From ad609062fd6ff8e54881f4a7927118e5b3c6f840 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Fri, 18 Oct 2024 15:13:53 +0530 Subject: [PATCH 1/5] solution repackaged --- .../Solution_MalwareProtectionEssentials.json | 20 +- .../Package/3.0.1.zip | Bin 22521 -> 21974 bytes .../Package/createUiDefinition.json | 2 +- .../Package/mainTemplate.json | 349 +++++++++++------- .../ReleaseNotes.md | 7 +- 5 files changed, 230 insertions(+), 148 deletions(-) diff --git a/Solutions/Malware Protection Essentials/Data/Solution_MalwareProtectionEssentials.json b/Solutions/Malware Protection Essentials/Data/Solution_MalwareProtectionEssentials.json index c60bdcd7f72..53e3c0b304f 100644 --- a/Solutions/Malware Protection Essentials/Data/Solution_MalwareProtectionEssentials.json +++ b/Solutions/Malware Protection Essentials/Data/Solution_MalwareProtectionEssentials.json @@ -2,7 +2,7 @@ "Name": "Malware Protection Essentials", "Author": "Microsoft - support@microsoft.com", "Logo": "", - "Description": "[Malware Protection Essentials](https://aka.ms/AboutASIM) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the [ASIM](https://aka.ms/AboutASIM).\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.\n 1. [Amazon Web Services](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-amazonwebservicesazure-sentinel-solution-amazonwebservices) \n 2. [Azure Firewall](https://portal.azure.com/#create/sentinel4azurefirewall.sentinel4azurefirewallsentinel4azurefirewall) \n 3. [Azure Network Security Groups](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-networksecuritygroupazure-sentinel-solution-networksecuritygroup) \n 4. [Check Point](https://portal.azure.com/#create/checkpoint.checkpoint-sentinel-solutionssentinel-1) \n 5. [Cisco ASA](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-ciscoasaazure-sentinel-solution-ciscoasa) \n 6. [Cisco Meraki Security Events](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-ciscomerakiazure-sentinel-solution-ciscomeraki) \n 7. [Corelight](https://portal.azure.com/#create/corelightinc1584998267292.corelight-for-azure-sentinelcorelight-for-azure-sentinel-solution-template) \n 8. [Fortinet FortiGate](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-fortinetfortigateazure-sentinel-solution-fortinetfortigate) \n 9. [Microsoft Defender for IoT](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-unifiedmicrosoftsocforotazure-sentinel-solution-unifiedmicrosoftsocforot) \n 10. [Microsoft Defender for Cloud](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-microsoftdefenderforcloudazure-sentinel-solution-microsoftdefenderforcloud) \n 11. [Microsoft Sysmon For Linux](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-sysmonforlinuxazure-sentinel-solution-sysmonforlinux) \n 12. [Windows Firewall](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-windowsfirewallazure-sentinel-solution-windowsfirewall) \n 13. [Palo Alto PANOS](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-paloaltopanosazure-sentinel-solution-paloaltopanos) \n 14. [Vectra AI Stream](https://portal.azure.com/#create/vectraaiinc.vectra_sentinel_solutionvectra_sentinel_solutions) \n 15. [WatchGuard Firebox](https://portal.azure.com/#create/watchguard-technologies.watchguard_firebox_msswatchguard-sentinel-solution-plan) \n 16. [Zscaler Internet Access](https://portal.azure.com/#create/zscaler1579058425289.zscaler_internet_access_msszia_msentinel_v1) \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n 2. Logic app for data summarization\n\n**Recommendation :-**\n\nIt is highly recommended to use the **Summarize data** logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.", + "Description": "Malware Protection Essentials is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the [ASIM](https://aka.ms/AboutASIM).\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.\n 1. Amazon Web Services \n 2. Azure Firewall \n 3. Azure Network Security Groups \n 4. Check Point \n 5. Cisco ASA \n 6. Cisco Meraki Security Events \n 7. Corelight \n 8. Fortinet FortiGate \n 9. Microsoft Defender for IoT \n 10. Microsoft Defender for Cloud \n 11. Microsoft Sysmon For Linux \n 12. Windows Firewall \n 13. Palo Alto PANOS \n 14. Vectra AI Stream \n 15. WatchGuard Firebox \n 16. Zscaler Internet Access \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n 2. Logic app for data summarization\n\n**Recommendation :-**\n\nIt is highly recommended to use the **Summarize data** logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.", "Analytic Rules": [ "Analytic Rules/StartupRegistryModified.yaml", "Analytic Rules/PrintProcessersModified.yaml", @@ -26,6 +26,24 @@ "Workbooks": [ "Workbooks/MalwareProtectionEssentialsWorkbook.json" ], + "dependentDomainSolutionIds": [ + "azuresentinel.azure-sentinel-solution-amazonwebservices", + "sentinel4azurefirewall.sentinel4azurefirewall", + "azuresentinel.azure-sentinel-solution-networksecuritygroup", + "checkpoint.checkpoint-sentinel-solutions", + "azuresentinel.azure-sentinel-solution-ciscoasa", + "azuresentinel.azure-sentinel-solution-ciscomeraki", + "corelightinc1584998267292.corelight-for-azure-sentinel", + "Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel", + "azuresentinel.azure-sentinel-solution-unifiedmicrosoftsocforot", + "azuresentinel.azure-sentinel-solution-microsoftdefenderforcloud", + "azuresentinel.azure-sentinel-solution-sysmonforlinux", + "azuresentinel.azure-sentinel-solution-windowsfirewall", + "azuresentinel.azure-sentinel-solution-paloaltopanos", + "vectraaiinc.vectra_sentinel_solution", + "watchguard-technologies.watchguard_firebox_mss", + "zscaler1579058425289.zscaler_internet_access_mss" + ], "WorkbooksDescription": "This workbook provides details about Suspicious Malware Activities from File, Process and Registry events generated by EDR (Endpoint Detection and Response) solutions.", "BasePath": "C:\\Github\\Azure-Sentinel\\Solutions\\Malware Protection Essentials\\", "Version": "3.0.1", diff --git a/Solutions/Malware Protection Essentials/Package/3.0.1.zip b/Solutions/Malware Protection Essentials/Package/3.0.1.zip index f6e72dbf7e2cdf73314422608c4a78d15dcd0591..a296855808e29d777b493da41c8cb8d0a2c1cc42 100644 GIT binary patch literal 21974 zcmV)%K#jjpO9KQH000080B(3vSs>9n=-3bd0256B02crN0Aq4xVRU6xX+&jaX>MtB zX>V>WYIARH?Of?@8%GlUzremjgS(C>f#M}uhq2y(mSjhXWGfbJZ6X;#bEZj7G&9Xi z&xoe80rpw;(e_F9tLiyP%BSSmh5^MP`>3w2uDh%G`(OVeMD6d!8LL3n?uptsjwj|` zt7Ti7fehtH1uBf2@>LS4rlW(j&$QajPP4l{iPV*+rmek5$yhx*+*d;{^kPqk&Ev$6 zz2`ymSEIwf)f&9kSca~zB3kR%b0Tf@FmCo3b_qf{_)0|vfM{@Kv9x<4BN?a|gD~QE zYC@x`)Z&V}i8A#(frP{`7IC&NVbmjNE_StOV-ykSEGxXn0jtJ#sb@S zCol1Jth~`U&cFZjBD@IK)*kCv-CJ7|C%%$KiAW7qBw{V%u@Xb=`+DkyBQa1z9Vy|3 zCYHWWE!1zcpU{Tx34-;%|NK`xWlB~$#racZVbfCPMLpZE-Rt!mj3cG8U7n`EOzT+s zQyHl{-S$ZYcn-DV%YiX84+qgom*dr%fxAk$2|}(vR@g%zXV{K7zYO&>6rM3j87X-Q z{xmIip&Rrc~ zshpYxrlAblTTLT}3h*vXbCLsT>Lm8HzGTvVn?(M7o^xlTcc=Rhf39{wm|RXU3XLp@ z_dMXCt@ciL(A{*T+#KvU?HyO{I%+5#M`Fl!ceuN=GZ^k{4Lh41Io$2YLD$`O+;*qq z4mP(jgcfS!zpah!-QCTdyY0K}?q+9WdxJWjg?woE)IWPT89e&g3^v>yHT(YT@K@~} z?`=+xe(g<<_j}&a-uFLJ+w-oU9KSlG?+^Ok;nv}0XDrXA^!;DY_YSv?!}gtxeE{5O zw`p1X_l@DLKlxsbk~`f8-Gkrux1->v;D_Bwu=``^?Qi{bHo2>{uYcZ(zkB6OpL+!6 zn@B;-uatYgy(*x;gsYVip^m{Nj-R*+jWa=@1$04(qt%gV5)+G5H(;P;zFgEI^;_Zr zuF#ea#|xs<8-V?