Add two office hunting queries: the first shows new users created; the second user ids or user agents associated with multiple IPs within a short space of time. by timbMSFT · Pull Request #5 · Azure/Azure-Sentinel

timbMSFT · 2018-12-04T11:42:16Z

Also remove user_office_logons - this is an investigation-only query that requires some account name as a filter to avoid high number of hits.

…e second user ids or user agents associated with multiple IPs within a short space of time. Also remove user_office_logons - this is an investigation-only query that requires some account name as a filter to avoid high number of hits.

zhzhao8888

#1 query: please remove the last line --> render barchart
#2 query: Please add Name, Description, and Tags

Bringing up to Date

Update

fix issues in logo and workbook

merge

added custom table scemas

Add preview images

update according to feedback

…-microsoftwindows-events Asim/kustoking/add registryevent microsoftwindows events

commit 4b2bc0cc248f326e62aebd132626b44e15cbacb6 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Mar 1 17:23:17 2023 -0800 add this file, for further customization. +++ ./Solutions/CohesitySecurity/Tools/createSolutionV2.ps1 commit 9cba831803a72179ac0f6ce71af90127e686bbc0 Merge: 40ad85f0e a75b98838 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Mar 1 12:58:40 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 40ad85f0e1968d380d28115bca8c7ff592f76b75 Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Feb 24 16:50:48 2023 -0800 Added status to the incident to allow Welcome incident creation - Fixed startDaysAgo parameter usage in function azuredeploy.json - Replace ApiKey in blob key to a static value. - Removed ApiKey references in the logs. - Changed the status of the incidient to "New" always as we only query for kOpen alerts. - Refactored the code to have incident creation at a single place. commit ab333b79b112e47d9d44834762c97f2b8acad934 Merge: 878871468 3af5f111d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Feb 28 13:58:11 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 878871468e45b65faed668b606025987dd2659f5 Merge: 9a961ab2a 4ed65ef71 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 27 16:27:00 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 9a961ab2ac3d0a4d5cd7dfa117c98a70373e53ce Merge: 38a0bbd01 4e53f5de0 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Feb 24 10:45:17 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 38a0bbd0113ba0b42d18a87faa9bce7fe31779e4 Merge: b768cab7f ed943622b Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 23 11:16:06 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit b768cab7f3636d8ab9bcc103afea7062bcaeecdc Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 22 18:25:53 2023 -0800 Fix the required permissions and role for the Azure AD app commit 474253f2bf90fb2be70de63f48fa22579028610c Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 21 11:49:26 2023 -0800 Regenerate package with v2 solution creator and updated partner info commit 44e2f1b7921cccbe0ca1cabb52df3e45b3d0d82b Merge: 12ec703ac 284f45dc7 Author: Ying Huang <ying.huang@cohesity.com> Date: Sun Feb 19 22:49:30 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 12ec703acecd71fe81a218dc0de0ea293f04907b Merge: 4243ee149 3d8a1cbdd Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 16 16:08:39 2023 -0800 Merge pull request #5 from cohesity/audo_deployment fix to the serverfarms Conflict issue. commit 4243ee1498650ae062034f5b04a267e906c0dd20 Merge: dcd835bd2 5127b80fd Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 16 16:08:04 2023 -0800 Merge pull request #6 from cohesity/build update the build related stuff. commit 5127b80fdeae73342ce5c74e98499fb358137454 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 16 14:55:44 2023 -0800 add this file, but which still not working yet. ./Solutions/CohesitySecurity/Package/mainTemplate.json.sh update the build script. commit b4b7dcce8c80a788b36e2560eed301a479dc0884 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 16 11:19:41 2023 -0800 update the build related stuff. small change to metadata. commit 3d8a1cbdd19cea118e497b00802855b75705f1d0 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Feb 15 11:03:21 2023 -0800 fix to the serverfarms Conflict issue. small update to the deployment script. commit dcd835bd2a13b8dcd336985560c6503fffbd6811 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:58:34 2023 -0800 Re-create package with version 2.0 and updated URLs commit 26b81b758dedaecd41a179197dfc8ec0f28c7cde Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:54:10 2023 -0800 Replace github URL to Azure from Cohesity commit 2f3e379183d7caf1c71f6d5fb4e0ccb6071427a4 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:16:52 2023 -0800 Remove manual deployment option, change version and URLs commit 3eb7ffc7aae1590043f4cea4f8e72ceffa57aee9 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 9 11:13:27 2023 -0800 Zip (#4) Add producer and consumer packaging scripts commit 724bd4b85ed9acc1caf564466b074a53a69fd546 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 16:55:25 2023 -0800 Renamed function app package name and location commit 8a2a67073b318300cec969d745eeaba9dee41179 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 14:02:55 2023 -0800 Add logo to solution Also, fix manual deployment steps in Cohesity_API_FunctionApp.json. Updated connector description in createUiTemplate.json and re-created package. commit 03d5b8d68aaaabf2db88407347e390620b6a7983 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 13:11:54 2023 -0800 Add Cohesity logo commit c79d25164adc86a467e5d3e187c9c7e8e38842af Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 18:13:10 2023 -0800 Create package using v2 solution creator Also, moved the Solution file into 'Data' folder as it looks like that's the standard. commit e3d0f772cdac49f08a09913f9d36527ed5db65f5 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 17:29:53 2023 -0800 Change post deployment field in email to an array of values Also, add periods at the end of descriptions in all the playbooks. commit e8053f8b1c9fef0f0834cf37f3f00bbf25a939f9 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 15:55:32 2023 -0800 Add Cohesity in the title of playbooks and update readme accordingly commit da51a755a27cb4415b6c1efc30d69e730791ed55 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Feb 6 20:45:28 2023 -0800 Created package files with the new playbook Also, fixed readme to add the new playbook and some corrections. commit e94659171063a83ca891ebc138e612969d0934a9 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Feb 6 13:41:13 2023 -0800 Remove empty parameter from playbook as package validation fails commit 6c52f04bf8c1a87b4e504abcce115237e61b5220 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Feb 6 19:27:57 2023 -0600 Update readme.md Removed an extra dot commit 7af5db70561fc2c1e7b1d74947e161aec7c10a1f Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 6 10:00:51 2023 -0800 update/add some auto deploy related scripts. commit b5ffb7134481589da0beb3746d77fba1ce1843f8 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 6 09:52:36 2023 -0800 beautify this json file commit d00210396cb89f45cea45d47ecc4836c99f409f7 Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Feb 3 19:26:15 2023 -0800 Fix package download links and producer timer trigger Also, changed the function app packaging by removing top-level directory. commit 1a953226cf64afc0b238406e3e94fb1580b0f443 Author: Kishan Nerella <kishannerella@MacBook-Pro.local> Date: Fri Feb 3 12:51:48 2023 -0800 Add function runtime config and deployment url commit 8bfc80e4cd58c377e343a8e307d9a2a34f3a320a Author: Kishan Nerella <kishannerella@MacBook-Pro.local> Date: Fri Feb 3 12:13:42 2023 -0800 Create producer and consumer packages for deployment commit f45527acc1c89998eee11aa421377a14ea4ec956 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Feb 2 20:02:00 2023 -0800 Fix readme language commit eaf972c5170288be0e5c1ba43cf41d60969628c6 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Feb 2 19:55:37 2023 -0800 Fix links in readme files commit 7dbcd360ce6c3b40bad1de6095f6d355a9a31e61 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Feb 2 12:55:57 2023 -0600 Update Cohesity_API_FunctionApp.json Removed a wrong reference commit 85f916b3d50bf24fb02b675b25b21308392cd5d7 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 31 17:33:10 2023 -0600 Update Cohesity_API_FunctionApp.json Removed locale from the link commit bd24164805c493d20199db1faae38a14f043ea7f Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Jan 30 17:22:41 2023 -0800 Fix delete blob deployment URL and tags commit e6cab0c1135ab753775722083049f1eae7f2a37f Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:40:38 2023 -0800 add back folders with name begining in upper case. commit 9bca6381b287585e4e448e6b7680e5a2f0aed918 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:38:42 2023 -0800 delete those old folders with name begining in lower case. commit 38e30732c96e418b7394b01bbd0dcb00b3a5d99a Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:37:04 2023 -0800 uniform data input. rename folders to upper case prefix. add more test cases. commit 62429c630ae109a775026251829dd6652d7fe178 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:33:05 2023 -0800 uniform data input. rename folders to upper case prefix. add more test cases. commit 4a0baa24f13e0ad52c6fac91449040c819de3cfb Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Jan 27 21:02:12 2023 -0800 Add delete incident blobs playbook commit aca0d06a5022aac01e0e713bf8e57a04d76f5821 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 27 17:44:19 2023 -0800 add one new exported playbook, need to later add description, name, author, etc. add cohesity tool to export playbook. commit 79bb3a1fbe8fba031ffda0c3b75e6108c9d02d5e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 27 17:25:10 2023 -0600 Update Cohesity_API_FunctionApp.json Removed unnecessary coma commit 331342e06349501d5aba8a9e3e1d17a0c8ff0e88 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Sat Jan 28 02:17:57 2023 +0530 Reviewed doc Reviewed for style and language commit f5ce722a37566212ed90ff7562012f0deb702e7a Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Sat Jan 28 02:12:12 2023 +0530 Reviewed the doc Reviewed for style and language commit 047a772779550a5edc30428c1df004b3b0abcaf5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Jan 26 17:51:02 2023 -0600 Create Cohesity_API_FunctionApp.json First version of data connector file commit aee525ee71b1995bc7087d6b091c0e1f36ad87ce Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Jan 26 17:38:11 2023 -0600 Update readme.md Typo commit 011848f908fd9ce07a261a864ba8ac9e969f1df0 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Jan 26 15:13:52 2023 -0800 Remove pre-requisited from CloseHeliosIncident and Restore playbooks commit 65180bee333f86de2c4fd14d7cef5e45a26704b3 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 25 17:20:47 2023 -0800 add test case for playbook: Cohesity_Close_Helios_Incident. commit 9e22aacb3c7372ca7be444bc3ac53e4af9c7ca73 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Jan 25 14:47:31 2023 -0800 Add user role related info to playbook readme files commit dea9ed121034fec3f6c27bfc03fe6d45a98945a6 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 24 17:14:06 2023 -0800 a decent fix for the dup issue by Eugene. commit 66c1136590967efb139aa2e3fd7debe72fbf3933 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 24 13:42:41 2023 -0800 a temporary fix for the duplicate incident issue. will try to add some automation tests to verify: 1: has incidents generated. 2: no duplicate and then find a decent fix. commit 3338fe0c4dc77c30ccf7780fd526e997683606a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 24 15:11:50 2023 -0600 Update azuredeploy.json Added link to the prerequisite details commit e563f5ff1eb065d58e63533d4afb40c5f0e4f9ce Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 24 15:09:26 2023 -0600 Update azuredeploy.json Added link to prerequisite details commit 956a4e44371144b22925009b02a5a009db5c4797 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 03:06:04 2023 +0530 Doc review Reviewed doc for language and style commit 9c6e3cffbc659023a2456125d83f0161451ac9a1 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 02:58:14 2023 +0530 Doc review Reviewed for language and style commit dc847550980ac19f14c9d1f348443ca5e57c5a86 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 02:46:15 2023 +0530 Doc Review Reviewed for language and style commit 2069d81a441a25775bf8c38ca0a2241676f87b3d Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 20 11:06:13 2023 -0800 clean the codes. commit edc60d45ab75373d1c771f550616602e92791ede Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 20 10:26:19 2023 -0800 add feature: TestAlertToQueue commit 28efdb81d136e80fa0ad2f79e4cdd7b8d61ca56b Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 19 15:46:24 2023 -0800 clean some codes. commit eb86fbf97d28026c9ad96d243b1b4fe2b41af556 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 19 14:05:22 2023 -0800 Fix some warning, retire some obsolete codes. commit fe35840043aadbe44b3f21b63ff248cf1be3967a Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 18 17:08:17 2023 -0800 fix some compilation warnings. commit 8fae6744b2f67494fbe4619ffeff8d62973dbf24 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Wed Jan 18 16:04:32 2023 +0530 Reviews Edited content for style and grammar commit 2bec432bd4a047bdc994c8c7ebe2c8e239fc1c4e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:33:30 2023 -0600 Update azuredeploy.json Updated metadata commit c97b56befe48ec5804bc738a843b4385869fd10e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:29:18 2023 -0600 Update azuredeploy.json Fixed quotes commit c3b07a1ed51fa810ebf3c3d4cc5b9d714cf438fc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:25:09 2023 -0600 Update azuredeploy.json Fixed typo commit 04289abf2cb4926da8c705b6bd9b6911ca73587d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:23:34 2023 -0600 Update azuredeploy.json Added metadata commit 8e139c0072c79557fb3f14b2ba9f59befc8cfeb9 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 11 10:27:54 2023 -0800 update text from 'Azure Sentinel' to 'Microsoft Sentinel' commit 94270ea0f0bb549f6a963ea40ebc7107f9e38f21 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 10 15:21:44 2023 -0800 remove BlobStorageConnectionString for duplication. remove a dup try catch. commit 199f5a140dd318095a1d2eaf7188a331da1258e3 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 10 11:07:38 2023 -0800 update the Function Apps to use env instead of secret for variables. fix some properties in azuredeploy.json. commit 7bb4f9341f949369c05ff44e38253f69d283bb2a Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 17:51:04 2023 -0800 small fix in script. commit d43cfccf320eca66bbb8f94eac77198dbaf04434 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 14:25:35 2023 -0800 update deploy scripts. commit 05f45be3853adde4bf9f82d68c6c654615f3ad85 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:11:45 2023 -0600 Update readme.md Fixed a typo commit 6155c4e0f7fdee7afdbcdfe72dccd08bad8d9c5a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:08:20 2023 -0600 Update readme.md Updated the instructions to reflect the new deployment script commit 98347394d8af51d997359c310f5e7335392c8680 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:07:16 2023 -0600 Update readme.md Updated the instructions to reflect new deployment steps commit 607b64f197fb8a914165f6482c954232409e93fb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 13:49:24 2023 -0600 Update readme.md Fixed a typo commit db7be2ab9188b4d6d2a9e1cc960321a71d921d8e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 13:44:56 2023 -0600 Update readme.md Polished language commit 8371bf109edb915a78307e4f35af74891e614ae6 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 10:45:15 2023 -0800 update azuredeploy to host on windows OS. add deployment related scripts. update the readme file. commit bc64f554f27e8a32558b5b66ab455294ee8e620a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 11:38:53 2023 -0600 Update readme.md Updated publishing instructions commit de74f40e18f9c890f66f516d4463c1cb14e07a97 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 5 14:21:11 2023 -0800 change to windows host to workaround the AzureWebJobsStorage error issue. commit 5a1daf5b3cc1eb7637c2b9213de051769b2d96c9 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 4 15:57:42 2023 -0800 small fix in azuredeploy.json commit d9cdca1acb1c2fc26b335bac98d6747371413cf4 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 4 15:54:46 2023 -0800 add DefaultEndpointsProtocol to azuredeploy.json commit 688ca03cb660a3a855913cdcb9313ba5fdf2b8cb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Jan 4 15:58:33 2023 -0600 Update readme.md Updated pre-requisites and troubleshooting steps commit a286f9c06418c619d1f9b1ca9938e965d4ec4ea5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Jan 4 15:42:56 2023 -0600 Update readme.md Updated prerequisites and troubleshooting details per MS code review commit 208d1f3d73001fdfd3bef7ea4d99453063b7175d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 3 17:49:26 2023 -0800 beautify this json file. commit 92de7c93bb4df329925bd67c4809996eaf694a80 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 3 17:48:57 2023 -0800 beautify this json file. commit 02bb9f3da89e7da8cf634dae5bae5a8732c29bb9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 17:07:12 2023 -0600 Update readme.md Updated deployment instructions to reflect that keyvault is now a managed connection commit 9386f5c8fc2636af920c2d91a5d9d66517de8f56 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 16:56:46 2023 -0600 Update azuredeploy.json Fixed container name commit 748937fe2035ba8877006141da6985367e8081a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 16:09:35 2023 -0600 Update readme.md Updated instructions to reflect the new deployment steps commit 3fdcfd398ba5ec273b2669a3ff2a6941cbce54a9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 15:45:13 2023 -0600 Update azuredeploy.json Made KeyVault managed connection with the predefined Keyvault name commit 0d4a8fabf9fab804d49ae6f6b4fb10e2f05d785c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 10:43:18 2023 -0600 Update azuredeploy.json Added Keyvaultname as a connection parameter commit 52a92c57ab077249e7e32aa251476f85abecdea9 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 23 15:55:50 2022 -0800 update the managedApis. commit 3b671431946ffee40a95c5d6ae917074e3d1e872 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:33:47 2022 -0600 Update azuredeploy.json Removed managed identity from Blob commit 978af21d84fc4fc462e3b4dcdb7634e0717b5045 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:30:04 2022 -0600 Update azuredeploy.json Testing managed connection with Azure Blob commit 4d3b80361763c3202234a349512ad55e2670e57a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:23:47 2022 -0600 Delete incident_producer_azuredeploy.json Deleted file that I created for test purposes commit be1f06e1b8733d353481c844b7dff7b3de9117ad Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:19:39 2022 -0600 Update azuredeploy.json Changed prerequisites commit cce48babe94de2598891538f1196b629a903e5d8 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:15:25 2022 -0600 Update azuredeploy.json Added metadata to the deployment wizard commit c59d740aff4b104504ea999d2b507717ccd4fc4e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:11:59 2022 -0600 Update readme.md Changed deployment instructions commit 7b4cb687b11173032a761d652a00767d2d55b084 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:10:33 2022 -0600 Update readme.md Fixed a typo commit 0a0604e23d21ab691e4cebdfc6af6b326531c1ef Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 13:27:00 2022 -0600 Update readme.md Added info about authorization commit a91e642e9288513681a42816e35e0892c0c44a56 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 23 11:26:54 2022 -0800 some small change according to the comments. commit 57f27beb00a17d25118bb29ecbde2de7420db714 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 13:19:42 2022 -0600 Update azuredeploy.json Removed managed identity from Outlook commit d84dfd4e1fd67560cc55edaf294817f0e540557f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 11:03:10 2022 -0600 Update azuredeploy.json Fixed a typo (",") commit eb38749daf730775b6b5b3c2105476a5961aed70 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 11:00:35 2022 -0600 Update azuredeploy.json Added metadata and made Outlook connection type ManagedServiceIdentity commit 3b526dedd207d181db5beea74a4bc3f8dc5f4868 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:51:55 2022 -0600 Update readme.md Updated with consideration of a new ARM template for Azure function config deployment commit 2b7fa46d117f0f0777d25f6376c1c877165df3eb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:25:38 2022 -0600 Update azuredeploy.json Fixed type "," commit 6bd4f29dd61e4eff16a4feeeca0e974e041d89d3 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:24:16 2022 -0600 Update azuredeploy.json Added metadata commit d993c87642efb1cef144bfeb41c497531b2e27a1 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:18:03 2022 -0600 Update azuredeploy.json Updated metadata commit 4fd3aaf0bc9f15c5536fe27644b21a823a7300b4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 09:44:48 2022 -0600 Delete func_azuredeploy.json This is a temporary file that was created by mistake. commit 4c32629bca96318c4fe8f731d78d3709d3c3f836 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:56:10 2022 -0800 update the csproj files commit 3d1e443984cd2e917a9208d28fa8df4c6d9c4830 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:51:36 2022 -0800 update the csproj files. commit 1bb53f3db70f5c86abaf14f4e56d8337dd266344 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:49:02 2022 -0800 change to read from key vault intead of env. commit e89a55ae22ae9b0ad48033fd0cc2c99dea78cbd4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 22 14:09:01 2022 -0600 Update readme.md Added button to deploy the functions to Azure. commit d3ef3bd69760acbd0febb547cc76eb5323cc5877 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 22 14:03:17 