diff --git a/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/OCI_DataConnector_DataConnectorDefinition.json b/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/OCI_DataConnector_DataConnectorDefinition.json index 18a0b7f21f4..bf116e16986 100644 --- a/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/OCI_DataConnector_DataConnectorDefinition.json +++ b/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/OCI_DataConnector_DataConnectorDefinition.json @@ -108,7 +108,8 @@ "required": true, "placeholder": "Provide the Partition Id. (E.g. 0 or 1 or 2)", "type": "text", - "name": "partitions" + "name": "partitions", + "description": "The partition ID uses zero-based indexing. For example, if a stream has 3 partitions, the valid partition IDs are 0, 1, or 2." } }, { diff --git a/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/azuredeploy_OCI_DataConnector_poller_connector.json b/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/azuredeploy_OCI_DataConnector_poller_connector.json index ccd9748a263..a9d0d56abc9 100644 --- a/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/azuredeploy_OCI_DataConnector_poller_connector.json +++ b/Solutions/Oracle Cloud Infrastructure/Data Connectors/Oracle_Cloud_Infrastructure_CCP/azuredeploy_OCI_DataConnector_poller_connector.json @@ -187,9 +187,10 @@ "parameters": { "label": "Partition Id", "required": true, - "placeholder": "Provide the Partition Id.", + "placeholder": "Provide the Partition Id. (E.g. 0 or 1 or 2)", "type": "text", - "name": "partitions" + "name": "partitions", + "description": "The partition ID uses zero-based indexing. For example, if a stream has 3 partitions, the valid partition IDs are 0, 1, or 2." } }, { diff --git a/Solutions/Oracle Cloud Infrastructure/Data/Solution_OCILogs.json b/Solutions/Oracle Cloud Infrastructure/Data/Solution_OCILogs.json index 8b9c2106f35..4874f0acab6 100644 --- a/Solutions/Oracle Cloud Infrastructure/Data/Solution_OCILogs.json +++ b/Solutions/Oracle Cloud Infrastructure/Data/Solution_OCILogs.json @@ -37,7 +37,7 @@ "Parsers/OCILogs.yaml" ], "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Oracle Cloud Infrastructure", - "Version": "3.0.3", + "Version": "3.0.5", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "Is1Pconnector": false diff --git a/Solutions/Oracle Cloud Infrastructure/Package/3.0.5.zip b/Solutions/Oracle Cloud Infrastructure/Package/3.0.5.zip new file mode 100644 index 00000000000..20597c434e5 Binary files /dev/null and b/Solutions/Oracle Cloud Infrastructure/Package/3.0.5.zip differ diff --git a/Solutions/Oracle Cloud Infrastructure/Package/createUiDefinition.json b/Solutions/Oracle Cloud Infrastructure/Package/createUiDefinition.json index c88a151b4a8..dd687cb95cf 100644 --- a/Solutions/Oracle Cloud Infrastructure/Package/createUiDefinition.json +++ b/Solutions/Oracle Cloud Infrastructure/Package/createUiDefinition.json @@ -60,7 +60,7 @@ "name": "dataconnectors1-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "This Solution installs the data connector for Oracle Cloud Infrastructure. You can get Oracle Cloud Infrastructure data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view." + "text": "This Solution installs the data connector for Oracle Cloud Infrastructure (via Codeless Connector Framework). You can get Oracle Cloud Infrastructure (via Codeless Connector Framework) data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view." } }, { diff --git a/Solutions/Oracle Cloud Infrastructure/Package/mainTemplate.json b/Solutions/Oracle Cloud Infrastructure/Package/mainTemplate.json index 883e3bf98fe..42ec8f62344 100644 --- a/Solutions/Oracle Cloud Infrastructure/Package/mainTemplate.json +++ b/Solutions/Oracle Cloud Infrastructure/Package/mainTemplate.json @@ -55,7 +55,7 @@ "email": "support@microsoft.com", "_email": "[variables('email')]", "_solutionName": "Oracle Cloud Infrastructure", - "_solutionVersion": "3.0.4", + "_solutionVersion": "3.0.5", "solutionId": "azuresentinel.azure-sentinel-solution-ocilogs", "_solutionId": "[variables('solutionId')]", "workbookVersion1": "1.0.0", @@ -211,7 +211,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OracleCloudInfrastructureOCI Workbook with template version 3.0.4", + "description": "OracleCloudInfrastructureOCI Workbook with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion1')]", @@ -299,7 +299,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIDestinationsIn_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIDestinationsIn_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject1').huntingQueryVersion1]", @@ -384,7 +384,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIDestinationsOut_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIDestinationsOut_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject2').huntingQueryVersion2]", @@ -469,7 +469,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCILaunchedInstances_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCILaunchedInstances_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject3').huntingQueryVersion3]", @@ -554,7 +554,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUpdateActivities_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUpdateActivities_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject4').huntingQueryVersion4]", @@ -639,7 +639,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUserDeleteActions_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUserDeleteActions_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject5').huntingQueryVersion5]", @@ -724,7 +724,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUserDeletedUsers_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUserDeletedUsers_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject6').huntingQueryVersion6]", @@ -809,7 +809,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUserNewUsers_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUserNewUsers_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject7').huntingQueryVersion7]", @@ -894,7 +894,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUserSources_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUserSources_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject8').huntingQueryVersion8]", @@ -979,7 +979,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUserTerminatedInstances_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUserTerminatedInstances_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject9').huntingQueryVersion9]", @@ -1064,7 +1064,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUserUpdatedInstances_HuntingQueries Hunting Query with template version 3.0.4", + "description": "OCIUserUpdatedInstances_HuntingQueries Hunting Query with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('huntingQueryObject10').huntingQueryVersion10]", @@ -1268,7 +1268,8 @@ "required": true, "placeholder": "Provide the Partition Id. (E.g. 0 or 1 or 2)", "type": "text", - "name": "partitions" + "name": "partitions", + "description": "The partition ID uses zero-based indexing. For example, if a stream has 3 partitions, the valid partition IDs are 0, 1, or 2." } }, { @@ -2452,7 +2453,8 @@ "required": true, "placeholder": "Provide the Partition Id. (E.g. 0 or 1 or 2)", "type": "text", - "name": "partitions" + "name": "partitions", + "description": "The partition ID uses zero-based indexing. For example, if a stream has 3 partitions, the valid partition IDs are 0, 1, or 2." } }, { @@ -2730,7 +2732,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIDiscoveryActivity_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIDiscoveryActivity_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]", @@ -2774,8 +2776,8 @@ { "fieldMappings": [ { - "columnName": "AccountCustomEntity", - "identifier": "Name" + "identifier": "Name", + "columnName": "AccountCustomEntity" } ], "entityType": "Account" @@ -2834,7 +2836,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIEventRuleDeleted_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIEventRuleDeleted_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]", @@ -2878,8 +2880,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -2938,7 +2940,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIInboundSSHConnection_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIInboundSSHConnection_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]", @@ -2982,8 +2984,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3042,7 +3044,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIInsecureMetadataEndpoint_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIInsecureMetadataEndpoint_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]", @@ -3086,8 +3088,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3146,7 +3148,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIMetadataEndpointIpAccess_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIMetadataEndpointIpAccess_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject5').analyticRuleVersion5]", @@ -3190,8 +3192,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3250,7 +3252,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIMultipleInstancesLaunched_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIMultipleInstancesLaunched_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject6').analyticRuleVersion6]", @@ -3294,8 +3296,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3354,7 +3356,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIMultipleInstancesTerminated_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIMultipleInstancesTerminated_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject7').analyticRuleVersion7]", @@ -3398,8 +3400,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3458,7 +3460,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIMultipleRejects_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIMultipleRejects_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject8').analyticRuleVersion8]", @@ -3502,8 +3504,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3562,7 +3564,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCISSHScan_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCISSHScan_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject9').analyticRuleVersion9]", @@ -3606,8 +3608,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3666,7 +3668,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCIUnexpectedUserAgent_AnalyticalRules Analytics Rule with template version 3.0.4", + "description": "OCIUnexpectedUserAgent_AnalyticalRules Analytics Rule with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject10').analyticRuleVersion10]", @@ -3710,8 +3712,8 @@ { "fieldMappings": [ { - "columnName": "IPCustomEntity", - "identifier": "Address" + "identifier": "Address", + "columnName": "IPCustomEntity" } ], "entityType": "IP" @@ -3770,7 +3772,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "OCILogs Data Parser with template version 3.0.4", + "description": "OCILogs Data Parser with template version 3.0.5", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('parserObject1').parserVersion1]", @@ -3898,7 +3900,7 @@ "apiVersion": "2023-04-01-preview", "location": "[parameters('workspace-location')]", "properties": { - "version": "3.0.4", + "version": "3.0.5", "kind": "Solution", "contentSchemaVersion": "3.0.0", "displayName": "Oracle Cloud Infrastructure", diff --git a/Solutions/Oracle Cloud Infrastructure/ReleaseNotes.md b/Solutions/Oracle Cloud Infrastructure/ReleaseNotes.md index 967c397a081..3e949a5cc46 100644 --- a/Solutions/Oracle Cloud Infrastructure/ReleaseNotes.md +++ b/Solutions/Oracle Cloud Infrastructure/ReleaseNotes.md @@ -1,5 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|-----------------------------------------------------------------------------| +| 3.0.5 | 13-11-2025 | Updated partition id text box's description with zero-based indexing. | | 3.0.4 | 22-09-2025 | Updated the OCI **CCF Data Connector** instructions to include information about the partition ID limitation. | | 3.0.3 | 25-08-2025 | Moving OCI **CCF Data Connector** to GA | | 3.0.2 | 14-07-2025 | Introduced new **CCF Connector** to the Solution - "OCI-Connector-CCP-Definition".|