-
Notifications
You must be signed in to change notification settings - Fork 3k
Insights: Azure/Azure-Sentinel
Overview
Could not load contribution data
Please try again later
35 Pull requests merged by 23 people
-
Bug fixes for function and logic app
#11328 merged
Oct 25, 2024 -
Exception Filtering Cases ASIM
#11339 merged
Oct 25, 2024 -
Adding new MDO related queries from recent Microsoft Threat Intellige…
#11316 merged
Oct 25, 2024 -
Updated azure deploy template for BitSight data connector
#11334 merged
Oct 25, 2024 -
Updated Pulisher Id for mimecast solution
#11336 merged
Oct 25, 2024 -
Update ingestASimSampleData.py
#11337 merged
Oct 25, 2024 -
Placing workbook images in the workbook/image/preview location
#11330 merged
Oct 25, 2024 -
fixing Typo in filtering script
#11335 merged
Oct 25, 2024 -
Update ASimFilteringTest.py
#11333 merged
Oct 25, 2024 -
Update SentinelOneAPISentinelConn.zip
#11332 merged
Oct 25, 2024 -
Bump aiohttp from 3.9.5 to 3.10.2 in /Solutions/ZeroFox/Data Connectors/CTI
#10963 merged
Oct 24, 2024 -
Fixes for issues occurred during publishing to the Azure Store
#11276 merged
Oct 24, 2024 -
ZeroNetworks: update parsers with new auditTypes
#11236 merged
Oct 24, 2024 -
Bump up package to 3.2.2 for partner center update
#11313 merged
Oct 24, 2024 -
Standard Update for Cloudflare Function App
#11284 merged
Oct 24, 2024 -
Update imDns_DomainEntity_DnsEvents.yaml
#11257 merged
Oct 24, 2024 -
Fixed TLS default version related thing by udating it to TLS1.2
#11318 merged
Oct 24, 2024 -
Bump urllib3 from 1.25.11 to 1.26.19 in /Solutions/CiscoUmbrella/Data Connectors
#11024 merged
Oct 23, 2024 -
Update ingestASimSampleData.py
#11317 merged
Oct 23, 2024 -
Bitglass solution packaged to update old URL to new URL
#11304 merged
Oct 23, 2024 -
Enforcing ASim validations when failure comes
#11314 merged
Oct 23, 2024 -
SentinelOne | Updated the requirements file for py_310 import errors
#11292 merged
Oct 23, 2024 -
Added the newly created Learn links for publishing Sentinel solutions
#11282 merged
Oct 23, 2024 -
Update EventsToTableMapping.json
#11293 merged
Oct 22, 2024 -
Bump aiohttp from 3.9.2 to 3.10.2 in /Solutions/Google Cloud Platform Cloud Monitoring/Data Connectors
#10958 merged
Oct 22, 2024 -
Inspira Enterprise Standalone workbooks
#11310 merged
Oct 22, 2024 -
1Password codeless connector
#11131 merged
Oct 22, 2024 -
Abnormal Security Sentinel New Polling Logic
#11196 merged
Oct 22, 2024 -
aws-s3-fun-pythonversionupdate3.8to3.9
#11308 merged
Oct 22, 2024 -
add stream prefix to cloudwatch lambda
#11305 merged
Oct 22, 2024 -
Updated Parsers and added new tabs in workbook as per new requirement in Corelight Solution.
#11194 merged
Oct 22, 2024 -
Added Mimecast Solution
#11114 merged
Oct 21, 2024 -
CTERA Solution for Azure Sentinel
#11169 merged
Oct 21, 2024 -
update functionapp version, fix link to point to master branch
#11295 merged
Oct 21, 2024 -
Added domain solutions id's
#11298 merged
Oct 21, 2024
10 Pull requests opened by 9 people
-
Do not merge-test
#11301 opened
Oct 20, 2024 -
Updated Tenable VM Data Connector to support compliance data ingestion.
