From 956b0141f3c4cdab6bbcbeca3f821771b904d2d6 Mon Sep 17 00:00:00 2001
From: MartinPankraz <mapankra@microsoft.com>
Date: Thu, 30 Oct 2025 14:49:03 +0100
Subject: [PATCH] dcr fix

---
 .../SAPS4Public_DCR.json                         |   2 +-
 .../SAPS4Public_connectorDefinition.json         |   2 +-
 .../Data/Solution_SAPS4Public.json               |   2 +-
 .../Package/3.0.2.zip                            | Bin 0 -> 7589 bytes
 .../Package/mainTemplate.json                    |  10 +++++-----
 .../SAP S4 Cloud Public Edition/ReleaseNotes.md  |   1 +
 6 files changed, 9 insertions(+), 8 deletions(-)
 create mode 100644 Solutions/SAP S4 Cloud Public Edition/Package/3.0.2.zip

diff --git a/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_DCR.json b/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_DCR.json
index a2ecc0b3cdd..138f02545c0 100644
--- a/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_DCR.json	
+++ b/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_DCR.json	
@@ -99,7 +99,7 @@
           "destinations": [
             "clv2ws1"
           ],
-          "transformKql": "source\n| extend TimeGenerated = now(), AgentId = \"S4-Public-Cloud\", ClientID = slgmand, Computer = terminal_name, Email = email_adress, MessageClass = eventID, MessageText = rsau_text, SystemID = sid, UpdatedOn = todatetime(log_tstmp), TransactionCode = slgtc, User = UserID, Variable1 = param_a, Variable2 = param_b, Variable3 = param_c, Variable4 = param_d\n| project TimeGenerated, AgentId, ClientID, Computer, Email, MessageClass, MessageText, SystemID, UpdatedOn, TransactionCode, User, Variable1, Variable2, Variable3, Variable4",
+          "transformKql": "source\n| extend TimeGenerated = now(), AgentId = \"S4-Public-Cloud\", ClientId = slgmand, Computer = terminal_name, Email = email_adress, MessageClass = eventID, MessageText = rsau_text, SystemId = sid, UpdatedOn = todatetime(log_tstmp), TransactionCode = slgtc, User = UserID, Variable1 = param_a, Variable2 = param_b, Variable3 = param_c, Variable4 = param_d, AbapProgramName = slgrepna\n| project TimeGenerated, AgentId, ClientId, Computer, Email, MessageClass, MessageText, SystemId, UpdatedOn, TransactionCode, User, Variable1, Variable2, Variable3, Variable4, AbapProgramName",
           "outputStream": "Microsoft-ABAPAuditLog"
         }
       ]
diff --git a/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_connectorDefinition.json b/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_connectorDefinition.json
index 1a8ff33f3c7..83480d3083f 100644
--- a/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_connectorDefinition.json	
+++ b/Solutions/SAP S4 Cloud Public Edition/Data Connectors/SAPS4PublicPollerConnector/SAPS4Public_connectorDefinition.json	
@@ -10,7 +10,7 @@
         "title": "SAP S/4HANA Cloud Public Edition",
         "logo": "SapLogo.svg",
         "publisher": "SAP",
-        "descriptionMarkdown": "The SAP S/4HANA Cloud Public Edition data connector enables ingestion of SAP's security audit log into the Microsoft Sentinel Solution for SAP, supporting cross-correlation, alerting, and threat hunting. Looking for alternative authentication mechanisms? See [here](https://github.com/Azure-Samples/Sentinel-For-SAP-Community/tree/main/integration-artifacts).",
+        "descriptionMarkdown": "The SAP S/4HANA Cloud Public Edition (GROW with SAP) data connector enables ingestion of SAP's security audit log into the Microsoft Sentinel Solution for SAP, supporting cross-correlation, alerting, and threat hunting. Looking for alternative authentication mechanisms? See [here](https://github.com/Azure-Samples/Sentinel-For-SAP-Community/tree/main/integration-artifacts).",
         "graphQueriesTableName": "ABAPAuditLog",
         "graphQueries": [
           {
diff --git a/Solutions/SAP S4 Cloud Public Edition/Data/Solution_SAPS4Public.json b/Solutions/SAP S4 Cloud Public Edition/Data/Solution_SAPS4Public.json
index a786fc06c0c..41a27f2761a 100644
--- a/Solutions/SAP S4 Cloud Public Edition/Data/Solution_SAPS4Public.json	
+++ b/Solutions/SAP S4 Cloud Public Edition/Data/Solution_SAPS4Public.json	
@@ -17,7 +17,7 @@
     "Watchlists": [],
     "WatchlistDescription": [],
     "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\SAP S4 Cloud Public Edition",
-    "Version": "3.0.1",
+    "Version": "3.0.2",
     "Metadata": "SolutionMetadata.json",
     "TemplateSpec": true,
     "Is1PConnector": false
diff --git a/Solutions/SAP S4 Cloud Public Edition/Package/3.0.2.zip b/Solutions/SAP S4 Cloud Public Edition/Package/3.0.2.zip
new file mode 100644
index 0000000000000000000000000000000000000000..e6bb6806aee1aa2b8bfacbfd9eb3f4f34f22682a
GIT binary patch
literal 7589
zcmZ{JWmFUZw=LZv-OUU+G=fM-cMT!k-HpHi(hUkjcMC|zPy-Al-CY9$B3*)@g4g@~
zdGFn~?m1_jv(EXk|L%46)=@{tAV)z#!9hU{urR%6P=%IZp`ZwoqM%UyyW0BLTl?7?
zI4jsYID0tzIeU8Wx%hf|v>R=D>?@ImGFd&B4s1s#%2(L2C7Dyd#wDLUKzm0zbOSU}
z33K`gXjz%|sOoVx&ZQoM9W34el3XklOj?BKtSkvWnww|q8B`}eKm4M2bM-d=z$ktf
zEpn@C!9oLgm*4q9&CaOAr}?2vh?=9@Y39t1ws_=7*ZC^KOSnsflm7X1Gq4k=nA(;o
zqrWgutoVniZrL)j8J3BksV3rfiVjdRg$G<uonAOQMKjGAEhNTZkLK-zsdY=_ZKLoX
z#u`x~73xIod#F%Q*O`tTtrvFDR^&|R137rCxsJE*`SscoN*6@4{;Dcst+0D$Ge{`8
zeN8sAsOL@s&QA!+C8wlSJkw3<z5;V{#5562AE-HQXnkuv<@ao~{rv%izNT|>1Do8v
z4Ci6WMm<n5zUV%h&338L((Yd*;@8sNGbwAr!CG}1aQ1pNXrf*tRv~1xXF`VoUcu#h
zBrG-s@em!L8LeLSKVyk8A`mRR9!)FLRcG6uQd(254+jcl-OBUDCLqzCGu5}VI|bVO
zl?@AGM~kN}0Inck>Coa|3ppZKaCoPR{5{bce3PC~j-{hX&S;AVuKQ-iFcdZnkH>%A
zoI>YLy`sK4$O3gLU_Okn`aC9g`jvVjlrt$5!}i`qx+nJWpw-g>IXw`EZYTSGP?^g9
z(;N;l3wK<V$U(b_c`imNR4xcx>C&@7zKP;hG&#r~Pw!=ZIj^;WG1v)YB9Ivw89H#6
zM=E!CKpCy}NJFMf%n946*`&8dHq+WW31EG!`e@j+GV0jlD&};%iu%>w2pL-ut)QNe
zfL<ev?^=!@9*Qg&sSrBoV6KJsK2U@GAj^kalK})BEdW3T4}K&%v$E5dH((p3RJ=Ve
zuK|P*njl1x`|t&XSFXiDc406Q-|j6wX^gJ-ye{r)ZFOyfB+w9=(V<iZrmmh-_=QR+
zCinfici~qN*@!sK@f;_@De9Bij7z%2I3}=5#}5BD<`hZs@0(upvMx@wgn$J!#?VSl
zkz#Y@>~2nOMUTyn7d5zCamMDF9|clZSiN5+hwc{@^^s`}R2t%uRj1fXi|=QQP@wC)
zO))y2U>Li#IC}Tq1S0o<dEf4L4*BD=8d9S*n3qLI*}hz>T`m=giL*i3_3~H5Lf!yX
zDDL;PxXa0^$+I{QMt_?2&^mr|@*7k8T+?&A@@Y6oF){$$vBDu&<}H>vY`cNQZD@jI
zBI{eA0a*Be?nbdf5k1>OdQ3t!rxKe{b#FMpd&9TrMb*%%??+2wP#;{F+GvyP*c@t?