2022 -0600 Create azuredeploy.json ARM template for deploying both Azure functions. commit 979c7d3c7d29d8a69891808d61cb3719bf8cefe2 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 21 19:38:28 2022 -0800 retire redis in IncidentProducer add Anomaly Strength in description re-organize the codes commit ac0ae888d48f2032827ec5a2a577f93c008fd0d0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 19:33:30 2022 -0600 Update readme.md Returned the reference to the Restore playbook commit 8f0536ea15bb5de6373024e412f3f78658b96e9d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 17:23:58 2022 -0800 update the readme files. commit 2c7eb694bc41153566f22b51115490b5551d6fc1 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 17:01:30 2022 -0800 update these 2 package files. +++ ./Solutions/CohesitySecurity/Package/createUiDefinition.json +++ ./Solutions/CohesitySecurity/Package/mainTemplate.json commit 4520fcb7fdbe7c1f8d2619ba314a7a00a9137bfb Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 16:49:04 2022 -0800 update these 2 Playbooks: ./Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json ./Solutions/CohesitySecurity/Playbooks/Cohesity_CreateOrUpdate_ServiceNow_Incident/azuredeploy.json commit e13cc5a80f376d76c6df8f49c788f00e21510657 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 17:27:36 2022 -0600 Create incident_producer_azuredeploy.json Initial version of the IncidentProducer Function App commit 0d2c1d1b534a844607149b46e8ac8f7c38310825 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 15:44:46 2022 -0600 Create func_azuredeploy.json Test Azure func deploy commit db241debae8d5d4f226dcca6e4f0eda712721ae3 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 13:10:35 2022 -0600 Update readme.md Added instructions about connection authorization commit 7b950bcce0745708ff4b62c36a04599801e34ceb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 13:06:47 2022 -0600 Update readme.md Added connection authorization instructions commit 4e38c1cca6336d3b9c97039a7cda9e8e2c122f72 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:48:49 2022 -0600 Update readme.md Fixed broken links commit c454187a07654d6a293f57641b6d33db0367e6c7 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:42:53 2022 -0600 Update readme.md Fixed broken links commit 138ce8147da4d339633afdaa46a6cc0401920959 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:36:24 2022 -0600 Update readme.md Fixed broken links commit d9a069e6c948698b735acd441af5c91426460388 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:27:31 2022 -0600 Update readme.md Typo. commit 6b73ea2794d07fe2e635e3526212d9c94c8b8099 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:27:13 2022 -0600 Update readme.md Add info about skipping steps if the API key is already stored in the vault. commit 829395b3aea5d420622c4fea04906836be74d1e1 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:22:41 2022 -0600 Update readme.md - Added info about creating an automation trigger for closing SNOW tickets commit 0249a4383ae9053cc29b4b5140d139ed63d1956f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 09:57:33 2022 -0600 Update readme.md - Replaced Helios with DataHawk + a few other formatting changes. commit 617395e1914de1dcf5224be2abbedb79683dc763 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 09:50:57 2022 -0600 Update readme.md - Fixed broken links - Added info about the Cohesity Close Helios Incident playbook - Did some formatting commit c371a4644d05843114675cfae6b0521041be3e95 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 21:43:53 2022 -0800 + "Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json", commit 5b8a57d500862899b03cd847ce03d7b377b6a9ee Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 22:00:52 2022 -0600 Update readme.md Added specific name for the playbook commit d48f6f273414fa4b135e3724c47568f708f3aac2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 21:59:47 2022 -0600 Update readme.md Added specific name for the vault commit 864b714422baa0eceb005751604b691f7e16c59e Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:21:06 2022 -0800 +++ b/Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json +++ b/Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/readme.md commit fffc00bd40a4b743a29a4e905c11343e7c7d02de Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:13:15 2022 -0800 fix the extra "\" in readme files. commit 4923932eb14f14623a148fe86145dbf86c8812af Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:04:32 2022 -0800 rename from "Solutions/CohesitySecurity/Data\\ Connectors/ rename to Solutions/CohesitySecurity/Data Connectors/ commit ef5279c6eb7d2b1b1940e9cb48eb783602737c11 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 19:47:16 2022 -0600 Update readme.md Typo commit 94e4bdfe643acb573a1c2c771ce62086d475acd7 Merge: 2e21ed5ed 6d788faf0 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 17:26:43 2022 -0800 Merge remote-tracking branch 'cohesity/CohesitySecurity.internal' into CohesitySecurity.internal commit 2e21ed5edf18e34d32b618465c5d137fbc184ba9 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 17:26:26 2022 -0800 rename from DataConnectors/CohesitySecurity/Helios2Sentinel rename to "Solutions/CohesitySecurity/Data\\ Connectors/Helios2Sentinel update to use keyvault instead of apiKey from env. rename some playbooks. commit 6d788faf0f448b33ac505db4a1c982a08dcd06ad Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 19:22:01 2022 -0600 Update readme.md Updated info related to using the KeyVault to store the API Key. commit 2eb03064da4d07aef5a2c6fac6d41143cebb9b94 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 16:31:57 2022 -0600 Update readme.md Updated instructions for SNOW playbook to create automation rule for closing SNOW tickets. commit 8295c49fd69245ececfa08b9d5877428930de713 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 12:13:14 2022 -0800 rename playbook from Incident_VM_Playbook to Cohesity_Restore_From_Last_Snapshot update to read the details from blob storage. commit 1a2df6f10c514da74300b1a2a850c4b5dfd5fb4a Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 16 10:37:58 2022 -0800 parameterize the containerName take back the multi-thread implementation of ParseAlertToQueue commit a3da7f4d4382060342c448a7df0e08c43e343fee Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 15 18:17:20 2022 -0800 add the vm playbook related parameters into blob storage in IncidentProducer. commit 6899e05da662c496a412c262fca3f0f835cd7519 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 12:17:01 2022 -0600 Update readme.md Added info and new steps for the API key commit 0dda5f371b016fa28ec7e4f476171da9973e5c3c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:32:08 2022 -0600 Update readme.md Updated with the info about adding the automation rule. commit fb94db0ee57e8e1398f14590615db1de4ee42353 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:27:17 2022 -0600 Update readme.md Added link about editing connections commit bb844f6a6e86d8ec763ef858ae8d08b5ef37ae30 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:25:30 2022 -0600 Update readme.md Added a step about adding SNOW credentials commit f5efccdf5178d6e2552c0f4dde54a5528368ff1d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:12:46 2022 -0600 Update readme.md Added steps about connection authorization commit a7fde185bc5b3250b58b5b225642f55a6505863f Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 14 11:33:21 2022 -0800 update the Cohesity_Send_Incident_Email Playbook commit 53ab7909287d9141ad936e60cc7f30756a80135a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 20:12:54 2022 -0600 Update readme.md Added troubleshooting section commit 38fae0f6ee8e8ca732dc2168ccbab610b1925f91 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 19:26:41 2022 -0600 Update azuredeploy.json Added "My" to distinguish template from the actual playbook commit 2c5e09ecde3e3251ba111da81fc983d794977b01 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 19:25:50 2022 -0600 Update readme.md Fixed link to the Cohesity_Send_Incident_Email template commit 542d3622af65da620038e1ab69416f990063bbcc Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 13 17:12:01 2022 -0800 further remove the locale in readme.md rename and sync to the latest Cohesity_Send_Incident_Email Playbook commit 5ef898ebcd7c503ee58518e8faa15b23a9a9010e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 18:36:01 2022 -0600 Update readme.md Removed en-us locale from links commit df0261d7ff646c304381b10595cd66d6dbf501e9 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:39:03 2022 -0800 fix typo. commit 3cbc054f560096ff6a152ac8c4cfe6c86c993795 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:22:53 2022 -0800 update the host.json for queue policy. commit 5c975aa3bd8045e8e913b4cf2f86dddd0035f226 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:11:29 2022 -0800 delete these 2 not in use files. commit 34d4b4ea72e6055cbe0724b196ee87cb61bd5de0 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:01:47 2022 -0800 avoid recursion in catch. move FixedDelayRetry into host.json file. commit a5675c32eca3a8b7006585e4985403430e28a67e Merge: e4316deb4 24fdabb0d Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:43:06 2022 -0800 Merge branch 'CohesitySecurity.internal' of ../../BareReps/workspace/Azure-Sentinel1 into CohesitySecurity.internal commit e4316deb49a3514edbd112305ced244f37ce4aad Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:43:06 2022 -0800 fix the indent issue. commit 24fdabb0d5ce75cb4f6c587ff4df6ccdf2331702 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:39:58 2022 -0800 n commit 91a8b155d839783e4b3977ced1738f9916fc4edb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:19:21 2022 -0600 Update readme.md Formatting changes commit eba35f847f4759335c94d8776169856effe1bdf2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:18:44 2022 -0600 Update readme.md Formatting changes commit 4922249d7c41619c0ea86c1dd7e8bc93228b8c8b Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:17:32 2022 -0600 Update readme.md Updated links to individual deployment instructions. commit d0504d30064fef632d91cdac07d8cded6941a787 Author: Ying Huang <ying.huang@cohesity.com> Date: Sat Dec 10 22:47:59 2022 -0800 add lock to protect the queue in multi-thread scenarios. commit 79216fa51eaccf5ed0fe6b460cc00ca9f43ff9f2 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 9 16:27:40 2022 -0800 update readme file to add introduction about CohesityQueueName. commit 3684302ebd5cd47a4df31adcef34f984182eacf6 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 9 16:07:24 2022 -0800 moving the try catch logic up. Add FixedDelayRetry for QueueTrigger. commit 2bb8bdb2dff613feaf76bf76c91b124ad40aec29 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 9 09:46:22 2022 -0600 Update Solution_CohesitySecurity.json Changed per Microsoft review commit 2e4cd092da35eac529ad40cf13965891bcd23e7a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 9 09:40:25 2022 -0600 Update SolutionMetadata.json Changed per Microsoft code review commit 4f9275a6c72fb1a3c43e954187aa78b03ef7933e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:30:33 2022 -0600 Update readme.md Adding a testing step commit 0e6eef68994005f3910d9ea1f19316568ed605f4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:22:54 2022 -0600 Update readme.md Added more testing instructions commit 868e8aff161f4545303844273885bfaf80f1f850 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:17:29 2022 -0600 Update SolutionMetadata.json Formatting changes commit 2681e4e2104e1b3bb9fdcc2a306396402a55c2a5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:16:47 2022 -0600 Update SolutionMetadata.json Expanding categories and updating support info commit 456cde77cf36f57505d799ae641e4b0860801837 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:11:55 2022 -0600 Update readme.md Polished text commit e7596e2376153ff6a5a9e304f78d7ef44b6566a0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 19:51:46 2022 -0600 Update Solution_CohesitySecurity.json Added product description commit 3b0d6cae138980f4c2b0689e743a14729ce8f5cd Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 8 17:49:44 2022 -0800 obfuscate the CohesityQueueName multi-thread improve ParseAlertToQueue function commit 6a010359f4fc1bf4452b0ad82f473bb89115e4e2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 17:34:47 2022 -0600 Create readme.md Final version commit f062e826cc2f7aad7c71303f74b5343c6b7ba0de Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 16:39:52 2022 -0600 Update readme.md Fixed typos commit 16dd47d262e6e8af7bd0154049f6516be88ecf03 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 16:32:18 2022 -0600 Update readme.md Complete version commit 1cc3573c4652b5b37fcbcd390d60290d83390991 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 13:45:14 2022 -0600 Update readme.md Typo commit 882e06b81c24a3f066362e25d163c03727476f8b Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 13:09:45 2022 -0600 Create readme.md Initial commit commit a3604698a1cbadefb5c4eab32160ef378bb93eb6 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:55:06 2022 -0600 Create readme.md Initial version commit a3691ffe3cd4c566dc7ff19fbf25890367e4c893 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:27:32 2022 -0600 Update readme.md Removed unnecessary parameter commit b54d3775058650cfdcd55b5f53b32eb183e1a4cc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:26:47 2022 -0600 Update readme.md Formatting changes commit 7a1d5c44c6b3928a8c19d09b29516f4bd9e03c3f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:22:17 2022 -0600 Update readme.md Corrected typos commit beba853c334afcc41c41b9cba573a0017114054f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:05:11 2022 -0600 Update readme.md Corrected the URI commit f57caf6c0e43e3c367c756e53c686919bdb33a31 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:03:07 2022 -0600 Update readme.md Initial version commit e6456173f4d0cde1d28279c995fca17f4210764e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:45:53 2022 -0600 Update readme.md Added formatting commit 776e8f5f9f77360dc5944bb0ea42683e66244c57 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:45:12 2022 -0600 Update readme.md Completed the description commit 9f32298f3f806649e3f7e892ba3b8d38f163d9bb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:12:00 2022 -0600 Update readme.md Initial version commit 124d09ab973d57965a14011be1acd5d05feeedef Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 10:57:08 2022 -0600 Update readme.md Added word Cohesity to the playbook name commit 72ffa6e79eb3f3bee7b6603bc576222d59701120 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:55:55 2022 -0600 Update readme.md Formatting changes commit 63d91a5d6a0351db688cf5442d39c78dcaf76440 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:48:38 2022 -0600 Update readme.md Updated ARM template commit 9778263e071c5813200c46f27fffaebfbcefbd08 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:37:38 2022 -0600 Update readme.md Trying new URI format commit 30630efe42cf7ef46f5af74d7042c5db5f851389 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:30:39 2022 -0600 Update readme.md Changed URI again commit 0622eba625495e163e2b36a249a550728100ab42 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:29:04 2022 -0600 Update readme.md Changed URI for ARM template commit 6b33b2525f6df624af25f80762463876ddfdd5d5 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 7 17:15:05 2022 -0800 obfuscate the values in local.settings.json files. rename cohesity.config to cohesity.json, and update the build.ps1, readme.md. The github/codeql-action/autobuild keeps failing, but DataConnectors/CohesitySecurity/Helios2Sentinel build succeeded, as shown in following log. thus will disable the autobuild work flow. ============================= MSBuild version 17.4.0+18d5aef85 for .NET Determining projects to restore... Restored /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj (in 241 ms). Restored /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj (in 241 ms). /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.cs(65,34): warning CS1998: This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread. [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj] IncidentProducer -> /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/bin/Debug/net6.0/Helios2Sentinel.dll /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(30,32): warning CS0618: 'AuthenticationContext.AcquireTokenAsync(string, ClientCredential)' is obsolete: 'Microsoft.IdentityModel.Clients.ActiveDirectory is deprecated and replaced with Microsoft.Identity.Client. To migrate a daemon application, or service to service flow, see https://aka.ms/adal-to-msal-net/daemon' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(39,51): warning SYSLIB0014: 'WebRequest.Create(Uri)' is obsolete: 'WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] IncidentConsumer -> /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/bin/Debug/net6.0/IncidentConsumer.dll Build succeeded. /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.cs(65,34): warning CS1998: This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread. [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(30,32): warning CS0618: 'AuthenticationContext.AcquireTokenAsync(string, ClientCredential)' is obsolete: 'Microsoft.IdentityModel.Clients.ActiveDirectory is deprecated and replaced with Microsoft.Identity.Client. To migrate a daemon application, or service to service flow, see https://aka.ms/adal-to-msal-net/daemon' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(39,51): warning SYSLIB0014: 'WebRequest.Create(Uri)' is obsolete: 'WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] 3 Warning(s) 0 Error(s) Time Elapsed 00:00:03.65 commit 48a92fa01538c5f9682cf85ec863fee7034db2bc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:56:38 2022 -0600 Update readme.md commit fff7b50eef941fc31baaf0132fabc2a5c8be4580 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:55:03 2022 -0600 Update readme.md URI test commit d9e31f7740e6848b76bb8fb52b23aea4d447717d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:53:17 2022 -0600 Update readme.md Another link test commit d2c11aa620bfc8f677de973a4781997349e9573c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:49:15 2022 -0600 Update readme.md Another URI test commit 4af3e3078bc46faae5f25ae60db23add4dc64f1e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:48:19 2022 -0600 Update readme.md Trying different link commit 3137eb24dbd9c65b11d9893f15b749bfacebc503 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:40:02 2022 -0600 Update readme.md Changed URI commit 2483ea6d37e3073fd9af84ece13a9bfacf0efa0b Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 7 13:31:11 2022 -0800 --- ./Solutions/CohesitySecurity/Analytic Rules/RansomwareAlert.yaml --- ./Solutions/CohesitySecurity/Data Connectors/helios_connector.json +++ ./Solutions/CohesitySecurity/Package/createUiDefinition.json +++ ./Solutions/CohesitySecurity/Package/mainTemplate.json update the build script. commit fefdf8cfd2bedde33c8f9e866653cee2a2fd5ee0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:25:13 2022 -0600 Update readme.md Testing ARM commit 19ec494e83bb4ddbf7f987e89d90597282fdf247 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:18:22 2022 -0600 Update readme.md Corrected playbook description commit 59cd9b5250fb8fe40cf8cba981f426562aadcd90 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:04:28 2022 -0600 Update readme.md Added TBD for package directory commit 66bdab4f47ce3a10b3f9520c8a8a5302a9dc3c7c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:02:15 2022 -0600 Update readme.md Fixed typos commit cd7ec9fd1da7147aaa9adf3bd9308a44a877ad1f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:00:08 2022 -0600 Update readme.md Minor fixes commit 7ba845641f2ee7eef676988e82f53c221bb4e28a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:45:22 2022 -0600 Update readme.md Deployment steps corrections commit e6dd9c5fce55658a1ef567f8666252421c922828 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:42:44 2022 -0600 Update readme.md commit 29ca436444bcc5cb2da9df46790533969402d4d5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:41:33 2022 -0600 Update readme.md Setting ref line commit b1301e2b6ee1513f5c7d6c7fdd02f071279773fa Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:40:34 2022 -0600 Update readme.md Fixing URL again commit 6d7012c1b57ab0232a9963345d2b68d55b1b4639 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:39:11 2022 -0600 Update readme.md Fixing build instructions URL commit 098e27bbf719ed680bbbec1da5698d8fe7e4bbca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:36:40 2022 -0600 Update readme.md Escaped URL commit 61ea1d567270fb2c0056ed766771050165898d27 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:35:11 2022 -0600 Update readme.md Fixed step #1 commit 0d071a0b695060caffdf0a28f00d2dae927fb5ca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:34:04 2022 -0600 Update readme.md Typo commit 028950c162cd7c3fbe21d3f4daeaa980da6be8ca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:33:26 2022 -0600 Update readme.md Fixed link for the package directory commit 15af0de66deecf90fc0d631300cd031c20174090 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:31:25 2022 -0600 Update readme.md Added references to other deployment instructions commit f7e5af2070474d57a0233b238a864e3c37d422dc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 11:30:56 2022 -0600 Update readme.md First draft of deployment instructions commit b83e93aea069b80ff535acaa69149e37f900e3da Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:29:02 2022 -0600 Update readme.md commit 372ae3e17ed3e21ec5958a6619071d1a9db96564 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:26:25 2022 -0600 Update readme.md commit e6b15a5793fe2736c42293c3d2d3d7d8af140cd9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:18:30 2022 -0600 Update readme.md Updated link to Azure deployment commit 3447201611a96ce8b4989483c385877b798016a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 18:56:16 2022 -0600 Update readme.md Added link to the playbook template commit 36c776fd5b20c27ab9b6668c4c12d3ff89621de5 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 2 15:54:33 2022 -0800 Just initialize this new branch for Cohesity internal collaboration/review.

