Repakcaged

Author: v-atulyadav

Solutions/Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel/Data/Solution_Fortinet-Fortigate.json

@@ -2,7 +2,7 @@
   "Name": "Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel",
   "Author": "Microsoft - [email protected]",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "Gain insight into your organization's network and improve your security operation capabilities with the [Fortinet FortiGate Next-generation Firewall](https://www.fortinet.com/products/next-generation-firewall) Solution for Microsoft Sentinel. It allows you to easily connect your FortiGate logs with Microsoft Sentinel. This enables you to view dashboards, create custom alerts, and improve investigation. \n\n Playbooks are included to help in automated remediation \n\n For questions about [FortiGate](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/fortinet.fortinet_fortigate-vm_v5?tab=Overview), please contact Fortinet at [[email protected]](mailto:[email protected]).\n\n This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation. \n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by **Aug 31, 2024**.",
+  "Description": "Gain insight into your organization's network and improve your security operation capabilities with the [Fortinet FortiGate Next-generation Firewall](https://www.fortinet.com/products/next-generation-firewall) Solution for Microsoft Sentinel. It allows you to easily connect your FortiGate logs with Microsoft Sentinel. This enables you to view dashboards, create custom alerts, and improve investigation. \n\n Playbooks are included to help in automated remediation \n\n For questions about [FortiGate](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/fortinet.fortinet_fortigate-vm_v5?tab=Overview), please contact Fortinet at [[email protected]](mailto:[email protected]).\n\n This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation. \n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors were deprecated on **Aug 31, 2024**.",
   "Playbooks": [
     "Playbooks/FortinetFortigateFunctionApp/azuredeploy.json",
     "Playbooks/FortinetCustomConnector/azuredeploy.json",

Solutions/Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel/Package/3.0.8.zip

@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Fortinet%20FortiGate%20Next-Generation%20Firewall%20connector%20for%20Microsoft%20Sentinel/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nGain insight into your organization's network and improve your security operation capabilities with the [Fortinet FortiGate Next-generation Firewall](https://www.fortinet.com/products/next-generation-firewall) Solution for Microsoft Sentinel. It allows you to easily connect your FortiGate logs with Microsoft Sentinel. This enables you to view dashboards, create custom alerts, and improve investigation. \n\n Playbooks are included to help in automated remediation \n\n For questions about [FortiGate](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/fortinet.fortinet_fortigate-vm_v5?tab=Overview), please contact Fortinet at [[email protected]](mailto:[email protected]).\n\n This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation. \n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by **Aug 31, 2024**.\n\n**Workbooks:** 1, **Custom Azure Logic Apps Connectors:** 1, **Function Apps:** 1, **Playbooks:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Fortinet%20FortiGate%20Next-Generation%20Firewall%20connector%20for%20Microsoft%20Sentinel/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nGain insight into your organization's network and improve your security operation capabilities with the [Fortinet FortiGate Next-generation Firewall](https://www.fortinet.com/products/next-generation-firewall) Solution for Microsoft Sentinel. It allows you to easily connect your FortiGate logs with Microsoft Sentinel. This enables you to view dashboards, create custom alerts, and improve investigation. \n\n Playbooks are included to help in automated remediation \n\n For questions about [FortiGate](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/fortinet.fortinet_fortigate-vm_v5?tab=Overview), please contact Fortinet at [[email protected]](mailto:[email protected]).\n\n This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation. \n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors were deprecated on **Aug 31, 2024**.\n\n**Workbooks:** 1, **Custom Azure Logic Apps Connectors:** 1, **Function Apps:** 1, **Playbooks:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",

Solutions/Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel/Package/createUiDefinition.json

@@ -173,7 +173,7 @@
           "resources": [
             {
               "type": "Microsoft.Storage/storageAccounts",
-              "apiVersion": "2023-04-01",
+              "apiVersion": "2022-09-01",
               "name": "[[variables('storageAccountName')]",
               "location": "[[parameters('location')]",
               "sku": {
@@ -198,7 +198,7 @@
             {
               "type": "Microsoft.Web/sites",
               "apiVersion": "2020-06-01",
-              "name": "[[variables('FunctionAppName')]",
+              "name": "[[variables('functionAppName')]",
               "location": "[[parameters('location')]",
               "kind": "functionapp",
               "identity": {
@@ -280,7 +280,7 @@
             },
             {
               "apiVersion": "2019-08-01",
-              "name": "[[concat(variables('FunctionappName'),'/', variables('functionName'))]",
+              "name": "[[concat(variables('functionAppName'),'/', variables('functionName'))]",
               "type": "Microsoft.Web/sites/functions",
               "identity": {
                 "type": "UserAssigned"
@@ -1991,7 +1991,7 @@
           ],
           "metadata": {
             "comments": "This Fortinet custom connector uses Fortinet-Fortigate API to perform different actions on Forinet VM",
-            "lastUpdateTime": "2025-02-21T14:40:20.007Z",
+            "lastUpdateTime": "2025-02-25T19:09:01.748Z",
             "releaseNotes": {
               "version": "1.0",
               "title": "[variables('blanks')]",
@@ -2070,9 +2070,9 @@
             }
           },
           "variables": {
+            "functionAppName": "[[concat(toLower(parameters('FunctionAppName')), uniqueString(resourceGroup().id))]",
             "AzureSentinelConnectionName": "[[concat('azuresentinel-', parameters('PlaybookName'))]",
             "UserIdentifier": "[[parameters('User Identifier Name')]",
-            "Functionappname": "[[parameters('FunctionAppName')]",
             "connection-2": "[[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', parameters('location'), '/managedApis/azuresentinel')]",
             "_connection-2": "[[variables('connection-2')]",
             "workspace-location-inline": "[concat('[resourceGroup().locatio', 'n]')]",
@@ -2355,7 +2355,7 @@
                               "type": "ManagedServiceIdentity"
                             },
                             "function": {
-                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                             }
                           },
                           "runAfter": {
@@ -2379,7 +2379,7 @@
                               "type": "ManagedServiceIdentity"
                             },
                             "function": {
-                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                             }
                           },
                           "runAfter": {
@@ -5476,7 +5476,10 @@
               "type": "Microsoft.Logic/workflows",
               "location": "[[variables('workspace-location-inline')]",
               "identity": {
-                "type": "UserAssigned"
+                "type": "UserAssigned",
+				"userAssignedIdentities": {
+                  "[[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('User Identifier Name'))]": {}
+                }
               },
               "apiVersion": "2016-06-01",
               "tags": {
@@ -5648,6 +5651,7 @@
             }
           },
           "variables": {
+            "functionAppName": "[[concat(toLower(parameters('FunctionAppName')), uniqueString(resourceGroup().id))]",
             "AzureSentinelConnectionName": "[[concat('azuresentinel-', parameters('PlaybookName'))]",
             "TeamsConnectionName": "[[concat('teamsconnector-', parameters('PlaybookName'))]",
             "FortinetConnectorConnectionName": "[[concat('FortinetConnector-', parameters('PlaybookName'))]",
@@ -5702,7 +5706,10 @@
               "name": "[[parameters('PlaybookName')]",
               "location": "[[variables('workspace-location-inline')]",
               "identity": {
-                "type": "UserAssigned"
+                "type": "UserAssigned",
+				"userAssignedIdentities": {
+                  "[[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('User Identifier Name'))]": {}
+                }
               },
               "dependsOn": [
                 "[[resourceId('Microsoft.Web/connections', variables('FortinetConnectorConnectionName'))]",
@@ -5889,7 +5896,7 @@
                               "type": "ManagedServiceIdentity"
                             },
                             "function": {
-                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                             },
                             "method": "GET",
                             "queries": {
@@ -5913,7 +5920,7 @@
                               "type": "ManagedServiceIdentity"
                             },
                             "function": {
-                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                             },
                             "method": "GET",
                             "queries": {
@@ -9731,6 +9738,7 @@
             }
           },
           "variables": {
+            "functionAppName": "[[concat(toLower(parameters('FunctionAppName')), uniqueString(resourceGroup().id))]",
             "AzureSentinelConnectionName": "[[concat('azuresentinel-', parameters('PlaybookName'))]",
             "TeamsConnectionName": "[[concat('teamsconnector-', parameters('PlaybookName'))]",
             "FortinetConnectorConnectionName": "[[concat('FortinetConnector-', parameters('PlaybookName'))]",
@@ -9785,7 +9793,10 @@
               "name": "[[parameters('PlaybookName')]",
               "location": "[[variables('workspace-location-inline')]",
               "identity": {
-                "type": "UserAssigned"
+                "type": "UserAssigned",
+				"userAssignedIdentities": {
+                  "[[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('User Identifier Name'))]": {}
+                }
               },
               "dependsOn": [
                 "[[resourceId('Microsoft.Web/connections', variables('FortinetConnectorConnectionName'))]",
@@ -9988,7 +9999,7 @@
                               "type": "ManagedServiceIdentity"
                             },
                             "function": {
-                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                             },
                             "queries": {
                               "entity": "addrgrp",
@@ -10011,7 +10022,7 @@
                               "type": "ManagedServiceIdentity"
                             },
                             "function": {
-                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                              "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                             },
                             "method": "GET",
                             "queries": {

Solutions/Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel/Package/mainTemplate.json

@@ -111,7 +111,7 @@
     {
       "type": "Microsoft.Web/sites",
       "apiVersion": "2020-06-01",
-      "name": "[variables('FunctionAppName')]",
+      "name": "[variables('functionAppName')]",
       "location": "[parameters('location')]",
       "kind": "functionapp",
       "identity": {
@@ -194,7 +194,7 @@
     },
     {
       "apiVersion": "2019-08-01",
-      "name": "[concat(variables('FunctionappName'),'/', variables('functionName'))]",
+      "name": "[concat(variables('functionAppName'),'/', variables('functionName'))]",
       "type": "Microsoft.Web/sites/functions",
       "identity": {
         "type": "UserAssigned",

Solutions/Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel/Playbooks/FortinetFortigateFunctionApp/azuredeploy.json

@@ -69,9 +69,9 @@
     }
   },
   "variables": {
+	"functionAppName": "[concat(toLower(parameters('FunctionAppName')), uniqueString(resourceGroup().id))]",
     "AzureSentinelConnectionName": "[concat('azuresentinel-', parameters('PlaybookName'))]",
-    "UserIdentifier": "[parameters('User Identifier Name')]",
-    "Functionappname": "[parameters('FunctionAppName')]"
+    "UserIdentifier": "[parameters('User Identifier Name')]"
   },
   "resources": [
     {
@@ -355,7 +355,7 @@
                       "type": "ManagedServiceIdentity"
                     },
                     "function": {
-                      "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                      "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                     }
                   },
                   "runAfter": {
@@ -379,7 +379,7 @@
                       "type": "ManagedServiceIdentity"
                     },
                     "function": {
-                      "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',parameters('FunctionAppName'),'/functions/Fortinet-GetEntityDetails')]"
+                      "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/',variables('functionAppName'),'/functions/Fortinet-GetEntityDetails')]"
                     }
                   },
                   "runAfter": {