|
39 | 39 | }, |
40 | 40 | "variables": { |
41 | 41 | "_solutionName": "Silverfort", |
42 | | - "_solutionVersion": "3.0.0", |
| 42 | + "_solutionVersion": "3.0.1", |
43 | 43 | "solutionId": "silverfort.microsoft-sentinel-solution-silverfort", |
44 | 44 | "_solutionId": "[variables('solutionId')]", |
45 | 45 | "uiConfigId1": "SilverfortAma", |
|
98 | 98 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
99 | 99 | ], |
100 | 100 | "properties": { |
101 | | - "description": "Silverfort data connector with template version 3.0.0", |
| 101 | + "description": "Silverfort data connector with template version 3.0.1", |
102 | 102 | "mainTemplate": { |
103 | 103 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
104 | 104 | "contentVersion": "[variables('dataConnectorVersion1')]", |
|
182 | 182 | }, |
183 | 183 | { |
184 | 184 | "title": "1.2 Install the CEF collector on the Linux machine", |
185 | | - "description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.", |
| 185 | + "description": "Install the Azure Monitoring Agent (AMA) on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python --version.\n\n> 2. You must have elevated permissions (sudo) on your machine.", |
186 | 186 | "instructions": [ |
187 | 187 | { |
188 | 188 | "parameters": { |
|
391 | 391 | }, |
392 | 392 | { |
393 | 393 | "title": "1.2 Install the CEF collector on the Linux machine", |
394 | | - "description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.", |
| 394 | + "description": "Install the Azure Monitoring Agent (AMA) on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python --version.\n\n> 2. You must have elevated permissions (sudo) on your machine.", |
395 | 395 | "instructions": [ |
396 | 396 | { |
397 | 397 | "parameters": { |
|
447 | 447 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
448 | 448 | ], |
449 | 449 | "properties": { |
450 | | - "description": "SilverfortWorkbook Workbook with template version 3.0.0", |
| 450 | + "description": "SilverfortWorkbook Workbook with template version 3.0.1", |
451 | 451 | "mainTemplate": { |
452 | 452 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
453 | 453 | "contentVersion": "[variables('workbookVersion1')]", |
|
534 | 534 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
535 | 535 | ], |
536 | 536 | "properties": { |
537 | | - "description": "Certifried_AnalyticalRules Analytics Rule with template version 3.0.0", |
| 537 | + "description": "Certifried_AnalyticalRules Analytics Rule with template version 3.0.1", |
538 | 538 | "mainTemplate": { |
539 | 539 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
540 | 540 | "contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]", |
|
576 | 576 | ], |
577 | 577 | "entityMappings": [ |
578 | 578 | { |
579 | | - "entityType": "Account", |
580 | 579 | "fieldMappings": [ |
581 | 580 | { |
582 | 581 | "identifier": "Name", |
583 | 582 | "columnName": "UserName" |
584 | 583 | } |
585 | | - ] |
| 584 | + ], |
| 585 | + "entityType": "Account" |
586 | 586 | } |
587 | 587 | ] |
588 | 588 | } |
|
637 | 637 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
638 | 638 | ], |
639 | 639 | "properties": { |
640 | | - "description": "Log4Shell_AnalyticalRules Analytics Rule with template version 3.0.0", |
| 640 | + "description": "Log4Shell_AnalyticalRules Analytics Rule with template version 3.0.1", |
641 | 641 | "mainTemplate": { |
642 | 642 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
643 | 643 | "contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]", |
|
679 | 679 | ], |
680 | 680 | "entityMappings": [ |
681 | 681 | { |
682 | | - "entityType": "Account", |
683 | 682 | "fieldMappings": [ |
684 | 683 | { |
685 | 684 | "identifier": "Name", |
686 | 685 | "columnName": "UserName" |
687 | 686 | } |
688 | | - ] |
| 687 | + ], |
| 688 | + "entityType": "Account" |
689 | 689 | } |
690 | 690 | ] |
691 | 691 | } |
|
740 | 740 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
741 | 741 | ], |
742 | 742 | "properties": { |
743 | | - "description": "NoPac_Breach_AnalyticalRules Analytics Rule with template version 3.0.0", |
| 743 | + "description": "NoPac_Breach_AnalyticalRules Analytics Rule with template version 3.0.1", |
744 | 744 | "mainTemplate": { |
745 | 745 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
746 | 746 | "contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]", |
|
783 | 783 | ], |
784 | 784 | "entityMappings": [ |
785 | 785 | { |
786 | | - "entityType": "Account", |
787 | 786 | "fieldMappings": [ |
788 | 787 | { |
789 | 788 | "identifier": "Name", |
790 | 789 | "columnName": "UserName" |
791 | 790 | } |
792 | | - ] |
| 791 | + ], |
| 792 | + "entityType": "Account" |
793 | 793 | } |
794 | 794 | ] |
795 | 795 | } |
|
844 | 844 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
845 | 845 | ], |
846 | 846 | "properties": { |
847 | | - "description": "User_Brute_Force_AnalyticalRules Analytics Rule with template version 3.0.0", |
| 847 | + "description": "User_Brute_Force_AnalyticalRules Analytics Rule with template version 3.0.1", |
848 | 848 | "mainTemplate": { |
849 | 849 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
850 | 850 | "contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]", |
|
886 | 886 | ], |
887 | 887 | "entityMappings": [ |
888 | 888 | { |
889 | | - "entityType": "Account", |
890 | 889 | "fieldMappings": [ |
891 | 890 | { |
892 | 891 | "identifier": "Name", |
893 | 892 | "columnName": "UserName" |
894 | 893 | } |
895 | | - ] |
| 894 | + ], |
| 895 | + "entityType": "Account" |
896 | 896 | } |
897 | 897 | ] |
898 | 898 | } |
|
943 | 943 | "apiVersion": "2023-04-01-preview", |
944 | 944 | "location": "[parameters('workspace-location')]", |
945 | 945 | "properties": { |
946 | | - "version": "3.0.0", |
| 946 | + "version": "3.0.1", |
947 | 947 | "kind": "Solution", |
948 | 948 | "contentSchemaVersion": "3.0.0", |
949 | 949 | "displayName": "Silverfort", |
|
0 commit comments