commit 2fbfbbbc09dab94d0418561d75bd72f7517030df Author: Kishan Nerella <11820638+kishannerella@users.noreply.github.com> Date: Wed Mar 15 12:27:05 2023 -0700 Fetch alerts in a large interval and cache them to avoid missing them (#9) Fetch alerts in a large interval and cache them to avoid missing them Helios can insert alerts because of which Producer may miss alerts because Producer only fetches alerts in the last 5 minutes. This period is now increased to 24 hours and a blob is used to store the previous alert ID to avoid pushing duplicate alerts in to the queue. commit b8c1e29d2560049820487b417bd174427bb0edc7 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Wed Mar 8 13:43:11 2023 -0800 add test cases, to do match up test between sentinel and helios. (#8) Add test: Match up test between Sentinel and Helios. commit 4b2bc0cc248f326e62aebd132626b44e15cbacb6 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Mar 1 17:23:17 2023 -0800 add this file, for further customization. +++ ./Solutions/CohesitySecurity/Tools/createSolutionV2.ps1 commit 9cba831803a72179ac0f6ce71af90127e686bbc0 Merge: 40ad85f0e a75b98838 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Mar 1 12:58:40 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 40ad85f0e1968d380d28115bca8c7ff592f76b75 Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Feb 24 16:50:48 2023 -0800 Added status to the incident to allow Welcome incident creation - Fixed startDaysAgo parameter usage in function azuredeploy.json - Replace ApiKey in blob key to a static value. - Removed ApiKey references in the logs. - Changed the status of the incidient to "New" always as we only query for kOpen alerts. - Refactored the code to have incident creation at a single place. commit ab333b79b112e47d9d44834762c97f2b8acad934 Merge: 878871468 3af5f111d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Feb 28 13:58:11 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 878871468e45b65faed668b606025987dd2659f5 Merge: 9a961ab2a 4ed65ef71 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 27 16:27:00 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 9a961ab2ac3d0a4d5cd7dfa117c98a70373e53ce Merge: 38a0bbd01 4e53f5de0 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Feb 24 10:45:17 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 38a0bbd0113ba0b42d18a87faa9bce7fe31779e4 Merge: b768cab7f ed943622b Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 23 11:16:06 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit b768cab7f3636d8ab9bcc103afea7062bcaeecdc Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 22 18:25:53 2023 -0800 Fix the required permissions and role for the Azure AD app commit 474253f2bf90fb2be70de63f48fa22579028610c Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 21 11:49:26 2023 -0800 Regenerate package with v2 solution creator and updated partner info commit 44e2f1b7921cccbe0ca1cabb52df3e45b3d0d82b Merge: 12ec703ac 284f45dc7 Author: Ying Huang <ying.huang@cohesity.com> Date: Sun Feb 19 22:49:30 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 12ec703acecd71fe81a218dc0de0ea293f04907b Merge: 4243ee149 3d8a1cbdd Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 16 16:08:39 2023 -0800 Merge pull request #5 from cohesity/audo_deployment fix to the serverfarms Conflict issue. commit 4243ee1498650ae062034f5b04a267e906c0dd20 Merge: dcd835bd2 5127b80fd Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 16 16:08:04 2023 -0800 Merge pull request #6 from cohesity/build update the build related stuff. commit 5127b80fdeae73342ce5c74e98499fb358137454 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 16 14:55:44 2023 -0800 add this file, but which still not working yet. ./Solutions/CohesitySecurity/Package/mainTemplate.json.sh update the build script. commit b4b7dcce8c80a788b36e2560eed301a479dc0884 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 16 11:19:41 2023 -0800 update the build related stuff. small change to metadata. commit 3d8a1cbdd19cea118e497b00802855b75705f1d0 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Feb 15 11:03:21 2023 -0800 fix to the serverfarms Conflict issue. small update to the deployment script. commit dcd835bd2a13b8dcd336985560c6503fffbd6811 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:58:34 2023 -0800 Re-create package with version 2.0 and updated URLs commit 26b81b758dedaecd41a179197dfc8ec0f28c7cde Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:54:10 2023 -0800 Replace github URL to Azure from Cohesity commit 2f3e379183d7caf1c71f6d5fb4e0ccb6071427a4 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:16:52 2023 -0800 Remove manual deployment option, change version and URLs commit 3eb7ffc7aae1590043f4cea4f8e72ceffa57aee9 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 9 11:13:27 2023 -0800 Zip (#4) Add producer and consumer packaging scripts commit 724bd4b85ed9acc1caf564466b074a53a69fd546 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 16:55:25 2023 -0800 Renamed function app package name and location commit 8a2a67073b318300cec969d745eeaba9dee41179 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 14:02:55 2023 -0800 Add logo to solution Also, fix manual deployment steps in Cohesity_API_FunctionApp.json. Updated connector description in createUiTemplate.json and re-created package. commit 03d5b8d68aaaabf2db88407347e390620b6a7983 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 13:11:54 2023 -0800 Add Cohesity logo commit c79d25164adc86a467e5d3e187c9c7e8e38842af Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 18:13:10 2023 -0800 Create package using v2 solution creator Also, moved the Solution file into 'Data' folder as it looks like that's the standard. commit e3d0f772cdac49f08a09913f9d36527ed5db65f5 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 17:29:53 2023 -0800 Change post deployment field in email to an array of values Also, add periods at the end of descriptions in all the playbooks. commit e8053f8b1c9fef0f0834cf37f3f00bbf25a939f9 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 15:55:32 2023 -0800 Add Cohesity in the title of playbooks and update readme accordingly commit da51a755a27cb4415b6c1efc30d69e730791ed55 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Feb 6 20:45:28 2023 -0800 Created package files with the new playbook Also, fixed readme to add the new playbook and some corrections. commit e94659171063a83ca891ebc138e612969d0934a9 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Feb 6 13:41:13 2023 -0800 Remove empty parameter from playbook as package validation fails commit 6c52f04bf8c1a87b4e504abcce115237e61b5220 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Feb 6 19:27:57 2023 -0600 Update readme.md Removed an extra dot commit 7af5db70561fc2c1e7b1d74947e161aec7c10a1f Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 6 10:00:51 2023 -0800 update/add some auto deploy related scripts. commit b5ffb7134481589da0beb3746d77fba1ce1843f8 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 6 09:52:36 2023 -0800 beautify this json file commit d00210396cb89f45cea45d47ecc4836c99f409f7 Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Feb 3 19:26:15 2023 -0800 Fix package download links and producer timer trigger Also, changed the function app packaging by removing top-level directory. commit 1a953226cf64afc0b238406e3e94fb1580b0f443 Author: Kishan Nerella <kishannerella@MacBook-Pro.local> Date: Fri Feb 3 12:51:48 2023 -0800 Add function runtime config and deployment url commit 8bfc80e4cd58c377e343a8e307d9a2a34f3a320a Author: Kishan Nerella <kishannerella@MacBook-Pro.local> Date: Fri Feb 3 12:13:42 2023 -0800 Create producer and consumer packages for deployment commit f45527acc1c89998eee11aa421377a14ea4ec956 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Feb 2 20:02:00 2023 -0800 Fix readme language commit eaf972c5170288be0e5c1ba43cf41d60969628c6 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Feb 2 19:55:37 2023 -0800 Fix links in readme files commit 7dbcd360ce6c3b40bad1de6095f6d355a9a31e61 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Feb 2 12:55:57 2023 -0600 Update Cohesity_API_FunctionApp.json Removed a wrong reference commit 85f916b3d50bf24fb02b675b25b21308392cd5d7 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 31 17:33:10 2023 -0600 Update Cohesity_API_FunctionApp.json Removed locale from the link commit bd24164805c493d20199db1faae38a14f043ea7f Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Jan 30 17:22:41 2023 -0800 Fix delete blob deployment URL and tags commit e6cab0c1135ab753775722083049f1eae7f2a37f Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:40:38 2023 -0800 add back folders with name begining in upper case. commit 9bca6381b287585e4e448e6b7680e5a2f0aed918 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:38:42 2023 -0800 delete those old folders with name begining in lower case. commit 38e30732c96e418b7394b01bbd0dcb00b3a5d99a Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:37:04 2023 -0800 uniform data input. rename folders to upper case prefix. add more test cases. commit 62429c630ae109a775026251829dd6652d7fe178 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:33:05 2023 -0800 uniform data input. rename folders to upper case prefix. add more test cases. commit 4a0baa24f13e0ad52c6fac91449040c819de3cfb Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Jan 27 21:02:12 2023 -0800 Add delete incident blobs playbook commit aca0d06a5022aac01e0e713bf8e57a04d76f5821 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 27 17:44:19 2023 -0800 add one new exported playbook, need to later add description, name, author, etc. add cohesity tool to export playbook. commit 79bb3a1fbe8fba031ffda0c3b75e6108c9d02d5e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 27 17:25:10 2023 -0600 Update Cohesity_API_FunctionApp.json Removed unnecessary coma commit 331342e06349501d5aba8a9e3e1d17a0c8ff0e88 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Sat Jan 28 02:17:57 2023 +0530 Reviewed doc Reviewed for style and language commit f5ce722a37566212ed90ff7562012f0deb702e7a Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Sat Jan 28 02:12:12 2023 +0530 Reviewed the doc Reviewed for style and language commit 047a772779550a5edc30428c1df004b3b0abcaf5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Jan 26 17:51:02 2023 -0600 Create Cohesity_API_FunctionApp.json First version of data connector file commit aee525ee71b1995bc7087d6b091c0e1f36ad87ce Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Jan 26 17:38:11 2023 -0600 Update readme.md Typo commit 011848f908fd9ce07a261a864ba8ac9e969f1df0 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Jan 26 15:13:52 2023 -0800 Remove pre-requisited from CloseHeliosIncident and Restore playbooks commit 65180bee333f86de2c4fd14d7cef5e45a26704b3 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 25 17:20:47 2023 -0800 add test case for playbook: Cohesity_Close_Helios_Incident. commit 9e22aacb3c7372ca7be444bc3ac53e4af9c7ca73 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Jan 25 14:47:31 2023 -0800 Add user role related info to playbook readme files commit dea9ed121034fec3f6c27bfc03fe6d45a98945a6 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 24 17:14:06 2023 -0800 a decent fix for the dup issue by Eugene. commit 66c1136590967efb139aa2e3fd7debe72fbf3933 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 24 13:42:41 2023 -0800 a temporary fix for the duplicate incident issue. will try to add some automation tests to verify: 1: has incidents generated. 2: no duplicate and then find a decent fix. commit 3338fe0c4dc77c30ccf7780fd526e997683606a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 24 15:11:50 2023 -0600 Update azuredeploy.json Added link to the prerequisite details commit e563f5ff1eb065d58e63533d4afb40c5f0e4f9ce Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 24 15:09:26 2023 -0600 Update azuredeploy.json Added link to prerequisite details commit 956a4e44371144b22925009b02a5a009db5c4797 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 03:06:04 2023 +0530 Doc review Reviewed doc for language and style commit 9c6e3cffbc659023a2456125d83f0161451ac9a1 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 02:58:14 2023 +0530 Doc review Reviewed for language and style commit dc847550980ac19f14c9d1f348443ca5e57c5a86 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 02:46:15 2023 +0530 Doc Review Reviewed for language and style commit 2069d81a441a25775bf8c38ca0a2241676f87b3d Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 20 11:06:13 2023 -0800 clean the codes. commit edc60d45ab75373d1c771f550616602e92791ede Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 20 10:26:19 2023 -0800 add feature: TestAlertToQueue commit 28efdb81d136e80fa0ad2f79e4cdd7b8d61ca56b Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 19 15:46:24 2023 -0800 clean some codes. commit eb86fbf97d28026c9ad96d243b1b4fe2b41af556 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 19 14:05:22 2023 -0800 Fix some warning, retire some obsolete codes. commit fe35840043aadbe44b3f21b63ff248cf1be3967a Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 18 17:08:17 2023 -0800 fix some compilation warnings. commit 8fae6744b2f67494fbe4619ffeff8d62973dbf24 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Wed Jan 18 16:04:32 2023 +0530 Reviews Edited content for style and grammar commit 2bec432bd4a047bdc994c8c7ebe2c8e239fc1c4e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:33:30 2023 -0600 Update azuredeploy.json Updated metadata commit c97b56befe48ec5804bc738a843b4385869fd10e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:29:18 2023 -0600 Update azuredeploy.json Fixed quotes commit c3b07a1ed51fa810ebf3c3d4cc5b9d714cf438fc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:25:09 2023 -0600 Update azuredeploy.json Fixed typo commit 04289abf2cb4926da8c705b6bd9b6911ca73587d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:23:34 2023 -0600 Update azuredeploy.json Added metadata commit 8e139c0072c79557fb3f14b2ba9f59befc8cfeb9 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 11 10:27:54 2023 -0800 update text from 'Azure Sentinel' to 'Microsoft Sentinel' commit 94270ea0f0bb549f6a963ea40ebc7107f9e38f21 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 10 15:21:44 2023 -0800 remove BlobStorageConnectionString for duplication. remove a dup try catch. commit 199f5a140dd318095a1d2eaf7188a331da1258e3 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 10 11:07:38 2023 -0800 update the Function Apps to use env instead of secret for variables. fix some properties in azuredeploy.json. commit 7bb4f9341f949369c05ff44e38253f69d283bb2a Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 17:51:04 2023 -0800 small fix in script. commit d43cfccf320eca66bbb8f94eac77198dbaf04434 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 14:25:35 2023 -0800 update deploy scripts. commit 05f45be3853adde4bf9f82d68c6c654615f3ad85 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:11:45 2023 -0600 Update readme.md Fixed a typo commit 6155c4e0f7fdee7afdbcdfe72dccd08bad8d9c5a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:08:20 2023 -0600 Update readme.md Updated the instructions to reflect the new deployment script commit 98347394d8af51d997359c310f5e7335392c8680 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:07:16 2023 -0600 Update readme.md Updated the instructions to reflect new deployment steps commit 607b64f197fb8a914165f6482c954232409e93fb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 13:49:24 2023 -0600 Update readme.md Fixed a typo commit db7be2ab9188b4d6d2a9e1cc960321a71d921d8e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 13:44:56 2023 -0600 Update readme.md Polished language commit 8371bf109edb915a78307e4f35af74891e614ae6 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 10:45:15 2023 -0800 update azuredeploy to host on windows OS. add deployment related scripts. update the readme file. commit bc64f554f27e8a32558b5b66ab455294ee8e620a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 11:38:53 2023 -0600 Update readme.md Updated publishing instructions commit de74f40e18f9c890f66f516d4463c1cb14e07a97 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 5 14:21:11 2023 -0800 change to windows host to workaround the AzureWebJobsStorage error issue. commit 5a1daf5b3cc1eb7637c2b9213de051769b2d96c9 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 4 15:57:42 2023 -0800 small fix in azuredeploy.json commit d9cdca1acb1c2fc26b335bac98d6747371413cf4 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 4 15:54:46 2023 -0800 add DefaultEndpointsProtocol to azuredeploy.json commit 688ca03cb660a3a855913cdcb9313ba5fdf2b8cb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Jan 4 15:58:33 2023 -0600 Update readme.md Updated pre-requisites and troubleshooting steps commit a286f9c06418c619d1f9b1ca9938e965d4ec4ea5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Jan 4 15:42:56 2023 -0600 Update readme.md Updated prerequisites and troubleshooting details per MS code review commit 208d1f3d73001fdfd3bef7ea4d99453063b7175d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 3 17:49:26 2023 -0800 beautify this json file. commit 92de7c93bb4df329925bd67c4809996eaf694a80 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 3 17:48:57 2023 -0800 beautify this json file. commit 02bb9f3da89e7da8cf634dae5bae5a8732c29bb9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 17:07:12 2023 -0600 Update readme.md Updated deployment instructions to reflect that keyvault is now a managed connection commit 9386f5c8fc2636af920c2d91a5d9d66517de8f56 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 16:56:46 2023 -0600 Update azuredeploy.json Fixed container name commit 748937fe2035ba8877006141da6985367e8081a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 16:09:35 2023 -0600 Update readme.md Updated instructions to reflect the new deployment steps commit 3fdcfd398ba5ec273b2669a3ff2a6941cbce54a9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 15:45:13 2023 -0600 Update azuredeploy.json Made KeyVault managed connection with the predefined Keyvault name commit 0d4a8fabf9fab804d49ae6f6b4fb10e2f05d785c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 10:43:18 2023 -0600 Update azuredeploy.json Added Keyvaultname as a connection parameter commit 52a92c57ab077249e7e32aa251476f85abecdea9 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 23 15:55:50 2022 -0800 update the managedApis. commit 3b671431946ffee40a95c5d6ae917074e3d1e872 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:33:47 2022 -0600 Update azuredeploy.json Removed managed identity from Blob commit 978af21d84fc4fc462e3b4dcdb7634e0717b5045 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:30:04 2022 -0600 Update azuredeploy.json Testing managed connection with Azure Blob commit 4d3b80361763c3202234a349512ad55e2670e57a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:23:47 2022 -0600 Delete incident_producer_azuredeploy.json Deleted file that I created for test purposes commit be1f06e1b8733d353481c844b7dff7b3de9117ad Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:19:39 2022 -0600 Update azuredeploy.json Changed prerequisites commit cce48babe94de2598891538f1196b629a903e5d8 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:15:25 2022 -0600 Update azuredeploy.json Added metadata to the deployment wizard commit c59d740aff4b104504ea999d2b507717ccd4fc4e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:11:59 2022 -0600 Update readme.md Changed deployment instructions commit 7b4cb687b11173032a761d652a00767d2d55b084 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:10:33 2022 -0600 Update readme.md Fixed a typo commit 0a0604e23d21ab691e4cebdfc6af6b326531c1ef Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 13:27:00 2022 -0600 Update readme.md Added info about authorization commit a91e642e9288513681a42816e35e0892c0c44a56 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 23 11:26:54 2022 -0800 some small change according to the comments. commit 57f27beb00a17d25118bb29ecbde2de7420db714 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 13:19:42 2022 -0600 Update azuredeploy.json Removed managed identity from Outlook commit d84dfd4e1fd67560cc55edaf294817f0e540557f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 11:03:10 2022 -0600 Update azuredeploy.json Fixed a typo (",") commit eb38749daf730775b6b5b3c2105476a5961aed70 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 11:00:35 2022 -0600 Update azuredeploy.json Added metadata and made Outlook connection type ManagedServiceIdentity commit 3b526dedd207d181db5beea74a4bc3f8dc5f4868 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:51:55 2022 -0600 Update readme.md Updated with consideration of a new ARM template for Azure function config deployment commit 2b7fa46d117f0f0777d25f6376c1c877165df3eb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:25:38 2022 -0600 Update azuredeploy.json Fixed type "," commit 6bd4f29dd61e4eff16a4feeeca0e974e041d89d3 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:24:16 2022 -0600 Update azuredeploy.json Added metadata commit d993c87642efb1cef144bfeb41c497531b2e27a1 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:18:03 2022 -0600 Update azuredeploy.json Updated metadata commit 4fd3aaf0bc9f15c5536fe27644b21a823a7300b4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 09:44:48 2022 -0600 Delete func_azuredeploy.json This is a temporary file that was created by mistake. commit 4c32629bca96318c4fe8f731d78d3709d3c3f836 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:56:10 2022 -0800 update the csproj files commit 3d1e443984cd2e917a9208d28fa8df4c6d9c4830 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:51:36 2022 -0800 update the csproj files. commit 1bb53f3db70f5c86abaf14f4e56d8337dd266344 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:49:02 2022 -0800 change to read from key vault intead of env. commit e89a55ae22ae9b0ad48033fd0cc2c99dea78cbd4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 22 14:09:01 2022 -0600 Update readme.md Added button to deploy the functions to Azure. commit d3ef3bd69760acbd0febb547cc76eb5323cc5877 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 22 14:03:17 2022 -0600 Create azuredeploy.json ARM template for deploying both Azure