Add changes from upstream source to existing files

Author: cwatson-cat

articles/sentinel/data-connectors/ai-vectra-stream.md

@@ -3,7 +3,7 @@ title: "AI Vectra Stream connector for Microsoft Sentinel"
 description: "Learn how to install the connector AI Vectra Stream to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 02/23/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 The AI Vectra Stream connector allows to send Network Metadata collected by Vectra Sensors accross the Network and Cloud to Microsoft Sentinel
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,6 +25,7 @@ The AI Vectra Stream connector allows to send Network Metadata collected by Vect
 ## Query samples
 
 **List all DNS Queries**
+
    ```kusto
 VectraStream 
 
@@ -32,6 +35,7 @@ VectraStream
    ```
 
 **Number of DNS requests per type**
+
    ```kusto
 VectraStream 
 
@@ -41,6 +45,7 @@ VectraStream
    ```
 
 **Top 10 of query to non existing domain**
+
    ```kusto
 VectraStream 
 
@@ -56,6 +61,7 @@ VectraStream
    ```
 
 **Host and Web sites using non-ephemeral Diffie-Hellman key exchange**
+
    ```kusto
 VectraStream 
 

articles/sentinel/data-connectors/aishield.md

@@ -3,7 +3,7 @@ title: "AIShield connector for Microsoft Sentinel"
 description: "Learn how to install the connector AIShield to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 02/23/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 [AIShield](https://www.boschaishield.com/) connector allows users to connect with AIShield custom defense mechanism logs with Microsoft Sentinel, allowing the creation of dynamic Dashboards, Workbooks, Notebooks and tailored Alerts to improve investigation and thwart attacks on AI systems. It gives users more insight into their organization's AI assets security posturing and improves their AI systems security operation capabilities.
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,13 +25,15 @@ ms.author: cwatson
 ## Query samples
 
 **Get all incidents order by time**
+
    ```kusto
 AIShield
             
    | order by TimeGenerated desc 
    ```
 
 **Get high risk incidents**
+
    ```kusto
 AIShield
             

articles/sentinel/data-connectors/amazon-web-services-s3.md

@@ -3,7 +3,7 @@ title: "Amazon Web Services S3 connector for Microsoft Sentinel"
 description: "Learn how to install the connector Amazon Web Services S3 to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 04/16/2024
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -18,6 +18,8 @@ This connector allows you to ingest AWS service logs, collected in AWS S3 bucket
 
 For more information, see the [Microsoft Sentinel documentation](https://go.microsoft.com/fwlink/p/?linkid=2218883&wt.mc_id=sentinel_dataconnectordocs_content_cnl_csasci).
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -26,6 +28,60 @@ For more information, see the [Microsoft Sentinel documentation](https://go.micr
 | **Data collection rules support** | [Supported as listed](/azure/azure-monitor/logs/tables-feature-support) |
 | **Supported by** | [Microsoft Corporation](https://support.microsoft.com) |
 
+## Query samples
+
+**High severity findings summarized by activity type**
+
+   ```kusto
+AWSGuardDuty
+            
+   | where Severity > 7
+            
+   | summarize count() by ActivityType
+   ```
+
+**Top 10 rejected actions of type IPv4**
+
+   ```kusto
+AWSVPCFlow
+            
+   | where Action == "REJECT"
+            
+   | where Type == "IPv4"
+            
+   | take 10
+   ```
+
+**User creation events summarized by region**
+
+   ```kusto
+AWSCloudTrail
+            
+   | where EventName == "CreateUser"
+            
+   | summarize count() by AWSRegion
+   ```
+
+
+
+## Prerequisites
+
+To integrate with Amazon Web Services S3 make sure you have: 
+
+- **Environment**: you must have the following AWS resources defined and configured: S3, Simple Queue Service (SQS), IAM roles and permissions policies, and the AWS services whose logs you want to collect.
+
+
+## Vendor installation instructions
+
+1. Set up your AWS environment
+
+The​re are two options for setting up your AWS environment to send logs from an S3 bucket to your Log Analytics Workspace:
+
+
+2. Add connection
+
+
+
 
 ## Next steps
 

articles/sentinel/data-connectors/amazon-web-services.md

@@ -3,7 +3,7 @@ title: "Amazon Web Services connector for Microsoft Sentinel"
 description: "Learn how to install the connector Amazon Web Services to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 03/02/2024
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 Follow these instructions to connect to AWS and stream your CloudTrail logs into Microsoft Sentinel. For more information, see the [Microsoft Sentinel documentation](https://go.microsoft.com/fwlink/p/?linkid=2218883&wt.mc_id=sentinel_dataconnectordocs_content_cnl_csasci).
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |

articles/sentinel/data-connectors/apache-http-server.md

@@ -3,7 +3,7 @@ title: "Apache HTTP Server connector for Microsoft Sentinel"
 description: "Learn how to install the connector Apache HTTP Server to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 06/22/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 The Apache HTTP Server data connector provides the capability to ingest [Apache HTTP Server](http://httpd.apache.org/) events into Microsoft Sentinel. Refer to [Apache Logs documentation](https://httpd.apache.org/docs/2.4/logs.html) for more information.
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,6 +25,7 @@ The Apache HTTP Server data connector provides the capability to ingest [Apache
 ## Query samples
 