zIhlH4gpQmC1AtP36Km(r{40${mLcip`eWp&yIlXvZtkCds3a?PWYYaB-if@{yQ65A
z$!Dtny6tzNRxVSO$+=d?EFUQPyBWXoGIKM_!Y(_j;q!hjmjl4u<uEyG$kb%g^ebni
zDI=Y$jZ#z7#>I=)U7tOaS3u@N1l&0Y8HGZbt0>6uU8}8@CZ(NUsQ)_Wqe5mEL<Gf~
ze3af=yeKvhodPSocCK4qG2L~?JF*dpB;pa~jG2UwDAXx*>h`}<w$?a)s8}T|-gsjf
zpI+vm91<ceRjjlauCUmeam6PN-M((-^^g{fm?|(CxlHCm9;eW%s5i@ve~qgvg|Z^d
zCfh7zj-+LngWbJ8<AKX3p)e8|Ho%cN&pJ<nh2q-ZX7<m*k<ivSI_yQJ=+7UtqZC;t
zbj?4McS|X83}K1m?qgFj$+J-nZq7yo>dQ`~7W6I9iA)=7IE%;LZzF!;4+$oZS?}FJ
z2aV`O4g7Arjcxk~__7e=)J9WC+M#hFYJT*~@x8_B3;}w>0KH8+f$gJsX`9z-C-|Z<
z0jn)>{zlI%K>~HaZG9;-%~_?(H%<V>MA$*Em@+{3S692(aS_=s>)9FBxHJ#Xo!&Jj
z*u(ces6-dCrz~{wGSj3!)x8Z935uJRn}Ws-c*q{Tg^4qoD%d{28kk8Y(#mDbOyQW|
zrsd36ZEXRBR6}m(bG<*tg&o9Jp$5H+S48#0YChRM!o=l9?jcNIW5pUB+;E&XaL+So
z=sVkF?8O#kui4WddcJh3;Gd3vFSlAg%40vNAve+JIA|z|ji-r2Lef^jG$((tS(X!|
z`m)6)*jDJ<^NM-GB(Ux;_AUUFbD2DKEUgy~noFCVkt2D@{^c^NO>&hQN#R*`Umo-T
z74DwzvfQQvFNAD~*4Bhw=!V{F{_e4Ba$-_K|G2$nn~T1(A$TDe8vJx}d{_4uP3Qli
zH3Hm)WK2pFl!6Qt6q0|m=5Fomp>OZ*<@S%<{zGWz<{`eD9W8(Rg`bG13j^#ze%!EW
z?vwpyT-G8(N+h^+olmt3^C>j2FR>4xl`x1-Pd)MeEZ^4laYV$aBvz;xtA%Qp&r|>t
zzFgQe8}Z&Nhdtcj%h6hLx#ID;)2EN>yJ|B8^dJgT)n669$2SZ7&eRv33fQ{JJ-N6G
zC~gnIKHu?J#hN7%<_*McIMN|3L_&A}I<;wFXYJB<KGRg#MB2*q6f!<jNe9a6<-1hu
zqVF(Q$c9Q$kR}oRjw;D<9vjhucJb3&3L_GTdf07Q#+ziAhtPe#;vj+O;Rgaqy-hTf
zZdPneQH)aDHTbj@YCn!~lJX+2L2|Ug-%tap+w35ux{(UPVMLI!>J<5w*ZuB8Iloe$
zb0zv}0s*qPmL^wVJmluag#x@+y`!D^eG|xD^;?XH=njr11T!Eh8KNovp77;-<U4&X
zxysFzUs+B%d4GZ#0~Q#yVlLOt#pGc9QTIID?&@n+e>YeTsF;&^2$x0;6N=Ct?<~el
z4|VZ3NOJqre{;1~MRVCi*#%l<G?O=Qh3#;7W3rk52_<;O!O&E(Z60^InZ|4B=xpFc
zfNEiRR04v*tSTkd3W~L4DJiVyFLmFWL<C3wQ5+`4Br<w<+bX)6SMTtnw+sH{@#>N*
zOI@62r9+MPFX^4KxPKI`Hy^NKwnlhy3VaZTM>^)}pjtX?l)>UPEiNwJi`RBZ(UK0{
z7h8&1R`Rx%U@pC@mRrKhwGu{!)!kP8(QUaiSo8U`U^?NOv!mA0(Y|dRkR;Nhq<P|#
z>y{u8f=NUMyi8S7QYK;t?P!XS4Whb3b7u`Zz=K7Xfx(6FP6hqlsh4Itm*2!{F<>=J
zyln0iq&ul<9m@!)&&It*c9J<J$b3Z7P4q}R&v$%=V@vT9v-OCI<;+=q72SB_?Fzax
zP|$y-(<Y<FaQhuzjYASU2V~37hm%e`o+Hw?sqF&?N7Naum?OYk$cSY2>|us0nMN#f
zhY;K5-3x*@NYomGu(Wxfr2V%``gYj(InJV+9m^gakeRTbEOS5Vqf1<0>}+WzR`s%y
znH~D(aq8qAcebYpxdy8W(?A0U0bem;Qivv{#2g2)R~ZIk@O1WKmY8j5!c>+;(@<3+
z#|T5KY^{eIgG961(PECfxMjaG(IIRU*`2=oYALe*+oyF_gv@vi)$H=zCY_4)?<^t?
