Migrate WithSecure connector to codeless solution#14256
Conversation
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Migrates the WithSecure Elements connector from an Azure Function-based deployment to a Codeless Connector Framework (CCF)/CCP-based REST poller solution, targeting a SaaS-style deployment and bumping the solution major version.
Changes:
- Removed the legacy Azure Function connector (ARM template, Python poller code, requirements) under
WithSecureElementsViaFunction. - Added new CCF/CCP assets (connector definition, poller config, DCR, custom table) and updated packaged templates/UI for
WithSecureElementsCCF. - Updated solution metadata and release notes to reflect the new architecture and version
4.0.0.
Reviewed changes
Copilot reviewed 21 out of 31 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| Solutions/WithSecureElementsViaFunction/Package/mainTemplate.json | Removes legacy packaged ARM deployment for the Function-based solution. |
| Solutions/WithSecureElementsViaFunction/Data/Solution_WithSecureElementsViaFunction.json | Removes legacy solution data definition (Function-based). |
| Solutions/WithSecureElementsViaFunction/Data Connectors/requirements.txt | Removes Python dependencies tied to the Function-based connector. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/azuredeploy_Connector_WithSecureElements_AzureFunction.json | Removes ARM template that deployed Function/Storage/DCR for legacy connector. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsViaFunction.json | Removes legacy GenericUI data connector definition. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/ws_connector.py | Removes legacy polling/ingestion implementation. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/withsecure_client.py | Removes legacy WithSecure API client implementation. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/log_ingestion_api.py | Removes legacy Log Ingestion API wrapper. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/events_formatter.py | Removes legacy event normalization for custom table schema. |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/azure_storage_table.py | Removes legacy state persistence (Azure Table). |
| Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/function_app.py | Removes the Azure Functions entrypoint/timer schedule. |
| Solutions/WithSecureElementsCCF/SolutionMetadata.json | Updates publish metadata date for the new CCF-based release. |
| Solutions/WithSecureElementsCCF/ReleaseNotes.md | Adds a 4.0.0 entry describing the CCF migration. |
| Solutions/WithSecureElementsCCF/Package/testParameters.json | Adds parameters used by the new packaged template (RG/subscription). |
| Solutions/WithSecureElementsCCF/Package/mainTemplate.json | Adds the new packaged template that installs CCF connector definition + DCR/table + connections template. |
| Solutions/WithSecureElementsCCF/Package/createUiDefinition.json | Updates installer UX text/links for the new WithSecureElementsCCF solution. |
| Solutions/WithSecureElementsCCF/Data/Solution_WithSecureElementsCCF.json | Adds new solution data file for the CCF-based solution. |
| Solutions/WithSecureElementsCCF/Data Connectors/WithSecureElementsCCP/WithSecureElements_Table.json | Adds custom table schema for WsSecurityEvents_CL. |
| Solutions/WithSecureElementsCCF/Data Connectors/WithSecureElementsCCP/WithSecureElements_PollerConfig.json | Adds poller configuration for the REST API poller. |
| Solutions/WithSecureElementsCCF/Data Connectors/WithSecureElementsCCP/WithSecureElements_DCR.json | Adds DCR with transformKql to normalize raw events into WsSecurityEvents_CL. |
| Solutions/WithSecureElementsCCF/Data Connectors/WithSecureElementsCCP/WithSecureElements_ConnectorDefinition.json | Adds the connector definition (UI config + auth/input fields). |
|
@v-shukore @v-maheshbh any update or any action needed from me? |
|
Hi @gloo-shock, we noticed that in this PR you created the 4.0.0 package version. Currently, we do not support that version, so please use the V3 tool to package the solution and create it with version 3.0.0. |
Hi @v-shukore , |
|
Hi @gloo-shock, we observed that you deleted the entire solution with the data connector. Could you please confirm if you removed the connector for a specific reason and if you obtained approval from the Sentinel partner teams before deleting the solution? because which user already using this connector, they could face the issue if we merged deleted connector PR. Thanks! |
Hi @v-shukore , |
|
Hi @gloo-shock, if you want to keep this solution in the repo for existing users, you can add a note indicating that this solution is deprecated and will not be available for much longer due to our migration to the CCF connector over function app connector but do not delete the entire solution. If you have any further questions, please check with the Sentinel partner team at AzureSentinelPartner@microsoft.com to discuss available options. Thanks!! |
|
Hi @gloo-shock, have you connected with app assure team regarding this? Thanks! |
Hi @v-shukore , |
|
Hi @gloo-shock, thanks for the update now its look good. |
|
Hi @gloo-shock, please add workbook preview images to below location. |
Hi @v-shukore |
WithSecureElementsCCF (Codeless Connector Framework)
Reason for Change(s):
Version Updated:
Testing Completed:
Checked that the validations are passing and have addressed any issues that are present: