Azure
diff --git a/‎Solutions/Infoblox/Package/3.0.0.zip‎
8 Bytes b/‎Solutions/Infoblox/Package/3.0.0.zip‎
8 Bytes
diff --git a/‎Solutions/Infoblox/Package/mainTemplate.json‎
Lines changed: 30 additions & 28 deletions b/‎Solutions/Infoblox/Package/mainTemplate.json‎
Lines changed: 30 additions & 28 deletions
diff --git a/‎Solutions/Infoblox/ReleaseNotes‎ ‎Solutions/Infoblox/ReleaseNotes.md‎Solutions/Infoblox/ReleaseNotes renamed to Solutions/Infoblox/ReleaseNotes.md b/‎Solutions/Infoblox/ReleaseNotes‎ ‎Solutions/Infoblox/ReleaseNotes.md‎Solutions/Infoblox/ReleaseNotes renamed to Solutions/Infoblox/ReleaseNotes.md
diff --git a/‎Solutions/Infoblox/SolutionMetadata.json‎
Lines changed: 1 addition & 1 deletion b/‎Solutions/Infoblox/SolutionMetadata.json‎
Lines changed: 1 addition & 1 deletion
@@ -48,7 +48,7 @@
   "variables": {
     "_solutionName": "Infoblox",
     "_solutionVersion": "3.0.0",
-    "solutionId": "infoblox.infoblox-sentinel",
+    "solutionId": "infoblox.infoblox-app-for-microsoft-sentinel",
     "_solutionId": "[variables('solutionId')]",
     "uiConfigId1": "InfobloxDataConnector",
     "_uiConfigId1": "[variables('uiConfigId1')]",
@@ -302,7 +302,9 @@
     "playbookId17": "[resourceId('Microsoft.Logic/workflows', variables('playbookContentId17'))]",
     "playbookTemplateSpecName17": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pl-',uniquestring(variables('_playbookContentId17'))))]",
     "_playbookcontentProductId17": "[concat(take(variables('_solutionId'),50),'-','pl','-', uniqueString(concat(variables('_solutionId'),'-','Playbook','-',variables('_playbookContentId17'),'-', variables('playbookVersion17'))))]",
-    "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]"
+    "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]",
+    "InfobloxInsightID": "InfobloxInsightID",
+    "_Infoblox_Insight_ID": "[variables('InfobloxInsightID')]"
   },
   "resources": [
     {
@@ -3283,10 +3285,10 @@
                 "status": "Available",
                 "requiredDataConnectors": [
                   {
-                    "connectorId": "InfobloxSOCInsightsDataConnector_API",
                     "dataTypes": [
                       "InfobloxInsight"
-                    ]
+                    ],
+                    "connectorId": "InfobloxSOCInsightsDataConnector_API"
                   }
                 ],
                 "tactics": [
@@ -3298,16 +3300,15 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "SecurityGroup",
                     "fieldMappings": [
                       {
                         "columnName": "InfobloxInsightID",
                         "identifier": "ObjectGuid"
                       }
-                    ]
+                    ],
+                    "entityType": "SecurityGroup"
                   },
                   {
-                    "entityType": "Malware",
                     "fieldMappings": [
                       {
                         "columnName": "ThreatClass",
@@ -3317,29 +3318,30 @@
                         "columnName": "ThreatProperty",
                         "identifier": "Category"
                       }
-                    ]
+                    ],
+                    "entityType": "Malware"
                   }
                 ],
                 "eventGroupingSettings": {
                   "aggregationKind": "AlertPerResult"
                 },
                 "customDetails": {
-                  "UnblockedHits": "NotBlockedCount",
+                  "Status": "Status",
                   "Severity": "Priority",
+                  "PersistentDate": "PersistentDate",
+                  "BlockedHits": "BlockedCount",
                   "FirstSeen": "FirstSeen",
                   "SpreadingDate": "SpreadingDate",
                   "LastSeen": "LastSeen",
                   "FeedSource": "FeedSource",
-                  "Status": "Status",
-                  "BlockedHits": "BlockedCount",
-                  "InfobloxInsightID": "InfobloxInsightID",
+                  "InfobloxInsightID": "[variables('_Infoblox_Insight_ID')]",
                   "TotalHits": "EventsCount",
-                  "PersistentDate": "PersistentDate"
+                  "UnblockedHits": "NotBlockedCount"