&XO($;ZS5pdjF<6ZCGM@St+7BJT2Zi=Mj{~bNHO+3$h=!1++bAH z70{lD8L$yfVqzT#T17x#gN}xfNdmki@d`U&s-%5wp0Fso7usEJNf^aA+`WIIy> zaf-9>9FPt@UG$JRh=(BNl(0nOM%MUP#Zw(!Vuq7MUOW?zBArZl;$~CqjTKNh(H_nR zEqBr48Ak)x9(~`+z8|YdUU~(PgDadU1KGw9P{Su}P2YE#;-QX65@Y+}5eyo2>^4Pi z?F8(b3SAr^6pc94eHzedUpr#Y*NMwxI^{8^GZTOySVkOqVe*nkfE;ID=<2Dd5TpZ& zoIo3ho)6le^d3JsEqi- z8ODnw42DFe9ga4!Awx=hd9on0kWuSF48YBDps$z%a5Av}o+IRB!pCX_HVFb5!8xI+ zmVi$c)GjJ)iiLCQ|bjHD}X*wA1r;=1)>T76L&%KTgjJO8%>_FMpEZ`4~tfvPr!MMN>y>XP3 z0c9W44;kPhP{~=N9I?Q`B&=%K<5BM{-%1&)csAi7#j)gU-Rwm{Z{qF2Rf)7;odsX0 z@6j%5tg45ePvI6B>4JGcP8kbDd$N9xLU56~B1{Bf;O9GV6e_UczF1vL(9cI4{6%$N zg`;>}uMn}m+N2$>HrlH%Dj>*NfsS6rBx6nCUhUCAzsi{i8sjmqi1oo9^|EkcA02J)9&7;oqy0!v_TfEOM*9-3 zBMo294KN0d8fzbWq(P^AKCrykEIr2sE>?t(5n4k*N*Hz;Mk1eG;t2DOEMee{z#%is z1xLBh$y=n}+Ib)+b<2=-D<1WgssOC4Hrcssh;-blxc^Uf$+3i~$NC5mqqGkvzuFL4 z+fx2p#eh0o614qkEN=-%1Dddke;J-MD@6kslics){CL}dz_ac zubjBy8oN=Oz_+T-+eg?@mZ9?M17EtT@5M}jYcK?#k&#?5tMk@lfeh=hdKoX6wQI$& zkI@e(s9BhzS+^{3v;{|NWO9|eVQKQgnk7P}j#LI5y|MB+tP&$iGi+Qtg zGy{|SR=!C57Tq8ONJH@aby=bYIml5A$1>~55Mglac@)@^N8PO0&628{KeM+XJY`94 zoAA8Gl8!RV7oOleXdZ`Xu$(eo%+*-`Fwao6;sn7u5=QGl+r!6oijddYo0$jy$BmJ* z^Y)ZPgv(MlKOrZ`YqMYr)2@@eC0H-Ve5nM!Co{Z>Ar_@EXZh3{ps)^x15%lW1&Nt> zj;9kNGP?9YlPmZ%7|VX^~LtgV3FD zN@8DSG`17X1gNXkBGR0fxg~tF&`|QXD}68C&Nay$=H)gbi{Wm@Ml4&Us1|fi}N7?l^DSU_hZ)Po)`E7tg(af}9~n-$Zg&}%IINp-pB%8f+#F{R-{=d^HC9~h5>w)0Jx4$eAo$+ zObm5X>QM?#QcliLE}n97GA6N)$)aGSbSW&A(d@&`#XGT6_vYE@BqF<*np0e{6#TUx zdD!JgWU=mN!eTjZ@x@I+5aOB%lXH@hvzVGv6RekVo{jUhbeTWZOWcIS)<(oOQb0h@ z*<=e6o{FX$0%I>~K1=r9xIy;K9Kehp}+-#$i2~cy8w(uyiNn-fhsp6twkS-w8 zOFH^DJC78w8B1hSF@Hj1dF}F27)WJLR7H@lg{^QWZqxEBsW`?g_@TJQZR%*$;+s;B z66CFZXLGmR`nXJf_vV>AyV`y>LFlK%zGuh?xi;3$e1RM1=(}Hlsh^`?jKp%ZrvUq_9*Bs3N7f;6k=~L zwQkq_-1>rea+uL?fh+mSM}%n+4=#p=nE$~{c^zPMv{;ke2Ft#4rfqEN9@46b<>|J$ z+KAfqX|LCfeAnbx6|+w-12IC)d%i=u36nCE8ljSHH%TqjN0T$=_HAD#!BBkY%& z3`@6p3z@7E0cW?6&3cT&u~TQPTqr$P^rg8hB09eCrYzS%9vq_tkF?2S9j>3o@am|P z?nvLTL8xr`&ov5V=|RC5N^xT7dn%Nrg1ek38%xicM z^j+F~Hi3MkptrqXCC2dJbV*l#g2d<#-@Q{9{` zGNjsFaDbk=D4hg$52cS7AiKXQ-I3)~@3Rsq^PKc>y>$!MU%2dK}uwB@H< zcB=AQp?-vw8DMXsUedgU7L>})6(ftfJ?^Z86%|=|IctyVy~>FEvUem(SlDV;Zd^o% zn)}D;x;%3J>j~HVlKt<~@veRx=dUalw~&aW(7BL(Fwbe41bb*pYHmZi|KyD0yZ~62 zZ#stHNsdLSJT(>TERmg2#R_aHN&HqK74AGl<)UEr)Jjn^1ox|Se(BP=aXZqPCJ>*> z0OjFqBo1Cew^KlHb2+cdK0Z<73z5tMqhUdpNQN0*R8E&B$dxyg@zvS=>g>La ztlmP_y`0D-pX`+5qSVSlE$t(JM?nTLGCa6vq^)`m@^d$NhgsRY9XCuihNR}BV5nsNu_tHRpHmpLshzMxUPETYZ~d(661Hikjdkn z>)yvK?|<(HGE2dIVDs!c#6?p&2Z+7yeRQAdf2HQSR9WJD__|A@*p7HQ!c^0}zk5L_$ zTmDsu1t96K3Kc6uyt22Ow^KJT_qbCh@g%7}m@S?Vua_Ru*UnLDVdDCGzMF;A(`(oF zeLLF#P4G%Ao57D?v*mMi=^@6aWAK2mo$)QdxNQA!h(Y000?