zD^6TZPZq%Cfry9H@g9n(spg@`G!r{@wY7kjHC@cI=JFVbfR+=aep3`nMy>qHY)$?*
z&2PLEc^`_a-cFrfzIIS^yn)StoVTJH!>ObMf>C`f1HQ8pw(AL#!VM(2AXD_l{9N%D
z7n3IPP`%1gFx2_ul90&s`PXjW)*NF@G9v4J?(DB?jv7vR#vD?+9l?`Fw$>Mxh!8^h
zki5;m^%duh64HQ<e#JZhYcjOh1m<V6!39P{Z$5a;<Z{GdgIf=T+!><@`T3&T&wS<L
zIhCp;<7U7~;Xii`{%ZCwp{p$1qVLC+EwYo;MDp27E)<Dq7h9d?0>lIh8)`qfs#)Ow
z9!)!r<09s{<^2+@&<|Bud6oOtVp!PhXtN9+aB18CO01I{;H(-eB&+rbHeQY&CfthU
zhJ57#ncZV2@>UzoPifQ|y}8srQ@9e$KgedQK%9Z8_<5A73O8<r0VN3n%Qb;~z_RiS
z($~2nNoxgpaxX8^xw6(Od#i3%D1RzFWa}|cs<4~#^Y1*%UE~(oth+~|Yub#H>?&E~
z?vv?MMN-=$fF53Gm>f&6TwrR>i_vz0i1-4KE<Gb&xg4krGD`*)mS!<BX$P?Y#Fd0i
zqQAZnkai}Sa4)MS{RGrwGR^lJ>v{n*BB3i!#Tu`12z(=;5hE4bj7IgD>rkWXL}u*8
zd$YaR^KC=B4WNeh)5m7J&{kqv@T%_{f4169B>p<%J@z@-UbnPk@X9i2Nz%)<$<A0+
zfzS<omzPyphMR?vvUw^en&CfWg><qxm&PW3_MZ~};vDo9tkDUaw@~ai+kSaxK9_E+
z8<#Do7dOCwbrFw&FAxt!`j#{bL|7@&x}OwhP*r)TW|A1Z|1s0F5=Y$C8~%s75q50Z
z`Bv-iH+7#{HhZiy)UxrjE6Ye=1Zi}lMG6v`eG@!AUW@^EZ`m|OM~Z9mJMOqhDo+|;
z4?sE54QNA?l5{-7K92^y;OesD>%~ZQC0aYknM+vP*v|LJkV&{P&sMuv)`_Pl$?ij{
zWg@jihRLa@9ae<(96|_53EdfcY=Z+>bFs$1a}TCauD{i<gb1`_(H=9{6EO(JIYWa`
zNeHX3N{PKx+J3M!8f`En)&(=0SIyON8X4%#EHeKfPCV3St+B#QJ9!(Rmgq06`Ru%_
zZaEl|GHq#P#PBxV(#uV?jJcFFJ{lPcMDR83&;$>4utm|veNyA$QGX|zs7y{+o2+7V
z#2AE+4X<!tlxXLnXhTGFPJd1BGI3*Ulg_m9TZXDNg}+~q@?)=|G5JuU>w_<BUqJZ7
z<E!*yt$f4W$N*YL6J!e&Q!Acw7?t~#cMOJ{^5AL$u<5W%*#=+T{~N0A4~;1go(I@D
z-b~vE^R2fjF@8OMXlAfW8rTT@R~)tT#Ji9SC*dB=uI;{<^?U9_xPDggo9Y_ebg4I}
zw@e47MrPPk4dr&`pw%rWcPVdbFU=XWaxx1-M0!aIBTZVGS&1!H;1bId!no$UP}l_i
