Rule with template version 3.0.1",
848848
"mainTemplate": {
849849
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
850850
"contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]",
@@ -886,13 +886,13 @@
886886
],
887887
"entityMappings": [
888888
{
889-
"entityType": "Account",
890889
"fieldMappings": [
891890
{
892891
"identifier": "Name",
893892
"columnName": "UserName"
894893
}
895-
]
894+
],
895+
"entityType": "Account"
896896
}
897897
]
898898
}
@@ -943,7 +943,7 @@
943943
"apiVersion": "2023-04-01-preview",
944944
"location": "[parameters('workspace-location')]",
945945
"properties": {
946-
"version": "3.0.0",
946+
"version": "3.0.1",
947947
"kind": "Solution",
948948
"contentSchemaVersion": "3.0.0",
949949
"displayName": "Silverfort",
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
22
|-------------|--------------------------------|-----------------------------------|
3+
| 3.0.1 | 02-06-2026 | Minor Doc Update |
34
| 3.0.0 | 13-09-2024 | Initial Solution Release |

0 commit comments

Comments
 (0)