_0ss*J003=aX>L?yZE$R1bY(7Tb8l|# zeS2HmNR#jX`#k#{wCv6??6JXjVCK!7aeyRDLc$9qnVBRHZ`*2Py~vVB7rYZdL920_s7&DI`NQ#uXq725#Jlx4i-Hy29E98Lr<$|u0NUB zj`z!0UPFR-BdnV-lHg*kW83sS=uGnjLE6xEv;$&Z5{GJsj_uI_yT9kUP{$yqyMoPp z;}lJZLx3tESfRP95U{x*R(8m=%B1(}D_Ybn)jK|G)KOwU=90ql2$$S3t__QtIK3|Q{7E`1 z#2buE!}S_9LtktLkBH^kV_cvw43q9%fzCjE;bt$YeB8gcj6Z!4YMn8T0vZrKcZT}5 zecq_yh%Ls~e66!2=HAK)Wqb*$XV_9y+y!wA(l@E9;Xtn&CgW+YqCE}DeF|Dxt+0y~ zkoKUMTt`S-?tuuaDf>kWc8f+(LKfIZL0e%vlPd(3?^8ATwI++!#=P%I(DiJ8yg8Mn z@Q%tC5zFPsH|e|nKcTrsL@?C*f`>-1=_&JlsumP`UzE1plw=fP};1)$3d-6 z;OkbCY&P_6bF0}^TT&YmEd=|@zP?%s7WDct9r%vnP4{7GosB$qqi0gb!+LV(b}Ln_ zlBa)VNMa<&rj93cfOFqa)vc-|1N~Q7t5!DVP+6&F)vghzR;l`IiSre?nv)Au(DNq+ zJNK~a-Ax?#T&^T?!oHo%$YIRmM(91{*ZzUg3yu%6; zIL=^9t<8#XGfRY<`9+u&-K4rsTY9^;z17*SwMo5R>u!j0ZHPc17d2*uZr+m!=i{P)2siIvgmdw17FT(A665)JY6cFL| z{flreo)*x;oh%XVasTU%|?&|BS95$@hxg!A;DUxd5&B*OW)C?LY!`xoI{JY|aT$VYd_+24KYOp`nk z>ixMM3AJFaBo-sU|GZypwM z4sR=Kcw700mlf@7cL*gw%w~JA30{*CM4H&f)E54R1I9 z@Uo($zoqM-v}*NE9TXRcL5+|h%>S^zNn4bHO_^6Ybnj_+^RSROykX2u!=Rg{MBO40 zxtY5`^kjYuYBVLiq#9k3v8z-&B`C2IF;GNsDU2X@#Fz zI#{qb-pRd~KbQTujHtG0BIPRW2_@pQnbby=iF`LW&!bZN7HQqqhpz~f5Mpa6Gd|qUSaV{5N(lr-mQle{SnVc!BG8d2R z3g(ocbO5*jem-%YX9MmBbLA!w4|fBCy%z?cQrrzOT*0AOJ?TyiCD7cgH(MOkRGT>T z!l0K*Q2_ynEQ5q#aAj?MZZuRqpDLJ_l~0LM9>8Lv2Xug{P)m2;S>Z^r>z}C9s^Q98 zP1bMoM{mxmgR|%y?IcB$49)>O7Sov#0a1`KUqa4c)_^e2P>~5qh=*g3IDkk&^bV-F z>4B{qLxbw4@|aCb9DP?ox8Qf}((pzhD(r$!y%qr&u-*X8V9BYA5^@KSxuBz2=v*=3 zlX^rE9X`krfZMm|%?LCkb}wOt%Ad#(rL5Q-4y!1o1s7flrXt3E>cVd(F8rX%xnVI) zdkpibLkD_7nMGH0I5jEqpSBK8MgY!|Y-#k`unGZ>qya+coKCfY zLpglSuoz+}DCPJT7I4=!*6sk|fm)wJQ&3cgRmE!ALyc%ar3;m)1$Z*z;ga&S{uE0R z9oH3crt7o(Ap?dBQ$3Zipj}3-CKoa+Q%iddH0}r*H~7*P!}opFUgIe&yBc zz28rF-X9(9y*)X7f4q0}8GepIoF4RcUhTi#TO!HJYxg#3#RcG0DQ7uY+JvTev3xdenT1;+ z|Ijv#0ccYEymtjVu0x$$Tw=MqE6kqu_9VGWxNq8L{PTMk5ZIu(?xL^b5jD-5jp4k0 z@O}jw|FZVeXX~_gY>ZE(2Hv}X;-9U*1X`JWJpoGt_cD&=#!?J^drV<4wBQ=-Dr{4s zV0^+pr3ZTsZZ{+1g7q-fRudHd8g>U8GnyHk+6E zfNcb)CG8s09bSh67@X)}F}VAB(pB6sldkXBW3W5*HvoARw-v@>SJ=2DT~kPjT;B!k zF|yAN7P^KUGO+P8*eQi?0k(6)TUFWDD(jWCPxUWrO3hu%-L=uIj#Tv=*w{~r64p)O7X2yF>d-hDLNFl4n*@(`WRzZmbUK(GZ z&&WNs^S37fYq!yPeQxIkIe&lnHoN0rWUq-G9=<*HheP9P**&sBu2j^%Ko(ya7YX8~ zigp*uUH4tEpqhp}EV?dhD1Nb*pKDkmf8 zWn`P!d_9p6k9au(`P*BPU?n>TJn~MxO{9J@9@eax!