Adding new workbook, custom tables, data connector and analytic rules…

[seanmacdonald8]

… for the new log ingestion api-based integration

Required items, please complete

Change(s):

• Adding a new data connector for log ingestion API method

Reason for Change(s):

• http data collector will be deprecated soon

Version Updated:

• N/A

Testing Completed:

• yes

Checked that the validations are passing and have addressed any issues that are present:

• Need help

[v-kasghosh]

Hey @seanmacdonald8,

I noticed in this PR that you've added a new Workbook, Analytic rules, Custom tables, and Data connector for Darktrace. To move forward, please package the solution as follows:

• Add the Workbook, Analytic rules, and Data connector to the solution's data file. This is the path of current data file - https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Darktrace/Data/Solution_DarktraceEnterpriseImmuneSystem.json
• Update the solution version.
• Package the solution using the V3 tool: https://github.com/Azure/Azure-Sentinel/blob/master/Tools/Create-Azure-Sentinel-Solution/V3/README.md

Also, please add the new Custom tables to the following folder: https://github.com/Azure/Azure-Sentinel/tree/master/.script/tests/KqlvalidationsTests/CustomTables

Also, update the metadata for the workbook at the path below.
https://github.com/Azure/Azure-Sentinel/blob/master/Workbooks/WorkbooksMetadata.json

Let me know if you need any assistance.
Thanks!