zezq-04unr0{QaP3Qnp(6Es-cCwqzl+k0z}Y%ah@GWrnCjAwV@BBSb_dXHUTz`<Cn=
z9W*sFBijEhn{}go7h-Byt>`ew@pH<1s`>oizqOg5iV_*Zynh`>hszB(lzkX_kr`IY
zyQ?oG8xYVC`-GSt-&_@gS8E5~21#LlIpsXbrAf)?O*)K?9n8<Tg~=2KgzS43rSvnT
z-S<_lAe<mq^>DG^8^0fC`A^kX=NCBv$E~58W!fQ4jtE2_{CBd+?7cNpk>olu=BYZs
zvDVx%#4+xLonvDw<hD9OuVH+K=wx1->WFjViRdv`VhZ^BwKFgjGu>^k|C=B2GA(iU
zWlUSM9&|$EA!xtSK`km|npk2jGmb8B{K`s9h1)7ThiGYrh{*iY%&lhS`o|qXwVg5<
zMe?!N4iR#UX@LPdy>N(kXRAD4wFcn6es2f-@$!?6p@Zo|4lGU4!saxB4D>@jq4C3|
zWDQjO$$Oa11+XQV7xj2(0<0ZISL@bZD+KqLx#W^Hbm79_tLPKz*>#a^(80l#UgNDi
zkb<?rVc4{^D@H0V@!HE7+&y1-8>z(eRHcJ_$5OkxV#~xR{{~HFjmkNN&9f=%ib(0x
z8`1-E5qqr~-*jbtKqNOQ#S2Ozk?s#{*L`?W?G!xPJYjg#Udu$y>XN(#cpQFpmR^K0
zl$(u62s`f5740%>IM+q9$+TP`zrm-wOM#^*uaDbvI?ApOc=B+$Wv9;l+Tys^!dppf
z<Pwf`Y2gQrovqvOrzj3&Tg?{<*+}g#gM4$sPkwq*-ybt|g6qrsdvz`>s+H&}@6=By
zrGsI7j*S;`7L=1S7a}#H0Pq$WZV`qCxt>FyT^?G`)*Zg&U+wQ3l?)Bp>FcLIuFOt?
za{h@PjiaQgmos`#lt8KIT-nUtf|6!&RG%=34a6sW&h1jhB%c&o;zHa>dReN@@TyYD
zRMKo|QQ6U;?m@QP*shO{Bl-A;LSik8LAH;Wx&fvxq;|KphEt4Y=|N3B%~Mh0!htaa
zC}|Txi8Gc(iTY6a>kp_CG{w^gK#-jyIgok;aLJgpN!CG1pksZa#9i0P+0FwyJm{UQ
zqdxGVG)NhK5hLj1X1F6H{be4)S&4(rN?}SMZ=RXQtLB9JXBagzPyWKHEN<e#eIZ{&
z%Z_@!g7H-87vrJOR?fR^0i0F;5r${fp9WocLU<9TF|BlWe^8IwT<2%vreOl1U7rtC
zrdjhdrS&`{vtoEYO85u+=z32-RBdn8w;7VNYgs<zY`_p0Z3ik?L9364*$wiFs>hEL
z*%`eSPW0^<Cq<Em%;4HHNzhc4tMZUt@6@~6qJr##d+egaDD7d5sfV++A5fmCOXJH@
zABA`}pqPpCYMnx&rl^x4X-+V;;6!dGbTb^TPacAykhAMCj|XL`aHG2w;1*%j_C49+
z#g7Q1Ewys`;c)hPW}o?s(GuM+BODqjO1aNp<i^-?zD(qPS7s(Y)L?)2hva*${!+g&
zCI6F1#qRvPtx@d!XWcm6yVVRdKKmKMb^zy{IM#O&l4x^mS^xBK?#nr-10-SfI9`<?
