|
55 | 55 | |
56 | 56 | "_email": "[variables('email')]", |
57 | 57 | "_solutionName": "ProofPointTap", |
58 | | - "_solutionVersion": "3.0.6", |
| 58 | + "_solutionVersion": "3.0.7", |
59 | 59 | "solutionId": "azuresentinel.azure-sentinel-proofpoint", |
60 | 60 | "_solutionId": "[variables('solutionId')]", |
61 | 61 | "uiConfigId1": "ProofpointTAP", |
|
147 | 147 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
148 | 148 | ], |
149 | 149 | "properties": { |
150 | | - "description": "ProofPointTap data connector with template version 3.0.6", |
| 150 | + "description": "ProofPointTap data connector with template version 3.0.7", |
151 | 151 | "mainTemplate": { |
152 | 152 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
153 | 153 | "contentVersion": "[variables('dataConnectorVersion1')]", |
|
1206 | 1206 | "destinations": [ |
1207 | 1207 | "clv2ws1" |
1208 | 1208 | ], |
1209 | | - "transformKql": "source\n| extend TimeGenerated = todatetime\n", |
| 1209 | + "transformKql": "source\n| extend TimeGenerated = now()\n", |
1210 | 1210 | "outputStream": "Custom-ProofPointTAPClicksBlockedV2_CL" |
1211 | 1211 | }, |
1212 | 1212 | { |
|
1216 | 1216 | "destinations": [ |
1217 | 1217 | "clv2ws1" |
1218 | 1218 | ], |
1219 | | - "transformKql": "source\n| extend TimeGenerated = todatetime\n", |
| 1219 | + "transformKql": "source\n| extend TimeGenerated = now()\n", |
1220 | 1220 | "outputStream": "Custom-ProofPointTAPMessagesBlockedV2_CL" |
1221 | 1221 | }, |
1222 | 1222 | { |
|
1226 | 1226 | "destinations": [ |
1227 | 1227 | "clv2ws1" |
1228 | 1228 | ], |
1229 | | - "transformKql": "source\n| extend TimeGenerated = todatetime\n", |
| 1229 | + "transformKql": "source\n| extend TimeGenerated = now()\n", |
1230 | 1230 | "outputStream": "Custom-ProofPointTAPMessagesDeliveredV2_CL" |
1231 | 1231 | }, |
1232 | 1232 | { |
|
1236 | 1236 | "destinations": [ |
1237 | 1237 | "clv2ws1" |
1238 | 1238 | ], |
1239 | | - "transformKql": "source\n| extend TimeGenerated = todatetime\n", |
| 1239 | + "transformKql": "source\n| extend TimeGenerated = now()\n", |
1240 | 1240 | "outputStream": "Custom-ProofPointTAPClicksPermittedV2_CL" |
1241 | 1241 | } |
1242 | 1242 | ] |
|
1879 | 1879 | "parameters": { |
1880 | 1880 | "guidValue": { |
1881 | 1881 | "defaultValue": "[[newGuid()]", |
1882 | | - "type": "string" |
| 1882 | + "type": "securestring" |
1883 | 1883 | }, |
1884 | 1884 | "innerWorkspace": { |
1885 | 1885 | "defaultValue": "[parameters('workspace')]", |
1886 | | - "type": "string" |
| 1886 | + "type": "securestring" |
1887 | 1887 | }, |
1888 | 1888 | "username": { |
1889 | | - "defaultValue": "Enter username value", |
1890 | | - "type": "string", |
| 1889 | + "defaultValue": "-NA-", |
| 1890 | + "type": "securestring", |
1891 | 1891 | "minLength": 4 |
1892 | 1892 | }, |
1893 | 1893 | "password": { |
|
1897 | 1897 | }, |
1898 | 1898 | "connectorDefinitionName": { |
1899 | 1899 | "defaultValue": "Proofpoint TAP (via Codeless Connector Platform) (Preview)", |
1900 | | - "type": "string", |
| 1900 | + "type": "securestring", |
1901 | 1901 | "minLength": 1 |
1902 | 1902 | }, |
1903 | 1903 | "workspace": { |
1904 | 1904 | "defaultValue": "[parameters('workspace')]", |
1905 | | - "type": "string" |
| 1905 | + "type": "securestring" |
1906 | 1906 | }, |
1907 | 1907 | "dcrConfig": { |
1908 | 1908 | "defaultValue": { |
|
2114 | 2114 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
2115 | 2115 | ], |
2116 | 2116 | "properties": { |
2117 | | - "description": "ProofpointTAPEvent Data Parser with template version 3.0.6", |
| 2117 | + "description": "ProofpointTAPEvent Data Parser with template version 3.0.7", |
2118 | 2118 | "mainTemplate": { |
2119 | 2119 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
2120 | 2120 | "contentVersion": "[variables('parserObject1').parserVersion1]", |
|
2246 | 2246 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
2247 | 2247 | ], |
2248 | 2248 | "properties": { |
2249 | | - "description": "MalwareAttachmentDelivered_AnalyticalRules Analytics Rule with template version 3.0.6", |
| 2249 | + "description": "MalwareAttachmentDelivered_AnalyticalRules Analytics Rule with template version 3.0.7", |
