Azure-Sentinel icon indicating copy to clipboard operation
Azure-Sentinel copied to clipboard
verified publisher icon Azure

Creating Network Solution

Open devikamehra opened this issue 3 years ago • 9 comments

Change(s):

  • Creating new solution
  • Moving ASIM Network queries to solution

Reason for Change(s):

  • Adding new solution in domain category

Version Updated:

Checked that the validations are passing and have addressed any issues that are present:

  • Yes, analytical rule ids are to be added

devikamehra avatar Nov 11 '22 11:11 devikamehra

devikamehra could you fix the validations?

v-laanjana avatar Nov 14 '22 05:11 v-laanjana

@devikamehra please fix validation .

v-laanjana avatar Nov 23 '22 05:11 v-laanjana

@devikamehra cloud you please resolve conflicts ?

v-laanjana avatar Nov 25 '22 04:11 v-laanjana

Team, we will check and let you know the update

v-laanjana avatar Nov 30 '22 06:11 v-laanjana

@devikamehra can you please update? .if we can merge .

v-laanjana avatar Dec 07 '22 04:12 v-laanjana

@shainw : those are unfortunately warnings that LA is (wrongly) issuing on ASIM parsers, and we need to live with them for now. The message are related to the use of union isfuzzy=true. Even though this mode should suppress warnings on union branches that fail, some failures are still reported with this generic message. I am working with LA on removing those. The query does return correct results with the warning if there are any, so the detection works.

Tagging @devikamehra

oshezaf avatar Dec 07 '22 05:12 oshezaf

@devikamehra can we merge?

v-laanjana avatar Dec 09 '22 05:12 v-laanjana

@devikamehra please fix conflicts .

v-laanjana avatar Dec 16 '22 06:12 v-laanjana

@devikamehra Could you please look. we have some conflicts .

v-laanjana avatar Dec 19 '22 04:12 v-laanjana

@v-laanjana Can you please help with failing validations. There seems to be issues with queries outside the scope of this PR. Let me know in case I should be making any changes in skipValidation files.

devikamehra avatar Feb 09 '23 05:02 devikamehra

Hi @devikamehra We are looking into this will update you shortly, Thanks.

v-vdixit avatar Feb 15 '23 04:02 v-vdixit

@devikamehra, can you please revert the changes done in skip validation file?

v-sabiraj avatar Feb 15 '23 13:02 v-sabiraj

@devikamehra, please revert changes from tools folder.

v-sabiraj avatar Feb 15 '23 13:02 v-sabiraj

Hi @devikamehra, please revert changes from tools folder.

v-atulyadav avatar Mar 03 '23 04:03 v-atulyadav

All required changes are made. @v-sabiraj What changes are required in skip list?

devikamehra avatar Mar 03 '23 06:03 devikamehra

Hey @shainw, the validations are now fixed, can you please check on the other things and approve this, thanks.

v-sabiraj avatar Mar 13 '23 04:03 v-sabiraj

Hi @devikamehra please resolve conflicts in PR

v-vdixit avatar Mar 15 '23 04:03 v-vdixit