Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

VMware SD-WAN and SASE Solution v1.0.0 #9750

Merged
merged 47 commits into from
Mar 14, 2024
Merged

VMware SD-WAN and SASE Solution v1.0.0 #9750

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
47 commits
Select commit Hold shift + click to select a range
237f6bf
Added Solution: VMware SASE and SD-WAN
stlaszlo Nov 26, 2023
2742f00
Update azuredeploy.json
stlaszlo Nov 26, 2023
38228e2
Create README.md
stlaszlo Nov 26, 2023
f0bf973
Merge branch 'Azure:master' into master
stlaszlo Nov 30, 2023
5e21b71
Update README.md
stlaszlo Nov 30, 2023
f7a92b4
Update README.md
stlaszlo Nov 30, 2023
fbb511a
Update azuredeploy.json
stlaszlo Nov 30, 2023
b273b3e
Merge branch 'Azure:master' into master
stlaszlo Dec 11, 2023
60787a6
VMware SASE Connector RC1 Ready for PR
stlaszlo Dec 11, 2023
2eb3276
Update README.md
stlaszlo Dec 11, 2023
c02d525
Azure Pipeline Fixes
stlaszlo Dec 11, 2023
431756b
Merge branch 'master' of https://github.com/stlaszlo/Azure-Sentinel
stlaszlo Dec 11, 2023
aa17c1c
Logo and Custom Table Fixes
stlaszlo Dec 11, 2023
0355307
Analytic Rule changes
stlaszlo Dec 11, 2023
7e79d5d
Analytic Rule updates
stlaszlo Dec 11, 2023
a3dac1c
Updated CWS Analytics Rule
stlaszlo Dec 11, 2023
51d478f
Fixed YAML for Rule
stlaszlo Dec 11, 2023
3d35852
Fixed CWS Rule
stlaszlo Dec 11, 2023
3d819df
Removed FileHash entity map from CWS Rule
stlaszlo Dec 11, 2023
c9bf900
Added Solution Metadata and input file
stlaszlo Dec 14, 2023
56a941f
Merge branch 'Azure:master' into master
stlaszlo Dec 15, 2023
a64fc20
Merge branch 'Azure:master' into master
stlaszlo Dec 27, 2023
48cacc3
Code QL updates
stlaszlo Dec 27, 2023
74cdfc2
Merge branch 'master' into pr/9588
v-prasadboke Dec 28, 2023
41d7f88
Merge branch 'master' of https://github.com/stlaszlo/Azure-Sentinel
stlaszlo Dec 28, 2023
476ab9f
Updated directory structure, archive, and connector file
stlaszlo Jan 10, 2024
1035a6e
Merge branch 'master' of https://github.com/stlaszlo/Azure-Sentinel
stlaszlo Jan 10, 2024
0722fdb
Merge branch 'Azure:master' into master
stlaszlo Jan 16, 2024
2baaaa8
Merge branch 'Azure:master' into master
stlaszlo Jan 17, 2024
dce5512
Workbook Updates
stlaszlo Jan 17, 2024
588b59f
Workbook and Analytics Rule fixes
stlaszlo Jan 17, 2024
5e2354d
Minor Workbook fixes
stlaszlo Jan 17, 2024
a64c1a5
Preview image location fix
stlaszlo Jan 17, 2024
2971784
fixed preview image filename
stlaszlo Jan 17, 2024
9f1accb
Merge branch 'master' into pr/9588
v-prasadboke Feb 1, 2024
1693785
Merge branch 'Azure:master' into master
stlaszlo Feb 19, 2024
c9329f7
Updated support & python pkg version
stlaszlo Feb 19, 2024
f690537
Merge branch 'master' into pr/9588
v-prasadboke Feb 22, 2024
ddf7b9a
Washed commit
v-prasadboke Feb 22, 2024
16a8921
Update vmw_sdwan_sase_funcapp.zip
v-prasadboke Feb 22, 2024
0883c6f
Solution repackaged
v-prasadboke Feb 27, 2024
873a96f
arm ttk resolved
v-prasadboke Feb 27, 2024
46e3f83
Hunting query aded
v-prasadboke Feb 27, 2024
5d52a87
Merge branch 'master' of https://github.com/stlaszlo/Azure-Sentinel
stlaszlo Mar 6, 2024
6a30a09
Analytics Rules Fixed
stlaszlo Mar 6, 2024
2bdfd2f
arm ttk resolved
v-prasadboke Mar 13, 2024
893e3ea
solution packaged
v-prasadboke Mar 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
85 changes: 85 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomTables/VMware_CWS_DLPLogs_CL.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
{
"Name":"VMware_CWS_DLPLogs_CL",
"Properties":[
{
"name": "action",
"type": "string"
},
{
"name": "alerted",
"type": "string"
},
{
"name": "ccl",
"type": "dynamic"
},
{
"name": "domain",
"type": "string"
},
{
"name": "dstUrl",
"type": "string"
},
{
"name": "eventId",
"type": "string"
},
{
"name": "eventTime",
"type": "datetime"
},
{
"name": "filename",
"type": "string"
},
{
"name": "fileType",
"type": "string"
},
{
"name": "protocol",
"type": "string"
},
{
"name": "requestType",
"type": "string"
},
{
"name": "ruleId",
"type": "string"
},
{
"name": "ruleName",
"type": "string"
},
{
"name": "sha256",
"type": "string"
},
{
"name": "srcUrl",
"type": "string"
},
{
"name": "status",
"type": "string"
},
{
"name": "streamName",
"type": "string"
},
{
"name": "userId",
"type": "string"
},
{
"name": "userInput",
"type": "string"
},
{
"name": "TimeGenerated",
"type": "datetime"
}
]
}
29 changes: 29 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomTables/VMware_CWS_Health_CL.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
{
"Name":"VMware_CWS_Health_CL",
"Properties":[
{
"name": "cws_component",
"type": "string"
},
{
"name": "healthtest_observed_unit",
"type": "string"
},
{
"name": "healthtest_observed_value",
"type": "int"
},
{
"name": "healthtest_status",
"type": "string"
},
{
"name": "healthtest_timestamp",
"type": "datetime"
},
{
"name": "TimeGenerated",
"type": "datetime"
}
]
}
197 changes: 197 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomTables/VMware_CWS_Weblogs_CL.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,197 @@
{
"Name":"VMware_CWS_Weblogs_CL",
"Properties":[
{
"name": "accessMode",
"type": "string"
},
{
"name": "action",
"type": "string"
},
{
"name": "browserType",
"type": "dynamic"
},
{
"name": "browserVersion",
"type": "dynamic"
},
{
"name": "casbAppName",
"type": "dynamic"
},
{
"name": "casbCatName",
"type": "dynamic"
},
{
"name": "casbFunName",
"type": "dynamic"
},
{
"name": "casbOrgName",
"type": "dynamic"
},
{
"name": "casbRiskScore",
"type": "dynamic"
},
{
"name": "categories",
"type": "string"
},
{
"name": "contentType",
"type": "string"
},
{
"name": "cws_timestamp",
"type": "datetime"
},
{
"name": "destinationIp",
"type": "string"
},
{
"name": "dnsResponse",
"type": "string"
},
{
"name": "domain",
"type": "string"
},
{
"name": "dstCountry",
"type": "string"
},
{
"name": "egressIp",
"type": "string"
},
{
"name": "fileHash",
"type": "dynamic"
},
{
"name": "fileHashScore",
"type": "string"
},
{
"name": "fileName",
"type": "string"
},
{
"name": "fileScanResult",
"type": "dynamic"
},
{
"name": "fileSize",
"type": "string"
},
{
"name": "fileType",
"type": "string"
},
{
"name": "mimeType",
"type": "string"
},
{
"name": "policyHeaders",
"type": "string"
},
{
"name": "policyName",
"type": "string"
},
{
"name": "protocol",
"type": "string"
},
{
"name": "region",
"type": "string"
},
{
"name": "requestMethod",
"type": "string"
},
{
"name": "requestType",
"type": "string"
},
{
"name": "responseCode",
"type": "string"
},
{
"name": "risks",
"type": "dynamic"
},
{
"name": "ruleMatched",
"type": "string"
},
{
"name": "saasEgressHeaders",
"type": "dynamic"
},
{
"name": "sandboxInspectionResult",
"type": "string"
},
{
"name": "sandboxMaliciousActivitiesFound",
"type": "string"
},
{
"name": "sandboxScore",
"type": "string"
},
{
"name": "sourceIp",
"type": "string"
},
{
"name": "srcCountry",
"type": "string"
},
{
"name": "threatTypes",
"type": "dynamic"
},
{
"name": "url",
"type": "string"
},
{
"name": "userAgent",
"type": "string"
},
{
"name": "userGroups",
"type": "dynamic"
},
{
"name": "userGroupsMatched",
"type": "dynamic"
},
{
"name": "userId",
"type": "string"
},
{
"name": "virusList",
"type": "string"
},
{
"name": "webRiskScore",
"type": "string"
},
{
"name": "TimeGenerated",
"type": "datetime"
}
]
}
17 changes: 17 additions & 0 deletions .script/tests/KqlvalidationsTests/CustomTables/VMware_SDWAN_EFSAPI_Health_CL.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
"Name":"VMware_SDWAN_EFSAPI_Health_CL",
"Properties":[
{
"name": "data",
"type": "dynamic"
},
{
"name": "metadata",
"type": "dynamic"
},
{
"name": "TimeGenerated",
"type": "datetime"
}
]
}
Loading
Loading