Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Uploaded 5 solutions #11167

Closed
wants to merge 15 commits into from
Closed

Uploaded 5 solutions #11167

wants to merge 15 commits into from

Conversation

InspiraEnterprise
Copy link

@InspiraEnterprise InspiraEnterprise commented Sep 23, 2024
edited
Loading

Change(s):
Uploaded solutions in main

Reason for Change(s):
First version

Version Updated:
Yes

Testing Completed:
Yes

Checked that the validations are passing and have addressed any issues that are present:
yes all validation are passing and no issues find the 5 solutions

@v-prasadboke
Copy link
Contributor

Hello @InspiraEnterprise, Each solution contains only 1 or 2 content. Rather than creating multiple solutions. Can you create one and with all content in it.

To discuss more about this can we get on a call.
Please share your availability and time zone so that we can plan for the same.

You can connect with me on teams as well. - [email protected]

@v-prasadboke v-prasadboke self-assigned this Sep 23, 2024
@v-prasadboke v-prasadboke added the Solution Solution specialty review needed label Sep 23, 2024
@InspiraEnterprise InspiraEnterprise requested a review from a team as a code owner September 23, 2024 12:09
v-prasadboke
v-prasadboke reviewed Sep 24, 2024
View reviewed changes
Solutions/Account_Lockout/Analytic Rules/Account-lockout.yaml
@@ -0,0 +1,76 @@
id: ""
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add id property

Solutions/Account_Lockout/Analytic Rules/Account-lockout.yaml
severity: Medium
status: Available
requiredDataConnectors:
- connectorId: Windows Security Events via AMA
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Connector id is not valid
it should be "WindowsSecurityEvents"

Solutions/Impossible_Travel/Analytic Rules/Impossible-Travel.yaml
@@ -0,0 +1,88 @@
id: ""
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

id should not be empty

Solutions/Impossible_Travel/Analytic Rules/Impossible-Travel.yaml
severity: Medium
status: Available
requiredDataConnectors:
- connectorId: Microsoft Entra ID
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

connector id should be
AzureActiveDirectory

@v-prasadboke
Copy link
Contributor

This is the readme file for Analytic rule. For more clarification you can refer to any of the Rule from the directory
https://github.com/Azure/Azure-Sentinel/blob/master/Detections/readme.md

Documentation for Workbook. For more clarification you can refer to any of the Workbook from the directory
https://github.com/Azure/Azure-Sentinel/blob/master/Workbooks/README.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@v-prasadboke v-prasadboke v-prasadboke left review comments

Assignees

@v-prasadboke v-prasadboke

Labels
Solution Solution specialty review needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@InspiraEnterprise @v-prasadboke