Skip to content

Commit

Permalink
Merge pull request #11798 from emerson-defensepoint/master
Browse files Browse the repository at this point in the history 
Adjust SecurityBridge contact and support
  • Loading branch information
@v-prasadboke
v-prasadboke authored Feb 14, 2025
2 parents 702aa53 + 2bc3bec commit bf6f9ca
Show file tree
Hide file tree
Showing 9 changed files with 69 additions and 64 deletions.
4 changes: 2 additions & 2 deletions Solutions/SecurityBridge App/Analytical Rules/CriticalEventTriggered.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,6 @@ entityMappings:
- entityType: Host
fieldMappings:
- identifier: HostName
columnName: Computer
columnName: dvchost
version: 1.0.4
kind: Scheduled
kind: Scheduled
2 changes: 1 addition & 1 deletion Solutions/SecurityBridge App/Data Connectors/Connector_SecurityBridge.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,4 +165,4 @@
"instructions": []
}
]
}
}
8 changes: 4 additions & 4 deletions Solutions/SecurityBridge App/Data/Solution_SecurityBridgeSAP.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"Name": "SecurityBridge App",
"Author": "Christoph Nagy - christoph.nagy@securitybridge.com",
"Author": "SecurityBridge - support@securitybridge.com",
"Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/SecurityBridgeLogo-Vector-TM_75x75.svg\" width=\"75px\" height=\"75px\">",
"Description": "The [SecurityBridge App](https://securitybridge.com/) solution provides the capability to ingest SecurityBridge Threat Detection events from all on-premise and cloud based SAP instances into Microsoft Sentinel.\n\nThis solution is dependent on the Custom logs via AMA connector to collect the logs. The Custom logs solution will be installed as part of this solution installation. \n\n **NOTE**: Microsoft recommends installation of Custom logs via AMA Connector. Legacy connector uses the Log Analytics agent which were deprecated on **Aug 31, 2024.** Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/azure/sentinel/ama-migrate?WT.mc_id=Portal-fx).",
"Workbooks": [
Expand All @@ -15,8 +15,8 @@
"dependentDomainSolutionIds": [
"azuresentinel.azure-sentinel-solution-customlogsviaama"
],
"BasePath": "https://raw.githubusercontent.com/frozenstrawberries/Azure-Sentinel/master/Solutions/SecurityBridge/",
"Version": "3.0.1",
"BasePath": "https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/SecurityBridge%20App/",
"Version": "3.1.0",
"Metadata": "SolutionMetadata.json",
"TemplateSpec": true
}
}
Binary file added Solutions/SecurityBridge App/Package/3.1.0.zip
View file
Binary file not shown.
77 changes: 38 additions & 39 deletions Solutions/SecurityBridge App/Package/mainTemplate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"author": "Christoph Nagy - christoph.nagy@securitybridge.com",
"author": "SecurityBridge - support@securitybridge.com",
"comments": "Solution template for SecurityBridge App"
},
"parameters": {
Expand Down Expand Up @@ -38,10 +38,10 @@
}
},
"variables": {
"email": "christoph.nagy@securitybridge.com",
"email": "support@securitybridge.com",
"_email": "[variables('email')]",
"_solutionName": "SecurityBridge App",
"_solutionVersion": "3.0.1",
"_solutionVersion": "3.1.0",
"solutionId": "securitybridge1647511278080.securitybridge-sentinel-app-1",
"_solutionId": "[variables('solutionId')]",
"workbookVersion1": "1.0.0",
Expand Down Expand Up @@ -77,7 +77,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "SecurityBridgeThreatDetectionforSAP Workbook with template version 3.0.1",
"description": "SecurityBridgeThreatDetectionforSAP Workbook with template version 3.1.0",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('workbookVersion1')]",
Expand Down Expand Up @@ -117,13 +117,13 @@
"sourceId": "[variables('_solutionId')]"
},
"author": {
"name": "Christoph Nagy",
