-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Sophos Endpoint Data Connector via CCP #9838
Conversation
…dpointconnector-ccp Update Sophos Endpoint Connector via ccp
…dpointconnector-ccp Update Sophos Endpoint Data Connector - ccp
Hello @joanabmartins, Thanks for raising this PR. This PR will be investigated and we will update you about the same before 02 February, 2024. |
…dpointconnector-ccp Adding tables to .script/tests/KqlvalidationsTests/CustomTables
@v-prasadboke thank you. I've just added both tables SophosEPEvents_CL and SophosEPAlerts_CL |
Hello @joanabmartins, Trying to resolve validation errors. Will get back to you by 06 February, 2024. |
Hello @joanabmartins, create a custom table schema with name SophosEPEvent.json at the location |
Hi @v-prasadboke I'm not sure if I understand what you are asking me. I've already committed both custom tables to that location 0185777#diff-355c3a73d521e1aaca14f35fcfb04a9079449d3de241604e048592781958d3c1 per your previous ask. |
We need one custom table named after parser name. |
…dpointconnector-ccp Add files via upload
@v-prasadboke thank you for clarifying! I just added that table (i'm sorry I should have given a better name for the commit ) |
Hello @joanabmartins, can you provide sample data to test the content of the solution. |
@v-prasadboke what do you mean by sample data? sample logs? or credentials so sign-in to sophos to test the connector? I'm fine either way. Should I email that to you? Thank you |
you can share the credentials and sample log over email |
@v-prasadboke great, i just shared both through email. Thank you |
Hello @joanabmartins, Thanks for sharing the credentials and sample data. I'll test the content and come back to you by 14 February, 2024. |
Hello @joanabmartins, we are facing issue while running the Data connector. Connect button doesn't appear on the connector page. We are trying to resolve the issue |
By mistake I included the workday connector PR in this one, but we have corrected it, that is why there is a force-pushed. It is all good now :) |
Thanks @joanabmartins for the update. We will get back to you regarding Data connector button issue. |
Packaging tool didn't convert the sophostenantid parameter to a parameter, so I manually added it in maintTemplate. I also deleted the authorizationcode parameter, which was added automatically through the packaging tool - the authentication is oauth through client credentials it doesn't require authorization code
Change(s):
Reason for Change(s):
Version Updated:
N/A
Testing Completed:
Need help ; connector and parser were tested, but I haven't tested them after packaging the solution. There was 1 error after packaging, related with IDs. I'm available for further explanation ms alias: joamar
Checked that the validations are passing and have addressed any issues that are present:
No