Repackaging- ZoomReports

Solutions/ZoomReports/Data/Solution_ZoomReports.json

@@ -1,16 +1,16 @@
 {
-  "Name": "Zoom Reports",
+  "Name": "ZoomReports",
   "Author": "Microsoft - support@microsoft.com",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "The [Zoom](https://zoom.us/) Reports solution enables you to ingest Zoom Reports' events into Microsoft Sentinel through the [Zoom Report REST API](https://marketplace.zoom.us/docs/api-reference/zoom-api/methods/#operation/reportSignInSignOutActivities)\r\n  \r\n  **Underlying Microsoft Technologies used:**\r\n\n  This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n  a.\t [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n  b.\t [Azure Functions](https://azure.microsoft.com/services/functions/#overview)",
+  "Description": "The [Zoom](https://zoom.us/) Reports solution enables you to ingest Zoom Reports events into Microsoft Sentinel through the [Zoom Report REST API](https://marketplace.zoom.us/docs/api-reference/zoom-api/methods/#operation/reportSignInSignOutActivities).\r\n  \r\n  **Underlying Microsoft Technologies used:**\r\n\n  This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n  a.\t [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n  b.\t [Azure Functions](https://azure.microsoft.com/services/functions/#overview)",
   "Data Connectors": [
     "Data Connectors/ZoomReports_API_FunctionApp.json"
   ],
   "Parsers": [
     "Parsers/Zoom.txt"
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\solutions\\ZoomReports",
-  "Version": "2.0.1",
+  "Version": "2.0.2",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
   "Is1PConnector": false

Solutions/ZoomReports/Package/createUiDefinition.json

@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Zoom](https://zoom.us/) Reports solution enables you to ingest Zoom Reports' events into Microsoft Sentinel through the [Zoom Report REST API](https://marketplace.zoom.us/docs/api-reference/zoom-api/methods/#operation/reportSignInSignOutActivities)\r\n  \r\n  **Underlying Microsoft Technologies used:**\r\n\n  This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n  a.\t [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n  b.\t [Azure Functions](https://azure.microsoft.com/services/functions/#overview)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Zoom](https://zoom.us/) Reports solution enables you to ingest Zoom Reports events into Microsoft Sentinel through the [Zoom Report REST API](https://marketplace.zoom.us/docs/api-reference/zoom-api/methods/#operation/reportSignInSignOutActivities).\r\n  \r\n  **Underlying Microsoft Technologies used:**\r\n\n  This solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\r\n\n  a.\t [Azure Monitor HTTP Data Collector API](https://docs.microsoft.com/azure/azure-monitor/logs/data-collector-api)\r\n\n  b.\t [Azure Functions](https://azure.microsoft.com/services/functions/#overview)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",

