Workbook Standalone

Tools/Create-Azure-Sentinel-Solution/input/Solution_Account_Lockout.json

@@ -0,0 +1,17 @@
+{
+    "Name": "Account_Lockout",
+    "Author": "InspiraEnterprise",
+    "Logo": "",
+    "Description": "This Kusto Query Language (KQL) script is designed to analyze account lockout events (EventID 4740) over the last 5 working days, focusing on specific working hours (8 PM to 8 AM) in the US/Pacific time zone. The objective is to identify and highlight potential security anomalies where the frequency of lockouts exceeds the normal rate.",
+
+
+    "Analytic Rules": [
+    "Analytic Rules/Account-Lockout.yaml"
+  ],
+
+    "BasePath": "https://raw.githubusercontent.com/InspiraEnterprise/Azure/Azure-Sentinel/master/Solutions/Account_Lockout",
+    "Version": "1.0.0", 
+    "Metadata": "SolutionMetadata.json",
+    "TemplateSpec": true
+
+  }

Tools/Create-Azure-Sentinel-Solution/input/Solution_Data_Latency.json

@@ -0,0 +1,18 @@
+{
+    "Name": "Data_Latency",
+    "Author": "InspiraEnterprise",
+    "Logo": "",
+    "Description": "The Latency Details workbook offers a comprehensive view of latency across data connectors and log sources. It shows the timestamp of the last data received and calculates the time elapsed since the last ingestion for each data source, covering both Windows and Linux machines, enabling efficient monitoring and troubleshooting of data flow",
+    "WorkbookBladeDescription": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences.",
+
+
+    "Workbooks": [
+      "Workbooks/Data_Latency_Workbook.json"
+    ],
+
+    "BasePath": "https://raw.githubusercontent.com/InspiraEnterprise/Azure/Azure-Sentinel/master/Solutions/Data_Latency",
+    "Version": "1.0.0", 
+    "Metadata": "SolutionMetadata.json",
+    "TemplateSpec": true
+
+  }

Tools/Create-Azure-Sentinel-Solution/input/Solution_Impossible_Travel.json

@@ -0,0 +1,17 @@
+{
+    "Name": "Impossible_Travel",
+    "Author": "InspiraEnterprise",
+    "Logo": "",
+    "Description": "Impossible Travel Kusto Query Language (KQL) script is designed to analyze sign-in logs to detect potential anomalous activity by calculating the speed of travel between login locations. It filters out logs at excessively high speeds, which may indicate suspicious behavior.",
+
+
+    "Analytic Rules": [
+    "Analytic Rules/Impossible-Travel.yaml"
+  ],
+
+    "BasePath": "https://raw.githubusercontent.com/InspiraEnterprise/Azure/Azure-Sentinel/master/Solutions/Impossible_Travel",
+    "Version": "1.0.0", 
+    "Metadata": "SolutionMetadata.json",
+    "TemplateSpec": true
+
+  }

Tools/Create-Azure-Sentinel-Solution/input/Solution_Syslog_Bifurcation.json

@@ -0,0 +1,18 @@
+{
+    "Name": "Syslog_Bifurcation",
+    "Author": "InspiraEnterprise",
+    "Logo": "",
+    "Description": "The Data Ingestion Comparison Hourly workbook offers a comprehensive view of ingested data, presenting the total data volume and ingestion amounts in GB, categorized by each hour. This breakdown helps in monitoring and comparing data ingestion trends over time, ensuring visibility into hourly ingestion patterns and potential anomalies.",
+    "WorkbookBladeDescription": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences.",
+
+
+    "Workbooks": [
+      "Workbooks/Syslog-Bifurcation.json"
+    ],
+
+    "BasePath": "https://raw.githubusercontent.com/InspiraEnterprise/Azure/Azure-Sentinel/master/Solutions/Syslog-Bifurcation",
+    "Version": "1.0.0", 
+    "Metadata": "SolutionMetadata.json",
+    "TemplateSpec": true
+
+  }

Tools/Create-Azure-Sentinel-Solution/input/Solution_User_Analytics.json

@@ -0,0 +1,18 @@
+{
+    "Name": "User_Analytics",
+    "Author": "InspiraEnterprise",
+    "Logo": "",
+    "Description": "The User Analytics Workbook is designed to provide a comprehensive overview of individual user activities and attributes within your organization. This custom solution aggregates and visualizes critical data related to users, including their group memberships, personal information, sign-in activities, recently assigned roles, behaviour analysis, assigned Entra ID (Formerly known as Active Directory (AD)) roles, risk status, and any recent incidents associated with the user.",
+    "WorkbookBladeDescription": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences.",
+
+
+    "Workbooks": [
+      "Workbooks/User_Analytics_Workbook.json"
+    ],
+
+    "BasePath": "https://raw.githubusercontent.com/InspiraEnterprise/Azure/Azure-Sentinel/master/Solutions/User_Analytics",
+    "Version": "1.0.0", 
+    "Metadata": "SolutionMetadata.json",
+    "TemplateSpec": true
+
+  }