diff --git a/Solutions/Auth0/Data Connectors/Auth0_CCP/DataConnectorDefinition.json b/Solutions/Auth0/Data Connectors/Auth0_CCP/DataConnectorDefinition.json index 25d12da3894..84fc49b93b8 100644 --- a/Solutions/Auth0/Data Connectors/Auth0_CCP/DataConnectorDefinition.json +++ b/Solutions/Auth0/Data Connectors/Auth0_CCP/DataConnectorDefinition.json @@ -7,7 +7,7 @@ "properties": { "connectorUiConfig": { "id": "Auth0ConnectorCCPDefinition", - "title": "Auth0 Logs", + "title": "Auth0 Logs (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [Auth0](https://auth0.com/docs/api/management/v2/logs/get-logs) data connector allows ingesting logs from Auth0 API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses Auth0 API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ diff --git a/Solutions/Auth0/Data/Solution_Auth0.json b/Solutions/Auth0/Data/Solution_Auth0.json index 699023aeeb4..fa7022be38f 100644 --- a/Solutions/Auth0/Data/Solution_Auth0.json +++ b/Solutions/Auth0/Data/Solution_Auth0.json @@ -13,7 +13,7 @@ ], "Metadata": "SolutionMetadata.json", "BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Auth0", - "Version": "3.1.0", + "Version": "3.1.1", "TemplateSpec": true, "Is1PConnector": false, "createPackage": false diff --git a/Solutions/Auth0/Package/3.1.1.zip b/Solutions/Auth0/Package/3.1.1.zip new file mode 100644 index 00000000000..015d5fbd32f Binary files /dev/null and b/Solutions/Auth0/Package/3.1.1.zip differ diff --git a/Solutions/Auth0/Package/mainTemplate.json b/Solutions/Auth0/Package/mainTemplate.json index f376d0cfb4f..a8e6dde87fa 100644 --- a/Solutions/Auth0/Package/mainTemplate.json +++ b/Solutions/Auth0/Package/mainTemplate.json @@ -47,7 +47,7 @@ "email": "support@microsoft.com", "_email": "[variables('email')]", "_solutionName": "Auth0", - "_solutionVersion": "3.1.0", + "_solutionVersion": "3.1.1", "solutionId": "azuresentinel.azure-sentinel-solution-auth0", "_solutionId": "[variables('solutionId')]", "uiConfigId1": "Auth0", @@ -92,7 +92,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Auth0 data connector with template version 3.1.0", + "description": "Auth0 data connector with template version 3.1.1", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('dataConnectorVersion1')]", @@ -454,7 +454,7 @@ ], "properties": { "contentId": "[variables('_dataConnectorContentIdConnectorDefinition2')]", - "displayName": "Auth0 Logs", + "displayName": "Auth0 Logs (Preview)", "contentKind": "DataConnector", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", @@ -471,7 +471,7 @@ "properties": { "connectorUiConfig": { "id": "Auth0ConnectorCCPDefinition", - "title": "Auth0 Logs", + "title": "Auth0 Logs (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [Auth0](https://auth0.com/docs/api/management/v2/logs/get-logs) data connector allows ingesting logs from Auth0 API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses Auth0 API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ @@ -852,7 +852,7 @@ "properties": { "connectorUiConfig": { "id": "Auth0ConnectorCCPDefinition", - "title": "Auth0 Logs", + "title": "Auth0 Logs (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [Auth0](https://auth0.com/docs/api/management/v2/logs/get-logs) data connector allows ingesting logs from Auth0 API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses Auth0 API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ @@ -1001,14 +1001,14 @@ ], "properties": { "contentId": "[variables('_dataConnectorContentIdConnections2')]", - "displayName": "Auth0 Logs", + "displayName": "Auth0 Logs (Preview)", "contentKind": "ResourcesDataConnector", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('dataConnectorCCPVersion')]", "parameters": { "connectorDefinitionName": { - "defaultValue": "Auth0 Logs", + "defaultValue": "Auth0 Logs (Preview)", "type": "string", "minLength": 1 }, @@ -1136,7 +1136,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Auth0AM Data Parser with template version 3.1.0", + "description": "Auth0AM Data Parser with template version 