2250 | 2250 | "mainTemplate": { |
2251 | 2251 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
2252 | 2252 | "contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]", |
|
2274 | 2274 | "status": "Available", |
2275 | 2275 | "requiredDataConnectors": [ |
2276 | 2276 | { |
| 2277 | + "connectorId": "ProofpointTAP", |
2277 | 2278 | "dataTypes": [ |
2278 | 2279 | "ProofPointTAPMessagesDelivered_CL" |
2279 | | - ], |
2280 | | - "connectorId": "ProofpointTAP" |
| 2280 | + ] |
2281 | 2281 | } |
2282 | 2282 | ], |
2283 | 2283 | "tactics": [ |
|
2387 | 2387 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
2388 | 2388 | ], |
2389 | 2389 | "properties": { |
2390 | | - "description": "MalwareLinkClicked_AnalyticalRules Analytics Rule with template version 3.0.6", |
| 2390 | + "description": "MalwareLinkClicked_AnalyticalRules Analytics Rule with template version 3.0.7", |
2391 | 2391 | "mainTemplate": { |
2392 | 2392 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
2393 | 2393 | "contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]", |
|
2415 | 2415 | "status": "Available", |
2416 | 2416 | "requiredDataConnectors": [ |
2417 | 2417 | { |
| 2418 | + "connectorId": "ProofpointTAP", |
2418 | 2419 | "dataTypes": [ |
2419 | 2420 | "ProofPointTAPClicksPermitted_CL" |
2420 | | - ], |
2421 | | - "connectorId": "ProofpointTAP" |
| 2421 | + ] |
2422 | 2422 | } |
2423 | 2423 | ], |
2424 | 2424 | "tactics": [ |
|
2537 | 2537 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
2538 | 2538 | ], |
2539 | 2539 | "properties": { |
2540 | | - "description": "ProofpointTAP Workbook with template version 3.0.6", |
| 2540 | + "description": "ProofpointTAP Workbook with template version 3.0.7", |
2541 | 2541 | "mainTemplate": { |
2542 | 2542 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
2543 | 2543 | "contentVersion": "[variables('workbookVersion1')]", |
|
2637 | 2637 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
2638 | 2638 | ], |
2639 | 2639 | "properties": { |
2640 | | - "description": "ProofpointTAPConnector Playbook with template version 3.0.6", |
| 2640 | + "description": "ProofpointTAPConnector Playbook with template version 3.0.7", |
2641 | 2641 | "mainTemplate": { |
2642 | 2642 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
2643 | 2643 | "contentVersion": "[variables('playbookVersion1')]", |
|
3607 | 3607 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
3608 | 3608 | ], |
3609 | 3609 | "properties": { |
3610 | | - "description": "Get-ProofpointTAPEvents Playbook with template version 3.0.6", |
| 3610 | + "description": "Get-ProofpointTAPEvents Playbook with template version 3.0.7", |
3611 | 3611 | "mainTemplate": { |
3612 | 3612 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
3613 | 3613 | "contentVersion": "[variables('playbookVersion2')]", |
|
3909 | 3909 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
3910 | 3910 | ], |
3911 | 3911 | "properties": { |
3912 | | - "description": "ProofpointTAP-AddForensicsInfoToIncident Playbook with template version 3.0.6", |
| 3912 | + "description": "ProofpointTAP-AddForensicsInfoToIncident Playbook with template version 3.0.7", |
3913 | 3913 | "mainTemplate": { |
3914 | 3914 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
3915 | 3915 | "contentVersion": "[variables('playbookVersion3')]", |
|
4286 | 4286 | "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" |
4287 | 4287 | ], |
4288 | 4288 | "properties": { |
4289 | | - "description": "ProofpointTAP-CheckAccountInVAP Playbook with template version 3.0.6", |
| 4289 | + "description": "ProofpointTAP-CheckAccountInVAP Playbook with template version 3.0.7", |
4290 | 4290 | "mainTemplate": { |
4291 | 4291 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
4292 | 4292 | "contentVersion": "[variables('playbookVersion4')]", |
|
4705 | 4705 | "apiVersion": "2023-04-01-preview", |
4706 | 4706 | "location": "[parameters('workspace-location')]", |
4707 | 4707 | "properties": { |
4708 | | - "version": "3.0.6", |
| 4708 | + "version": "3.0.7", |
4709 | 4709 | "kind": "Solution", |
4710 | 4710 | "contentSchemaVersion": "3.0.0", |
4711 | 4711 | "displayName": "ProofPointTap", |
|
0 commit comments