Merge pull request Azure#13086 from lVlayhem/feature/acronis-fix

Fix Acronis publisherId - acronisinternationalgmbh

Author: v-atulyadav

Solutions/Acronis Cyber Protect Cloud/Data/Solution_AcronisCyberProtectCloud.json

@@ -2,7 +2,7 @@
 	"Name": "Acronis Cyber Protect Cloud",
 	"Author": "Acronis - [email protected]",
 	"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Acronis.svg\" width=\"75px\" height=\"75px\">",
-	"Description": "The Acronis Cyber Protect Cloud solution for Microsoft Sentinel enables companies to ingest Acronis alerts, events, and activities into Microsoft Sentinel. The data is initially stored on a device on the company network (https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html) using the Acronis agent as a writer. The integration includes custom Acronis detection rules and hunting queries to help companies proactively hunt for threats.",
+	"Description": "The Acronis Cyber Protect Cloud solution for Microsoft Sentinel enables companies to ingest Acronis alerts, events, and activities into Microsoft Sentinel. The data is initially stored on a device on the company network using the Acronis agent as a writer. [See Acronis SIEM Connector documentation here](https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html) The integration includes custom Acronis detection rules and hunting queries to help companies proactively hunt for threats.",
 	"Data Connectors": [],
 	"Workbooks": [],
 	"Analytic Rules": [

Solutions/Acronis Cyber Protect Cloud/Package/3.0.0.zip

@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Acronis.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Acronis%20Cyber%20Protect%20Cloud/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe Acronis Cyber Protect Cloud solution for Microsoft Sentinel enables companies to ingest Acronis alerts, events, and activities into Microsoft Sentinel. The data is initially stored on a device on the company network (https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html) using the Acronis agent as a writer. The integration includes custom Acronis detection rules and hunting queries to help companies proactively hunt for threats.\n\n**Analytic Rules:** 4, **Hunting Queries:** 13\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Acronis.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Acronis%20Cyber%20Protect%20Cloud/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe Acronis Cyber Protect Cloud solution for Microsoft Sentinel enables companies to ingest Acronis alerts, events, and activities into Microsoft Sentinel. The data is initially stored on a device on the company network using the Acronis agent as a writer. [See Acronis SIEM Connector documentation here](https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html) The integration includes custom Acronis detection rules and hunting queries to help companies proactively hunt for threats.\n\n**Analytic Rules:** 4, **Hunting Queries:** 13\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",