functions. commit 979c7d3c7d29d8a69891808d61cb3719bf8cefe2 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 21 19:38:28 2022 -0800 retire redis in IncidentProducer add Anomaly Strength in description re-organize the codes commit ac0ae888d48f2032827ec5a2a577f93c008fd0d0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 19:33:30 2022 -0600 Update readme.md Returned the reference to the Restore playbook commit 8f0536ea15bb5de6373024e412f3f78658b96e9d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 17:23:58 2022 -0800 update the readme files. commit 2c7eb694bc41153566f22b51115490b5551d6fc1 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 17:01:30 2022 -0800 update these 2 package files. +++ ./Solutions/CohesitySecurity/Package/createUiDefinition.json +++ ./Solutions/CohesitySecurity/Package/mainTemplate.json commit 4520fcb7fdbe7c1f8d2619ba314a7a00a9137bfb Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 16:49:04 2022 -0800 update these 2 Playbooks: ./Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json ./Solutions/CohesitySecurity/Playbooks/Cohesity_CreateOrUpdate_ServiceNow_Incident/azuredeploy.json commit e13cc5a80f376d76c6df8f49c788f00e21510657 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 17:27:36 2022 -0600 Create incident_producer_azuredeploy.json Initial version of the IncidentProducer Function App commit 0d2c1d1b534a844607149b46e8ac8f7c38310825 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 15:44:46 2022 -0600 Create func_azuredeploy.json Test Azure func deploy commit db241debae8d5d4f226dcca6e4f0eda712721ae3 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 13:10:35 2022 -0600 Update readme.md Added instructions about connection authorization commit 7b950bcce0745708ff4b62c36a04599801e34ceb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 13:06:47 2022 -0600 Update readme.md Added connection authorization instructions commit 4e38c1cca6336d3b9c97039a7cda9e8e2c122f72 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:48:49 2022 -0600 Update readme.md Fixed broken links commit c454187a07654d6a293f57641b6d33db0367e6c7 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:42:53 2022 -0600 Update readme.md Fixed broken links commit 138ce8147da4d339633afdaa46a6cc0401920959 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:36:24 2022 -0600 Update readme.md Fixed broken links commit d9a069e6c948698b735acd441af5c91426460388 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:27:31 2022 -0600 Update readme.md Typo. commit 6b73ea2794d07fe2e635e3526212d9c94c8b8099 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:27:13 2022 -0600 Update readme.md Add info about skipping steps if the API key is already stored in the vault. commit 829395b3aea5d420622c4fea04906836be74d1e1 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:22:41 2022 -0600 Update readme.md - Added info about creating an automation trigger for closing SNOW tickets commit 0249a4383ae9053cc29b4b5140d139ed63d1956f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 09:57:33 2022 -0600 Update readme.md - Replaced Helios with DataHawk + a few other formatting changes. commit 617395e1914de1dcf5224be2abbedb79683dc763 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 09:50:57 2022 -0600 Update readme.md - Fixed broken links - Added info about the Cohesity Close Helios Incident playbook - Did some formatting commit c371a4644d05843114675cfae6b0521041be3e95 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 21:43:53 2022 -0800 + "Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json", commit 5b8a57d500862899b03cd847ce03d7b377b6a9ee Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 22:00:52 2022 -0600 Update readme.md Added specific name for the playbook commit d48f6f273414fa4b135e3724c47568f708f3aac2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 21:59:47 2022 -0600 Update readme.md Added specific name for the vault commit 864b714422baa0eceb005751604b691f7e16c59e Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:21:06 2022 -0800 +++ b/Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json +++ b/Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/readme.md commit fffc00bd40a4b743a29a4e905c11343e7c7d02de Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:13:15 2022 -0800 fix the extra "\" in readme files. commit 4923932eb14f14623a148fe86145dbf86c8812af Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:04:32 2022 -0800 rename from "Solutions/CohesitySecurity/Data\\ Connectors/ rename to Solutions/CohesitySecurity/Data Connectors/ commit ef5279c6eb7d2b1b1940e9cb48eb783602737c11 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 19:47:16 2022 -0600 Update readme.md Typo commit 94e4bdfe643acb573a1c2c771ce62086d475acd7 Merge: 2e21ed5ed 6d788faf0 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 17:26:43 2022 -0800 Merge remote-tracking branch 'cohesity/CohesitySecurity.internal' into CohesitySecurity.internal commit 2e21ed5edf18e34d32b618465c5d137fbc184ba9 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 17:26:26 2022 -0800 rename from DataConnectors/CohesitySecurity/Helios2Sentinel rename to "Solutions/CohesitySecurity/Data\\ Connectors/Helios2Sentinel update to use keyvault instead of apiKey from env. rename some playbooks. commit 6d788faf0f448b33ac505db4a1c982a08dcd06ad Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 19:22:01 2022 -0600 Update readme.md Updated info related to using the KeyVault to store the API Key. commit 2eb03064da4d07aef5a2c6fac6d41143cebb9b94 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 16:31:57 2022 -0600 Update readme.md Updated instructions for SNOW playbook to create automation rule for closing SNOW tickets. commit 8295c49fd69245ececfa08b9d5877428930de713 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 12:13:14 2022 -0800 rename playbook from Incident_VM_Playbook to Cohesity_Restore_From_Last_Snapshot update to read the details from blob storage. commit 1a2df6f10c514da74300b1a2a850c4b5dfd5fb4a Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 16 10:37:58 2022 -0800 parameterize the containerName take back the multi-thread implementation of ParseAlertToQueue commit a3da7f4d4382060342c448a7df0e08c43e343fee Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 15 18:17:20 2022 -0800 add the vm playbook related parameters into blob storage in IncidentProducer. commit 6899e05da662c496a412c262fca3f0f835cd7519 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 12:17:01 2022 -0600 Update readme.md Added info and new steps for the API key commit 0dda5f371b016fa28ec7e4f476171da9973e5c3c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:32:08 2022 -0600 Update readme.md Updated with the info about adding the automation rule. commit fb94db0ee57e8e1398f14590615db1de4ee42353 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:27:17 2022 -0600 Update readme.md Added link about editing connections commit bb844f6a6e86d8ec763ef858ae8d08b5ef37ae30 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:25:30 2022 -0600 Update readme.md Added a step about adding SNOW credentials commit f5efccdf5178d6e2552c0f4dde54a5528368ff1d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:12:46 2022 -0600 Update readme.md Added steps about connection authorization commit a7fde185bc5b3250b58b5b225642f55a6505863f Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 14 11:33:21 2022 -0800 update the Cohesity_Send_Incident_Email Playbook commit 53ab7909287d9141ad936e60cc7f30756a80135a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 20:12:54 2022 -0600 Update readme.md Added troubleshooting section commit 38fae0f6ee8e8ca732dc2168ccbab610b1925f91 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 19:26:41 2022 -0600 Update azuredeploy.json Added "My" to distinguish template from the actual playbook commit 2c5e09ecde3e3251ba111da81fc983d794977b01 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 19:25:50 2022 -0600 Update readme.md Fixed link to the Cohesity_Send_Incident_Email template commit 542d3622af65da620038e1ab69416f990063bbcc Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 13 17:12:01 2022 -0800 further remove the locale in readme.md rename and sync to the latest Cohesity_Send_Incident_Email Playbook commit 5ef898ebcd7c503ee58518e8faa15b23a9a9010e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 18:36:01 2022 -0600 Update readme.md Removed en-us locale from links commit df0261d7ff646c304381b10595cd66d6dbf501e9 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:39:03 2022 -0800 fix typo. commit 3cbc054f560096ff6a152ac8c4cfe6c86c993795 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:22:53 2022 -0800 update the host.json for queue policy. commit 5c975aa3bd8045e8e913b4cf2f86dddd0035f226 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:11:29 2022 -0800 delete these 2 not in use files. commit 34d4b4ea72e6055cbe0724b196ee87cb61bd5de0 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:01:47 2022 -0800 avoid recursion in catch. move FixedDelayRetry into host.json file. commit a5675c32eca3a8b7006585e4985403430e28a67e Merge: e4316deb4 24fdabb0d Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:43:06 2022 -0800 Merge branch 'CohesitySecurity.internal' of ../../BareReps/workspace/Azure-Sentinel1 into CohesitySecurity.internal commit e4316deb49a3514edbd112305ced244f37ce4aad Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:43:06 2022 -0800 fix the indent issue. commit 24fdabb0d5ce75cb4f6c587ff4df6ccdf2331702 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:39:58 2022 -0800 n commit 91a8b155d839783e4b3977ced1738f9916fc4edb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:19:21 2022 -0600 Update readme.md Formatting changes commit eba35f847f4759335c94d8776169856effe1bdf2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:18:44 2022 -0600 Update readme.md Formatting changes commit 4922249d7c41619c0ea86c1dd7e8bc93228b8c8b Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:17:32 2022 -0600 Update readme.md Updated links to individual deployment instructions. commit d0504d30064fef632d91cdac07d8cded6941a787 Author: Ying Huang <ying.huang@cohesity.com> Date: Sat Dec 10 22:47:59 2022 -0800 add lock to protect the queue in multi-thread scenarios. commit 79216fa51eaccf5ed0fe6b460cc00ca9f43ff9f2 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 9 16:27:40 2022 -0800 update readme file to add introduction about CohesityQueueName. commit 3684302ebd5cd47a4df31adcef34f984182eacf6 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 9 16:07:24 2022 -0800 moving the try catch logic up. Add FixedDelayRetry for QueueTrigger. commit 2bb8bdb2dff613feaf76bf76c91b124ad40aec29 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 9 09:46:22 2022 -0600 Update Solution_CohesitySecurity.json Changed per Microsoft review commit 2e4cd092da35eac529ad40cf13965891bcd23e7a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 9 09:40:25 2022 -0600 Update SolutionMetadata.json Changed per Microsoft code review commit 4f9275a6c72fb1a3c43e954187aa78b03ef7933e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:30:33 2022 -0600 Update readme.md Adding a testing step commit 0e6eef68994005f3910d9ea1f19316568ed605f4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:22:54 2022 -0600 Update readme.md Added more testing instructions commit 868e8aff161f4545303844273885bfaf80f1f850 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:17:29 2022 -0600 Update SolutionMetadata.json Formatting changes commit 2681e4e2104e1b3bb9fdcc2a306396402a55c2a5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:16:47 2022 -0600 Update SolutionMetadata.json Expanding categories and updating support info commit 456cde77cf36f57505d799ae641e4b0860801837 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:11:55 2022 -0600 Update readme.md Polished text commit e7596e2376153ff6a5a9e304f78d7ef44b6566a0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 19:51:46 2022 -0600 Update Solution_CohesitySecurity.json Added product description commit 3b0d6cae138980f4c2b0689e743a14729ce8f5cd Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 8 17:49:44 2022 -0800 obfuscate the CohesityQueueName multi-thread improve ParseAlertToQueue function commit 6a010359f4fc1bf4452b0ad82f473bb89115e4e2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 17:34:47 2022 -0600 Create readme.md Final version commit f062e826cc2f7aad7c71303f74b5343c6b7ba0de Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 16:39:52 2022 -0600 Update readme.md Fixed typos commit 16dd47d262e6e8af7bd0154049f6516be88ecf03 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 16:32:18 2022 -0600 Update readme.md Complete version commit 1cc3573c4652b5b37fcbcd390d60290d83390991 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 13:45:14 2022 -0600 Update readme.md Typo commit 882e06b81c24a3f066362e25d163c03727476f8b Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 13:09:45 2022 -0600 Create readme.md Initial commit commit a3604698a1cbadefb5c4eab32160ef378bb93eb6 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:55:06 2022 -0600 Create readme.md Initial version commit a3691ffe3cd4c566dc7ff19fbf25890367e4c893 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:27:32 2022 -0600 Update readme.md Removed unnecessary parameter commit b54d3775058650cfdcd55b5f53b32eb183e1a4cc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:26:47 2022 -0600 Update readme.md Formatting changes commit 7a1d5c44c6b3928a8c19d09b29516f4bd9e03c3f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:22:17 2022 -0600 Update readme.md Corrected typos commit beba853c334afcc41c41b9cba573a0017114054f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:05:11 2022 -0600 Update readme.md Corrected the URI commit f57caf6c0e43e3c367c756e53c686919bdb33a31 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:03:07 2022 -0600 Update readme.md Initial version commit e6456173f4d0cde1d28279c995fca17f4210764e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:45:53 2022 -0600 Update readme.md Added formatting commit 776e8f5f9f77360dc5944bb0ea42683e66244c57 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:45:12 2022 -0600 Update readme.md Completed the description commit 9f32298f3f806649e3f7e892ba3b8d38f163d9bb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:12:00 2022 -0600 Update readme.md Initial version commit 124d09ab973d57965a14011be1acd5d05feeedef Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 10:57:08 2022 -0600 Update readme.md Added word Cohesity to the playbook name commit 72ffa6e79eb3f3bee7b6603bc576222d59701120 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:55:55 2022 -0600 Update readme.md Formatting changes commit 63d91a5d6a0351db688cf5442d39c78dcaf76440 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:48:38 2022 -0600 Update readme.md Updated ARM template commit 9778263e071c5813200c46f27fffaebfbcefbd08 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:37:38 2022 -0600 Update readme.md Trying new URI format commit 30630efe42cf7ef46f5af74d7042c5db5f851389 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:30:39 2022 -0600 Update readme.md Changed URI again commit 0622eba625495e163e2b36a249a550728100ab42 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:29:04 2022 -0600 Update readme.md Changed URI for ARM template commit 6b33b2525f6df624af25f80762463876ddfdd5d5 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 7 17:15:05 2022 -0800 obfuscate the values in local.settings.json files. rename cohesity.config to cohesity.json, and update the build.ps1, readme.md. The github/codeql-action/autobuild keeps failing, but DataConnectors/CohesitySecurity/Helios2Sentinel build succeeded, as shown in following log. thus will disable the autobuild work flow. ============================= MSBuild version 17.4.0+18d5aef85 for .NET Determining projects to restore... Restored /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj (in 241 ms). Restored /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj (in 241 ms). /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.cs(65,34): warning CS1998: This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread. [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj] IncidentProducer -> /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/bin/Debug/net6.0/Helios2Sentinel.dll /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(30,32): warning CS0618: 'AuthenticationContext.AcquireTokenAsync(string, ClientCredential)' is obsolete: 'Microsoft.IdentityModel.Clients.ActiveDirectory is deprecated and replaced with Microsoft.Identity.Client. To migrate a daemon application, or service to service flow, see https://aka.ms/adal-to-msal-net/daemon' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(39,51): warning SYSLIB0014: 'WebRequest.Create(Uri)' is obsolete: 'WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] IncidentConsumer -> /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/bin/Debug/net6.0/IncidentConsumer.dll Build succeeded. /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.cs(65,34): warning CS1998: This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread. [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(30,32): warning CS0618: 'AuthenticationContext.AcquireTokenAsync(string, ClientCredential)' is obsolete: 'Microsoft.IdentityModel.Clients.ActiveDirectory is deprecated and replaced with Microsoft.Identity.Client. To migrate a daemon application, or service to service flow, see https://aka.ms/adal-to-msal-net/daemon' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(39,51): warning SYSLIB0014: 'WebRequest.Create(Uri)' is obsolete: 'WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] 3 Warning(s) 0 Error(s) Time Elapsed 00:00:03.65 commit 48a92fa01538c5f9682cf85ec863fee7034db2bc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:56:38 2022 -0600 Update readme.md commit fff7b50eef941fc31baaf0132fabc2a5c8be4580 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:55:03 2022 -0600 Update readme.md URI test commit d9e31f7740e6848b76bb8fb52b23aea4d447717d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:53:17 2022 -0600 Update readme.md Another link test commit d2c11aa620bfc8f677de973a4781997349e9573c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:49:15 2022 -0600 Update readme.md Another URI test commit 4af3e3078bc46faae5f25ae60db23add4dc64f1e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:48:19 2022 -0600 Update readme.md Trying different link commit 3137eb24dbd9c65b11d9893f15b749bfacebc503 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:40:02 2022 -0600 Update readme.md Changed URI commit 2483ea6d37e3073fd9af84ece13a9bfacf0efa0b Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 7 13:31:11 2022 -0800 --- ./Solutions/CohesitySecurity/Analytic Rules/RansomwareAlert.yaml --- ./Solutions/CohesitySecurity/Data Connectors/helios_connector.json +++ ./Solutions/CohesitySecurity/Package/createUiDefinition.json +++ ./Solutions/CohesitySecurity/Package/mainTemplate.json update the build script. commit fefdf8cfd2bedde33c8f9e866653cee2a2fd5ee0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:25:13 2022 -0600 Update readme.md Testing ARM commit 19ec494e83bb4ddbf7f987e89d90597282fdf247 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:18:22 2022 -0600 Update readme.md Corrected playbook description commit 59cd9b5250fb8fe40cf8cba981f426562aadcd90 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:04:28 2022 -0600 Update readme.md Added TBD for package directory commit 66bdab4f47ce3a10b3f9520c8a8a5302a9dc3c7c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:02:15 2022 -0600 Update readme.md Fixed typos commit cd7ec9fd1da7147aaa9adf3bd9308a44a877ad1f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:00:08 2022 -0600 Update readme.md Minor fixes commit 7ba845641f2ee7eef676988e82f53c221bb4e28a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:45:22 2022 -0600 Update readme.md Deployment steps corrections commit e6dd9c5fce55658a1ef567f8666252421c922828 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:42:44 2022 -0600 Update readme.md commit 29ca436444bcc5cb2da9df46790533969402d4d5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:41:33 2022 -0600 Update readme.md Setting ref line commit b1301e2b6ee1513f5c7d6c7fdd02f071279773fa Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:40:34 2022 -0600 Update readme.md Fixing URL again commit 6d7012c1b57ab0232a9963345d2b68d55b1b4639 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:39:11 2022 -0600 Update readme.md Fixing build instructions URL commit 098e27bbf719ed680bbbec1da5698d8fe7e4bbca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:36:40 2022 -0600 Update readme.md Escaped URL commit 61ea1d567270fb2c0056ed766771050165898d27 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:35:11 2022 -0600 Update readme.md Fixed step #1 commit 0d071a0b695060caffdf0a28f00d2dae927fb5ca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:34:04 2022 -0600 Update readme.md Typo commit 028950c162cd7c3fbe21d3f4daeaa980da6be8ca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:33:26 2022 -0600 Update readme.md Fixed link for the package directory commit 15af0de66deecf90fc0d631300cd031c20174090 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:31:25 2022 -0600 Update readme.md Added references to other deployment instructions commit f7e5af2070474d57a0233b238a864e3c37d422dc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 11:30:56 2022 -0600 Update readme.md First draft of deployment instructions commit b83e93aea069b80ff535acaa69149e37f900e3da Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:29:02 2022 -0600 Update readme.md commit 372ae3e17ed3e21ec5958a6619071d1a9db96564 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:26:25 2022 -0600 Update readme.md commit e6b15a5793fe2736c42293c3d2d3d7d8af140cd9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:18:30 2022 -0600 Update readme.md Updated link to Azure deployment commit 3447201611a96ce8b4989483c385877b798016a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 18:56:16 2022 -0600 Update readme.md Added link to the playbook template commit 36c776fd5b20c27ab9b6668c4c12d3ff89621de5 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 2 15:54:33 2022 -0800 Just initialize this new branch for Cohesity internal collaboration/review.