 **Top 10 Clients (Source IP)**
+
    ```kusto
 ApacheHTTPServer
  

articles/sentinel/data-connectors/apache-tomcat.md

@@ -3,7 +3,7 @@ title: "Apache Tomcat connector for Microsoft Sentinel"
 description: "Learn how to install the connector Apache Tomcat to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 06/22/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 The Apache Tomcat solution provides the capability to ingest [Apache Tomcat](http://tomcat.apache.org/) events into Microsoft Sentinel. Refer to [Apache Tomcat documentation](http://tomcat.apache.org/tomcat-10.0-doc/logging.html) for more information.
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,6 +25,7 @@ The Apache Tomcat solution provides the capability to ingest [Apache Tomcat](htt
 ## Query samples
 
 **Top 10 Clients (Source IP)**
+
    ```kusto
 TomcatEvent
  

articles/sentinel/data-connectors/api-protection.md

@@ -3,7 +3,7 @@ title: "API Protection connector for Microsoft Sentinel"
 description: "Learn how to install the connector API Protection to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 02/23/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 Connects the 42Crunch API protection to Azure Log Analytics via the REST API interface
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,6 +25,7 @@ Connects the 42Crunch API protection to Azure Log Analytics via the REST API int
 ## Query samples
 
 **API requests that were rate-limited**
+
    ```kusto
 apifirewall_log_1_CL
 
@@ -32,6 +35,7 @@ apifirewall_log_1_CL
    ```
 
 **API requests generating a server error**
+
    ```kusto
 apifirewall_log_1_CL
 
@@ -41,6 +45,7 @@ apifirewall_log_1_CL
    ```
 
 **API requests failing JWT validation**
+
    ```kusto
 apifirewall_log_1_CL
 

articles/sentinel/data-connectors/argos-cloud-security.md

@@ -3,7 +3,7 @@ title: "ARGOS Cloud Security connector for Microsoft Sentinel"
 description: "Learn how to install the connector ARGOS Cloud Security to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 07/26/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 The ARGOS Cloud Security integration for Microsoft Sentinel allows you to have all your important cloud security events in one place. This enables you to easily create dashboards, alerts, and correlate events across multiple systems. Overall this will improve your organization's security posture and security incident response.
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,20 +25,23 @@ The ARGOS Cloud Security integration for Microsoft Sentinel allows you to have a
 ## Query samples
 
 **Display all exploitable ARGOS Detections.**
+
    ```kusto
 ARGOS_CL
  
    | where exploitable_b
    ```
 
 **Display all open, exploitable ARGOS Detections on Azure.**
+
    ```kusto
 ARGOS_CL
  
    | where exploitable_b and cloud_s == 'azure' and status_s == 'open'
    ```
 
 **Display all open, exploitable ARGOS Detections on Azure.**
+
    ```kusto
 ARGOS_CL
  
@@ -46,6 +51,7 @@ ARGOS_CL
    ```
 
 **Render a time chart with all open ARGOS Detections on Azure.**
+
    ```kusto
 ARGOS_CL
  
@@ -57,6 +63,7 @@ ARGOS_CL
    ```
 
 **Display Top 10, open, exploitable ARGOS Detections on Azure.**
+
    ```kusto
 ARGOS_CL
  

articles/sentinel/data-connectors/atlassian-beacon-alerts.md

@@ -3,7 +3,7 @@ title: "Atlassian Beacon Alerts connector for Microsoft Sentinel"
 description: "Learn how to install the connector Atlassian Beacon Alerts to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 11/29/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,6 +25,7 @@ Atlassian Beacon is a cloud product that is built for Intelligent threat detecti
 ## Query samples
 
 **Atlassian Beacon Alerts**
+
    ```kusto
 atlassian_beacon_alerts_CL 
    | sort by TimeGenerated desc

articles/sentinel/data-connectors/automated-logic-webctrl.md

@@ -3,7 +3,7 @@ title: "Automated Logic WebCTRL connector for Microsoft Sentinel"
 description: "Learn how to install the connector Automated Logic WebCTRL to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 02/23/2023
+ms.date: 04/25/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
@@ -12,6 +12,8 @@ ms.author: cwatson
 
 You can stream the audit logs from the WebCTRL SQL server hosted on Windows machines connected to your Microsoft Sentinel. This connection enables you to view dashboards, create custom alerts and improve investigation. This gives insights into your Industrial Control Systems that are monitored or controlled by the WebCTRL BAS application.
 
+This is autogenerated content. For changes, contact the solution provider.
+
 ## Connector attributes
 
 | Connector attribute | Description |
@@ -23,6 +25,7 @@ You can stream the audit logs from the WebCTRL SQL server hosted on Windows mach
 ## Query samples
 
 **Total warnings and errors raised by the application**
+
    ```kusto
 Event