socprime_connector_first_commit

[averbn]

Required items, please complete

Change(s):

• See guidance below

Reason for Change(s):

• See guidance below

Version Updated:

• Required only for Detections/Analytic Rule templates
• See guidance below

Testing Completed:

• See guidance below

Checked that the validations are passing and have addressed any issues that are present:

• See guidance below

Guidance <- remove section before submitting

---

Before submitting this PR please ensure that you have read the following sections and filled out the changes, reason for change and testing complete sections:

Thank you for your contribution to the Microsoft Sentinel Github repo.

Details of the code changes in your submitted PR. Providing descriptions for pull requests ensures there is context to changes being made and greatly enhances the code review process. Providing associated Issues that this resolves also easily connects the reason.

Change(s):

• Updated syntax for XYZ.yaml

Reason for Change(s):

• New schema used for XYZ.yaml
• Resolves ISSUE Add Logstash required version to Readme file #1234

Version updated:

• Yes
• Detections/Analytic Rule templates are required to have the version updated

The code should have been tested in a Microsoft Sentinel environment that does not have any custom parsers, functions or tables, so that you validate no incorrect syntax and execution functions properly. If your submission requires a custom parser or function, it must be submitted with the PR.

Testing Completed:

• Yes/No/Need Help

Note: If updating a detection, you must update the version field.

Before the submission has been made, please look at running the KQL and Yaml Validation Checks locally.
https://github.com/Azure/Azure-Sentinel#run-kql-validation-locally

Checked that the validations are passing and have addressed any issues that are present:

• Yes/No/Need Help

Note: Let us know if you have tried fixing the validation error and need help.

References:

• Guidance for Detection checks
• General contribution guidance
• PR validation troubleshooting

---

[v-shukore]

Hi @averbn, to fix the logo validation issue, open the logo file in Visual Studio Code and look for the id property. Replace it with a new GUID, which is a 16-character unique identifier. You can generate a GUID online and update the id property with it.
Also, remove the style as in given error

Also, add the releasenote.md file for this solution.

[averbn]

Hi @averbn, to fix the logo validation issue, open the logo file in Visual Studio Code and look for the id property. Replace it with a new GUID, which is a 16-character unique identifier. You can generate a GUID online and update the id property with it. Also, remove the style as in given error

Also, add the releasenote.md file for this solution.

Hi @v-shukore, got it, thanks

[v-shukore]

Hi @averbn, I have made the required updates in the PR. Could you please share the running CCF connector screenshots so we can proceed to the next steps? Thank you.

[averbn]

Hi @averbn, I have made the required updates in the PR. Could you please share the running CCF connector screenshots so we can proceed to the next steps? Thank you.
Hi @v-shukore, sure, added screenshots, thanks

[v-shukore]

Hi @averbn,
This appears to be marked as a Microsoft supported solution. Typically, we receive such requests and confirmation from the PM, as Microsoft needs to support the solution. Could you please confirm if this is meant to be Microsoft supported, or if you intend to contribute as a Partner? If it is intended as Microsoft supported, we will need confirmation from the PM. Please share your email address so we can connect you with the PM.
Thanks!!

[averbn]

Hi @averbn, This appears to be marked as a Microsoft supported solution. Typically, we receive such requests and confirmation from the PM, as Microsoft needs to support the solution. Could you please confirm if this is meant to be Microsoft supported, or if you intend to contribute as a Partner? If it is intended as Microsoft supported, we will need confirmation from the PM. Please share your email address so we can connect you with the PM. Thanks!!

Hi @v-shukore
Thanks for the clarification. We intend to release this as a partner-contributed solution, not a Microsoft-supported one. Could you please advise on the correct process for this case? Thanks

[v-shukore]

Hi @averbn, if you plan to release this as a partner-contributed solution, please update your solutionmetadata file with the correct offerid, name, email, tier, and link for your partner. Then, repackage the solution and commit the changes. Thanks!

[averbn]

Hi @averbn, if you plan to release this as a partner-contributed solution, please update your solutionmetadata file with the correct offerid, name, email, tier, and link for your partner. Then, repackage the solution and commit the changes. Thanks!

Thanks, changed and rebuilt.

[v-shukore]

Hi @averbn, I noticed that in the solution metadata file, the publisherId is set to "azuresentinel," which is intended for Microsoft-supported solutions. Please update the publisherId to reflect ISV support. Thanks!!

[averbn]

Hi @averbn, I noticed that in the solution metadata file, the publisherId is set to "azuresentinel," which is intended for Microsoft-supported solutions. Please update the publisherId to reflect ISV support. Thanks!!

Hi @v-shukore , updated and rebuilt, thanks.

[v-shukore]

Hi @averbn, if there are no further updates required for this PR, may we proceed with merging it?

[averbn]

Hi @averbn, if there are no further updates required for this PR, may we proceed with merging it?

Hi @v-shukore , That`s it, please merge it, thanks for your assistance!

[Copilot]

Pull request overview

This PR adds a new SOCPrime logo SVG file to the Logos directory, likely as part of integrating SOCPrime connector functionality into the Azure Sentinel ecosystem.

Key Changes:

• Added SOCPrime_Logo.svg containing the SOCPrime company logo with brand colors (blue and yellow/gold)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.