commit 0a6733e1fb59bc5ce282d1a84ad3f0a3b71c222c Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Mar 31 12:25:10 2023 -0700 Remove print statement from assert to avoid CodeQL warning commit e5995670acbecd5d0adc0b9e525c8f2756bbe8fc Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Mar 31 10:49:21 2023 -0700 Remove solution generator and fix CodeQL warnings commit 08d0d91679afc18c2b9c55e84defacc217a02d88 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Wed Mar 29 13:35:44 2023 -0700 Automation test (#13) * add test cases, to do match up test between sentinel and helios. * hide/remove this file * some small changes according to review feedback. * add Test for theCohesity_Restore_From_Last_Snapshot playbook some other minor changes. * post resolve some merge conflicts. * add some comments. * small update according to feedback. * small changes according to review feedback. * add def get_latest_playbook_run, and only use it to test playbooks. * add back some old changes. and small changes according to review feedback. * add back some old changes. and small changes according to review feedback. * small changes according to review feedback. * move the poll of status and assert codes inside playbook_run function. * add timeout to the get_latest_playbook_run loop. commit 563e1682ef7b71807d7b3a0ce8552aeac0ad847f Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Mar 23 13:26:03 2023 -0700 add Test for theCohesity_Restore_From_Last_Snapshot playbook (#11) * add Test for theCohesity_Restore_From_Last_Snapshot playbook some other minor changes. * post resolve some merge conflicts. * add some comments. * small update according to feedback. * small changes according to review feedback. commit d1abd5a563fe5c77f3f841ce43df26a40d5bf140 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Tue Mar 21 11:52:08 2023 -0700 just use following command (#12) "find Solutions/CohesitySecurity -type f -iname \*.py -exec black -l 79 {} \;" to format our py codes. commit be8f4de7ec206967f8e31bde9cf94156fbcd2988 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Wed Mar 15 13:52:05 2023 -0700 Automation test (#10) * add test cases, to do match up test between sentinel and helios. * hide/remove this file * some small changes according to review feedback. * add these files to parse alert.json +++ ./Solutions/CohesitySecurity/Tests/Alert.py +++ ./Solutions/CohesitySecurity/Tests/Alert.test.py some other small changes. * add/update comments in codes. change from apiKey to api_key * small changes based on review feedback. add/update comments. * rename files. add comments, small changes according to review feedback. * add this renamed file. * remove old file * add the new renamed file. * small changes. * fix the indent issue. * small changes based on feedback. * split the long lines. some renames +++ ./Solutions/CohesitySecurity/Tests/helios.test.py * move recover.json inside Data folder. add comments. * update the variables to be snake case. commit 2fbfbbbc09dab94d0418561d75bd72f7517030df Author: Kishan Nerella <11820638+kishannerella@users.noreply.github.com> Date: Wed Mar 15 12:27:05 2023 -0700 Fetch alerts in a large interval and cache them to avoid missing them (#9) Fetch alerts in a large interval and cache them to avoid missing them Helios can insert alerts because of which Producer may miss alerts because Producer only fetches alerts in the last 5 minutes. This period is now increased to 24 hours and a blob is used to store the previous alert ID to avoid pushing duplicate alerts in to the queue. commit b8c1e29d2560049820487b417bd174427bb0edc7 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Wed Mar 8 13:43:11 2023 -0800 add test cases, to do match up test between sentinel and helios. (#8) Add test: Match up test between Sentinel and Helios. commit 4b2bc0cc248f326e62aebd132626b44e15cbacb6 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Mar 1 17:23:17 2023 -0800 add this file, for further customization. +++ ./Solutions/CohesitySecurity/Tools/createSolutionV2.ps1 commit 9cba831803a72179ac0f6ce71af90127e686bbc0 Merge: 40ad85f0e a75b98838 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Mar 1 12:58:40 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 40ad85f0e1968d380d28115bca8c7ff592f76b75 Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Feb 24 16:50:48 2023 -0800 Added status to the incident to allow Welcome incident creation - Fixed startDaysAgo parameter usage in function azuredeploy.json - Replace ApiKey in blob key to a static value. - Removed ApiKey references in the logs. - Changed the status of the incidient to "New" always as we only query for kOpen alerts. - Refactored the code to have incident creation at a single place. commit ab333b79b112e47d9d44834762c97f2b8acad934 Merge: 878871468 3af5f111d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Feb 28 13:58:11 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 878871468e45b65faed668b606025987dd2659f5 Merge: 9a961ab2a 4ed65ef71 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 27 16:27:00 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 9a961ab2ac3d0a4d5cd7dfa117c98a70373e53ce Merge: 38a0bbd01 4e53f5de0 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Feb 24 10:45:17 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 38a0bbd0113ba0b42d18a87faa9bce7fe31779e4 Merge: b768cab7f ed943622b Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 23 11:16:06 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit b768cab7f3636d8ab9bcc103afea7062bcaeecdc Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 22 18:25:53 2023 -0800 Fix the required permissions and role for the Azure AD app commit 474253f2bf90fb2be70de63f48fa22579028610c Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 21 11:49:26 2023 -0800 Regenerate package with v2 solution creator and updated partner info commit 44e2f1b7921cccbe0ca1cabb52df3e45b3d0d82b Merge: 12ec703ac 284f45dc7 Author: Ying Huang <ying.huang@cohesity.com> Date: Sun Feb 19 22:49:30 2023 -0800 Merge remote-tracking branch 'origin/master' into CohesitySecurity.internal commit 12ec703acecd71fe81a218dc0de0ea293f04907b Merge: 4243ee149 3d8a1cbdd Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 16 16:08:39 2023 -0800 Merge pull request #5 from cohesity/audo_deployment fix to the serverfarms Conflict issue. commit 4243ee1498650ae062034f5b04a267e906c0dd20 Merge: dcd835bd2 5127b80fd Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 16 16:08:04 2023 -0800 Merge pull request #6 from cohesity/build update the build related stuff. commit 5127b80fdeae73342ce5c74e98499fb358137454 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 16 14:55:44 2023 -0800 add this file, but which still not working yet. ./Solutions/CohesitySecurity/Package/mainTemplate.json.sh update the build script. commit b4b7dcce8c80a788b36e2560eed301a479dc0884 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Feb 16 11:19:41 2023 -0800 update the build related stuff. small change to metadata. commit 3d8a1cbdd19cea118e497b00802855b75705f1d0 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Feb 15 11:03:21 2023 -0800 fix to the serverfarms Conflict issue. small update to the deployment script. commit dcd835bd2a13b8dcd336985560c6503fffbd6811 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:58:34 2023 -0800 Re-create package with version 2.0 and updated URLs commit 26b81b758dedaecd41a179197dfc8ec0f28c7cde Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:54:10 2023 -0800 Replace github URL to Azure from Cohesity commit 2f3e379183d7caf1c71f6d5fb4e0ccb6071427a4 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Feb 10 13:16:52 2023 -0800 Remove manual deployment option, change version and URLs commit 3eb7ffc7aae1590043f4cea4f8e72ceffa57aee9 Author: yinghuang123 <115043385+yinghuang123@users.noreply.github.com> Date: Thu Feb 9 11:13:27 2023 -0800 Zip (#4) Add producer and consumer packaging scripts commit 724bd4b85ed9acc1caf564466b074a53a69fd546 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 16:55:25 2023 -0800 Renamed function app package name and location commit 8a2a67073b318300cec969d745eeaba9dee41179 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 14:02:55 2023 -0800 Add logo to solution Also, fix manual deployment steps in Cohesity_API_FunctionApp.json. Updated connector description in createUiTemplate.json and re-created package. commit 03d5b8d68aaaabf2db88407347e390620b6a7983 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Feb 8 13:11:54 2023 -0800 Add Cohesity logo commit c79d25164adc86a467e5d3e187c9c7e8e38842af Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 18:13:10 2023 -0800 Create package using v2 solution creator Also, moved the Solution file into 'Data' folder as it looks like that's the standard. commit e3d0f772cdac49f08a09913f9d36527ed5db65f5 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 17:29:53 2023 -0800 Change post deployment field in email to an array of values Also, add periods at the end of descriptions in all the playbooks. commit e8053f8b1c9fef0f0834cf37f3f00bbf25a939f9 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Tue Feb 7 15:55:32 2023 -0800 Add Cohesity in the title of playbooks and update readme accordingly commit da51a755a27cb4415b6c1efc30d69e730791ed55 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Feb 6 20:45:28 2023 -0800 Created package files with the new playbook Also, fixed readme to add the new playbook and some corrections. commit e94659171063a83ca891ebc138e612969d0934a9 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Feb 6 13:41:13 2023 -0800 Remove empty parameter from playbook as package validation fails commit 6c52f04bf8c1a87b4e504abcce115237e61b5220 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Feb 6 19:27:57 2023 -0600 Update readme.md Removed an extra dot commit 7af5db70561fc2c1e7b1d74947e161aec7c10a1f Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 6 10:00:51 2023 -0800 update/add some auto deploy related scripts. commit b5ffb7134481589da0beb3746d77fba1ce1843f8 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Feb 6 09:52:36 2023 -0800 beautify this json file commit d00210396cb89f45cea45d47ecc4836c99f409f7 Author: Kishan Nerella <kishannerella@gmail.com> Date: Fri Feb 3 19:26:15 2023 -0800 Fix package download links and producer timer trigger Also, changed the function app packaging by removing top-level directory. commit 1a953226cf64afc0b238406e3e94fb1580b0f443 Author: Kishan Nerella <kishannerella@MacBook-Pro.local> Date: Fri Feb 3 12:51:48 2023 -0800 Add function runtime config and deployment url commit 8bfc80e4cd58c377e343a8e307d9a2a34f3a320a Author: Kishan Nerella <kishannerella@MacBook-Pro.local> Date: Fri Feb 3 12:13:42 2023 -0800 Create producer and consumer packages for deployment commit f45527acc1c89998eee11aa421377a14ea4ec956 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Feb 2 20:02:00 2023 -0800 Fix readme language commit eaf972c5170288be0e5c1ba43cf41d60969628c6 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Feb 2 19:55:37 2023 -0800 Fix links in readme files commit 7dbcd360ce6c3b40bad1de6095f6d355a9a31e61 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Feb 2 12:55:57 2023 -0600 Update Cohesity_API_FunctionApp.json Removed a wrong reference commit 85f916b3d50bf24fb02b675b25b21308392cd5d7 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 31 17:33:10 2023 -0600 Update Cohesity_API_FunctionApp.json Removed locale from the link commit bd24164805c493d20199db1faae38a14f043ea7f Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Mon Jan 30 17:22:41 2023 -0800 Fix delete blob deployment URL and tags commit e6cab0c1135ab753775722083049f1eae7f2a37f Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:40:38 2023 -0800 add back folders with name begining in upper case. commit 9bca6381b287585e4e448e6b7680e5a2f0aed918 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:38:42 2023 -0800 delete those old folders with name begining in lower case. commit 38e30732c96e418b7394b01bbd0dcb00b3a5d99a Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:37:04 2023 -0800 uniform data input. rename folders to upper case prefix. add more test cases. commit 62429c630ae109a775026251829dd6652d7fe178 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Jan 30 16:33:05 2023 -0800 uniform data input. rename folders to upper case prefix. add more test cases. commit 4a0baa24f13e0ad52c6fac91449040c819de3cfb Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Fri Jan 27 21:02:12 2023 -0800 Add delete incident blobs playbook commit aca0d06a5022aac01e0e713bf8e57a04d76f5821 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 27 17:44:19 2023 -0800 add one new exported playbook, need to later add description, name, author, etc. add cohesity tool to export playbook. commit 79bb3a1fbe8fba031ffda0c3b75e6108c9d02d5e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 27 17:25:10 2023 -0600 Update Cohesity_API_FunctionApp.json Removed unnecessary coma commit 331342e06349501d5aba8a9e3e1d17a0c8ff0e88 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Sat Jan 28 02:17:57 2023 +0530 Reviewed doc Reviewed for style and language commit f5ce722a37566212ed90ff7562012f0deb702e7a Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Sat Jan 28 02:12:12 2023 +0530 Reviewed the doc Reviewed for style and language commit 047a772779550a5edc30428c1df004b3b0abcaf5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Jan 26 17:51:02 2023 -0600 Create Cohesity_API_FunctionApp.json First version of data connector file commit aee525ee71b1995bc7087d6b091c0e1f36ad87ce Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Jan 26 17:38:11 2023 -0600 Update readme.md Typo commit 011848f908fd9ce07a261a864ba8ac9e969f1df0 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Thu Jan 26 15:13:52 2023 -0800 Remove pre-requisited from CloseHeliosIncident and Restore playbooks commit 65180bee333f86de2c4fd14d7cef5e45a26704b3 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 25 17:20:47 2023 -0800 add test case for playbook: Cohesity_Close_Helios_Incident. commit 9e22aacb3c7372ca7be444bc3ac53e4af9c7ca73 Author: Kishan Nerella <kishan.nerella@cohesity.com> Date: Wed Jan 25 14:47:31 2023 -0800 Add user role related info to playbook readme files commit dea9ed121034fec3f6c27bfc03fe6d45a98945a6 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 24 17:14:06 2023 -0800 a decent fix for the dup issue by Eugene. commit 66c1136590967efb139aa2e3fd7debe72fbf3933 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 24 13:42:41 2023 -0800 a temporary fix for the duplicate incident issue. will try to add some automation tests to verify: 1: has incidents generated. 