3.1.1", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('parserObject1').parserVersion1]", @@ -1268,7 +1268,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Auth0 Data Parser with template version 3.1.0", + "description": "Auth0 Data Parser with template version 3.1.1", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('parserObject2').parserVersion2]", @@ -1396,7 +1396,7 @@ "apiVersion": "2023-04-01-preview", "location": "[parameters('workspace-location')]", "properties": { - "version": "3.1.0", + "version": "3.1.1", "kind": "Solution", "contentSchemaVersion": "3.0.0", "displayName": "Auth0", diff --git a/Solutions/Auth0/ReleaseNotes.md b/Solutions/Auth0/ReleaseNotes.md index fcf5af95a86..a6ca0d78599 100644 --- a/Solutions/Auth0/ReleaseNotes.md +++ b/Solutions/Auth0/ReleaseNotes.md @@ -1,6 +1,7 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------| -| 3.0.1 | 13-12-2024 | Added new CCP **Data Connector** to the Solution | +| 3.1.1 | 22-01-2025 | Added Preview tag to CCP **Data Connector**| +| 3.1.0 | 13-12-2024 | Added new CCP **Data Connector** to the Solution | | 3.0.0 | 24-08-2024 | Updated the **Data Connector** Function app python runtime version to 3.11 | -| 3.0.0 | 11-12-2023 | Added new **Parser** (Auth0AM) | +| | 11-12-2023 | Added new **Parser** (Auth0AM) | diff --git a/Solutions/Palo Alto Cortex XDR CCP/Data Connectors/CortexXDR_ccp/DataConnectorDefinition.json b/Solutions/Palo Alto Cortex XDR CCP/Data Connectors/CortexXDR_ccp/DataConnectorDefinition.json index 26bcd2701a5..4d73813fae2 100644 --- a/Solutions/Palo Alto Cortex XDR CCP/Data Connectors/CortexXDR_ccp/DataConnectorDefinition.json +++ b/Solutions/Palo Alto Cortex XDR CCP/Data Connectors/CortexXDR_ccp/DataConnectorDefinition.json @@ -7,7 +7,7 @@ "properties": { "connectorUiConfig": { "id": "CortexXDRDataConnector", - "title": "Palo Alto Cortex XDR", + "title": "Palo Alto Cortex XDR (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [Palo Alto Cortex XDR](https://cortex-panw.stoplight.io/docs/cortex-xdr/branches/main/09agw06t5dpvw-cortex-xdr-rest-api) data connector allows ingesting logs from the Palo Alto Cortex XDR API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the Palo Alto Cortex XDR API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ diff --git a/Solutions/Palo Alto Cortex XDR CCP/Package/3.0.1.zip b/Solutions/Palo Alto Cortex XDR CCP/Package/3.0.1.zip new file mode 100644 index 00000000000..3a321c1fde2 Binary files /dev/null and b/Solutions/Palo Alto Cortex XDR CCP/Package/3.0.1.zip differ diff --git a/Solutions/Palo Alto Cortex XDR CCP/Package/mainTemplate.json b/Solutions/Palo Alto Cortex XDR CCP/Package/mainTemplate.json index 21404141e68..c91006517cf 100644 --- a/Solutions/Palo Alto Cortex XDR CCP/Package/mainTemplate.json +++ b/Solutions/Palo Alto Cortex XDR CCP/Package/mainTemplate.json @@ -45,7 +45,7 @@ }, "variables": { "_solutionName": "Palo Alto Cortex XDR CCP", - "_solutionVersion": "3.0.0", + "_solutionVersion": "3.0.1", "solutionId": "azuresentinel.azure-sentinel-solution-cortexccp", "_solutionId": "[variables('solutionId')]", "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]", @@ -68,7 +68,7 @@ ], "properties": { "contentId": "[variables('_dataConnectorContentIdConnectorDefinition1')]", - "displayName": "Palo Alto Cortex XDR", + "displayName": "Palo Alto Cortex XDR (Preview)", "contentKind": "DataConnector", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", @@ -85,7 +85,7 @@ "properties": { "connectorUiConfig": { "id": "CortexXDRDataConnector", - "title": "Palo Alto Cortex XDR", + "title": "Palo Alto Cortex XDR (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [Palo Alto Cortex XDR](https://cortex-panw.stoplight.io/docs/cortex-xdr/branches/main/09agw06t5dpvw-cortex-xdr-rest-api) data connector allows ingesting logs from the Palo Alto Cortex XDR API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the Palo Alto Cortex XDR API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ @@ -2156,7 +2156,7 @@ "properties": { "connectorUiConfig": { "id": "CortexXDRDataConnector", - "title": "Palo Alto Cortex XDR", + "title": "Palo Alto Cortex XDR (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [Palo Alto Cortex XDR](https://cortex-panw.stoplight.io/docs/cortex-xdr/branches/main/09agw06t5dpvw-cortex-xdr-rest-api) data connector allows ingesting logs from the Palo Alto Cortex XDR API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the Palo Alto Cortex XDR API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ @@ -2362,14 +2362,14 @@ ], "properties": { "contentId": "[variables('_dataConnectorContentIdConnections1')]", - "displayName": "Palo Alto Cortex XDR", + "displayName": "Palo Alto Cortex XDR (Preview)", "contentKind": "ResourcesDataConnector", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('dataConnectorCCPVersion')]", "parameters": { "connectorDefinitionName": { - "defaultValue": "Palo Alto Cortex XDR", + "defaultValue": "Palo Alto Cortex XDR (Preview)", "type": "string", "minLength": 1 }, @@ -2664,7 +2664,7 @@ "apiVersion": "2023-04-01-preview", "location": "[parameters('workspace-location')]", "properties": { - "version": "3.0.0", + "version": "3.0.1", "kind": "Solution", "contentSchemaVersion": "3.0.0", "displayName": "Palo Alto Cortex XDR CCP", diff --git a/Solutions/Palo Alto Cortex XDR CCP/ReleaseNotes.md b/Solutions/Palo Alto Cortex XDR CCP/ReleaseNotes.md index 0f8a6ae5636..84bd3f02018 100644 --- a/Solutions/Palo Alto Cortex XDR CCP/ReleaseNotes.md +++ b/Solutions/Palo Alto Cortex XDR CCP/ReleaseNotes.md @@ -1,3 +1,4 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------------------------| +| 3.0.1 | 22-01-2025 | Added Preview tag to **Data Connector** | | 3.0.0 | 17-12-2024 | Initial Solution Release | diff --git a/Solutions/SentinelOne/Data Connectors/SentinelOne_ccp/connectorDefinition.json b/Solutions/SentinelOne/Data Connectors/SentinelOne_ccp/connectorDefinition.json index f07f9667945..d8008a62274 100644 --- a/Solutions/SentinelOne/Data Connectors/SentinelOne_ccp/connectorDefinition.json +++ b/Solutions/SentinelOne/Data Connectors/SentinelOne_ccp/connectorDefinition.json @@ -6,7 +6,7 @@ "properties": { "connectorUiConfig": { "id": "SentinelOneCCP", - "title": "SentinelOne", + "title": "SentinelOne (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [SentinelOne](https://usea1-nessat.sentinelone.net/api-doc/overview) data connector allows ingesting logs from the SentinelOne API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the SentinelOne API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ diff --git a/Solutions/SentinelOne/Package/3.0.5.zip b/Solutions/SentinelOne/Package/3.0.5.zip index f57da2f71e3..5abe654da0c 100644 Binary files a/Solutions/SentinelOne/Package/3.0.5.zip and b/Solutions/SentinelOne/Package/3.0.5.zip differ diff --git a/Solutions/SentinelOne/Package/mainTemplate.json b/Solutions/SentinelOne/Package/mainTemplate.json index ecb4161990c..0b20e2e2637 100644 --- a/Solutions/SentinelOne/Package/mainTemplate.json +++ b/Solutions/SentinelOne/Package/mainTemplate.json @@ -227,7 +227,7 @@ ], "properties": { "contentId": "[variables('_dataConnectorContentIdConnectorDefinition1')]", - "displayName": "SentinelOne", + "displayName": "SentinelOne (Preview)", "contentKind": "DataConnector", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", @@ -244,7 +244,7 @@ "properties": { "connectorUiConfig": { "id": "SentinelOneCCP", - "title": "SentinelOne", + "title": "SentinelOne (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [SentinelOne](https://usea1-nessat.sentinelone.net/api-doc/overview) data connector allows ingesting logs from the SentinelOne API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the SentinelOne API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ @@ -2033,7 +2033,7 @@ "properties": { "connectorUiConfig": { "id": "SentinelOneCCP", - "title": "SentinelOne", + "title": "SentinelOne (Preview)", "publisher": "Microsoft", "descriptionMarkdown": "The [SentinelOne](https://usea1-nessat.sentinelone.net/api-doc/overview) data connector allows ingesting logs from the SentinelOne API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses the SentinelOne API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.", "graphQueries": [ @@ -2230,14 +2230,14 @@ ], "properties": { "contentId": "[variables('_dataConnectorContentIdConnections1')]", - "displayName": "SentinelOne", + "displayName": "SentinelOne (Preview)", "contentKind": "ResourcesDataConnector", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('dataConnectorCCPVersion')]", "parameters": { "connectorDefinitionName": { - "defaultValue": "SentinelOne", + "defaultValue": "SentinelOne (Preview)", "type": "string", "minLength": 1 }, @@ -3275,10 +3275,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3290,22 +3290,22 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" }, { - "entityType": "IP", "fieldMappings": [ { - "identifier": "Address", - "columnName": "IPCustomEntity" + "columnName": "IPCustomEntity", + "identifier": "Address" } - ] + ], + "entityType": "IP" } ] } @@ -3389,10 +3389,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3403,13 +3403,13 @@ ], "entityMappings": [ { - "entityType": "Host", "fieldMappings": [ { - "identifier": "HostName", - "columnName": "DataComputerName" + "columnName": "DataComputerName", + "identifier": "HostName" } - ] + ], + "entityType": "Host" } ] } @@ -3493,10 +3493,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3507,13 +3507,13 @@ ], "entityMappings": [ { - "entityType": "Host", "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostCustomEntity" + "columnName": "HostCustomEntity", + "identifier": "HostName" } - ] + ], + "entityType": "Host" } ] } @@ -3597,10 +3597,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3611,26 +3611,26 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" }, { - "entityType": "FileHash", "fieldMappings": [ { - "identifier": "Value", - "columnName": "HashCustomEntity" + "columnName": "HashCustomEntity", + "identifier": "Value" }, { - "identifier": "Algorithm", - "columnName": "HashAlgorithmCustomEntity" + "columnName": "HashAlgorithmCustomEntity", + "identifier": "Algorithm" } - ] + ], + "entityType": "FileHash" } ] } @@ -3714,10 +3714,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3728,13 +3728,13 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" } ] } @@ -3818,10 +3818,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3832,13 +3832,13 @@ ], "entityMappings": [ { - "entityType": "Host", "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostCustomEntity" + "columnName": "HostCustomEntity", + "identifier": "HostName" } - ] + ], + "entityType": "Host" } ] } @@ -3922,10 +3922,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -3936,13 +3936,13 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" } ] } @@ -4026,10 +4026,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -4040,13 +4040,13 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" } ] } @@ -4130,10 +4130,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -4144,13 +4144,13 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" } ] } @@ -4234,10 +4234,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -4250,13 +4250,13 @@ ], "entityMappings": [ { - "entityType": "Host", "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostCustomEntity" + "columnName": "HostCustomEntity", + "identifier": "HostName" } - ] + ], + "entityType": "Host" } ] } @@ -4340,10 +4340,10 @@ "status": "Available", "requiredDataConnectors": [ { - "connectorId": "SentinelOne", "dataTypes": [ "SentinelOne" - ] + ], + "connectorId": "SentinelOne" } ], "tactics": [ @@ -4354,22 +4354,22 @@ ], "entityMappings": [ { - "entityType": "Account", "fieldMappings": [ { - "identifier": "Name", - "columnName": "AccountCustomEntity" + "columnName": "AccountCustomEntity", + "identifier": "Name" } - ] + ], + "entityType": "Account" }, { - "entityType": "Host", "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostCustomEntity" + "columnName": "HostCustomEntity", + "identifier": "HostName" } - ] + ], + "entityType": "Host" } ] }