Merge pull request Azure#13160 from jlheard/user/jlheard/qualys-vm-host-logs-optimization

- Added rate limit of 1 QPS
- Made truncation_limit query parameter configurable
- Updated API versions for createSolutionV3.ps1 to use the latest and table versions of the ARM APIs.
- Fixing the Truffle Hog secrets scanning tool
    -reduced git checkout fetch-depth from 50 to 10 to check less history and use less disk space which was being exhausted on the worker

Author: jlheard

.github/workflows/ScanSecrets.yaml

@@ -10,7 +10,7 @@ jobs:
     - name: Checkout code
       uses: actions/checkout@v4
       with:
-        fetch-depth: 50
+        fetch-depth: 10
     - name: Secret Scanning
       uses: trufflesecurity/trufflehog@main
       with:

.script/SecretScanning/Excludepathlist

@@ -1,2 +1 @@
 path_ofthe_file_toskip_from_scanning
-

Solutions/QualysVM/Data Connectors/QualysVMHostLogs_ccp/QualysVMHostLogs_ConnectorDefinition.json

@@ -120,6 +120,48 @@
                 "description": "Ensure the API Server URL starts with https:// and paste the whole API Server URL without / at the ending"
               }
             },
+            {
+              "type": "Markdown",
+              "parameters": {
+                "content": "#### 3. Truncation Limit \n Configure the maximum number of host records to retrieve per API call (20-5000 range). Higher values may improve performance but could impact API response times."
+              }
+            },            
+            {
+              "type": "Dropdown",
+              "parameters": {
+                "label": "Truncation Limit",
+                "name": "truncationLimit",
+                "options": [
+                  {
+                    "key": "1000",
+                    "text": "1000 - API default value"
+                  },
+                  {
+                    "key": "20",
+                    "text": "20 - Minimal load, slower collection"
+                  },
+                  {
+                    "key": "100",
+                    "text": "100 - Low load"
+                  },
+                  {
+                    "key": "500",
+                    "text": "500 - Moderate load"
+                  },
+                  {
+                    "key": "2500",
+                    "text": "2500 - High load, faster collection"
+                  },
+                  {
+                    "key": "5000",
+                    "text": "5000 - Maximum load, fastest collection"
+                  }
+                ],
+                "placeholder": "Select truncation limit",
+                "isMultiSelect": false,
+                "required": true
+              }
+            },
             {
               "type": "ConnectionToggleButton",
               "parameters": {

Solutions/QualysVM/Data Connectors/QualysVMHostLogs_ccp/QualysVMHostLogs_PollingConfig.json

@@ -6,44 +6,45 @@
         "kind": "RestApiPoller",
         "properties": {
             "connectorDefinitionName": "QualysVMLogsCCPDefinition",
-            "dataType": "QualysHostDetectionV3_CL",
+            "dataType": "QualysHostDetectionV3_CL",        
             "auth": {
-                "type": "Basic",
-                "userName": "[[parameters('username')]",
-                "password": "[[parameters('password')]"
+            "type": "Basic",
+            "userName": "[[parameters('username')]",
+            "password": "[[parameters('password')]"
             },
             "request": {
-                "apiEndpoint": "{{apiServerUrl}}/api/3.0/fo/asset/host/vm/detection/",
+            "apiEndpoint": "{{apiServerUrl}}/api/3.0/fo/asset/host/vm/detection/",
                 "httpMethod": "GET",
                 "QueryWindowInMin": 10,
+                "rateLimitQPS": 1,
                 "queryTimeFormat": "yyyy-MM-ddTHH:mm:ssZ",
                 "headers": {
                     "X-Requested-With": "XMLHttpRequest",
                     "User-Agent": "Scuba"
                 },
                 "queryParameters": {
-                    "action": "list", 
-                    "truncation_limit": 1, 
+                    "action": "list",
+                    "truncation_limit": "[[parameters('truncationLimit')[0]]",
                     "status": "New,Fixed,Active,Re-Opened",
                     "vm_processed_before": "{_QueryWindowEndTime}",
                     "vm_processed_after": "{_QueryWindowStartTime}"
-                }
+            }
             },
             "response": {
                 "eventsJsonPaths": [
                     "$.HOST_LIST_VM_DETECTION_OUTPUT.RESPONSE.HOST_LIST.HOST"
                 ],
                 "format": "xml"
             },
-            "dcrConfig": {
+                "dcrConfig": {
                 "streamName": "Custom-QualysVM",
                 "dataCollectionEndpoint": "{{dataCollectionEndpoint}}",
                 "dataCollectionRuleImmutableId": "{{dataCollectionRuleImmutableId}}"
             },
             "paging": {
                 "pagingType": "LinkHeader",
                 "linkHeaderTokenJsonPath": "$.HOST_LIST_VM_DETECTION_OUTPUT.RESPONSE.WARNING.URL.#cdata-section"
-            }
+            }        
         }
     }
 ]

Solutions/QualysVM/Package/3.0.7.zip

@@ -60,7 +60,7 @@
             "name": "dataconnectors1-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Solution installs the data connector for QualysVM. You can get QualysVM data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
+              "text": "This Solution installs the data connector for Qualys Vulnerability Management (via Codeless Connector Framework). You can get Qualys Vulnerability Management (via Codeless Connector Framework) data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
             }
           },
           {