2: no duplicate and then find a decent fix. commit 3338fe0c4dc77c30ccf7780fd526e997683606a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 24 15:11:50 2023 -0600 Update azuredeploy.json Added link to the prerequisite details commit e563f5ff1eb065d58e63533d4afb40c5f0e4f9ce Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 24 15:09:26 2023 -0600 Update azuredeploy.json Added link to prerequisite details commit 956a4e44371144b22925009b02a5a009db5c4797 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 03:06:04 2023 +0530 Doc review Reviewed doc for language and style commit 9c6e3cffbc659023a2456125d83f0161451ac9a1 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 02:58:14 2023 +0530 Doc review Reviewed for language and style commit dc847550980ac19f14c9d1f348443ca5e57c5a86 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Mon Jan 23 02:46:15 2023 +0530 Doc Review Reviewed for language and style commit 2069d81a441a25775bf8c38ca0a2241676f87b3d Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 20 11:06:13 2023 -0800 clean the codes. commit edc60d45ab75373d1c771f550616602e92791ede Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 20 10:26:19 2023 -0800 add feature: TestAlertToQueue commit 28efdb81d136e80fa0ad2f79e4cdd7b8d61ca56b Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 19 15:46:24 2023 -0800 clean some codes. commit eb86fbf97d28026c9ad96d243b1b4fe2b41af556 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 19 14:05:22 2023 -0800 Fix some warning, retire some obsolete codes. commit fe35840043aadbe44b3f21b63ff248cf1be3967a Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 18 17:08:17 2023 -0800 fix some compilation warnings. commit 8fae6744b2f67494fbe4619ffeff8d62973dbf24 Author: rohit2230 <121071301+rohit2230@users.noreply.github.com> Date: Wed Jan 18 16:04:32 2023 +0530 Reviews Edited content for style and grammar commit 2bec432bd4a047bdc994c8c7ebe2c8e239fc1c4e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:33:30 2023 -0600 Update azuredeploy.json Updated metadata commit c97b56befe48ec5804bc738a843b4385869fd10e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:29:18 2023 -0600 Update azuredeploy.json Fixed quotes commit c3b07a1ed51fa810ebf3c3d4cc5b9d714cf438fc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:25:09 2023 -0600 Update azuredeploy.json Fixed typo commit 04289abf2cb4926da8c705b6bd9b6911ca73587d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 13 17:23:34 2023 -0600 Update azuredeploy.json Added metadata commit 8e139c0072c79557fb3f14b2ba9f59befc8cfeb9 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 11 10:27:54 2023 -0800 update text from 'Azure Sentinel' to 'Microsoft Sentinel' commit 94270ea0f0bb549f6a963ea40ebc7107f9e38f21 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 10 15:21:44 2023 -0800 remove BlobStorageConnectionString for duplication. remove a dup try catch. commit 199f5a140dd318095a1d2eaf7188a331da1258e3 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 10 11:07:38 2023 -0800 update the Function Apps to use env instead of secret for variables. fix some properties in azuredeploy.json. commit 7bb4f9341f949369c05ff44e38253f69d283bb2a Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 17:51:04 2023 -0800 small fix in script. commit d43cfccf320eca66bbb8f94eac77198dbaf04434 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 14:25:35 2023 -0800 update deploy scripts. commit 05f45be3853adde4bf9f82d68c6c654615f3ad85 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:11:45 2023 -0600 Update readme.md Fixed a typo commit 6155c4e0f7fdee7afdbcdfe72dccd08bad8d9c5a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:08:20 2023 -0600 Update readme.md Updated the instructions to reflect the new deployment script commit 98347394d8af51d997359c310f5e7335392c8680 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 15:07:16 2023 -0600 Update readme.md Updated the instructions to reflect new deployment steps commit 607b64f197fb8a914165f6482c954232409e93fb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 13:49:24 2023 -0600 Update readme.md Fixed a typo commit db7be2ab9188b4d6d2a9e1cc960321a71d921d8e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 13:44:56 2023 -0600 Update readme.md Polished language commit 8371bf109edb915a78307e4f35af74891e614ae6 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Jan 6 10:45:15 2023 -0800 update azuredeploy to host on windows OS. add deployment related scripts. update the readme file. commit bc64f554f27e8a32558b5b66ab455294ee8e620a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Jan 6 11:38:53 2023 -0600 Update readme.md Updated publishing instructions commit de74f40e18f9c890f66f516d4463c1cb14e07a97 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Jan 5 14:21:11 2023 -0800 change to windows host to workaround the AzureWebJobsStorage error issue. commit 5a1daf5b3cc1eb7637c2b9213de051769b2d96c9 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 4 15:57:42 2023 -0800 small fix in azuredeploy.json commit d9cdca1acb1c2fc26b335bac98d6747371413cf4 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Jan 4 15:54:46 2023 -0800 add DefaultEndpointsProtocol to azuredeploy.json commit 688ca03cb660a3a855913cdcb9313ba5fdf2b8cb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Jan 4 15:58:33 2023 -0600 Update readme.md Updated pre-requisites and troubleshooting steps commit a286f9c06418c619d1f9b1ca9938e965d4ec4ea5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Jan 4 15:42:56 2023 -0600 Update readme.md Updated prerequisites and troubleshooting details per MS code review commit 208d1f3d73001fdfd3bef7ea4d99453063b7175d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 3 17:49:26 2023 -0800 beautify this json file. commit 92de7c93bb4df329925bd67c4809996eaf694a80 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Jan 3 17:48:57 2023 -0800 beautify this json file. commit 02bb9f3da89e7da8cf634dae5bae5a8732c29bb9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 17:07:12 2023 -0600 Update readme.md Updated deployment instructions to reflect that keyvault is now a managed connection commit 9386f5c8fc2636af920c2d91a5d9d66517de8f56 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 16:56:46 2023 -0600 Update azuredeploy.json Fixed container name commit 748937fe2035ba8877006141da6985367e8081a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 16:09:35 2023 -0600 Update readme.md Updated instructions to reflect the new deployment steps commit 3fdcfd398ba5ec273b2669a3ff2a6941cbce54a9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 15:45:13 2023 -0600 Update azuredeploy.json Made KeyVault managed connection with the predefined Keyvault name commit 0d4a8fabf9fab804d49ae6f6b4fb10e2f05d785c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Jan 3 10:43:18 2023 -0600 Update azuredeploy.json Added Keyvaultname as a connection parameter commit 52a92c57ab077249e7e32aa251476f85abecdea9 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 23 15:55:50 2022 -0800 update the managedApis. commit 3b671431946ffee40a95c5d6ae917074e3d1e872 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:33:47 2022 -0600 Update azuredeploy.json Removed managed identity from Blob commit 978af21d84fc4fc462e3b4dcdb7634e0717b5045 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:30:04 2022 -0600 Update azuredeploy.json Testing managed connection with Azure Blob commit 4d3b80361763c3202234a349512ad55e2670e57a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:23:47 2022 -0600 Delete incident_producer_azuredeploy.json Deleted file that I created for test purposes commit be1f06e1b8733d353481c844b7dff7b3de9117ad Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:19:39 2022 -0600 Update azuredeploy.json Changed prerequisites commit cce48babe94de2598891538f1196b629a903e5d8 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:15:25 2022 -0600 Update azuredeploy.json Added metadata to the deployment wizard commit c59d740aff4b104504ea999d2b507717ccd4fc4e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:11:59 2022 -0600 Update readme.md Changed deployment instructions commit 7b4cb687b11173032a761d652a00767d2d55b084 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 14:10:33 2022 -0600 Update readme.md Fixed a typo commit 0a0604e23d21ab691e4cebdfc6af6b326531c1ef Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 13:27:00 2022 -0600 Update readme.md Added info about authorization commit a91e642e9288513681a42816e35e0892c0c44a56 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 23 11:26:54 2022 -0800 some small change according to the comments. commit 57f27beb00a17d25118bb29ecbde2de7420db714 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 13:19:42 2022 -0600 Update azuredeploy.json Removed managed identity from Outlook commit d84dfd4e1fd67560cc55edaf294817f0e540557f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 11:03:10 2022 -0600 Update azuredeploy.json Fixed a typo (",") commit eb38749daf730775b6b5b3c2105476a5961aed70 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 11:00:35 2022 -0600 Update azuredeploy.json Added metadata and made Outlook connection type ManagedServiceIdentity commit 3b526dedd207d181db5beea74a4bc3f8dc5f4868 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:51:55 2022 -0600 Update readme.md Updated with consideration of a new ARM template for Azure function config deployment commit 2b7fa46d117f0f0777d25f6376c1c877165df3eb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:25:38 2022 -0600 Update azuredeploy.json Fixed type "," commit 6bd4f29dd61e4eff16a4feeeca0e974e041d89d3 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:24:16 2022 -0600 Update azuredeploy.json Added metadata commit d993c87642efb1cef144bfeb41c497531b2e27a1 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 10:18:03 2022 -0600 Update azuredeploy.json Updated metadata commit 4fd3aaf0bc9f15c5536fe27644b21a823a7300b4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 23 09:44:48 2022 -0600 Delete func_azuredeploy.json This is a temporary file that was created by mistake. commit 4c32629bca96318c4fe8f731d78d3709d3c3f836 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:56:10 2022 -0800 update the csproj files commit 3d1e443984cd2e917a9208d28fa8df4c6d9c4830 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:51:36 2022 -0800 update the csproj files. commit 1bb53f3db70f5c86abaf14f4e56d8337dd266344 Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 22 14:49:02 2022 -0800 change to read from key vault intead of env. commit e89a55ae22ae9b0ad48033fd0cc2c99dea78cbd4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 22 14:09:01 2022 -0600 Update readme.md Added button to deploy the functions to Azure. commit d3ef3bd69760acbd0febb547cc76eb5323cc5877 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 22 14:03:17 2022 -0600 Create azuredeploy.json ARM template for deploying both Azure functions. commit 979c7d3c7d29d8a69891808d61cb3719bf8cefe2 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 21 19:38:28 2022 -0800 retire redis in IncidentProducer add Anomaly Strength in description re-organize the codes commit ac0ae888d48f2032827ec5a2a577f93c008fd0d0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 19:33:30 2022 -0600 Update readme.md Returned the reference to the Restore playbook commit 8f0536ea15bb5de6373024e412f3f78658b96e9d Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 17:23:58 2022 -0800 update the readme files. commit 2c7eb694bc41153566f22b51115490b5551d6fc1 Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 17:01:30 2022 -0800 update these 2 package files. +++ ./Solutions/CohesitySecurity/Package/createUiDefinition.json +++ ./Solutions/CohesitySecurity/Package/mainTemplate.json commit 4520fcb7fdbe7c1f8d2619ba314a7a00a9137bfb Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 20 16:49:04 2022 -0800 update these 2 Playbooks: ./Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json ./Solutions/CohesitySecurity/Playbooks/Cohesity_CreateOrUpdate_ServiceNow_Incident/azuredeploy.json commit e13cc5a80f376d76c6df8f49c788f00e21510657 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 17:27:36 2022 -0600 Create incident_producer_azuredeploy.json Initial version of the IncidentProducer Function App commit 0d2c1d1b534a844607149b46e8ac8f7c38310825 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 15:44:46 2022 -0600 Create func_azuredeploy.json Test Azure func deploy commit db241debae8d5d4f226dcca6e4f0eda712721ae3 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 13:10:35 2022 -0600 Update readme.md Added instructions about connection authorization commit 7b950bcce0745708ff4b62c36a04599801e34ceb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 13:06:47 2022 -0600 Update readme.md Added connection authorization instructions commit 4e38c1cca6336d3b9c97039a7cda9e8e2c122f72 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:48:49 2022 -0600 Update readme.md Fixed broken links commit c454187a07654d6a293f57641b6d33db0367e6c7 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:42:53 2022 -0600 Update readme.md Fixed broken links commit 138ce8147da4d339633afdaa46a6cc0401920959 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:36:24 2022 -0600 Update readme.md Fixed broken links commit d9a069e6c948698b735acd441af5c91426460388 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:27:31 2022 -0600 Update readme.md Typo. commit 6b73ea2794d07fe2e635e3526212d9c94c8b8099 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:27:13 2022 -0600 Update readme.md Add info about skipping steps if the API key is already stored in the vault. commit 829395b3aea5d420622c4fea04906836be74d1e1 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 10:22:41 2022 -0600 Update readme.md - Added info about creating an automation trigger for closing SNOW tickets commit 0249a4383ae9053cc29b4b5140d139ed63d1956f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 09:57:33 2022 -0600 Update readme.md - Replaced Helios with DataHawk + a few other formatting changes. commit 617395e1914de1dcf5224be2abbedb79683dc763 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 20 09:50:57 2022 -0600 Update readme.md - Fixed broken links - Added info about the Cohesity Close Helios Incident playbook - Did some formatting commit c371a4644d05843114675cfae6b0521041be3e95 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 21:43:53 2022 -0800 + "Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json", commit 5b8a57d500862899b03cd847ce03d7b377b6a9ee Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 22:00:52 2022 -0600 Update readme.md Added specific name for the playbook commit d48f6f273414fa4b135e3724c47568f708f3aac2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 21:59:47 2022 -0600 Update readme.md Added specific name for the vault commit 864b714422baa0eceb005751604b691f7e16c59e Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:21:06 2022 -0800 +++ b/Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/azuredeploy.json +++ b/Solutions/CohesitySecurity/Playbooks/Cohesity_Close_Helios_Incident/readme.md commit fffc00bd40a4b743a29a4e905c11343e7c7d02de Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:13:15 2022 -0800 fix the extra "\" in readme files. commit 4923932eb14f14623a148fe86145dbf86c8812af Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 18:04:32 2022 -0800 rename from "Solutions/CohesitySecurity/Data\\ Connectors/ rename to Solutions/CohesitySecurity/Data Connectors/ commit ef5279c6eb7d2b1b1940e9cb48eb783602737c11 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 19:47:16 2022 -0600 Update readme.md Typo commit 94e4bdfe643acb573a1c2c771ce62086d475acd7 Merge: 2e21ed5ed 6d788faf0 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 17:26:43 2022 -0800 Merge remote-tracking branch 'cohesity/CohesitySecurity.internal' into CohesitySecurity.internal commit 2e21ed5edf18e34d32b618465c5d137fbc184ba9 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 17:26:26 2022 -0800 rename from DataConnectors/CohesitySecurity/Helios2Sentinel rename to "Solutions/CohesitySecurity/Data\\ Connectors/Helios2Sentinel update to use keyvault instead of apiKey from env. rename some playbooks. commit 6d788faf0f448b33ac505db4a1c982a08dcd06ad Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 19:22:01 2022 -0600 Update readme.md Updated info related to using the KeyVault to store the API Key. commit 2eb03064da4d07aef5a2c6fac6d41143cebb9b94 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 19 16:31:57 2022 -0600 Update readme.md Updated instructions for SNOW playbook to create automation rule for closing SNOW tickets. commit 8295c49fd69245ececfa08b9d5877428930de713 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 19 12:13:14 2022 -0800 rename playbook from Incident_VM_Playbook to Cohesity_Restore_From_Last_Snapshot update to read the details from blob storage. commit 1a2df6f10c514da74300b1a2a850c4b5dfd5fb4a Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 16 10:37:58 2022 -0800 parameterize the containerName take back the multi-thread implementation of ParseAlertToQueue commit a3da7f4d4382060342c448a7df0e08c43e343fee Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 15 18:17:20 2022 -0800 add the vm playbook related parameters into blob storage in IncidentProducer. commit 6899e05da662c496a412c262fca3f0f835cd7519 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 12:17:01 2022 -0600 Update readme.md Added info and new steps for the API key commit 0dda5f371b016fa28ec7e4f476171da9973e5c3c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:32:08 2022 -0600 Update readme.md Updated with the info about adding the automation rule. commit fb94db0ee57e8e1398f14590615db1de4ee42353 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:27:17 2022 -0600 Update readme.md Added link about editing connections commit bb844f6a6e86d8ec763ef858ae8d08b5ef37ae30 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:25:30 2022 -0600 Update readme.md Added a step about adding SNOW credentials commit f5efccdf5178d6e2552c0f4dde54a5528368ff1d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 15 11:12:46 2022 -0600 Update readme.md Added steps about connection authorization commit a7fde185bc5b3250b58b5b225642f55a6505863f Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 14 11:33:21 2022 -0800 update the Cohesity_Send_Incident_Email Playbook commit 53ab7909287d9141ad936e60cc7f30756a80135a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 20:12:54 2022 -0600 Update readme.md Added troubleshooting section commit 38fae0f6ee8e8ca732dc2168ccbab610b1925f91 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 19:26:41 2022 -0600 Update azuredeploy.json Added "My" to distinguish template from the actual playbook commit 2c5e09ecde3e3251ba111da81fc983d794977b01 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 13 19:25:50 2022 -0600 Update readme.md Fixed link to the Cohesity_Send_Incident_Email template commit 542d3622af65da620038e1ab69416f990063bbcc Author: Ying Huang <ying.huang@cohesity.com> Date: Tue Dec 13 17:12:01 2022 -0800 further remove the locale in readme.md rename and sync to the latest Cohesity_Send_Incident_Email Playbook commit 5ef898ebcd7c503ee58518e8faa15b23a9a9010e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 18:36:01 2022 -0600 Update readme.md Removed en-us locale from links commit df0261d7ff646c304381b10595cd66d6dbf501e9 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:39:03 2022 -0800 fix typo. commit 3cbc054f560096ff6a152ac8c4cfe6c86c993795 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:22:53 2022 -0800 update the host.json for queue policy. commit 5c975aa3bd8045e8e913b4cf2f86dddd0035f226 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:11:29 2022 -0800 delete these 2 not in use files. commit 34d4b4ea72e6055cbe0724b196ee87cb61bd5de0 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 14:01:47 2022 -0800 avoid recursion in catch. move FixedDelayRetry into host.json file. commit a5675c32eca3a8b7006585e4985403430e28a67e Merge: e4316deb4 24fdabb0d Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:43:06 2022 -0800 Merge branch 'CohesitySecurity.internal' of ../../BareReps/workspace/Azure-Sentinel1 into CohesitySecurity.internal commit e4316deb49a3514edbd112305ced244f37ce4aad Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:43:06 2022 -0800 fix the indent issue. commit 24fdabb0d5ce75cb4f6c587ff4df6ccdf2331702 Author: Ying Huang <ying.huang@cohesity.com> Date: Mon Dec 12 13:39:58 2022 -0800 n commit 91a8b155d839783e4b3977ced1738f9916fc4edb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:19:21 2022 -0600 Update readme.md Formatting changes commit eba35f847f4759335c94d8776169856effe1bdf2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:18:44 2022 -0600 Update readme.md Formatting changes commit 4922249d7c41619c0ea86c1dd7e8bc93228b8c8b Author: eerus <115032728+eerus@users.noreply.github.com> Date: Mon Dec 12 10:17:32 2022 -0600 Update readme.md Updated links to individual deployment instructions. commit d0504d30064fef632d91cdac07d8cded6941a787 Author: Ying Huang <ying.huang@cohesity.com> Date: Sat Dec 10 22:47:59 2022 -0800 add lock to protect the queue in multi-thread scenarios. commit 79216fa51eaccf5ed0fe6b460cc00ca9f43ff9f2 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 9 16:27:40 2022 -0800 update readme file to add introduction about CohesityQueueName. commit 3684302ebd5cd47a4df31adcef34f984182eacf6 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 9 16:07:24 2022 -0800 moving the try catch logic up. Add FixedDelayRetry for QueueTrigger. commit 2bb8bdb2dff613feaf76bf76c91b124ad40aec29 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 9 09:46:22 2022 -0600 Update Solution_CohesitySecurity.json Changed per Microsoft review commit 2e4cd092da35eac529ad40cf13965891bcd23e7a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Fri Dec 9 09:40:25 2022 -0600 Update SolutionMetadata.json Changed per Microsoft code review commit 4f9275a6c72fb1a3c43e954187aa78b03ef7933e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:30:33 2022 -0600 Update readme.md Adding a testing step commit 0e6eef68994005f3910d9ea1f19316568ed605f4 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:22:54 2022 -0600 Update readme.md Added more testing instructions commit 868e8aff161f4545303844273885bfaf80f1f850 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:17:29 2022 -0600 Update SolutionMetadata.json Formatting changes commit 2681e4e2104e1b3bb9fdcc2a306396402a55c2a5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:16:47 2022 -0600 Update SolutionMetadata.json Expanding categories and updating support info commit 456cde77cf36f57505d799ae641e4b0860801837 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 20:11:55 2022 -0600 Update readme.md Polished text commit e7596e2376153ff6a5a9e304f78d7ef44b6566a0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 19:51:46 2022 -0600 Update Solution_CohesitySecurity.json Added product description commit 3b0d6cae138980f4c2b0689e743a14729ce8f5cd Author: Ying Huang <ying.huang@cohesity.com> Date: Thu Dec 8 17:49:44 2022 -0800 obfuscate the CohesityQueueName multi-thread improve ParseAlertToQueue function commit 6a010359f4fc1bf4452b0ad82f473bb89115e4e2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 17:34:47 2022 -0600 Create readme.md Final version commit f062e826cc2f7aad7c71303f74b5343c6b7ba0de Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 16:39:52 2022 -0600 Update readme.md Fixed typos commit 16dd47d262e6e8af7bd0154049f6516be88ecf03 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 16:32:18 2022 -0600 Update readme.md Complete version commit 1cc3573c4652b5b37fcbcd390d60290d83390991 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 13:45:14 2022 -0600 Update readme.md Typo commit 882e06b81c24a3f066362e25d163c03727476f8b Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 13:09:45 2022 -0600 Create readme.md Initial commit commit a3604698a1cbadefb5c4eab32160ef378bb93eb6 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:55:06 2022 -0600 Create readme.md Initial version commit a3691ffe3cd4c566dc7ff19fbf25890367e4c893 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:27:32 2022 -0600 Update readme.md Removed unnecessary parameter commit b54d3775058650cfdcd55b5f53b32eb183e1a4cc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:26:47 2022 -0600 Update readme.md Formatting changes commit 7a1d5c44c6b3928a8c19d09b29516f4bd9e03c3f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:22:17 2022 -0600 Update readme.md Corrected typos commit beba853c334afcc41c41b9cba573a0017114054f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:05:11 2022 -0600 Update readme.md Corrected the URI commit f57caf6c0e43e3c367c756e53c686919bdb33a31 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 12:03:07 2022 -0600 Update readme.md Initial version commit e6456173f4d0cde1d28279c995fca17f4210764e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:45:53 2022 -0600 Update readme.md Added formatting commit 776e8f5f9f77360dc5944bb0ea42683e66244c57 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:45:12 2022 -0600 Update readme.md Completed the description commit 9f32298f3f806649e3f7e892ba3b8d38f163d9bb Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 11:12:00 2022 -0600 Update readme.md Initial version commit 124d09ab973d57965a14011be1acd5d05feeedef Author: eerus <115032728+eerus@users.noreply.github.com> Date: Thu Dec 8 10:57:08 2022 -0600 Update readme.md Added word Cohesity to the playbook name commit 72ffa6e79eb3f3bee7b6603bc576222d59701120 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:55:55 2022 -0600 Update readme.md Formatting changes commit 63d91a5d6a0351db688cf5442d39c78dcaf76440 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:48:38 2022 -0600 Update readme.md Updated ARM template commit 9778263e071c5813200c46f27fffaebfbcefbd08 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:37:38 2022 -0600 Update readme.md Trying new URI format commit 30630efe42cf7ef46f5af74d7042c5db5f851389 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:30:39 2022 -0600 Update readme.md Changed URI again commit 0622eba625495e163e2b36a249a550728100ab42 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 19:29:04 2022 -0600 Update readme.md Changed URI for ARM template commit 6b33b2525f6df624af25f80762463876ddfdd5d5 Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 7 17:15:05 2022 -0800 obfuscate the values in local.settings.json files. rename cohesity.config to cohesity.json, and update the build.ps1, readme.md. The github/codeql-action/autobuild keeps failing, but DataConnectors/CohesitySecurity/Helios2Sentinel build succeeded, as shown in following log. thus will disable the autobuild work flow. ============================= MSBuild version 17.4.0+18d5aef85 for .NET Determining projects to restore... Restored /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj (in 241 ms). Restored /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj (in 241 ms). /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.cs(65,34): warning CS1998: This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread. [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj] IncidentProducer -> /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/bin/Debug/net6.0/Helios2Sentinel.dll /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(30,32): warning CS0618: 'AuthenticationContext.AcquireTokenAsync(string, ClientCredential)' is obsolete: 'Microsoft.IdentityModel.Clients.ActiveDirectory is deprecated and replaced with Microsoft.Identity.Client. To migrate a daemon application, or service to service flow, see https://aka.ms/adal-to-msal-net/daemon' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(39,51): warning SYSLIB0014: 'WebRequest.Create(Uri)' is obsolete: 'WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] IncidentConsumer -> /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/bin/Debug/net6.0/IncidentConsumer.dll Build succeeded. /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.cs(65,34): warning CS1998: This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread. [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentProducer/IncidentProducer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(30,32): warning CS0618: 'AuthenticationContext.AcquireTokenAsync(string, ClientCredential)' is obsolete: 'Microsoft.IdentityModel.Clients.ActiveDirectory is deprecated and replaced with Microsoft.Identity.Client. To migrate a daemon application, or service to service flow, see https://aka.ms/adal-to-msal-net/daemon' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] /Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs(39,51): warning SYSLIB0014: 'WebRequest.Create(Uri)' is obsolete: 'WebRequest, HttpWebRequest, ServicePoint, and WebClient are obsolete. Use HttpClient instead.' [/Users/ying.huang/workspace/Azure-Sentinel/DataConnectors/CohesitySecurity/Helios2Sentinel/IncidentConsumer/IncidentConsumer.csproj] 3 Warning(s) 0 Error(s) Time Elapsed 00:00:03.65 commit 48a92fa01538c5f9682cf85ec863fee7034db2bc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:56:38 2022 -0600 Update readme.md commit fff7b50eef941fc31baaf0132fabc2a5c8be4580 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:55:03 2022 -0600 Update readme.md URI test commit d9e31f7740e6848b76bb8fb52b23aea4d447717d Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:53:17 2022 -0600 Update readme.md Another link test commit d2c11aa620bfc8f677de973a4781997349e9573c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:49:15 2022 -0600 Update readme.md Another URI test commit 4af3e3078bc46faae5f25ae60db23add4dc64f1e Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:48:19 2022 -0600 Update readme.md Trying different link commit 3137eb24dbd9c65b11d9893f15b749bfacebc503 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:40:02 2022 -0600 Update readme.md Changed URI commit 2483ea6d37e3073fd9af84ece13a9bfacf0efa0b Author: Ying Huang <ying.huang@cohesity.com> Date: Wed Dec 7 13:31:11 2022 -0800 --- ./Solutions/CohesitySecurity/Analytic Rules/RansomwareAlert.yaml --- ./Solutions/CohesitySecurity/Data Connectors/helios_connector.json +++ ./Solutions/CohesitySecurity/Package/createUiDefinition.json +++ ./Solutions/CohesitySecurity/Package/mainTemplate.json update the build script. commit fefdf8cfd2bedde33c8f9e866653cee2a2fd5ee0 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:25:13 2022 -0600 Update readme.md Testing ARM commit 19ec494e83bb4ddbf7f987e89d90597282fdf247 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:18:22 2022 -0600 Update readme.md Corrected playbook description commit 59cd9b5250fb8fe40cf8cba981f426562aadcd90 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:04:28 2022 -0600 Update readme.md Added TBD for package directory commit 66bdab4f47ce3a10b3f9520c8a8a5302a9dc3c7c Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:02:15 2022 -0600 Update readme.md Fixed typos commit cd7ec9fd1da7147aaa9adf3bd9308a44a877ad1f Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 15:00:08 2022 -0600 Update readme.md Minor fixes commit 7ba845641f2ee7eef676988e82f53c221bb4e28a Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:45:22 2022 -0600 Update readme.md Deployment steps corrections commit e6dd9c5fce55658a1ef567f8666252421c922828 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:42:44 2022 -0600 Update readme.md commit 29ca436444bcc5cb2da9df46790533969402d4d5 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:41:33 2022 -0600 Update readme.md Setting ref line commit b1301e2b6ee1513f5c7d6c7fdd02f071279773fa Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:40:34 2022 -0600 Update readme.md Fixing URL again commit 6d7012c1b57ab0232a9963345d2b68d55b1b4639 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:39:11 2022 -0600 Update readme.md Fixing build instructions URL commit 098e27bbf719ed680bbbec1da5698d8fe7e4bbca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:36:40 2022 -0600 Update readme.md Escaped URL commit 61ea1d567270fb2c0056ed766771050165898d27 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:35:11 2022 -0600 Update readme.md Fixed step #1 commit 0d071a0b695060caffdf0a28f00d2dae927fb5ca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:34:04 2022 -0600 Update readme.md Typo commit 028950c162cd7c3fbe21d3f4daeaa980da6be8ca Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:33:26 2022 -0600 Update readme.md Fixed link for the package directory commit 15af0de66deecf90fc0d631300cd031c20174090 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 13:31:25 2022 -0600 Update readme.md Added references to other deployment instructions commit f7e5af2070474d57a0233b238a864e3c37d422dc Author: eerus <115032728+eerus@users.noreply.github.com> Date: Wed Dec 7 11:30:56 2022 -0600 Update readme.md First draft of deployment instructions commit b83e93aea069b80ff535acaa69149e37f900e3da Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:29:02 2022 -0600 Update readme.md commit 372ae3e17ed3e21ec5958a6619071d1a9db96564 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:26:25 2022 -0600 Update readme.md commit e6b15a5793fe2736c42293c3d2d3d7d8af140cd9 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 19:18:30 2022 -0600 Update readme.md Updated link to Azure deployment commit 3447201611a96ce8b4989483c385877b798016a2 Author: eerus <115032728+eerus@users.noreply.github.com> Date: Tue Dec 6 18:56:16 2022 -0600 Update readme.md Added link to the playbook template commit 36c776fd5b20c27ab9b6668c4c12d3ff89621de5 Author: Ying Huang <ying.huang@cohesity.com> Date: Fri Dec 2 15:54:33 2022 -0800 Just initialize this new branch for Cohesity internal collaboration/review.

