Updated queries pointing to correct table #14451
Open
RamboV wants to merge 2 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates the JoeSandbox solution package to reference the newer Threat Intelligence table name and bumps the packaged solution version.
Changes:
- Bumped solution version from 3.0.1 to 3.0.2 in the packaged ARM template.
- Updated KQL snippets inside the package from
ThreatIntelligenceIndicatortoThreatIntelIndicators.
| "variables": { | ||
| "_solutionName": "JoeSandbox", | ||
| "_solutionVersion": "3.0.1", | ||
| "_solutionVersion": "3.0.2", |
| "location": "[parameters('workspace-location')]", | ||
| "properties": { | ||
| "version": "3.0.1", | ||
| "version": "3.0.2", |
Comment on lines
+1680
to
+1681
| "legend": "ThreatIntelIndicators | where SourceSystem contains 'JoeSandbox'", | ||
| "baseQuery": "ThreatIntelIndicators | where SourceSystem contains 'JoeSandbox'" |
| "variables": { | ||
| "_solutionName": "JoeSandbox", | ||
| "_solutionVersion": "3.0.1", | ||
| "_solutionVersion": "3.0.2", |
Contributor
Author
|
Hello @v-shukore @v-atulyadav any updates on.this pls |
Contributor
|
Hi @RamboV, please update this version in data file and add releasenotes for this version. Thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Required items, please complete
Change(s):
Reason for Change(s):
Version Updated:
Testing Completed:
Checked that the validations are passing and have addressed any issues that are present:
Guidance <- remove section before submitting
Before submitting this PR please ensure that you have read the following sections and filled out the changes, reason for change and testing complete sections:
Thank you for your contribution to the Microsoft Sentinel Github repo.
Change(s):
Reason for Change(s):
Version updated:
Testing Completed:
Note: If updating a detection, you must update the version field.
Checked that the validations are passing and have addressed any issues that are present:
Note: Let us know if you have tried fixing the validation error and need help.