Solutions/Acronis Cyber Protect Cloud/Package/createUiDefinition.json

@@ -34,7 +34,7 @@
     "_email": "[variables('email')]",
     "_solutionName": "Acronis Cyber Protect Cloud",
     "_solutionVersion": "3.0.0",
-    "solutionId": "91996410.azure-sentinel-solution-acronis-cyber-protect",
+    "solutionId": "acronisinternationalgmbh.azure-sentinel-solution-acronis-cyber-protect",
     "_solutionId": "[variables('solutionId')]",
     "analyticRuleObject1": {
       "analyticRuleVersion1": "1.0.0",
@@ -177,8 +177,8 @@
                   {
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "initiator_ip"
+                        "columnName": "initiator_ip",
+                        "identifier": "Address"
                       }
                     ],
                     "entityType": "IP"
@@ -192,16 +192,16 @@
                   "alertDisplayNameFormat": "Acronis - Login from Abnormal IP ({{initiator_ip}}) - Low Occurrence ({{LoginCount}})"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
-                    "matchingMethod": "Selected",
-                    "enabled": true,
-                    "reopenClosedIncident": true,
-                    "lookbackDuration": "P7D",
                     "groupByEntities": [
                       "IP"
-                    ]
-                  }
+                    ],
+                    "reopenClosedIncident": true,
+                    "enabled": true,
+                    "matchingMethod": "Selected",
+                    "lookbackDuration": "P7D"
+                  },
+                  "createIncident": true
                 }
               }
             },
@@ -295,8 +295,8 @@
                   {
                     "fieldMappings": [
                       {
-                        "identifier": "HostName",
-                        "columnName": "DeviceName"
+                        "columnName": "DeviceName",
+                        "identifier": "HostName"
                       }
                     ],
                     "entityType": "Host"
@@ -309,13 +309,13 @@
                   "DeviceName": "DeviceName"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
-                    "matchingMethod": "AnyAlert",
-                    "enabled": true,
                     "reopenClosedIncident": true,
+                    "enabled": true,
+                    "matchingMethod": "AnyAlert",
                     "lookbackDuration": "P1D"
-                  }
+                  },
+                  "createIncident": true
                 }
               }
             },
@@ -406,8 +406,8 @@
                   {
                     "fieldMappings": [
                       {
-                        "identifier": "HostName",
-                        "columnName": "DeviceName"
+                        "columnName": "DeviceName",
+                        "identifier": "HostName"
                       }
                     ],
                     "entityType": "Host"
@@ -420,13 +420,13 @@
                   "DeviceName": "DeviceName"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
-                    "matchingMethod": "AnyAlert",
-                    "enabled": true,
                     "reopenClosedIncident": true,
+                    "enabled": true,
+                    "matchingMethod": "AnyAlert",
                     "lookbackDuration": "P1D"
-                  }
+                  },
+                  "createIncident": true
                 }
               }
             },
@@ -522,8 +522,8 @@
                   {
                     "fieldMappings": [
                       {
-                        "identifier": "HostName",
-                        "columnName": "DeviceName"
+                        "columnName": "DeviceName",
+                        "identifier": "HostName"
                       }
                     ],
                     "entityType": "Host"
@@ -536,13 +536,13 @@
                   "DeviceName": "DeviceName"
                 },
                 "incidentConfiguration": {
-                  "createIncident": true,
                   "groupingConfiguration": {
-                    "matchingMethod": "AnyAlert",
-                    "enabled": true,
                     "reopenClosedIncident": true,
+                    "enabled": true,
+                    "matchingMethod": "AnyAlert",
                     "lookbackDuration": "P1D"
-                  }
+                  },
+                  "createIncident": true
                 }
               }
             },
@@ -1639,7 +1639,7 @@
         "contentSchemaVersion": "3.0.0",
         "displayName": "Acronis Cyber Protect Cloud",
         "publisherDisplayName": "Acronis International GmbH",
-        "descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Acronis%20Cyber%20Protect%20Cloud/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p>The Acronis Cyber Protect Cloud solution for Microsoft Sentinel enables companies to ingest Acronis alerts, events, and activities into Microsoft Sentinel. The data is initially stored on a device on the company network (<a href=\"https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html\">https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html</a>) using the Acronis agent as a writer. The integration includes custom Acronis detection rules and hunting queries to help companies proactively hunt for threats.</p>\n<p><strong>Analytic Rules:</strong> 4, <strong>Hunting Queries:</strong> 13</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Acronis%20Cyber%20Protect%20Cloud/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p>The Acronis Cyber Protect Cloud solution for Microsoft Sentinel enables companies to ingest Acronis alerts, events, and activities into Microsoft Sentinel. The data is initially stored on a device on the company network using the Acronis agent as a writer. <a href=\"https://www.acronis.com/en-us/support/documentation/CyberProtectionService/index.html#siem-plans.html\">See Acronis SIEM Connector documentation here</a> The integration includes custom Acronis detection rules and hunting queries to help companies proactively hunt for threats.</p>\n<p><strong>Analytic Rules:</strong> 4, <strong>Hunting Queries:</strong> 13</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
         "contentKind": "Solution",
         "contentProductId": "[variables('_solutioncontentProductId')]",
         "id": "[variables('_solutioncontentProductId')]",

Solutions/Acronis Cyber Protect Cloud/Package/mainTemplate.json

@@ -1,3 +1,3 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                 |
 |-------------|--------------------------------|--------------------------------------------------------------------|
-| 3.0.0       | 28-10-2025                     | Initial Solution Release                                           |
+| 3.0.0       | 11-11-2025                     | Initial Solution Release. <br> publisherId has been Updated updated|

Solutions/Acronis Cyber Protect Cloud/ReleaseNotes.md

@@ -1,5 +1,5 @@
 {
-	"publisherId": "91996410",
+	"publisherId": "acronisinternationalgmbh",
 	"offerId": "azure-sentinel-solution-acronis-cyber-protect",
 	"firstPublishDate": "2025-10-28",
 	"lastPublishDate": "2025-10-28",