…s-on Ltipp147/fix analytic rule depends on

…e/Azure-Sentinel into Entity-Work-#5-Diana's-Half

updated AnalyticsRule, fix validations and repackage

…initions corrected solution metadata file

Co-authored-by: jlheard <1328792+jlheard@users.noreply.github.com>

Co-authored-by: RamboV <68921481+RamboV@users.noreply.github.com>

)" This reverts commit 18d71db.

Co-authored-by: nitsan-tzur <153099157+nitsan-tzur@users.noreply.github.com>

This reverts commit 57fef10.

timbMSFT requested a review from zhzhao8888 December 4, 2018 11:42

zhzhao8888 suggested changes Dec 4, 2018

View reviewed changes

per code review

c6a6504

zhzhao8888 approved these changes Dec 4, 2018

View reviewed changes

timbMSFT merged commit 3151d4e into master Dec 5, 2018

philipcampeau mentioned this pull request Aug 14, 2020

Adding WireX Data Connector #901

Closed

shainw deleted the OfficeHunting branch March 16, 2021 16:07

v-jayakal pushed a commit that referenced this pull request Mar 30, 2021

Merge pull request #5 from Azure/master

e6cab59

Bringing up to Date

v-jayakal pushed a commit that referenced this pull request Jun 21, 2021

Merge pull request #5 from Azure/master

37b09b6

Update

NikTripathi pushed a commit that referenced this pull request Mar 4, 2022

Merge pull request #5 from frozenstrawberries/SecurityBridge

10ae3ae

fix issues in logo and workbook

aprakash13 pushed a commit that referenced this pull request Jun 30, 2022

Merge pull request #5 from SecureHats/merge/master

6f91649

merge

NikTripathi pushed a commit that referenced this pull request Jul 22, 2022

Merge pull request #5 from tanium/tanium-add-custom-table-schemas

0385302

added custom table scemas

NikTripathi pushed a commit that referenced this pull request Aug 3, 2022

Merge pull request #5 from darktrace-com/add-preview-images

b018c1b

Add preview images

anki-narravula pushed a commit that referenced this pull request Aug 26, 2022

Merge pull request #5 from socprime/the_hive_update_playbooks2

baf011e

update according to feedback

felickz mentioned this pull request Sep 7, 2022

Sentinel4github Updates #6117

Merged

13 tasks

oshezaf pushed a commit that referenced this pull request Dec 13, 2022

Merge pull request #5 from KustoKing/asim/kustoking/add-registryevent…

f76d951

…-microsoftwindows-events Asim/kustoking/add registryevent microsoftwindows events

v-dvedak pushed a commit that referenced this pull request Aug 2, 2023

Merge pull request #5 from ltipp147/ltipp147/fix-analytic-rule-depend…

10f46cb

…s-on Ltipp147/fix analytic rule depends on

shainw added a commit that referenced this pull request Dec 28, 2023

Merge branch 'master' into Entity-Work-#5-Diana's-Half

72edd5a

shainw added a commit that referenced this pull request Dec 28, 2023

Merge branch 'Entity-Work-#5-Diana's-Half' of https://github.com/Azur…

59f87eb

…e/Azure-Sentinel into Entity-Work-#5-Diana's-Half

v-atulyadav pushed a commit that referenced this pull request Dec 31, 2024

Merge pull request #5 from Samsung/feature-fix-validations

ea4296e

updated AnalyticsRule, fix validations and repackage

v-atulyadav pushed a commit that referenced this pull request May 20, 2025

Merge pull request #5 from prince30121/bugfix/added-missing-param-def…

883c65f

…initions corrected solution metadata file

jlheard added a commit that referenced this pull request Dec 22, 2025

chore: Update Solutions Analyzer CSV files and documentation (#5)

a2d2ffd

Co-authored-by: jlheard <1328792+jlheard@users.noreply.github.com>

v-dvedak pushed a commit that referenced this pull request Jan 22, 2026

chore: Update Solutions Analyzer CSV files and documentation (#5)

18d71db

Co-authored-by: RamboV <68921481+RamboV@users.noreply.github.com>

v-dvedak pushed a commit that referenced this pull request Jan 22, 2026

Revert "chore: Update Solutions Analyzer CSV files and documentation (#5

334af37

)" This reverts commit 18d71db.

v-atulyadav pushed a commit that referenced this pull request Jan 28, 2026

chore: Update Solutions Analyzer CSV files (#5)

57fef10

Co-authored-by: nitsan-tzur <153099157+nitsan-tzur@users.noreply.github.com>

v-atulyadav pushed a commit that referenced this pull request Jan 28, 2026

Revert "chore: Update Solutions Analyzer CSV files (#5)"

28a046e

This reverts commit 57fef10.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add two office hunting queries: the first shows new users created; the second user ids or user agents associated with multiple IPs within a short space of time.#5

Add two office hunting queries: the first shows new users created; the second user ids or user agents associated with multiple IPs within a short space of time.#5
timbMSFT merged 2 commits intomasterfrom
OfficeHunting

timbMSFT commented Dec 4, 2018

Uh oh!

zhzhao8888 left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

timbMSFT commented Dec 4, 2018

Uh oh!

zhzhao8888 left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants