Merge branch 'Azure:master' into master

Samsung · Feb 12, 2025 · 637e94a · 637e94a
2 parents 15ce305 + de19413
commit 637e94a
Show file tree

Hide file tree

Showing 19 changed files with 141 additions and 136 deletions.
diff --git a/DataConnectors/Syslog/Forwarder_AMA_installer.py b/DataConnectors/Syslog/Forwarder_AMA_installer.py
@@ -23,7 +23,7 @@
 rsyslog_old_config_tcp_content = "# provides TCP syslog reception\n$ModLoad imtcp\n$InputTCPServerRun " + daemon_default_incoming_port + "\n"
 syslog_ng_documantation_path = "https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.26/administration-guide/34#TOPIC-1431029"
 rsyslog_documantation_path = "https://www.rsyslog.com/doc/master/configuration/actions.html"
-temp_file_path = "/tmp/rsyslog_temp_config.txt"
+temp_file_path = "/tmp/syslog_temp_config.txt"
 
 
 def print_error(input_str):
@@ -266,7 +266,7 @@ def set_syslog_ng_configuration():
                     comment_line = False
                 # write line correctly
                 fout.write(line if not comment_line else ("#" + line))
-    command_tokens = ["sudo", "cp", temp_file_path, rsyslog_conf_path]
+    command_tokens = ["sudo", "cp", temp_file_path, syslog_ng_conf_path]
     write_new_content = subprocess.Popen(command_tokens, stdout=subprocess.PIPE)
     time.sleep(3)
     o, e = write_new_content.communicate()
@@ -325,4 +325,4 @@ def main():
 
 
 
-main()
+main()
diff --git a/Solutions/Auth0/Data Connectors/Auth0_CCP/DataConnectorDefinition.json b/Solutions/Auth0/Data Connectors/Auth0_CCP/DataConnectorDefinition.json
@@ -7,7 +7,7 @@
     "properties": {
         "connectorUiConfig": {
             "id": "Auth0ConnectorCCPDefinition",
-            "title": "Auth0 Logs (Preview)",
+            "title": "Auth0 Logs",
             "publisher": "Microsoft",
             "descriptionMarkdown": "The [Auth0](https://auth0.com/docs/api/management/v2/logs/get-logs) data connector allows ingesting logs from Auth0 API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses Auth0 API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.",
             "graphQueries": [

diff --git a/Solutions/Auth0/Data Connectors/Auth0_FunctionApp.json b/Solutions/Auth0/Data Connectors/Auth0_FunctionApp.json
@@ -1,6 +1,6 @@
 {
 	"id": "Auth0",
-	"title": "Auth0 Access Management(using Azure Function)",
+	"title": "Auth0 Access Management",
 	"publisher": "Auth0",
 	"descriptionMarkdown": "The [Auth0 Access Management](https://auth0.com/access-management) data connector provides the capability to ingest [Auth0 log events](https://auth0.com/docs/api/management/v2/#!/Logs/get_logs) into Microsoft Sentinel",
 	"additionalRequirementBanner": "These queries are dependent on a parser based on a Kusto Function deployed as part of the solution.",

diff --git a/Solutions/Auth0/Package/3.1.2.zip b/Solutions/Auth0/Package/3.1.2.zip
diff --git a/Solutions/Auth0/Package/mainTemplate.json b/Solutions/Auth0/Package/mainTemplate.json
@@ -47,7 +47,7 @@
     "email": "support@microsoft.com",
     "_email": "[variables('email')]",
     "_solutionName": "Auth0",
-    "_solutionVersion": "3.1.1",
+    "_solutionVersion": "3.1.2",
     "solutionId": "azuresentinel.azure-sentinel-solution-auth0",
     "_solutionId": "[variables('solutionId')]",
     "uiConfigId1": "Auth0",
@@ -92,7 +92,7 @@
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "Auth0 data connector with template version 3.1.1",
+        "description": "Auth0 data connector with template version 3.1.2",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorVersion1')]",
@@ -108,7 +108,7 @@
               "properties": {
                 "connectorUiConfig": {
                   "id": "[variables('_uiConfigId1')]",
-                  "title": "Auth0 Access Management(using Azure Function) (using Azure Functions)",
+                  "title": "Auth0 Access Management (using Azure Functions)",
                   "publisher": "Auth0",
                   "descriptionMarkdown": "The [Auth0 Access Management](https://auth0.com/access-management) data connector provides the capability to ingest [Auth0 log events](https://auth0.com/docs/api/management/v2/#!/Logs/get_logs) into Microsoft Sentinel",
                   "additionalRequirementBanner": "These queries are dependent on a parser based on a Kusto Function deployed as part of the solution.",
@@ -279,7 +279,7 @@
         "contentSchemaVersion": "3.0.0",
         "contentId": "[variables('_dataConnectorContentId1')]",
         "contentKind": "DataConnector",
-        "displayName": "Auth0 Access Management(using Azure Function) (using Azure Functions)",
+        "displayName": "Auth0 Access Management (using Azure Functions)",
         "contentProductId": "[variables('_dataConnectorcontentProductId1')]",
         "id": "[variables('_dataConnectorcontentProductId1')]",
         "version": "[variables('dataConnectorVersion1')]"
@@ -323,7 +323,7 @@
       "kind": "GenericUI",
       "properties": {
         "connectorUiConfig": {
-          "title": "Auth0 Access Management(using Azure Function) (using Azure Functions)",
+          "title": "Auth0 Access Management (using Azure Functions)",
           "publisher": "Auth0",
           "descriptionMarkdown": "The [Auth0 Access Management](https://auth0.com/access-management) data connector provides the capability to ingest [Auth0 log events](https://auth0.com/docs/api/management/v2/#!/Logs/get_logs) into Microsoft Sentinel",
           "graphQueries": [
@@ -454,7 +454,7 @@
       ],
       "properties": {
         "contentId": "[variables('_dataConnectorContentIdConnectorDefinition2')]",
-        "displayName": "Auth0 Logs (Preview)",
+        "displayName": "Auth0 Logs",
         "contentKind": "DataConnector",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
@@ -471,7 +471,7 @@
               "properties": {
                 "connectorUiConfig": {
                   "id": "Auth0ConnectorCCPDefinition",
-                  "title": "Auth0 Logs (Preview)",
+                  "title": "Auth0 Logs",
                   "publisher": "Microsoft",
                   "descriptionMarkdown": "The [Auth0](https://auth0.com/docs/api/management/v2/logs/get-logs) data connector allows ingesting logs from Auth0 API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses Auth0 API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.",
                   "graphQueries": [
@@ -852,7 +852,7 @@
       "properties": {
         "connectorUiConfig": {
           "id": "Auth0ConnectorCCPDefinition",
-          "title": "Auth0 Logs (Preview)",
+          "title": "Auth0 Logs",
           "publisher": "Microsoft",
           "descriptionMarkdown": "The [Auth0](https://auth0.com/docs/api/management/v2/logs/get-logs) data connector allows ingesting logs from Auth0 API into Microsoft Sentinel. The data connector is built on Microsoft Sentinel Codeless Connector Platform. It uses Auth0 API to fetch logs and it supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) that parses the received security data into a custom table so that queries don't need to parse it again, thus resulting in better performance.",
           "graphQueries": [
@@ -1001,14 +1001,24 @@
       ],
       "properties": {
         "contentId": "[variables('_dataConnectorContentIdConnections2')]",
-        "displayName": "Auth0 Logs (Preview)",
+        "displayName": "Auth0 Logs",
         "contentKind": "ResourcesDataConnector",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorCCPVersion')]",
           "parameters": {
+            "ClientId": {
+              "defaultValue": "-NA-",
+              "type": "securestring",
+              "minLength": 4
+            },
+            "ClientSecret": {
+              "defaultValue": "-NA-",
+              "type": "securestring",
+              "minLength": 4
+            },
             "connectorDefinitionName": {
-              "defaultValue": "Auth0 Logs (Preview)",
+              "defaultValue": "Auth0 Logs",
               "type": "string",
               "minLength": 1
             },
@@ -1027,16 +1037,6 @@
               "defaultValue": "Domain",
               "type": "string",
               "minLength": 1
-            },
-            "ClientId": {
-              "defaultValue": "ClientId",
-              "type": "string",
-              "minLength": 1
-            },
-            "ClientSecret": {
-              "defaultValue": "ClientSecret",
-              "type": "securestring",
-              "minLength": 1
             }
           },
           "variables": {
@@ -1136,7 +1136,7 @@
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "Auth0AM Data Parser with template version 3.1.1",
+        "description": "Auth0AM Data Parser with template version 3.1.2",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('parserObject1').parserVersion1]",
@@ -1268,7 +1268,7 @@
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "Auth0 Data Parser with template version 3.1.1",
+        "description": "Auth0 Data Parser with template version 3.1.2",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('parserObject2').parserVersion2]",
@@ -1396,7 +1396,7 @@
       "apiVersion": "2023-04-01-preview",
       "location": "[parameters('workspace-location')]",
       "properties": {
-        "version": "3.1.1",
+        "version": "3.1.2",
         "kind": "Solution",
         "contentSchemaVersion": "3.0.0",
         "displayName": "Auth0",

diff --git a/Solutions/Auth0/ReleaseNotes.md b/Solutions/Auth0/ReleaseNotes.md
@@ -1,7 +1,8 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                     |
 |-------------|--------------------------------|--------------------------------------------------------|
-| 3.1.1       | 22-01-2025                     | Added Preview tag to CCP **Data Connector**|
-| 3.1.0       | 13-12-2024                     | Added new CCP **Data Connector** to the Solution             |
+| 3.1.2       | 10-02-2025                     | Advancing CCP **Data Connector** from Public preview to Global Availability.           |
+| 3.1.1       | 22-01-2025                     | Added Preview tag to CCP **Data Connector**                                            |
+| 3.1.0       | 13-12-2024                     | Added new CCP **Data Connector** to the Solution                                       |
 | 3.0.0       | 24-08-2024                     | Updated the **Data Connector** Function app python runtime version to 3.11             |
-|             | 11-12-2023                     | Added new **Parser** (Auth0AM)                         | 
+|             | 11-12-2023                     | Added new **Parser** (Auth0AM)                                                         | 
 
diff --git a/Solutions/Box/Data Connectors/BoxEvents_ccp/BoxEvents_DataConnectorDefinition.json b/Solutions/Box/Data Connectors/BoxEvents_ccp/BoxEvents_DataConnectorDefinition.json
@@ -8,7 +8,7 @@
     "properties": {
         "connectorUiConfig": {
             "id": "BoxEventsCCPDefinition",
-            "title": "Box Events (CCP) (Preview)",
+            "title": "Box Events (CCP)",
             "publisher": "Microsoft",
             "descriptionMarkdown": "The Box data connector provides the capability to ingest [Box enterprise's events](https://developer.box.com/guides/events/#admin-events) into Microsoft Sentinel using the Box REST API. Refer to [Box  documentation](https://developer.box.com/guides/events/enterprise-events/for-enterprise/) for more information.",
             "graphQueriesTableName": "BoxEventsV2_CL",

diff --git a/Solutions/Box/Package/3.1.1.zip b/Solutions/Box/Package/3.1.1.zip