#11311 opened
Oct 22, 2024 -
Updating CrowdStrike Solution to add support for gov deployment
#11315 opened
Oct 23, 2024 -
M3: Illumio Playbook support
#11321 opened
Oct 23, 2024 -
Update Vmware Carbon black solution to fix deployment issue
#11322 opened
Oct 24, 2024 -
MDO Tools hygiene
#11323 opened
Oct 24, 2024 -
Adding new Box CCP connector and updated parser
#11324 opened
Oct 24, 2024 -
Test
#11326 opened
Oct 24, 2024 -
Bump snowflake-connector-python from 3.0.2 to 3.12.3 in /Solutions/Snowflake/Data Connectors
#11331 opened
Oct 24, 2024 -
Updated description of Analytic Rule
#11338 opened
Oct 25, 2024
11 Issues closed by 2 people
-
Invalid Column Name for Entity Mapping
#11278 closed
Oct 25, 2024 -
SentinelOneAPISentinelConn.zip modification caused existing Function Apps to stop working
#11325 closed
Oct 25, 2024 -
Analytic Rules Leads to FPs: Preview - TI map IP entity to Cloud App Events
#11272 closed
Oct 25, 2024 -
Duplicated logs ingested into Sentinel with OCI (Azure Functions) Data Connector
#10863 closed
Oct 24, 2024 -
Cisco Umbrella (using Azure Functions) connector for Microsoft Sentinel not ingesting intrusionlogs
#11204 closed
Oct 23, 2024 -
Limiting GCP Workload Identity Access to Specific Azure Sentinel Connectors
#11251 closed
Oct 23, 2024 -
Trend Micro Vision One - TrendMicro_XDR_WORKBENCH_CL table is not showing any results
#11312 closed
Oct 23, 2024 -
Defender Advanced Hunt query error
#11235 closed
Oct 23, 2024 -
Analytic rule not working properly
#11125 closed
Oct 23, 2024 -
Old Analytic Rules versions in /solutions/
#11307 closed
Oct 22, 2024
7 Issues opened by 7 people
-
DomainEntity_EmailUrlInfo TI detection creates memory issues on large data sets
#11340 opened
Oct 25, 2024 -
Environment failing to Deploy - enableSolutionAndAlerts - Create-NewSolutionAndRulesFromList.ps1: line 44
#11329 opened
Oct 24, 2024 -
Arm template with a parameter of array type is resulting in an exception when deployed
#11320 opened
Oct 23, 2024 -
Okta SSO Parser Calling Incorrect Table Name
#11319 opened
Oct 23, 2024 -
Exchange Security Insights On-Premise Collector receives no logs
#11309 opened
Oct 22, 2024 -
Support for sprintf format in Microsoft Sentinel output plugin for Logstash
#11303 opened
Oct 21, 2024 -
Discrepancy in the Count of the Events - in the Incidents blade and Log Analytics Workspace results
#11302 opened
Oct 21, 2024
29 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
ESET Protect Platform solution 3.0.0.
#11280 commented on
Oct 24, 2024 • 3 new comments -
Fortinet FortiGate WebSession Parsers Parsing Fix & Additions
#10865 commented on
Oct 25, 2024 • 1 new comment -
Formatting fixes revealed during parsing
#11300 commented on
Oct 24, 2024 • 0 new comments -
fix: Deploy ASIM parsers without redeploying the Log Analytics workspace
#11299 commented on
Oct 22, 2024 • 0 new comments -
Fixed ssh_potentialBruteForce.yaml Account field
#11290 commented on
Oct 24, 2024 • 0 new comments -
PureStorage FlashBlade Integration
#11286 commented on
Oct 22, 2024 • 0 new comments -
Garrison ULTRA Remote Logs solution
#11285 commented on
Oct 24, 2024 • 0 new comments -
WindowsAuth Parser Update
#11277 commented on
Oct 25, 2024 • 0 new comments -
Update legacy syslog connector definition
#11253 commented on
Oct 23, 2024 • 0 new comments -
Veritas analytics rules
#11250 commented on
Oct 22, 2024 • 0 new comments -
Modified the Phishing Investigation application to handle benign case as well as no URL extracted from entities.
#11217 commented on
Oct 24, 2024 • 0 new comments -
Updates to DataConnectors/AWS-SecurityHubFindings
#11211 commented on
Oct 23, 2024 • 0 new comments -
🐛 Don't mix ISO duration and KQL timespan formats
#11199 commented on
Oct 25, 2024 • 0 new comments -
Improve query if column is not present
#11197 commented on
Oct 24, 2024 • 0 new comments -
Sensor SSH Cowrie solution
#11155 commented on
Oct 23, 2024 • 0 new comments -
Q2 2024 updates
#11049 commented on
Oct 21, 2024 • 0 new comments -
Workbook complete rewrite for Microsoft Sentinel Cost
#11003 commented on
Oct 25, 2024 • 0 new comments -
IPinfo Sentinel Solution New Connectors
#10981 commented on
Oct 21, 2024 • 0 new comments -
Update OktaSSO.yaml
#10943 commented on
Oct 24, 2024 • 0 new comments -
Update BloodHound Enterprise Solution function app
#10701 commented on
Oct 25, 2024 • 0 new comments -
Integrating InsightVM with Sentinel
#11233 commented on
Oct 25, 2024 • 0 new comments -
Meraki Rest API information is out of date and failing to connect
#11248 commented on
Oct 25, 2024 • 0 new comments -
Suspicious overly permissive KMS key policy created - Rule Tuning
#11296 commented on
Oct 25, 2024 • 0 new comments -
Proofpoint On demand(POD) Timer too long
#11243 commented on
Oct 25, 2024 • 0 new comments -
Unable to view contents of function app's zip files after downloading from SCM_RUN_FROM_PACKAGE link
#11281 commented on
Oct 24, 2024 • 0 new comments -
SalesforceSentinelConnector Authentication Parameters, trigger variable, required application setting
#11288 commented on
Oct 24, 2024 • 0 new comments -
ConvertFrom-Json returning null???
#11267 commented on
Oct 23, 2024 • 0 new comments -
ASimWebSessionSquidProxy issue with data from AMA
#11268 commented on
Oct 23, 2024 • 0 new comments -
How to contribute to Network Session Essentials/solutions that use ASIM parsers?
#11210 commented on
Oct 22, 2024 • 0 new comments