Contrast-Security-OSS
diff --git a/‎Solutions/CiscoASA/Analytic Rules/CiscoASA-AvgAttackDetectRateIncrease.yaml
Lines changed: 2 additions & 2 deletions b/‎Solutions/CiscoASA/Analytic Rules/CiscoASA-AvgAttackDetectRateIncrease.yaml
Lines changed: 2 additions & 2 deletions
diff --git a/‎Solutions/CiscoASA/Analytic Rules/CiscoASA-ThreatDetectionMessage.yaml
Lines changed: 2 additions & 2 deletions b/‎Solutions/CiscoASA/Analytic Rules/CiscoASA-ThreatDetectionMessage.yaml
Lines changed: 2 additions & 2 deletions
diff --git a/‎Solutions/CiscoASA/Data/Solution_Cisco asa.json
Lines changed: 2 additions & 3 deletions b/‎Solutions/CiscoASA/Data/Solution_Cisco asa.json
Lines changed: 2 additions & 3 deletions
diff --git a/‎Solutions/CiscoASA/Package/3.0.5.zip
47.8 KB b/‎Solutions/CiscoASA/Package/3.0.5.zip
47.8 KB
diff --git a/‎Solutions/CiscoASA/Package/createUiDefinition.json
Lines changed: 2 additions & 2 deletions b/‎Solutions/CiscoASA/Package/createUiDefinition.json
Lines changed: 2 additions & 2 deletions
@@ -7,7 +7,7 @@ description: |
 severity: Low
 status: Available
 requiredDataConnectors:
-  - connectorId: CiscoASA
+  - connectorId: CiscoAsaAma
     dataTypes:
       - CommonSecurityLog
 queryFrequency: 1h
@@ -74,5 +74,5 @@ entityMappings:
     fieldMappings:
       - identifier: Address
         columnName: SourceIP
-version: 1.0.2
+version: 1.0.3
 kind: Scheduled
@@ -7,7 +7,7 @@ description: |
 severity: Medium
 status: Available
 requiredDataConnectors:
-  - connectorId: CiscoASA
+  - connectorId: CiscoAsaAma
     dataTypes:
       - CommonSecurityLog
 queryFrequency: 1h
@@ -35,5 +35,5 @@ entityMappings:
     fieldMappings:
       - identifier: Address
         columnName: SourceIP
-version: 1.0.2
+version: 1.0.3
 kind: Scheduled
@@ -2,12 +2,11 @@
   "Name": "CiscoASA",
   "Author": "Microsoft - [email protected]",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cisco-logo-72px.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "The [Cisco ASA](https://www.cisco.com/c/en_in/products/security/adaptive-security-appliance-asa-software/index.html) solution for Microsoft Sentinel enables you to ingest [Cisco ASA logs](https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/messages-listed-by-severity-level.html) into Microsoft Sentinel. This solution includes two (2) data connectors to help ingest the logs.\n\r\n1. **Cisco ASA/FTD via AMA** - This data connector helps in ingesting Cisco ASA logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**\n\r\n2. **Cisco ASA via Legacy Agent** - This data connector helps in ingesting Cisco ASA logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n<P style=\"color:red\">**NOTE:** Microsoft recommends Installation of Cisco ASA/FTD via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31,2024** and thus should only be installed where AMA is not supported.</p>\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\n a. [Agent-based log collection (Syslog)](https://docs.microsoft.com/azure/sentinel/connect-syslog)",
+  "Description": "The [Cisco ASA](https://www.cisco.com/c/en_in/products/security/adaptive-security-appliance-asa-software/index.html) solution for Microsoft Sentinel enables you to ingest [Cisco ASA logs](https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/messages-listed-by-severity-level.html) into Microsoft Sentinel. This solution includes two (2) data connectors to help ingest the logs.\n\r\n1. **Cisco ASA/FTD via AMA** - This data connector helps in ingesting Cisco ASA logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**\n\r\n\n</p>\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\n a. [Agent-based log collection (Syslog)](https://docs.microsoft.com/azure/sentinel/connect-syslog)",
   "Workbooks": [
     "Solutions/CiscoASA/Workbooks/Cisco.json"
   ],
   "Data Connectors": [
-    "Solutions/CiscoASA/Data Connectors/CiscoASA.json",
     "Solutions/CiscoASA/Data Connectors/template_CiscoAsaAma.json"
   ],
   "Playbooks": [
@@ -21,7 +20,7 @@
     "Solutions/CiscoASA/Analytic Rules/CiscoASA-AvgAttackDetectRateIncrease.yaml"
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\",
-  "Version": "3.0.3",
+  "Version": "3.0.5",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
   "Is1PConnector": false
 
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cisco-logo-72px.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/CiscoASA/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Cisco ASA](https://www.cisco.com/c/en_in/products/security/adaptive-security-appliance-asa-software/index.html) solution for Microsoft Sentinel enables you to ingest [Cisco ASA logs](https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/messages-listed-by-severity-level.html) into Microsoft Sentinel. This solution includes two (2) data connectors to help ingest the logs.\n\r\n1. **Cisco ASA/FTD via AMA** - This data connector helps in ingesting Cisco ASA logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**\n\r\n2. **Cisco ASA via Legacy Agent** - This data connector helps in ingesting Cisco ASA logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n<P style=\"color:red\">**NOTE:** Microsoft recommends Installation of Cisco ASA/FTD via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024** and thus should only be installed where AMA is not supported.</p>\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\n a. [Agent-based log collection (Syslog)](https://docs.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 2, **Workbooks:** 1, **Analytic Rules:** 2, **Custom Azure Logic Apps Connectors:** 1, **Playbooks:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cisco-logo-72px.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/CiscoASA/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Cisco ASA](https://www.cisco.com/c/en_in/products/security/adaptive-security-appliance-asa-software/index.html) solution for Microsoft Sentinel enables you to ingest [Cisco ASA logs](https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/messages-listed-by-severity-level.html) into Microsoft Sentinel. This solution includes two (2) data connectors to help ingest the logs.\n\r\n1. **Cisco ASA/FTD via AMA** - This data connector helps in ingesting Cisco ASA logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**\n\r\n\n</p>\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\n a. [Agent-based log collection (Syslog)](https://docs.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Workbooks:** 1, **Analytic Rules:** 2, **Custom Azure Logic Apps Connectors:** 1, **Playbooks:** 3\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -64,7 +64,7 @@
             }
           },
           {
-            "name": "dataconnectors-link2",
+            "name": "dataconnectors-link1",
             "type": "Microsoft.Common.TextBlock",
             "options": {
               "link": {