                 },
                 "alertDetailsOverride": {
-                  "alertDescriptionFormat": "Observed via API. {{ThreatFamily}}. Last Observation: {{LastSeen}}",
+                  "alertDisplayNameFormat": "Infoblox - SOC Insight - {{ThreatClass}} {{ThreatProperty}}",
                   "alertSeverityColumnName": "IncidentSeverity",
-                  "alertDisplayNameFormat": "Infoblox - SOC Insight - {{ThreatClass}} {{ThreatProperty}}"
+                  "alertDescriptionFormat": "Observed via API. {{ThreatFamily}}. Last Observation: {{LastSeen}}"
                 },
                 "incidentConfiguration": {
                   "createIncident": true
@@ -3423,16 +3425,16 @@
                 "status": "Available",
                 "requiredDataConnectors": [
                   {
-                    "connectorId": "InfobloxSOCInsightsDataConnector_Legacy",
                     "dataTypes": [
                       "CommonSecurityLog (InfobloxCDC_SOCInsights)"
-                    ]
+                    ],
+                    "connectorId": "InfobloxSOCInsightsDataConnector_Legacy"
                   },
                   {
-                    "connectorId": "InfobloxSOCInsightsDataConnector_AMA",
                     "dataTypes": [
                       "CommonSecurityLog (InfobloxCDC_SOCInsights)"
-                    ]
+                    ],
+                    "connectorId": "InfobloxSOCInsightsDataConnector_AMA"
                   }
                 ],
                 "tactics": [
@@ -3444,16 +3446,15 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "SecurityGroup",
                     "fieldMappings": [
                       {
                         "columnName": "InfobloxInsightID",
                         "identifier": "ObjectGuid"
                       }
-                    ]
+                    ],
+                    "entityType": "SecurityGroup"
                   },
                   {
-                    "entityType": "Malware",
                     "fieldMappings": [
                       {
                         "columnName": "ThreatClass",
@@ -3463,24 +3464,25 @@
                         "columnName": "ThreatProperty",
                         "identifier": "Category"
                       }
-                    ]
+                    ],
+                    "entityType": "Malware"
                   }
                 ],
                 "eventGroupingSettings": {
                   "aggregationKind": "AlertPerResult"
                 },
                 "customDetails": {
+                  "Status": "Status",
                   "UnblockedHits": "NotBlockedCount",
+                  "BlockedHits": "BlockedCount",
                   "TotalHits": "EventsCount",
                   "FeedSource": "FeedSource",
-                  "Status": "Status",
-                  "BlockedHits": "BlockedCount",
-                  "InfobloxInsightID": "InfobloxInsightID"
+                  "InfobloxInsightID": "[variables('_Infoblox_Insight_ID')]"
                 },
                 "alertDetailsOverride": {
-                  "alertDescriptionFormat": "Observed via CDC. {{ThreatFamily}}. {{Message}}",
+                  "alertDisplayNameFormat": "Infoblox - SOC Insight - {{ThreatClass}} {{ThreatProperty}}",
                   "alertSeverityColumnName": "IncidentSeverity",
-                  "alertDisplayNameFormat": "Infoblox - SOC Insight - {{ThreatClass}} {{ThreatProperty}}"
+                  "alertDescriptionFormat": "Observed via CDC. {{ThreatFamily}}. {{Message}}"
                 },
                 "incidentConfiguration": {
                   "createIncident": true
 
@@ -1,6 +1,6 @@
 {
     "publisherId": "infoblox",
-    "offerId": "infoblox-sentinel",
+    "offerId": "infoblox-app-for-microsoft-sentinel",
     "firstPublishDate": "2024-07-15",
     "lastPublishDate": "2024-07-15",
     "providers": [
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"publisherId": "infoblox",`
`3`		`- "offerId": "infoblox-sentinel",`
	`3`	`+ "offerId": "infoblox-app-for-microsoft-sentinel",`
`4`	`4`	`"firstPublishDate": "2024-07-15",`
`5`	`5`	`"lastPublishDate": "2024-07-15",`
`6`	`6`	`"providers": [`