zz|ub3Fq%nAeEOB*#83U^*1fIs?Yiwak1`*7dC{jGlAke>RF4}G@|GvA{C5Ygz+U^&
z=1!zf5Jg8L;1Dl^BK%>S-U~CzZ~8Agkk!$#WiSng>Zj=@XyMD!sBo|MHZ@}#y2EDd
z=BW~oMvd^SJX5!#R`luPyOkgXu(VlH?*NTfs)|n)Y|K?BQEPV?K@~ucX$*3#z7CcA
z#iq>Ou?-RuIiiuReqf9!mfT`o^L%yBSyn%2*gLf5@loAQM#V;w<fTJL{z$W;S6&9&
zt<2f&kxqHwxb6$f-qPFrkn8FBKi|S2i+M=Nc+U;c0+X&M^N0eNs@zx>>7b}^9RmIn
zJ1)uf_{FDK{T<(`PO3Aaa#)l~S56#X4kt(Zs$f?HVHsJ6X_5FXQ2t@#_HJ&fT%WqM
z5N$)h4RV<kqmrJTFsNELcZGI!OuYWVS}PY#@_?20m$}8cnCO0P%5v!*`)KUu%Ea20
zzJMzUvjv9{9EF)*Nz(HOzfp_e73tR8uBGth_V-G)l{8_>UJ836k8lOAC0c={=|Szc
zUmCK9G}Tde53d$nnidT9DkiNf)OX8^t;^H6F2&F#O)&YoF@W9Fa7$cD6Lg|(S^^Px
zMb#@aw4Y{n*RoeLaR`aY2hIpjN~V^j_pZ->-#cfiexjxK)ipBM%eD{A9^zHs%glvo
zKnJ;a5S+e?v@00-TQAIf06BJwoW=||>ptQKVCn;*hyAa(F0Oj$oftb0G%KAF1>R)c
zFpQ4Qv+q)Lnp{zUZ_aCZ*70>i#I2A_>dC|1kCmst9mV(lQ`Uk7UO`H;v{q5!BxX%=
zd_jFR4Fvd~p}c*R)K;JeOM^A!#%@@<RhT`8Mcu$J7sO*0;KwS);}XWt&uFWgFEko~
z4%K|TjpTefsguFH^7;%8FqU`Qcun2iUftnQ*1;%}9`a3{2Gxf4)Mk&LC}be88n^dn
z^@09{$)W?x(zqJu2tGvvaTC$mGPFOR-P+Bux7;)ZTD$oVYcM$KaM(=q^Qu|nZ<ErB
zPyTqcdNtAtG~NyNBx-LxJ9ssu^x6b-K~Aj)a?m<g)CB4&c8%?uKI^L~NfXqegk{zm
zqrkXhjWdVpR*37=bWO3!xg)eeeCw|7)$5sn2E>f*-H7McVVca)Uq_8NlB10{2bu}~
zVNxYl(odSwY#(0Ir6kOrjqOe2=Q#99`j6~ASI(Z*n<Y_jxRocyF!dUfR=5ky$j+oy
zaqH@q9G$X`oA`;gAenh8>YrV2Z&l5BvwmUhk`i4oWlFlMQ-+r_t84nlbET71IVh&7
z{Q1o3EtS$F<!f%a55aTO?+`tH{l=(Fqhmg81dWt!O2z`1CyrrkUy#UFmOoc2er6cc
z_O)pTsG_crUHc-NvybE^J=@;WdE86)I>Vlaw*Y|gL{S_Y^k5NoZR&)}Ez{p(PZ$De
zpYZy8hY7OhPd4hHny9;ZBm})WgM`UX0+C*sjvR~6?lJCezAV*Y%=B^Bst#peib9q>
zoz7t)A;sV5Oz1+r$1yp#e^TQCw2fUL60Qh%<9+65am4x(CmQ!RLtfwL?04O7xk^Vs
zqOjMG{)xO_z#N?}%DJ_QPnadMDg$?Wg^vzX9mt!$mGl%y@@t9&VHH|oc=V1<EWFD#
z=PrLD_-6{8QJ93oLIR#$WGaNfQGK4Q>tQ5IW-rU}L`mDli<Hrof+HB1+LK6N29AEX
zc2<NpT>ar=RXUF75@FUGPAMxjyqW1M4Y{N${t*n{#(ZtTi;HgcFj6sJbiGOdn)C=$
zH50aoD#BxH&(`t6Tl-LQcs5+Y#*qG0wmgBkcPcE6q3%WJf0=KA8xc?VV4;#ti#y}c
zYW(}|w8P!9FWCQkcbwYOTbht4Zslsr6q;{`*1rYCvo%B>y>9o-6y!B4m29N*{Dy;M
zu@^8cy*9}wl|NGAP=7MlvPHHG2(y+H9Yr7en<oc9Epn=H+|;F+jpnKshMVYdQ+#K$
zOxr|KI=EWj=x&w-r-*j^A*sg;2j!4VkeN}0KxDg-;oJypeQos_H#$rIiz%YEQL(1c
z=CTsI+8LWPt;md9NMh8N`AGknhjSibGeD}L&MtThElqr++tR-w?=N0#(ojf>rYN%h
zD;U84w`joT5yj5?8Tbh}EG~ieNGF@b6t+N7`0;bVT>H(s?jG)>xk+S5SM^?(aP_Y@
z2Zg=#yfS_X*IhIPY7R^}8venR<{4N&w_b-ew2?!6{wO(#Lv{!o#|BVqU-SuMC3G#}
zY|-F<A^Dkukct#6^A~7L$YaO|V&vN2yKM-BOc#fI`THCBSDtTbw*v3O5mW<^oYp|6
zXnd-B5uDS>VE>7Su!SyReSo5G=ai86U!xHWg|Fgc+}&C5lN<a*Bj6b;KIy#o-xu$d
zpQ=AH4=yPCxnM<PF2Tk&#sb}0NUiJUX6Ln0-S+XG%>_$;Ivs89VnqP%-w$vpFwy9i
zisUBx&YKRKl6UlQ?rUj$`#O(3BqD0YwUL1$n*hd|;=E%Q*2IoYen)f|n^;dp73E$A
z89rPuS&NQJ31tIDCkyB@LD3W|nB-cmBpoQx!V7Y*U9BWvj;VP$_)c(__SLw<hRFXU
zdYz+?lNC{wC{vW7GzAm2*rL+yu)cJP8WdFVh`I7S6imXkBpEi^7A&|04bo!+HH24D
zWJ!rX*pkb~L1sHsc&RNuMS*Nvf>LX#%}n_$Knslfxysy2_mNE+uklLF#8P#sbi==q
zT9B}}Kt}6PInvd=?5qg192h%Q*7CN4*2|6^hACCgyS*VrF$8?vA9Dl3(_J)27uP5a
zEpD5~bMup0qApuvn9rvUK;PCQ*DDL9N@^*1rDt<rv#6QiHmd|9asAL>qt@~xSg+bf
