Merge branch 'master' into feature-for-m365

Author: v-amolpatil

.gitignore

@@ -26,6 +26,9 @@ bld/
 [Oo]bj/
 [Ll]og/
 
+# Execution results
+[Ll]ogs/
+
 # Visual Studio 2015/2017 cache/options directory
 .vs/
 # Uncomment if you have tasks that create the project's static files in wwwroot
@@ -336,4 +339,4 @@ Hunting Queries/DeployedQueries.json
 
 #Mac OSx
 .DS_Store
-!*Microsoft.Azure.Sentinel.KustoServices.*.nupkg
+!*Microsoft.Azure.Sentinel.KustoServices.*.nupkg

.script/dataConnectorValidator.ts

@@ -53,7 +53,7 @@ export async function IsValidDataConnectorSchema(filePath: string): Promise<Exit
   }
 
 function isPotentialConnectorJson(jsonFile: any) {
-  if(typeof jsonFile.id != "undefined" && typeof jsonFile.connectivityCriterias != "undefined")
+  if(typeof jsonFile.id != "undefined" && typeof jsonFile.connectivityCriterias != "undefined" && jsonFile.dataTypes.length > 0)
   {
     return true;
   }

.script/package-automation/validateFieldTypes.ps1

@@ -71,7 +71,7 @@ try {
     }
 
     # identify in active resource parameters
-    $resourceContent = $mainTemplateFileContent.resources | Where-Object { $_.type -eq 'Microsoft.OperationalInsights/workspaces/providers/contentTemplates' }
+    $resourceContent = $mainTemplateFileContent.resources | Where-Object { $_.type -eq 'Microsoft.OperationalInsights/workspaces/providers/contentTemplates' -and $_.properties.contentKind -eq "ResourcesDataConnector"  }
 
     if ($null -ne $resourceContent -and $resourceContent.Count -gt 0) {
       $resourceLevelInvalidFields = @();

.script/tests/KqlvalidationsTests/CustomTables/CiscoSecureEndpointAuditLogsV2_CL.json

@@ -0,0 +1,45 @@
+{
+    "Name": "CiscoSecureEndpointAuditLogsV2_CL",
+    "Properties": [
+        {
+            "name": "Event",
+            "type": "string"
+        },
+        {
+            "name": "AuditLogType",
+            "type": "string"
+        },
+        {
+            "name": "AuditLogId",
+            "type": "string"
+        },
+        {
+            "name": "AuditLogUser",
+            "type": "string"
+        },
+        {
+            "name": "TimeGenerated",
+            "type": "datetime"
+        },
+        {
+            "name": "CreatedAt",
+            "type": "datetime"
+        },
+        {
+            "name": "Item",
+            "type": "string"
+        },
+        {
+            "name": "Message",
+            "type": "string"
+        },
+        {
+            "name": "OldAttributes",
+            "type": "string"
+        },
+        {
+            "name": "NewAttributes",
+            "type": "string"
+        }
+    ]
+}