Skip to content

Commit 3d70ce8

Browse files
prajval-umprajval-um
authored
Build azure (#13532)
* invalid template fix * Fixed solution installation via Azure portal by deriving deployment location from selected workspace * Updated Cisco Duo Security solution package with workspace parameter validation Changed workspace and workspace-location parameters from defaultValue to minLength validation to ensure required values are provided during deployment. * minor fix * package updated * testcase fix * minor bug fixes * minor bug fixes * Update Cisco Duo Security solution to version 3.1.0 - Change author from "Microsoft - support@microsoft.com" to "Cisco Duo - support@duosecurity.com" - Add activity logs to solution description alongside existing log types (authentication, administrator, telephony, offline enrollment, Trust Monitor) - Update parser display name from "CiscoDuoSecurity Data Parser" to "Parser for CiscoDuo" - Update parser resource name from "CiscoDuoSecurity Data Parser" to "CiscoDuo" - Fix workspace-location output * minor fix * changes done updating the bundle to 5.0.0
1 parent 9f3148f commit 3d70ce8

File tree

7 files changed

+123
-122
lines changed

7 files changed

+123
-122
lines changed

Solutions/CiscoDuoSecurity/Data Connectors/host.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,6 @@
1111
},
1212
"extensionBundle": {
1313
"id": "Microsoft.Azure.Functions.ExtensionBundle",
14-
"version": "[3.*, 4.0.0)"
14+
"version": "[4.0.0, 5.0.0)"
1515
}
1616
}

Solutions/CiscoDuoSecurity/Data/Solution_CiscoDuoSecurity.json

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
{
22
"Name": "CiscoDuoSecurity",
3-
"Author": "Microsoft - support@microsoft.com",
3+
"Author": "CiscoDuoSecurity - support@duosecurity.com",
44
"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cisco-logo-72px.svg\" width=\"75px\" height=\"75px\">",
5-
"Description": "The [Cisco Duo Security](https://duo.com/) solution allows you to ingest [authentication logs](https://duo.com/docs/adminapi#authentication-logs), [administrator logs](https://duo.com/docs/adminapi#administrator-logs), [telephony logs](https://duo.com/docs/adminapi#telephony-logs), [offline enrolment logs](https://duo.com/docs/adminapi#offline-enrollment-logs) and [Trust Monitor events](https://duo.com/docs/adminapi#trust-monitor) into Microsoft Sentinel using the Cisco Duo Admin API. Refer to [API documentation](https://duo.com/docs/adminapi) for more information.\r\n \r\n **Underlying Microsoft Technologies used:** \r\n\r\n This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n a. [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n \r\n\n b. [Azure Functions](https://azure.microsoft.com/services/functions/#overview)\r\n\n",
5+
"Description": "The [Cisco Duo Security](https://duo.com/) solution allows you to ingest [authentication logs](https://duo.com/docs/adminapi#authentication-logs), [activity logs](https://duo.com/docs/adminapi#activity-logs), [administrator logs](https://duo.com/docs/adminapi#administrator-logs), [telephony logs](https://duo.com/docs/adminapi#telephony-logs), [offline enrolment logs](https://duo.com/docs/adminapi#offline-enrollment-logs) and [Trust Monitor events](https://duo.com/docs/adminapi#trust-monitor) into Microsoft Sentinel using the Cisco Duo Admin API. Refer to [API documentation](https://duo.com/docs/adminapi) for more information.\r\n \r\n **Underlying Microsoft Technologies used:** \r\n\r\n This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n a. [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n \r\n\n b. [Azure Functions](https://azure.microsoft.com/services/functions/#overview)\r\n\n",
66
"Workbooks": [
77
"Workbooks/CiscoDuo.json"
88
],
@@ -37,7 +37,7 @@
3737
"Analytic Rules/CiscoDuoUnexpectedAuthFactor.yaml"
3838
],
3939
"BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\CiscoDuoSecurity",
40-
"Version": "3.0.4",
40+
"Version": "3.1.0",
4141
"Metadata": "SolutionMetadata.json",
4242
"TemplateSpec": true,
4343
"Is1Pconnector": false

Solutions/CiscoDuoSecurity/Package/3.1.0.zip

17.9 KB
Binary file not shown.

Solutions/CiscoDuoSecurity/Package/createUiDefinition.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
"config": {
77
"isWizard": false,
88
"basics": {
9-
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cisco-logo-72px.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/CiscoDuoSecurity/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Cisco Duo Security](https://duo.com/) solution allows you to ingest [authentication logs](https://duo.com/docs/adminapi#authentication-logs), [administrator logs](https://duo.com/docs/adminapi#administrator-logs), [telephony logs](https://duo.com/docs/adminapi#telephony-logs), [offline enrolment logs](https://duo.com/docs/adminapi#offline-enrollment-logs) and [Trust Monitor events](https://duo.com/docs/adminapi#trust-monitor) into Microsoft Sentinel using the Cisco Duo Admin API. Refer to [API documentation](https://duo.com/docs/adminapi) for more information.\r\n \r\n **Underlying Microsoft Technologies used:** \r\n\r\n This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n a. [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n \r\n\n b. [Azure Functions](https://azure.microsoft.com/services/functions/#overview)\r\n\n\n\n**Data Connectors:** 1, **Parsers:** 1, **Workbooks:** 1, **Analytic Rules:** 10, **Hunting Queries:** 10\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
9+
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cisco-logo-72px.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/CiscoDuoSecurity/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Cisco Duo Security](https://duo.com/) solution allows you to ingest [authentication logs](https://duo.com/docs/adminapi#authentication-logs), [activity logs](https://duo.com/docs/adminapi#activity-logs), [administrator logs](https://duo.com/docs/adminapi#administrator-logs), [telephony logs](https://duo.com/docs/adminapi#telephony-logs), [offline enrolment logs](https://duo.com/docs/adminapi#offline-enrollment-logs) and [Trust Monitor events](https://duo.com/docs/adminapi#trust-monitor) into Microsoft Sentinel using the Cisco Duo Admin API. Refer to [API documentation](https://duo.com/docs/adminapi) for more information.\r\n \r\n **Underlying Microsoft Technologies used:** \r\n\r\n This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n a. [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n \r\n\n b. [Azure Functions](https://azure.microsoft.com/services/functions/#overview)\r\n\n\n\n**Data Connectors:** 1, **Parsers:** 1, **Workbooks:** 1, **Analytic Rules:** 10, **Hunting Queries:** 10\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
1010
"subscription": {
1111
"resourceProviders": [
1212
"Microsoft.OperationsManagement/solutions",
@@ -71,7 +71,7 @@
7171
}
7272
},
7373
{
74-
"name": "dataconnectors-link2",
74+
"name": "dataconnectors-link1",
7575
"type": "Microsoft.Common.TextBlock",
7676
"options": {
7777
"link": {

0 commit comments

Comments
 (0)