z9%gWC<48KHFMz9rKC^C8Qr#Ysp<m(s9v`@NU6?GH-cD)q+`ECBpIi*^7RD!5&i&rB
zPso``shID^h0g$osQ77==i^J~!!v>qR`q7BiH$kPH`41TjQ%O+n>nhLDKBe}oj*uL
zX<d^+yk|T%WK!U#pVx#WGPiidcx$a$?RKcw(N^CVFa)uI2^N6a2z5Oy@a{x@#)o<F
z*7=<8>w{6xl3vYMyah2NKj13hYfAg_b<f9Frd79Zvi3rTlW}Ci9!I|L_dm$!sH38h
zqx|n?=s)53|BC;`8vUOj|5JMYKM1S;eAfR@h}KcZ{C7q{LHn1{|0X`ee{cT<$Jj*?

literal 0
HcmV?d00001

diff --git a/Solutions/SAP S4 Cloud Public Edition/Package/mainTemplate.json b/Solutions/SAP S4 Cloud Public Edition/Package/mainTemplate.json
index a86a3ee6db4..c63b90a35df 100644
--- a/Solutions/SAP S4 Cloud Public Edition/Package/mainTemplate.json	
+++ b/Solutions/SAP S4 Cloud Public Edition/Package/mainTemplate.json	
@@ -45,7 +45,7 @@
   },
   "variables": {
     "_solutionName": "SAP S4 Cloud Public Edition",
-    "_solutionVersion": "3.0.1",
+    "_solutionVersion": "3.0.2",
     "solutionId": "sap_jasondau.azure-sentinel-solution-s4hana-public",
     "_solutionId": "[variables('solutionId')]",
     "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
@@ -89,7 +89,7 @@
                   "title": "SAP S/4HANA Cloud Public Edition",
                   "logo": "SapLogo.svg",
                   "publisher": "SAP",
-                  "descriptionMarkdown": "The SAP S/4HANA Cloud Public Edition data connector enables ingestion of SAP's security audit log into the Microsoft Sentinel Solution for SAP, supporting cross-correlation, alerting, and threat hunting. Looking for alternative authentication mechanisms? See [here](https://github.com/Azure-Samples/Sentinel-For-SAP-Community/tree/main/integration-artifacts).",
+                  "descriptionMarkdown": "The SAP S/4HANA Cloud Public Edition (GROW with SAP) data connector enables ingestion of SAP's security audit log into the Microsoft Sentinel Solution for SAP, supporting cross-correlation, alerting, and threat hunting. Looking for alternative authentication mechanisms? See [here](https://github.com/Azure-Samples/Sentinel-For-SAP-Community/tree/main/integration-artifacts).",
                   "graphQueriesTableName": "ABAPAuditLog",
                   "graphQueries": [
                     {
@@ -360,7 +360,7 @@
                     "destinations": [
                       "clv2ws1"
                     ],
-                    "transformKql": "source\n| extend TimeGenerated = now(), AgentId = \"S4-Public-Cloud\", ClientID = slgmand, Computer = terminal_name, Email = email_adress, MessageClass = eventID, MessageText = rsau_text, SystemID = sid, UpdatedOn = todatetime(log_tstmp), TransactionCode = slgtc, User = UserID, Variable1 = param_a, Variable2 = param_b, Variable3 = param_c, Variable4 = param_d\n| project TimeGenerated, AgentId, ClientID, Computer, Email, MessageClass, MessageText, SystemID, UpdatedOn, TransactionCode, User, Variable1, Variable2, Variable3, Variable4",
