Comments (8)
v-sudkharat
commented on June 29, 2024
1
Hi @AttacktheSOC, Thank you for sharing your observation with us. We have tested the template with your suggested solution, and the deployment completed successfully : -
But, after deployment the solution does not show as installed in Content Hub, it may be due to the installation or sync not done correctly : -
We have reached out to our respective backend team for this issue, and once we receive any update from them will update you.
Thanks again for your contribution. Please let us know if have any questions or won't to share any update on this.
Thanks!
from azure-sentinel.
AttacktheSOC
commented on June 29, 2024
1
Ahh so close, lol. Please let me know if I can help test anything, would be more than happy!
from azure-sentinel.
v-sudkharat
commented on June 29, 2024
Hi @javiersoriano, Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 03-04-2024. Thanks!
from azure-sentinel.
v-sudkharat
commented on June 29, 2024
Hi @javiersoriano, we are reaching out to the concerned team for this issue, once we receive an update on this, we will update you.
Thanks!
from azure-sentinel.
AttacktheSOC
commented on June 29, 2024
Hi @v-sudkharat I took a quick jab at it in my lab and pulled down the template.json after I received the same failure.
It looks like the parentId was expecting a fully qualified resource id. After some poking around I was able to deploy a custom template and it seems that the parentId, contentId and properties.source.sourceId all need to be changed from:
"[variables('_sourceId')]"
to:
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/metadata', variables('_sourceId')) ]"
Can confirm a full successful deployment after this change.
Hopefully this helps narrow things down for the team a bit.
Thanks!
- Dylan
from azure-sentinel.
v-sudkharat
commented on June 29, 2024
@AttacktheSOC, Sure. Thanks!
from azure-sentinel.
v-sudkharat
commented on June 29, 2024
Hey @javiersoriano/ @AttacktheSOC, The issue has been resolved by our concern team, please redeploy the solution and let us know of you still having issue. Thanks!
Sharing deployment screenshot: -
from azure-sentinel.
javiersoriano
commented on June 29, 2024
It all works well now, Thanks!!
from azure-sentinel.
Related Issues (20)
- Cisco Support DEAD (MERAKI = Linux) ? HOT 2
- Intermittent Entity mapping from Defender Incidents HOT 8
- Cloudflare Missing columns/tables HOT 1
- Redundant rule templates about MFA Rejection/Deny HOT 7
- Unable to delete Threat Intelligence Upload Indicators API (Preview) dataconnector HOT 16
- Azure-Sentinel/Tools /Sentinel-All-In-One: Possibility to add tags HOT 6
- GoogleWorkspaceReports - getting API error, Quota exceeded for quota metric HOT 16
- URI pattern being used is being flagged by ttk HOT 5
- Dynatrace Solution missing list of playbooks in Azure Portal on install HOT 6
- Missing Logs from Entra ID on Sentinel HOT 16
- VMware Carbon Black Cloud (using Function app) data connector not ingesting full three type of logs - Sentinel HOT 9
- Missing incident description on Microsoft Defender XDR incidents created by Microsoft Sentinel HOT 8
- Errors in new analytic rule updates HOT 1
- Please help me this parser of Symantec logs HOT 4
- ????????? HOT 11
- Sentinel logic-app adding comments containing a HTML table has excessive newlines HOT 6
- Threat Intelligence Solution missing the data connector - Premium Microsoft Defender Threat Intelligence HOT 2
- Improve the Microsoft Entra ID solution workbooks HOT 1
- Sentinel Central Workbook in correctly counting incidents HOT 4
- ASIM/Deploy ASIM - Deploy to Azure templates failing (specifically Registry Event) HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sentinel.