"name": "SecurityBridge",
"email": "[variables('_email')]"
},
"support": {
"name": "Christoph Nagy",
"email": "[email protected]",
"tier": "Partner",
"name": "SecurityBridge",
"email": "[email protected]",
"link": "https://securitybridge.com/contact/"
},
"dependencies": {
Expand All @@ -134,7 +134,7 @@
"kind": "DataType"
},
{
"contentId": "SecurityBridgeSAP",
"contentId": "CustomLogsAma",
"kind": "DataConnector"
}
]
Expand Down Expand Up @@ -165,7 +165,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "CriticalEventTriggered_AnalyticalRules Analytics Rule with template version 3.0.1",
"description": "CriticalEventTriggered_AnalyticalRules Analytics Rule with template version 3.1.0",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]",
Expand Down Expand Up @@ -193,10 +193,10 @@
"status": "Available",
"requiredDataConnectors": [
{
"connectorId": "CustomLogsAma",
"datatypes": [
"SecurityBridgeLogs_CL"
],
"connectorId": "CustomLogsAma"
]
}
],
"tactics": [
Expand All @@ -207,31 +207,31 @@
],
"entityMappings": [
{
"entityType": "Account",
"fieldMappings": [
{
"columnName": "maincontact",
"identifier": "Name"
"identifier": "Name",
"columnName": "maincontact"
}
],
"entityType": "Account"
]
},
{
"entityType": "Host",
"fieldMappings": [
{
"columnName": "dhost",
"identifier": "HostName"
"identifier": "HostName",
"columnName": "dhost"
}
],
"entityType": "Host"
]
},
{
"entityType": "Host",
"fieldMappings": [
{
"columnName": "Computer",
"identifier": "HostName"
"identifier": "HostName",
"columnName": "dvchost"
}
],
"entityType": "Host"
]
}
]
}
Expand All @@ -252,13 +252,13 @@
"sourceId": "[variables('_solutionId')]"
},
"author": {
"name": "Christoph Nagy",
"name": "SecurityBridge",
"email": "[variables('_email')]"
},
"support": {
"name": "Christoph Nagy",
"email": "[email protected]",
"tier": "Partner",
"name": "SecurityBridge",
"email": "[email protected]",
"link": "https://securitybridge.com/contact/"
}
}
Expand Down Expand Up @@ -287,7 +287,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "SecurityBridgeLogs Data Parser with template version 3.0.1",
"description": "SecurityBridgeLogs Data Parser with template version 3.1.0",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('parserObject1').parserVersion1]",
Expand Down Expand Up @@ -333,13 +333,13 @@
"sourceId": "[variables('_solutionId')]"
},
"author": {
"name": "Christoph Nagy",
"name": "SecurityBridge",
"email": "[variables('_email')]"
},
"support": {
"name": "Christoph Nagy",
"email": "[email protected]",
"tier": "Partner",
"name": "SecurityBridge",
"email": "[email protected]",
"link": "https://securitybridge.com/contact/"
}
}
Expand Down Expand Up @@ -399,13 +399,13 @@
"sourceId": "[variables('_solutionId')]"
},
"author": {
"name": "Christoph Nagy",
"name": "SecurityBridge",
"email": "[variables('_email')]"
},
"support": {
"name": "Christoph Nagy",
"email": "[email protected]",
"tier": "Partner",
"name": "SecurityBridge",
"email": "[email protected]",
"link": "https://securitybridge.com/contact/"
}
}
Expand All @@ -415,11 +415,11 @@
"apiVersion": "2023-04-01-preview",
"location": "[parameters('workspace-location')]",
"properties": {
"version": "3.0.1",
"version": "3.1.0",
"kind": "Solution",
"contentSchemaVersion": "3.0.0",
"displayName": "SecurityBridge App",
"publisherDisplayName": "Christoph Nagy",
"publisherDisplayName": "SecurityBridge",
"descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/SecurityBridge%20App/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p>The <a href=\"https://securitybridge.com/\">SecurityBridge App</a> solution provides the capability to ingest SecurityBridge Threat Detection events from all on-premise and cloud based SAP instances into Microsoft Sentinel.</p>\n<p>This solution is dependent on the Custom logs via AMA connector to collect the logs. The Custom logs solution will be installed as part of this solution installation.</p>\n<p><strong>NOTE</strong>: Microsoft recommends installation of Custom logs via AMA Connector. Legacy connector uses the Log Analytics agent which were deprecated on <strong>Aug 31, 2024.</strong> Using MMA and AMA on same machine can cause log duplication and extra ingestion cost <a href=\"https://learn.microsoft.com/azure/sentinel/ama-migrate?WT.mc_id=Portal-fx\">more details</a>.</p>\n<p><strong>Parsers:</strong> 1, <strong>Workbooks:</strong> 1, <strong>Analytic Rules:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
"contentKind": "Solution",
"contentProductId": "[variables('_solutioncontentProductId')]",
Expand All @@ -433,12 +433,12 @@
"sourceId": "[variables('_solutionId')]"
},
"author": {
"name": "Christoph Nagy",
"name": "SecurityBridge",
"email": "[variables('_email')]"
},
"support": {
"name": "Christoph Nagy",
"email": "christoph.nagy@securitybridge.com",
"name": "SecurityBridge",
"email": "support@securitybridge.com",
"tier": "Partner",
"link": "https://securitybridge.com/contact/"
},
Expand Down Expand Up @@ -466,7 +466,6 @@
]
},
"firstPublishDate": "2022-02-17",
"lastPublishDate": "2022-02-17",
"providers": [
"SecurityBridge"
],
Expand Down
2 changes: 1 addition & 1 deletion Solutions/SecurityBridge App/Parsers/SecurityBridgeLogs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,4 @@ FunctionQuery: |
SAPinstallationnumber = tostring(replace_string(tostring(split(split(RawData, "SAPinstallationnumber=")[1], "=")[0]), tostring(split(split(split(RawData, "SAPinstallationnumber=")[1], "=")[0], " ")[-1]), "")),
SAPhost = tostring(replace_string(tostring(split(split(RawData, "SAPhost=")[1], "=")[0]), tostring(split(split(split(RawData, "SAPhost=")[1], "=")[0], " ")[-1]), "")),
Severity = case(toint(Severity) < 3, "Low", toint(Severity) < 7, "Medium", toint(Severity) < 9, "High", toint(Severity) >= 9, "Critical", "None"),
maincontact = split(split(["Main contact area of responsibility"], ',')[-1], ' ')[2]
maincontact = split(split(["Main contact area of responsibility"], ',')[-1], ' ')[2]
1 change: 1 addition & 0 deletions Solutions/SecurityBridge App/ReleaseNotes.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|-------------|--------------------------------|-----------------------------------------|
| 3.1.0 | 12-02-2025 | Adjusted contact and support |
| 3.0.1 | 07-01-2025 | Removed Deprecated **Data connector** |
| 3.0.0 | 08-08-2024 | Deprecating data connectors |
37 changes: 21 additions & 16 deletions Solutions/SecurityBridge App/SolutionMetadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,22 @@
{
"publisherId": "securitybridge1647511278080",
"offerId": "securitybridge-sentinel-app-1",
"firstPublishDate": "2022-02-17",
"lastPublishDate": "2022-02-17",
"providers": ["SecurityBridge"],
"categories": {
"domains" : ["Security - Network"],
"verticals": ["Finance"]
},
"support": {
"name": "Christoph Nagy",
"email": "[email protected]",
"tier": "Partner",
"link": "https://securitybridge.com/contact/"
}
}
"publisherId": "securitybridge1647511278080",
"offerId": "securitybridge-sentinel-app-1",
"firstPublishDate": "2022-02-17",
"providers": [
"SecurityBridge"
],
"categories": {
"domains": [
"Security - Network"
],
"verticals": [
"Finance"
]
},
"support": {
"tier": "Partner",
"name": "SecurityBridge",
"email": "[email protected]",
"link": "https://securitybridge.com/contact/"
}
}
2 changes: 1 addition & 1 deletion Solutions/SecurityBridge App/Workbooks/SecurityBridgeThreatDetectionforSAP.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -796,4 +796,4 @@
],
"fromTemplateId": "sentinel-SecurityBridge",
"$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json"
}
}

0 comments on commit bf6f9ca

Please sign in to comment.