Add Major Technology Solution#13788
Closed
josegironn wants to merge 1 commit intoAzure:masterfrom
Closed
Conversation
Author
|
v-shukore
added
the
New Solution
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new Microsoft Sentinel Solution package for “Major Technology”, including deployment assets for a REST API Poller connector that ingests MajorBuildInvocations into a custom Log Analytics table via DCR/DCE.
Changes:
- Introduces solution metadata + release notes for Content Hub packaging.
- Adds ARM template + CreateUIDefinition + test parameters for deployment.
- Adds connector assets (CCP) including DCR, table schema, connector definition, and polling config.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| Solutions/MajorTechnology/SolutionMetadata.json | Adds Content Hub solution metadata (publisher/offer/categories/dates). |
| Solutions/MajorTechnology/ReleaseNotes.md | Adds initial release notes entry. |
| Solutions/MajorTechnology/Package/testParameters.json | Adds sample deployment parameter values for validation. |
| Solutions/MajorTechnology/Package/mainTemplate.json | Deploys DCE, custom table, DCR, and RestApiPoller connector resources. |
| Solutions/MajorTechnology/Package/createUiDefinition.json | Defines the portal UI used to collect deployment inputs. |
| Solutions/MajorTechnology/Data/Solution_MajorBuildInvocations.json | Declares solution manifest and references connector assets. |
| Solutions/MajorTechnology/Data Connectors/MajorBuildInvocations_CCP/table_MajorBuildInvocations.json | Adds custom table definition used by the connector. |
| Solutions/MajorTechnology/Data Connectors/MajorBuildInvocations_CCP/MajorBuildInvocations_PollingConfig.json | Adds polling configuration for the RestApiPoller connector. |
| Solutions/MajorTechnology/Data Connectors/MajorBuildInvocations_CCP/MajorBuildInvocations_Definition.json | Adds the connector UI definition (CCP) for the connector. |
| Solutions/MajorTechnology/Data Connectors/MajorBuildInvocations_CCP/MajorBuildInvocations_DCR.json | Adds the DCR definition (CCP) including stream + transform. |
| Solutions/MajorTechnology/.gitignore | Adds solution-local ignore rules. |
Comment on lines
+5
to
+22
| "workspace": { | ||
| "type": "string", | ||
| "metadata": { | ||
| "description": "The name of the Log Analytics / Microsoft Sentinel workspace." | ||
| } | ||
| }, | ||
| "workspaceResourceId": { | ||
| "type": "string", | ||
| "metadata": { | ||
| "description": "Full resource ID of the Log Analytics workspace: /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.OperationalInsights/workspaces/{name}" | ||
| } | ||
| }, | ||
| "MajorBuildAPIKey": { | ||
| "type": "securestring", | ||
| "metadata": { | ||
| "description": "Major.build Bearer API token (begins with MJR_)." | ||
| } | ||
| } |
Comment on lines
+5
to
+18
| "workspace": { | ||
| "value": "YOURWORKSPACENAME" | ||
| }, | ||
| "workspace-location": { | ||
| "value": "eastus" | ||
| }, | ||
| "apiKey": { | ||
| "value": "MJR_yourapikeyhere" | ||
| }, | ||
| "dcrConfig": { | ||
| "value": { | ||
| "dataCollectionEndpoint": "https://your-dce.eastus-1.ingest.monitor.azure.com", | ||
| "dataCollectionRuleImmutableId": "dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" | ||
| } |
Comment on lines
+30
to
+34
| "Data Connectors/MajorBuildInvocations_ConnectorDefinition.json" | ||
| ], | ||
| "CCP": [ | ||
| "Data Connectors/MajorBuildInvocations_ConnectorDefinition.json", | ||
| "Data Connectors/MajorBuildInvocations_PollingConfig.json" |
| "dataType": "MajorBuildInvocations_CL", | ||
| "auth": { | ||
| "type": "APIKey", | ||
| "ApiKey": "[[parameters('apiKey')]", |
| "config": { | ||
| "isWizard": false, | ||
| "basics": { | ||
| "description": "<img src=\"https://www.major.build/favicon.ico\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before deploying this solution:\n\n- The connector requires a Major Build API key. Generate one at [app.major.build](https://app.major.build) under **Settings → API Keys**.\n\n- Review the solution [Release Notes](https://github.com/MitchellGulledge3/MajorTechnology/blob/main/MajorBuildInvocations/ReleaseNotes.md).\n\n**Data Connectors:** 1, **Workbooks:** 0, **Analytic Rules:** 0\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", |
| "Author": "Major Technology", | ||
| "Logo": "<img src=\"https://www.major.build/favicon.ico\" width=\"75px\" height=\"75px\">", | ||
| "Description": "The **Major Build AI Invocations** solution for Microsoft Sentinel provides a CCF-based data connector that automatically ingests AI agent invocation records from the [Major Build](https://www.major.build) platform.\n\nEach record captures:\n- **Who** ran the AI agent (user name, email)\n- **What** application and resource integration was used\n- **What data** was accessed (including full SQL query text)\n- **Whether** the invocation succeeded or failed\n- **When** the invocation occurred and from which environment\n\nThis enables security teams to audit AI agent activity, detect anomalous access patterns, and investigate data exposure via AI agents.\n\n**Data Connectors:** 1\n\n**Table:** MajorBuildInvocations_CL\n\n**Poll Interval:** Every 5 minutes", | ||
| "BasePath": "https://raw.githubusercontent.com/MitchellGulledge3/MajorTechnology/main/MajorBuildInvocations", |
Comment on lines
+1
to
+3
| | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | | ||
| |-------------|--------------------------------|---------------------------| | ||
| | 1.0.0 | 04-03-2026 | Initial Release | |
Comment on lines
+42
to
+46
| "properties": { | ||
| "networkAcls": { | ||
| "publicNetworkAccess": "Enabled" | ||
| } | ||
| } |
Comment on lines
+5
to
+16
| "workspace": { | ||
| "type": "string", | ||
| "metadata": { | ||
| "description": "The name of the Log Analytics / Microsoft Sentinel workspace." | ||
| } | ||
| }, | ||
| "workspaceResourceId": { | ||
| "type": "string", | ||
| "metadata": { | ||
| "description": "Full resource ID of the Log Analytics workspace: /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.OperationalInsights/workspaces/{name}" | ||
| } | ||
| }, |
Contributor
|
Hi @josegironn, please update suggested changes in files and resolve validations failures. Also, package the solution using V3 tool - https://github.com/Azure/Azure-Sentinel/blob/master/Tools/Create-Azure-Sentinel-Solution/V3/README.mdThanks |
Contributor
|
Hi @josegironn, please update on above comment. Thanks! |
Contributor
|
Hi, we wanted to check on the status of PR #13788. PR is pending for more than 30 days. Please let us know if you need any assistance to review this PR. Per our standard operating procedures if no response is received in the next 7 business days, we will close this PR. Thank you for your cooperation. |
Contributor
|
Since we have not received a response in the last 7 days, we are closing your PR #13788 per our standard operating procedures. If you still need support for this issue, you can re-open the PR at any time. If you do re-open, we simply request that you ensure the PR has response to the last request. Thank you for your cooperation. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan