Update playbook documentation and deployment templates#12237
Update playbook documentation and deployment templates#12237v-prasadboke merged 10 commits intomasterfrom
Conversation
- Rewrote readme.md for consistency (improved prerequisites, deployment, and post-deployment instructions) - Ensured playbook metadata and connection parameters are clear and consistent in all VirusTotal playbooks
There was a problem hiding this comment.
Pull Request Overview
This PR enhances the playbook documentation and updates deployment templates for VirusTotal playbooks to improve clarity, consistency, and usability. Key changes include updated README instructions and metadata in azuredeploy.json files, as well as standardized connection naming and deployment guidance across playbooks.
Reviewed Changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| Solutions/VirusTotal/ReleaseNotes.md | Updated release information with a newer version and date. |
| Solutions/VirusTotal/Playbooks/Get-VirusTotalURLReport/readme.md | Revised language and deployment instructions for the URL report playbook. |
| Solutions/VirusTotal/Playbooks/Get-VirusTotalURLReport/alert-trigger/azuredeploy.json | Updated metadata for incident/alert triggers; minor spelling fixes observed. |
| Solutions/VirusTotal/Playbooks/Get-VirusTotalIPReport/alert-trigger/azuredeploy.json | Adjusted connection naming consistency in variables. |
| Solutions/VirusTotal/Playbooks/Get-VirusTotalFileInfo/readme.md | Revised file information documentation and deployment steps. |
| Solutions/VirusTotal/Playbooks/Get-VirusTotalFileInfo/incident-trigger/azuredeploy.json | Updated playbook metadata; connection variable naming inconsistency noted. |
| Solutions/VirusTotal/Playbooks/Get-VirusTotalDomainReport/readme.md | Improved domain report documentation; observed redundant author information. |
| Others (incident-trigger/alert-trigger templates) | Similar improvements for consistency across all playbooks. |
Comments suppressed due to low confidence (3)
Solutions/VirusTotal/Playbooks/Get-VirusTotalIPReport/alert-trigger/azuredeploy.json:33
- There is a typo in the variable name 'AzureLoganAlyticsDataCollectorConnectionName'. It should likely be 'AzureLogAnalyticsDataCollectorConnectionName'.
AzureLogAnalyticsDataCollectorConnectionName": "[concat('AzureLoganAlyticsDataCollector-', parameters('PlaybookName'))]"
Solutions/VirusTotal/Playbooks/Get-VirusTotalFileInfo/incident-trigger/azuredeploy.json:33
- The variable 'AzureLoganAlyticsDataCollectorConnectionName' appears to have a spelling error. Consider renaming it to 'AzureLogAnalyticsDataCollectorConnectionName'.
AzureLogAnalyticsDataCollectorConnectionName": "[concat('AzureLoganAlyticsDataCollector-', parameters('PlaybookName'))]"
Solutions/VirusTotal/Playbooks/Get-VirusTotalDomainReport/readme.md:2
- The author line contains redundant 'Microsoft' entries. Consider listing the author information only once to avoid confusion.
Author: Nicholas DiCola, Microsoft, Microsoft, Microsoft
Solutions/VirusTotal/Playbooks/Get-VirusTotalURLReport/alert-trigger/azuredeploy.json
Outdated
Show resolved
Hide resolved
…rigger/azuredeploy.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
….com/Azure/Azure-Sentinel into origin/users/rahul/test-vt-playbooks
….com/Azure/Azure-Sentinel into origin/users/rahul/test-vt-playbooks
There was a problem hiding this comment.
Pull Request Overview
This PR updates playbook documentation and deployment templates for the VirusTotal solution to address consistency and clarify instructions across the package. Key changes include updating version numbers (from 3.0.0 to 3.0.1), refining metadata and role assignment instructions in readme files, and revising deployment JSON templates (including improved message formatting and conditional URL path handling).
Reviewed Changes
Copilot reviewed 15 out of 16 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| Solutions/VirusTotal/ReleaseNotes.md | Updated release notes with new version and clearer change descriptions. |
| Solutions/VirusTotal/Playbooks/*/readme.md | Improved playbook descriptions, prerequisites, and post-deployment instructions. |
| Solutions/VirusTotal/Playbooks/*/azuredeploy.json | Revised metadata in deployment templates (titles, prerequisites, version, and connection names). |
| Solutions/VirusTotal/Package/mainTemplate.json | Updated solution version and connection variable formatting for consistency. |
| Solutions/VirusTotal/Package/createUiDefinition.json | Adjusted UI definition description to match new documentation details. |
Comments suppressed due to low confidence (2)
Solutions/VirusTotal/Playbooks/Get-VirusTotalDomainReport/incident-trigger/azuredeploy.json:222
- The updated conditional logic in the 'path' property improves robustness when parsing URLs; please verify that this change handles all expected URL formats in production.
"path": "/api/v3/domains/@{encodeURIComponent(if(greater(length(split(items('For_each')?['Url'], '/')), 2), split(items('For_each')?['Url'], '/')[2], items('For_each')?['Url']))}"
Solutions/VirusTotal/Package/mainTemplate.json:36
- Ensure that the solution version update to '3.0.1' is reflected consistently across all deployment templates and associated documentation.
"_solutionVersion": "3.0.1",
Required items, please complete
Change(s):
Reason for Change(s):
Version Updated:
Testing Completed:
Checked that the validations are passing and have addressed any issues that are present: