Azure
diff --git a/‎.script/tests/KqlvalidationsTests/CustomTables/HalcyonEvents_CL.json‎
Lines changed: 0 additions & 145 deletions b/‎.script/tests/KqlvalidationsTests/CustomTables/HalcyonEvents_CL.json‎
Lines changed: 0 additions & 145 deletions
diff --git a/‎Solutions/Halcyon/Data Connectors/Halcyon_ccp/Halcyon_connectorDefinition.json‎
Lines changed: 6 additions & 1 deletion b/‎Solutions/Halcyon/Data Connectors/Halcyon_ccp/Halcyon_connectorDefinition.json‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎Solutions/Halcyon/Data/Solution_Halcyon.json‎
Lines changed: 1 addition & 7 deletions b/‎Solutions/Halcyon/Data/Solution_Halcyon.json‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎Solutions/Halcyon/Package/3.1.0.zip‎
-2.62 KB b/‎Solutions/Halcyon/Package/3.1.0.zip‎
-2.62 KB
diff --git a/‎Solutions/Halcyon/Package/createUiDefinition.json‎
Lines changed: 1 addition & 1 deletion b/‎Solutions/Halcyon/Package/createUiDefinition.json‎
Lines changed: 1 addition & 1 deletion
@@ -11,7 +11,12 @@
         "publisher": "Halcyon",
         "logo": "halcyon.svg",
         "descriptionMarkdown": "The [Halcyon](https://www.halcyon.ai) connector provides the capability to send data from Halcyon to Microsoft Sentinel.",
-        "sampleQueries": [],
+        "sampleQueries": [
+          {
+            "description": "View recent events",
+            "query": "HalcyonEvents_CL\n| where TimeGenerated > ago(24h)\n| sort by TimeGenerated desc\n"
+          }
+        ],
         "graphQueries": [
           {
             "metricName": "Events",
 
@@ -6,13 +6,7 @@
   "Data Connectors": [
     "Data Connectors/Halcyon_ccp/Halcyon_connectorDefinition.json"
   ],
-  "Parsers": [
-    "Parsers/ASimAuthenticationHalcyon.yaml",
-    "Parsers/ASimDnsHalcyon.yaml",
-    "Parsers/ASimFileEventHalcyon.yaml",
-    "Parsers/ASimNetworkSessionHalcyon.yaml",
-    "Parsers/ASimProcessEventHalcyon.yaml"
-  ],
+  "Parsers": [],
   "Workbooks": [],
   "Analytic Rules": [],
   "Hunting Queries": [],
 
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/halcyon.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Halcyon/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Halcyon](https://www.halcyon.ai) solution for Microsoft Sentinel enables you to ingest Halcyon Events and Alerts into Microsoft Sentinel using the Microsoft Sentinel Analytics Workspace.\n\nInstalling this solution automatically provisions a Data Collection Endpoint (DCE) and Data Collection Rule (DCR) in your Azure environment. These resources are updated automatically with each solution upgrade. To complete the connector setup, use the **Deploy** button on the Halcyon connector page to create the required Entra app registration and link it to the DCR.\n\n**Data Connectors:** 1, **Parsers:** 5\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/halcyon.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Halcyon/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Halcyon](https://www.halcyon.ai) solution for Microsoft Sentinel enables you to ingest Halcyon Events and Alerts into Microsoft Sentinel using the Microsoft Sentinel Analytics Workspace.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following Microsoft technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional data ingestion or operational costs:\n\na. [Microsoft Sentinel](https://learn.microsoft.com/azure/sentinel/)\n\nb. [Azure Monitor Data Collection Rules (DCR)](https://learn.microsoft.com/azure/azure-monitor/essentials/data-collection-rule-overview)\n\nc. [Azure Monitor Data Collection Endpoints (DCE)](https://learn.microsoft.com/azure/azure-monitor/essentials/data-collection-endpoint-overview)\n\nd. [Azure Log Analytics workspaces](https://learn.microsoft.com/azure/azure-monitor/logs/log-analytics-workspace-overview)\n\n**Data Connectors:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",