-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating 'SonicWall Firewall' Solution to version 3.1.0 #9616
Conversation
New content for SonicWall Firewalls.
Updated Solution file for version 3.1.0
Updated package to version 3.1.0.
Made corrections to the maintemplate and verified successful deployment.
Updated the Workbook to correct a validation error reported in the PR checks (fromTemplateId).
Updated createUiDefinition.json to correct Azure Sentinel to Microsoft Sentinel.
Hello @jaimeesc,
|
Thanks for your response! Just one question I haven't found an answer to. Should I get the schema from the parser and include all columns (even default ones), or custom columns? The examples seem to have examples of both. |
The validations failed and seems unrelated to the changes since the last validation run. Going to try closing/re-opening the PR to kick off the validations again. |
Hello @jaimeesc, I am seeing this kind of Validation error for the first time. Please lend me some time to examine it. |
04bd7bb
to
44781a5
Compare
Yes Columns used in parsers, should be added to the table. and the validation errors are visible now. |
Removed the offending entities.
Hello @jaimeesc, All checks are green. I'll review this PR and get back to you by 26 December, 2023. |
Hello @jaimeesc, can you share sample data to test the content of the solution. |
Hello @jaimeesc, please share the sample data and add workbook metadata to this file https://github.com/Azure/Azure-Sentinel/blob/master/Workbooks/WorkbooksMetadata.json |
Hello @jaimeesc, can you please share the sample data and add the workbook metadata to the same. |
Hello @jaimeesc, |
Hello @jaimeesc. Sorry for the inconvenience. But we are facing react error in the content hub of azure portal. |
This reverts commit 841944a.
Hello @jaimeesc, We are facing an issue while custom deploying the maintemplate. Can you try to deploy the maintemplate from your end and check if its working. |
I was able to deploy it without the createUiDefition file (custom deployment, pasting in the contents of mainTemplate. I'm looking into the problem with the location when using createUiDefinition. |
Try to access the solution after deploying. You will find manage button in the lower side of right pane. |
I noticed the solution's version number displayed right before the react error is 2.0.6. The current version posted to GitHub is 3.0.0. I double-checked by deploying another Sentinel workspace and checking the content hub. I installed 2.0.6 from the content hub and clicked manage. No react error, but only one connector is installed (as expected for version 2.0.6). The react error seems to occur when I deploy a newer template than 2.0.6, but check content hub and it tries to load version 2.0.6 information. Could the issue be that the content references the solution (which doesn't exist in that version) or the solution references a data connector that was renamed post-2.0.6? |
Version 3.0.0 will be published to the Marketplace soon to replace 2.0.6. I think that will address the react error. |
Corrects deployment issue with custom UI.
This issue I'm facing is for v 3.0.0 If you custom deploy the maintemplate via "deploy a custom template" on azure portal and head towards LA with deployed maintemplate |
3.0.0 (the current version on github) should publish to the content hub soon. If you notice, the version on the content hub is older. The difference between 2.0.6/2.0.7 and 3.0.0 is the change to the data connector for the upcoming Log Analytics agent retirement. Based on what I've seen, it fails to load the data connector info that is expected by version 2.0.6/2.0.7. I suspect that when 3.0.0 publishes, 3.1.0 will not experience this error. Let's please see if that resolves it in the next day or so when it gets published. |
Solutions/SonicWall Firewall/Hunting Queries/OutboundSSHConnections.yaml
Outdated
Show resolved
Hide resolved
Proceed with the above mentioned changes and we are good to merge this PR |
…olution # Conflicts: # Workbooks/WorkbooksMetadata.json
Change(s):
Reason for Change(s):
Version Updated:
Testing Completed:
Checked that the validations are passing and have addressed any issues that are present: