Repackage - Digital Guardian Data Loss Prevention

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianClassifiedDataInsecureTransfer.yaml

@@ -5,9 +5,6 @@ description: |
 severity: Medium
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -34,5 +31,5 @@ entityMappings:
     fieldMappings:
       - identifier: Address
         columnName: IPCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianExfiltrationOverDNS.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -28,5 +25,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianExfiltrationToFileShareServices.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -32,5 +29,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianFileSentToExternal.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -35,5 +32,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianFileSentToExternalDomain.yaml

@@ -5,9 +5,6 @@ description: |
 severity: Medium
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -34,5 +31,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianFilesSentToExternalDomain.yaml

@@ -5,9 +5,6 @@ description: |
 severity: Medium
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -37,5 +34,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianMultipleIncidentsFromUser.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -31,5 +28,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianPossibleProtocolAbuse.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -29,5 +26,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianUnexpectedProtocol.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -28,5 +25,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianViolationNotBlocked.yaml

@@ -5,9 +5,6 @@ description: |
 severity: High
 status: Available
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog
@@ -31,5 +28,5 @@ entityMappings:
     fieldMappings:
       - identifier: Name
         columnName: AccountCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

Solutions/Digital Guardian Data Loss Prevention/Data/Solution_DigitalGuardianDLP.json

@@ -2,7 +2,7 @@
   "Name": "Digital Guardian Data Loss Prevention",
   "Author": "Microsoft - support@microsoft.com",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "The [Digital Guardian Data Loss Prevention (DLP)](https://digitalguardian.com/platform-overview) data connector provides the capability to ingest Digital Guardian DLP logs into Microsoft Sentinel.\n\n This solution is dependent on the Syslog solution containing the Syslog via AMA connector to collect the logs. The Syslog solution will be installed as part of this solution installation. \n\n **NOTE**: Microsoft recommends installation of Syslog via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024**. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
+  "Description": "The [Digital Guardian Data Loss Prevention (DLP)](https://digitalguardian.com/platform-overview) data connector provides the capability to ingest Digital Guardian DLP logs into Microsoft Sentinel.\n\n This solution is dependent on the Syslog solution containing the Syslog via AMA connector to collect the logs. The Syslog solution will be installed as part of this solution installation. \n\n **NOTE**: Microsoft recommends installation of Syslog via AMA Connector.Legacy connector uses the Log Analytics agent which were deprecated on **Aug 31, 2024.** Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
   "Workbooks": [
     "Workbooks/DigitalGuardian.json"
   ],
@@ -33,15 +33,12 @@
  "Parsers": [
     "Parsers/DigitalGuardianDLPEvent.yaml"
   ],
-  "Data Connectors": [
-    "Data Connectors/Connector_DigitalGuardian_Syslog.json"
-  ],
   "dependentDomainSolutionIds": [
     "azuresentinel.azure-sentinel-solution-syslog"
   ],
   "Metadata": "SolutionMetadata.json",
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\DigitalGuardianDLP",
-  "Version": "3.0.1",
+  "Version": "3.0.2",
   "TemplateSpec": true,
   "Is1PConnector": false
 }

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianDomains.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for incident domains.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianFilesSentByUsers.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for files sent by users.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianIncidentsByUser.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for users' incidents.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianInsecureProtocolSources.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for insecure file transfer sources.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianInspectedFiles.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for inspected files.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianNewIncidents.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for new incidents.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianRareDestinationPorts.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for rare destination ports.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianRareNetworkProtocols.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches rare network protocols.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianRareUrls.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for rare Urls.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog

Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianUrlByUser.yaml

@@ -4,9 +4,6 @@ description: |
   'Query searches for URLs used.'
 severity: Medium
 requiredDataConnectors:
-  - connectorId: DigitalGuardianDLP
-    dataTypes:
-      - DigitalGuardianDLPEvent
   - connectorId: SyslogAma
     datatypes:
       - Syslog