Azure-Sentinel icon indicating copy to clipboard operation
Azure-Sentinel copied to clipboard
verified publisher icon Azure

Added solution for Vectra Cloud

Open dhruvilbhatt-crest opened this issue 2 years ago • 7 comments

Required items, please complete

Change(s):

  • Added Vectra Cloud Solution for certification

Reason for Change(s):

  • New Product

Version Updated:

  • Initial Version

Testing Completed:

  • Yes

Checked that the validations are passing and have addressed any issues that are present:

  • Yes

dhruvilbhatt-crest avatar Apr 04 '23 14:04 dhruvilbhatt-crest

@microsoft-github-policy-service agree company="Vectra"

dhruvilbhatt-crest avatar Apr 10 '23 06:04 dhruvilbhatt-crest

Hello @dhruvilbhatt-crest please go through the above comment and clear merge conflicts

v-prasadboke avatar Apr 11 '23 13:04 v-prasadboke

Hello @devikamehra and @oshezaf author has made the changes

v-prasadboke avatar Apr 18 '23 13:04 v-prasadboke

Hello @devikamehra any updates on this

v-prasadboke avatar Apr 25 '23 11:04 v-prasadboke

Hello @devikamehra waiting for your updates

v-prasadboke avatar Apr 27 '23 10:04 v-prasadboke

Hello @dhruvilbhatt-crest please remove branch conflicts as well

v-prasadboke avatar May 03 '23 05:05 v-prasadboke

@v-prasadboke @devikamehra All the comments have been addressed and the merge conflict is resolved.

dhruvilbhatt-crest avatar May 03 '23 09:05 dhruvilbhatt-crest

Hello @devikamehra waiting for your approval

v-prasadboke avatar May 05 '23 05:05 v-prasadboke

@v-prasadboke I am working on adding required fields to test scenarios and will approve post that. @dhruvilbhatt-crest Not necessary, but a suggestion. Can we add EventSeverity based on EventResult field.

devikamehra avatar May 08 '23 07:05 devikamehra

Thank you @devikamehra

v-prasadboke avatar May 09 '23 11:05 v-prasadboke

Hi @devikamehra ,

Thank you for your suggestion, but we discussed it internally, and we didn't find this useful. We will keep this in mind in the future.

dhruvilbhatt-crest avatar May 09 '23 13:05 dhruvilbhatt-crest

@devikamehra @v-prasadboke All the comments have been addressed. Do we have any updates on this?

dhruvilbhatt-crest avatar May 12 '23 07:05 dhruvilbhatt-crest

Also please update the api version of Microsoft.Resources/templateSpecs - 2021-05-01 to 2022-02-01. And the create ui and maintemplate inside the zip package and outside the zip should be identical. After the change please update the zip as well

v-prasadboke avatar May 15 '23 11:05 v-prasadboke

Hello @dhruvilbhatt-crest lookin in it

v-prasadboke avatar May 18 '23 16:05 v-prasadboke

@v-prasadboke @devikamehra Do we have any update here?

dhruvilbhatt-crest avatar May 23 '23 12:05 dhruvilbhatt-crest

@dhruvilbhatt-crest There is a PR pending to be merged for whitelisting the required strings in tests https://github.com/Azure/Azure-Sentinel/pull/8047

devikamehra avatar May 24 '23 08:05 devikamehra

@devikamehra Since the PR #8047 is merged, can you approve this if nothing is pending for review?

dhruvilbhatt-crest avatar May 29 '23 10:05 dhruvilbhatt-crest

@v-prasadboke @devikamehra Any updates on this PR?

dhruvilbhatt-crest avatar May 31 '23 05:05 dhruvilbhatt-crest

Hi @v-prasadboke @devikamehra,

Can we have some updates here?

dhruvilbhatt-crest avatar Jun 02 '23 09:06 dhruvilbhatt-crest

Thanks for confirming Devika.

@v-prasadboke Can you provide approval if it's reviewed?

dhruvilbhatt-crest avatar Jun 05 '23 10:06 dhruvilbhatt-crest

Hello @dhruvilbhatt-crest ,Just to make sure the workbook images you have added are working right??

And Please update the api version of maintemplate. After the updating the api version please update the zip with the latest create ui and maintemplate, This is the only change requested other than this everything looks good.

v-prasadboke avatar Jun 06 '23 12:06 v-prasadboke

@v-prasadboke Yes, the images are working. Also, the API version has been updated in the maintemplate and zip file.

dhruvilbhatt-crest avatar Jun 06 '23 12:06 dhruvilbhatt-crest

@v-prasadboke Are we good to merge this PR? Customers are eagerly waiting on this.

dhruvilbhatt-crest avatar Jun 09 '23 05:06 dhruvilbhatt-crest

@v-prasadboke Are we good to merge this PR? Customers are eagerly waiting on this.

Hello @dhruvilbhatt-crest looks like you still havent updated the API version, please update the api version of Microsoft.OperationalInsights/workspaces/savedSearches which is 2021-06-01 and replace it with 2022-10-01

v-prasadboke avatar Jun 09 '23 05:06 v-prasadboke

After updating the main template please update the zip with the latest maintemplate and createui

v-prasadboke avatar Jun 09 '23 05:06 v-prasadboke

Hello @dhruvilbhatt-crest please update the api version in maintemplate

v-prasadboke avatar Jun 09 '23 09:06 v-prasadboke

@v-prasadboke Updated the API version. Let me know if we are good to merge this or what all changes are required to get this merged.

dhruvilbhatt-crest avatar Jun 12 '23 06:06 dhruvilbhatt-crest

Hello @dhruvilbhatt-crest please add the workbook metadata in the ' workbookmetadata ' file in the given path. https://github.com/Azure/Azure-Sentinel/blob/master/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json

v-prasadboke avatar Jun 13 '23 06:06 v-prasadboke

@v-prasadboke Updated the workbook metadata.

dhruvilbhatt-crest avatar Jun 15 '23 13:06 dhruvilbhatt-crest

@v-prasadboke Any update on the PR?

dhruvilbhatt-crest avatar Jun 19 '23 05:06 dhruvilbhatt-crest