+                    "transformKql": "source\n| extend TimeGenerated = now(), AgentId = \"S4-Public-Cloud\", ClientId = slgmand, Computer = terminal_name, Email = email_adress, MessageClass = eventID, MessageText = rsau_text, SystemId = sid, UpdatedOn = todatetime(log_tstmp), TransactionCode = slgtc, User = UserID, Variable1 = param_a, Variable2 = param_b, Variable3 = param_c, Variable4 = param_d, AbapProgramName = slgrepna\n| project TimeGenerated, AgentId, ClientId, Computer, Email, MessageClass, MessageText, SystemId, UpdatedOn, TransactionCode, User, Variable1, Variable2, Variable3, Variable4, AbapProgramName",
                     "outputStream": "Microsoft-ABAPAuditLog"
                   }
                 ]
@@ -389,7 +389,7 @@
           "title": "SAP S/4HANA Cloud Public Edition",
           "logo": "SapLogo.svg",
           "publisher": "SAP",
-          "descriptionMarkdown": "The SAP S/4HANA Cloud Public Edition data connector enables ingestion of SAP's security audit log into the Microsoft Sentinel Solution for SAP, supporting cross-correlation, alerting, and threat hunting. Looking for alternative authentication mechanisms? See [here](https://github.com/Azure-Samples/Sentinel-For-SAP-Community/tree/main/integration-artifacts).",
+          "descriptionMarkdown": "The SAP S/4HANA Cloud Public Edition (GROW with SAP) data connector enables ingestion of SAP's security audit log into the Microsoft Sentinel Solution for SAP, supporting cross-correlation, alerting, and threat hunting. Looking for alternative authentication mechanisms? See [here](https://github.com/Azure-Samples/Sentinel-For-SAP-Community/tree/main/integration-artifacts).",
           "graphQueriesTableName": "ABAPAuditLog",
           "graphQueries": [
             {
@@ -707,7 +707,7 @@
       "apiVersion": "2023-04-01-preview",
       "location": "[parameters('workspace-location')]",
       "properties": {
-        "version": "3.0.1",
+        "version": "3.0.2",
         "kind": "Solution",
         "contentSchemaVersion": "3.0.0",
         "displayName": "SAP S4 Cloud Public Edition",
diff --git a/Solutions/SAP S4 Cloud Public Edition/ReleaseNotes.md b/Solutions/SAP S4 Cloud Public Edition/ReleaseNotes.md
index e0c08d66518..1e2bb2a15f2 100644
--- a/Solutions/SAP S4 Cloud Public Edition/ReleaseNotes.md	
+++ b/Solutions/SAP S4 Cloud Public Edition/ReleaseNotes.md	
@@ -1,4 +1,5 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                  |
 |-------------|--------------------------------|---------------------------------------------------------------------|
+| 3.0.2       | 30-10-2025                     |DCR transform updates|
 | 3.0.1       | 16-10-2025                     |DCR transform updates|
 | 3.0.0       | 06-10-2025                     |Initial release|
\ No newline at end of file