Solutions/ZoomReports/Package/mainTemplate.json

@@ -55,7 +55,7 @@
   "resources": [
     {
       "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2021-05-01",
+      "apiVersion": "2022-02-01",
       "name": "[variables('dataConnectorTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
       "tags": {
@@ -69,7 +69,7 @@
     },
     {
       "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2021-05-01",
+      "apiVersion": "2022-02-01",
       "name": "[concat(variables('dataConnectorTemplateSpecName1'),'/',variables('dataConnectorVersion1'))]",
       "location": "[parameters('workspace-location')]",
       "tags": {
@@ -80,7 +80,7 @@
         "[resourceId('Microsoft.Resources/templateSpecs', variables('dataConnectorTemplateSpecName1'))]"
       ],
       "properties": {
-        "description": "ZoomReports data connector with template version 2.0.1",
+        "description": "ZoomReports data connector with template version 2.0.2",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorVersion1')]",
@@ -89,16 +89,16 @@
           "resources": [
             {
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId1'))]",
-              "apiVersion": "2021-03-01-preview",
+              "apiVersion": "2022-10-01",
               "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors",
               "location": "[parameters('workspace-location')]",
               "kind": "GenericUI",
               "properties": {
                 "connectorUiConfig": {
                   "id": "[variables('_uiConfigId1')]",
-                  "title": "Zoom Reports (using Azure Function)",
+                  "title": "Zoom Reports (using Azure Functions)",
                   "publisher": "Zoom",
-                  "descriptionMarkdown": "The [Zoom](https://zoom.us/) Reports data connector provides the capability to ingest [Zoom Reports](https://marketplace.zoom.us/docs/api-reference/zoom-api/reports/) events into Microsoft Sentinel through the REST API. Refer to [API documentation](https://marketplace.zoom.us/docs/api-reference/introduction) for more information. The connector provides ability to get events which helps to examine potential security risks, analyze your team's use of collaboration, diagnose configuration problems and more.",
+                  "descriptionMarkdown": "The [Zoom](https://zoom.us/) Reports data connector provides the capability to ingest [Zoom Reports](https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#tag/Reports) events into Microsoft Sentinel through the REST API. Refer to [API documentation](https://developers.zoom.us/docs/api/) for more information. The connector provides ability to get events which helps to examine potential security risks, analyze your team's use of collaboration, diagnose configuration problems and more.",
                   "additionalRequirementBanner": "These queries and workbooks are dependent on a parser based on Kusto to work as expected. Follow the steps to use this Kusto functions alias **Zoom** in queries and workbooks [Follow steps to get this Kusto functions>](https://aka.ms/sentinel-ZoomAPI-parser).",
                   "graphQueries": [
                     {
@@ -161,7 +161,7 @@
                       },
                       {
                         "name": "REST API Credentials/permissions",
-                        "description": "**ZoomApiKey** and **ZoomApiSecret** are required for Zoom API. [See the documentation to learn more about API](https://marketplace.zoom.us/docs/guides/auth/jwt). Check all [requirements and follow  the instructions](https://marketplace.zoom.us/docs/guides/auth/jwt) for obtaining credentials."
+                        "description": "**ZoomApiKey** and **ZoomApiSecret** are required for Zoom API. [See the documentation to learn more about API](https://developers.zoom.us/docs/internal-apps/jwt/#generating-jwts). Check all [requirements and follow  the instructions](https://developers.zoom.us/docs/internal-apps/jwt/#generating-jwts) for obtaining credentials."
                       }
                     ]
                   },
@@ -176,7 +176,7 @@
                       "description": ">**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected. [Follow these steps](https://aka.ms/sentinel-ZoomAPI-parser) to create the Kusto functions alias, **Zoom**"
                     },
                     {
-                      "description": "**STEP 1 - Configuration steps for the Zoom API**\n\n [Follow the instructions](https://marketplace.zoom.us/docs/guides/auth/jwt) to obtain the credentials. \n"
+                      "description": "**STEP 1 - Configuration steps for the Zoom API**\n\n [Follow the instructions](https://developers.zoom.us/docs/internal-apps/jwt/#generating-jwts) to obtain the credentials. \n"
                     },
                     {
                       "description": "**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Zoom Reports data connector, have the Workspace ID and Workspace Primary Key (can be copied from the following).",
@@ -230,7 +230,7 @@
                 "version": "[variables('dataConnectorVersion1')]",
                 "source": {
                   "kind": "Solution",
-                  "name": "ZoomRe ports",
+                  "name": "ZoomReports",
                   "sourceId": "[variables('_solutionId')]"
                 },
                 "author": {
@@ -287,9 +287,9 @@
       "kind": "GenericUI",
       "properties": {
         "connectorUiConfig": {
-          "title": "Zoom Reports (using Azure Function)",
+          "title": "Zoom Reports (using Azure Functions)",
           "publisher": "Zoom",
-          "descriptionMarkdown": "The [Zoom](https://zoom.us/) Reports data connector provides the capability to ingest [Zoom Reports](https://marketplace.zoom.us/docs/api-reference/zoom-api/reports/) events into Microsoft Sentinel through the REST API. Refer to [API documentation](https://marketplace.zoom.us/docs/api-reference/introduction) for more information. The connector provides ability to get events which helps to examine potential security risks, analyze your team's use of collaboration, diagnose configuration problems and more.",
+          "descriptionMarkdown": "The [Zoom](https://zoom.us/) Reports data connector provides the capability to ingest [Zoom Reports](https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#tag/Reports) events into Microsoft Sentinel through the REST API. Refer to [API documentation](https://developers.zoom.us/docs/api/) for more information. The connector provides ability to get events which helps to examine potential security risks, analyze your team's use of collaboration, diagnose configuration problems and more.",
           "graphQueries": [
             {
               "metricName": "Total data received",
@@ -307,7 +307,7 @@
             {
               "type": "IsConnectedQuery",
               "value": [
-                "Zoom_CL\n            | summarize LastLogReceived = max(TimeGenerated)\n            | project IsConnected = LastLogReceived > ago(30d)"
+                "Zoom_CL\n            | summarize LastLogReceived = max(TimeGenerated)\n            | project IsConnected = LastLogReceived > ago(7d)"
               ]
             }
           ],
@@ -351,7 +351,7 @@
               },
               {
                 "name": "REST API Credentials/permissions",
-                "description": "**ZoomApiKey** and **ZoomApiSecret** are required for Zoom API. [See the documentation to learn more about API](https://marketplace.zoom.us/docs/guides/auth/jwt). Check all [requirements and follow  the instructions](https://marketplace.zoom.us/docs/guides/auth/jwt) for obtaining credentials."
+                "description": "**ZoomApiKey** and **ZoomApiSecret** are required for Zoom API. [See the documentation to learn more about API](https://developers.zoom.us/docs/internal-apps/jwt/#generating-jwts). Check all [requirements and follow  the instructions](https://developers.zoom.us/docs/internal-apps/jwt/#generating-jwts) for obtaining credentials."
               }
             ]
           },
@@ -366,7 +366,7 @@
               "description": ">**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected. [Follow these steps](https://aka.ms/sentinel-ZoomAPI-parser) to create the Kusto functions alias, **Zoom**"
             },
             {
-              "description": "**STEP 1 - Configuration steps for the Zoom API**\n\n [Follow the instructions](https://marketplace.zoom.us/docs/guides/auth/jwt) to obtain the credentials. \n"
+              "description": "**STEP 1 - Configuration steps for the Zoom API**\n\n [Follow the instructions](https://developers.zoom.us/docs/internal-apps/jwt/#generating-jwts) to obtain the credentials. \n"
             },
             {
               "description": "**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Zoom Reports data connector, have the Workspace ID and Workspace Primary Key (can be copied from the following).",
@@ -413,7 +413,7 @@
     },
     {
       "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2021-05-01",
+      "apiVersion": "2022-02-01",
       "name": "[variables('parserTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
       "tags": {
@@ -427,7 +427,7 @@
     },
     {
       "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2021-05-01",
+      "apiVersion": "2022-02-01",
       "name": "[concat(variables('parserTemplateSpecName1'),'/',variables('parserVersion1'))]",
       "location": "[parameters('workspace-location')]",
       "tags": {
@@ -438,7 +438,7 @@
         "[resourceId('Microsoft.Resources/templateSpecs', variables('parserTemplateSpecName1'))]"
       ],
       "properties": {
-        "description": "Zoom Data Parser with template version 2.0.1",
+        "description": "Zoom Data Parser with template version 2.0.2",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('parserVersion1')]",
@@ -500,7 +500,7 @@
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/savedSearches",
-      "apiVersion": "2021-06-01",
+      "apiVersion": "2022-10-01",
       "name": "[variables('_parserName1')]",
       "location": "[parameters('workspace-location')]",
       "properties": {
@@ -547,7 +547,7 @@
       "apiVersion": "2022-01-01-preview",
       "location": "[parameters('workspace-location')]",
       "properties": {
-        "version": "2.0.1",
+        "version": "2.0.2",
         "kind": "Solution",
         "contentSchemaVersion": "2.0.0",
         "contentId": "[variables('_solutionId')]",