}{ zsgD(pfX*1Caac}@eYkpVd7$HAj|(#lU}PE>)| z3eXL`JCQ1BHIjwA7+t{`q5xrGo!g{Lo&X9E7F0>4tKg#LVuY$ePRJ6p%`HfmwEByT z)on{waHc6hR9NTxlC0hU;sVwK6|R^crNF3#b#8My(>yl?2vuv{&I}9k9_9=Smq3xd z35(z6q;i)-0gABn?M$8G%y_WV7kU>T(iSk|_AEdgXXehRW0PHwI#%a)WiEXb@}3L8 z@nv}|7Y+yWwy6$}YwuX^&xD;`U!sV31 zg`haV0fa;d#SPufL=K?SV2Arrbf)fFps%Nj{tG96r5)C(H}&`nZ)&k^SKb72e2&AXA~891MJA$j4W~FR0JOt zb_w+nV^bWPl#I&>K~H(x%#Zm|AUu&7Ni2D>WXzRlmcyq~)k^>|5;(aO1t8@!XKtYc z3T8()g3Sw|d0EO+W@`I7pHR6>Qiw`SDZ~>E6(C0BEy_=gwqrX`W1jaYUs9x4C0K&d z>~$&SOv5^lpa^*%>(M?IP_^pUFX0z;)L`i{i011#A}7nF01#&pyQx0+)>JtAh)AmWSg(E)XUPqZ!3uq@P(KOvGP%#SR%J2x48tZnv$#S z(E-Jq89?!72^3!nP#gjUOdiq7g$XQy;z`0MpIiPOfa1t|O6IZ>C@z8G0YV%Qhs9mY0Lu{O0zZCfn5JghL}w^-dIhuU;k*D~Jb+)bCo*`G?!>lX zo;8<)Lhl}g&UA%5CIi$Y+?WMxw+c*;^&WPPy~3BhD-KC#gB28$rC0$#J^hk~`~3a* zWbXh!ed^WzAhqjyZTriA;^SzJZGx*sy~==@{0;-QVuuXXYF!wPZLvJd5jd=?)c)T= z6=fu2{jxHAOe?p9@C+MJVV>Y80SnPZnWb0rMzVx_mXOa9@>xPYOUP#l`79xyCFHY& zd4FpYQ8rdXY+d8lD{1s zXHH0jXtu<0mN?E(8cH1J!^Uyu)h{>2aV`fxvH-R-jluB6f5ow#McZ70rhO{d&Q=Dt zvsGd{my-n8cPGZcuzgoPP%GBf_nihfE`IX0Dc=LS6M0X0spof!?i4`H5YovWvUK?x z=o6QA+ZsgOY#ok_1O8~a1_liPDxEW*LH%+7F~`K@3o+=fPvKxHFrQS6OSs$~FUsN|_rCH9?bM8j_2%Qn z*D1#FgG-7it@AP|;v-Iq7@W5X%pw*~OVf69NYVb`!yKtHePo$F^45ea=A?LV=_4Oy z#>l%${>I$MhtxTuu5aFT{x|8oWIjtb^jRjmRJBVYJhDZgMNtpSO|V53*;oWzR8i4I z@gj&Ws&MuMPmHCnUlr*B$`!`SEOB>&E{cbHAk=Yh=%UsQ(M1Wo+!$R{EF^S0=%Sn< zIniv1E-KMQp){1}qKAzx%Bx=%Mi<>YF1i4uD2=P2iB@q)QPDP+pkAK}q^O+%DQcIH zqNPBJo`Y8LC%e?7c!lHozW3LP$7N4cR7LK|;)&X+%015h_kt(#U64gY{WvfdAnH@V z0oZU7xNu#fj{zj2UH0XNF;vFGZ+}2_!^4+r>$tKg;Er&aX+r}SlkI4O5wW1vph+0z zp>ZbOYPhcTL^d~|AD~84pn+maIsDD~4jXny1ke~ze}ZLM-)dJ-5N84=FzgFhVK>)5 zTXNkI4`M9m>tn-%#b!Ha8)5Kcx8PRfY_0=>3sbC#ISszT%(Bl4N=dasSVN`>4e@!wI(%w)4c}s~ zpLd7;_4V}GiQ`j^zkGHziDzdGa_Z2V!J3%SIBh{-W>w zRk2gzdw`!}t;8`@vlo@u@g`xZX08Ws3@$NMC8p|j-$?rk_Sob?<@;#WpYnaQDUpWq zeYDD0l<%XB|CH~ejVzY(eY6kYeYE>yIAeKBMM}XTqC`W*W~)R)m9K~`(NOSHqM>d_ zJCrZeEi_yu8Y=cvqM>r4q0q0XC1Q-wcdMs*f@hIXfP9(-J{872^)z?tLV$+(i&F@T zW>%WPKCSU6PaN+whn*7tbSLuD`#$M1wyEqW4Xq!vWvrh#G)yV)tbxI)AQh-n* zt;PF^4ucCeJ`0Y2-#Dna=!uG|#64LYR3}x*$Jzg0a8QVoDe%@zv7R)(pu(Exm}MBx zk9>*6%4Mcr()qL88s!gj$KQU5Cu)Mv>j2|p1COdBI9eBZCuWRpsR^_pG#KPJT*m7! z-#|<1K)o;=dWle-nV}lnmI1LK{x-}@RZmHJSX<9DeG0;D3|2oOHYV-8n6Ps2e8=8e zX`_Wf+1o0EWfghRW$=;rSE=4s%Xp#po&lM@tliQpGPUG)WCkFx)S*qP$vRU2WWD$A z*eb%rNR_vC&-ZLGW@`+V7pb>PJi-zSH7W~Yt|D2tlddU(PBJpcqbmT5_4U#qP1)J{sxUCRw}ScO&RCnTF`GfYQ@-|}Rr zni=nm1XnJui$7FK2pE3<`_*}_6=xy%+8IXslv!j^(P7Y@EPk7l z%3T2kD8kaWGj)oS;lWN{==CcwWVdcy%(x>95XYIhGwRr67o?8Wxm}q{AB8(hgXcm8 zld{;~9p}Ky6)WN(PiZSJfaT2B%h#`5BLPG+)**+KDqzxtL5g3BU5F22p6G0DGzG*o ziJrLjX2Ys1raCvQ8iaQR&hoxcn(^Q{1di_wrP;Y5N;83%8>2Lf1=w!~rI{1pAet>v znk7mzl!g+e`LI!%dG*UpQJRJEA`3t=(|8G*=oE)!7HxA0O7*EgGP@a&%x($ETqY#5 zXPWkH{V{B$x!*FARZI{bIZZdrl!YP?H0F`0PeF^m)qd4Wz&jWDcPa4$n_v4ej1N^k( zJ9vuQfhFMBCb&=7ZR%VA28p38k4JFK(|ZGS?lNR%pb_w!B$weer+DRvBC-jSfJR#J zV8jOO6ML?d13@1Wg*!5XBFx_1&>Ve0JfOPakIOWVJ2LTD zVMr2s@Nt)!8!}{ZY}=BjgE#hBN_eV-!j@3j5(=xV8^aygY}wE~OP|<=<(=-lx#{AW zZFC9vfqaUfO!N2v(ma+>STPVK6!xj*nJb~Nh2XjJvAY5j7}oi|Bnuosw!f5}vV_8x zP}un*!o;M6!scI`B^34sa#ccMqdz4SHa`?LDd@%^sZpTvb787rWzo%O%BBEK?6sJmZl2}F^vfy)aYjX(` z3mnP?8CalT>=i_bVEc*8E3~xp=86iGW}Gi(PwIw7nLjco>6 z5VdqQ3wA3v*sV|}^4!`~M|sm6*sG|rSFwjBd<)Da*f4?}L^F+Z%FH!wXq#xuuWQoL z1@;8BM4N7`E4K6S=BYLgUOF+bb$rG{hf4qq!l{H^+J&tP0GO2L+2-$Y-y?z@BhM_gvWE*ho|lLrRxPT$lqcd%hd>PAfNfCw{3+zaSjQ%JF0x z^B+s=dS73y6fl~hk<3%Usd_o^d^FbX&IKJkhc&W2(DyJJ1)bQ18lUgPR;8kd4}0M= zplG)AVV6GaP#Q`f_CxYvFRotVKI}B@a<`s_WaqZn7d>)LSJQ^J+Nr}%1-oTs^e6nn zZPRCF%P~Kfm4aQXQG4s$?>J^K&-@*aoIOBT=vb6_Qtmj^ok$o)K@cU@P8`K+Y7%&Fw`bPAkGnlyq9a?xXmX83Zb8fgmsJK|H z0IwbrP-210e`cgrw}0$?S&>&|g`QLH0j|!x3M=6)SgKR8%BbO&C0$kR6>-IHWF_5+ zjbFiy#++vm?f7NZdCZB5x~b>6s0+22;Dnw}AeVrY7S%99jsU^}P1hfW)BJus;wW8V zms09x3+w_!2A>$jmrzNGjFm#cM8CfYdJ&9)F_cV@Riz|7{`S(}9!f*$Z-3bS_PpxlhW_>fUV_KvL!UE#kJ^X6FkesBhu+HYp|?sO`qF&p z?ngKS9}&y7$7uiU;aL@@(*2&@=y3rQ6;-(tdrRp?7jE>{qjICWT!4?j#mnVh3k84a ze)N~%4L5}^-3eA2_m$9~TaH@1B;H`e3WsZwIf`XD?p#l~i73`n=dy>TNwY0S0fJ0Nc%v1+yffAmn-Ys zyBc+bhjk6>zqHjfW=n^7=@2g+;-y3UZc*#t1edA*hvA;1>;R$iUsp8x%*KG%bUK9i z0CT7lWs^Xv_0-+qo{{JKW7y)odvkj?>uqp*x3{{b+xzjky<4e=;?}*ny<7L@_MSHy zH+Fl^Y5cC--Z{@(qS?~zUAnzPX(-*^58LgXSG_F3?Va~j|G50#a|ZBH`@I+D>&g1P z+ZlfEcIo$CR=Sr+mKPZ<`<`9iaoH0URgn|>O6l?zF7NiEad{^^gSBU2GEXV_OLlta za1#e!Vu^4@FEM`S+05`2Ysr}BnZz#qO?Is&%iV&{>sKBc{Mq%Piep?0AS99mzV0!( zT8&T#@ZLR3mv;>-b{A2RC3?F=ZE(KMBW7A`GW4BY!xb1s$W4G_kjXiHPZtTXM)A(Jvv2&iGM6;zEyL4lR z(onjwAGRAiuX4x+L665Ur*MN-N|rdcS=Y0QXJXb^~FM8(rxy9 zimt5h*^?a?K2cGXIkB~ro^0XC?mQY#w)(CMd@h`?01^GQ9Zf#}k3tXrQkG^xqvCzWIBTo`Z&=id&Q>#D1U_mF z;9&;~@~W2`1`C$u40&8(ggJxzsKW>g^YvuI2;Gb@g8Jgvh5eOa9ZjgEyYH;%fobJa z@CfcvXyN2HcEZtvsY|g%F`?@mV^l6nuGV4}(-Ol7;oBGXt@q-!S@N9=-*Y4(E`KR+ za4#bXVI-mZ@FNMKw2Pfmc$?AvETunq<;d*?4dPGv#{&i73+*E5T>@8p1z!pZ`lC-g z{4*Hq_~)XJYN9f68~o3h{k?RD73PG$wYRIPApA)B^}BlmYvFwAx08b=Y2J7oVm4xt z`m)vs5n(8^wwGDk%dG8BBWpVtQsxv~-I@cyvLI_aDxpwc@hw5({c$^-d55YSzC_ir z9Wo8yq{@1Mqot{9eT;%bbzL4!VYeaC#O>hs2Zy=~8z6V6Ys6zgR~7=Wg5>YhGOhbO zUq7aG=gHkW-FBJf=J9#_yQxS1?!9^ZyZ7etpEnve_V~|f{H{FyIggW~+0x@*di+Ca zC_VlU+vA^Cy)5eSU)*W&xSacQ#_>@*_ZQ}?xO0C=4^2j@$%K=Qn!&xz)n&vIf;7cy z6d~Pd9bFMh!c6wcgOpTH!8W>*nk94KUPPB()Ocbin=s|3AfLUw3LICaeTL_obIZQ8 zl-!;*hoT!=kGuKSqv}fxMP&S6%=0eINhiH(%ykNeblH^fu0dtx7-8xts7k1zn|I+t63uPO6^MktFk z=a9=C-s?=c>TWnGRgtjzGq@^Gdxk@HKxFo;fis<;vrJx5Q>v2T5Edan;Z}dAE>>*} z`hEk^TW}(ET~wau5Fd4BD(TT$-jxRg7-wUWS$4B!Y;E?czd-~xlF&OWjgLyp(xh`e zw5mN58lFQ-qy{0?6Y844F0dZSEGtKYmw#)s;{8Fs;<9=DyxOzQ;7qXV56&~WCDb*X zDw00UE^ETtamY2W%Rl5Deqx=$!WvWOoSH}+e9;crx6GlETq#Mw9? zLxbQ&jq7{B7v`YBGe%%|PzOR#n{s-?`bSyyJvdobd-yxMudAzS?}|@Y@+>_k&Jnq) z@;};Y$eWg%p+2~hd*)KmR5`)l<%|C=eLeFt3CjPmO9;A1vTVBf$I z?Ci8p^eQuX8jbemFR<(kb9H?UES?-4gT8=)(NQ>M2(9UdN5-&^2NJKt_*vM`_yDA?)_`;)VDQxJI;#qr3%Z7FbqLLww3n2Mi<+_JkerAqNYvAF@e+J!c3z8j}&*Ie>L5#b+NFhbSD)(Z)Y*HdL&Q zU-5H}Iup-1lXZ^lvs`tiSU%^D1f}VeR(EY5Ht76yCJj#0Z@>MPtGHJ^hHV3E(|o0= zT+{h=yfh}>(yJA9B=S)5Ny?m!=Itj#iF3&IEdJA_D}DRF<`0Ex3y(1gCo9U^vAc z6%bT?M4T}}c{nzXvrB`#y*Rc92KD9`X?(lVudej!?r*>CX0}RUE8I~Q0BSR3YrHTV z-%VKuR0k8Tx(B~=P8>8-J+U41MrYOFY+waWoMZUo9Hos3hW7QUbegY*Ro0LT+yW!w zw`c7bhoe1bPtR-W<5)1GCO^|m!kLklxg3I#u6_V1vSI9VwhuLS@zkzsCyqa!6sY!^ z0?W9aygSx@%TW)HPx-fOKo6QIS=BxGQ2X_`!1AD1HbgzEd+bk+(pO@P=ULqJ`Z`i7 zF5ha|Ay8?Lt1sA}Oh%EGI$J|J<294uAsoz@s9FYuQ@tEhJ@l=-7Oqk>|A3!SwA{P} zDxyvmnl-bmZR@#BfHTLdz6K>pEloKbARWI1w(03^ArvV6LfH;tB{0B6GJal-UBpMYK5@u6pnwt7*^lDLb9O3 z^!dq7rhJ_n4yF#txv)*9&I;>}Hx#VU;SgpZ_>@VNNzc%i_=f$-QQ9>PVMiPo zSJ{l<`M$-xVcXfuQ>grT+jWE(D9-jnY##s5Rbx8GHy15y{#*6s;SSh2dCD5qH}Br; zqYxk4W9DDW!R`gUp>R z=;-$`UqleG_~c!dq8F15Et>S@rP! z^OxBY>pS37%4bVjGhCb7IP znbnSZM|;I&0HSGAp!+&|r+0MNL~$zxO0t`!#2mVH<~sTXqWTcY@z!nUY+YWgzHqY~ zOF>fuyLx=`?r>xG*AMU0eCiH`W8^}+F{^n5zjAt@9XdW|^r-7V^cIvcCScy1W=@aI z(ZS9^!D$=o)jz10ZP7TEJHB+PFM(*(|UZVQpxo~}CZ`2pm z^4($e1OCa2WcV<&9jKsF4@idLa$&^si|vItK7HVS^LBc1aZz|2FRs{G^WrM?q^b6R zQ7h^Nj;Z_{U1Fs1Be5)`ExYv4ysCaQO#OwCU|2xe&N_02`XQrFz@`(x+m z_rsG+#;++HXmh$Jt|9niSO37@*;GuyPhwU7`2F>pcW<*>2ETq0d=!+28u=7h2-}>K zFQHj$;0rNU9#z@~?5=Oy=keqWjcAsIGCjk>=@~>IGJJR^e0Jxf7v%x*Y@zmG@X%ff}K$uif?SKDwZT`c5tA||6uYLY()oL~P4gbUxMrQEAO&})~ z|E+uj{&A2Q%N}59w3^n$%i$1h$A?HAp~=l^>(M;>DFs>*yz^UglyMHi|Dn@_EtyN zx9i)Tt<42Q@)evdRB41$5OnDt(La4SdFg`YDpxrylMB}R^i})(S&A)u_>p}@Tlh1} zJP*I&U{1}Md%!%H%bzXnYeIcElB88vZ*j2)+CB^Fv~OP+3%m}}cRaE$HO?BF1&FMh zoZkuf_+X6T8cW*4a-ppJh)he9L0tO0G7iiEJ2bg>Xv1+;O3W=T#gb^!fo zGX$zR6k~+RREd}yiIXJgOQ$OwvUQwwR1{9v$LU6vUPM9~1*A(_5ClO&x}^k`kXTB( zyL0K3bfp(uLJ*Kxx?5?aR(1iGc=^3?-se2;d1ubKGjr~p`}fSb-}{lY8+QNkE$3^M zpi8feiX|0oZiy_mE=?eTcVT+3RP%TtPhUZcM9AvjFqeg{_)BoimQ4_+pkXy8duXK` zUKDbq+G5^k_s0B(Vj{W0Ya?h2FgCWlLTiSvezZM@z_#R9v|@R{C&d=_QRk^??{G%R z(XN=(p}|gopU0Nc@dC%@CNqEj#m32>SOz&?2;vQMBPU#>9@?UlL4Xh#5|~8!t=@e{ zQGa66!WWVUHcU#q2D&sv;3T5J_J#_VbTRQWx>21M+yKvae+ph2@tbvWn>d;Z-AI&S z&90Krjr-YVlgx@6NtrqS3P%dr)Z=$rrn|N{^DphsFRdDs5tzO!6Mrw>wqN|}Z{OGh zhp0TRrVJx7SYm!k&;*h=G=^Qbl1$zGk0uljCDg6x_fWs-(xpEc1oja08xb{PZm{!* zTU(uO=FkT9vcK;)nhUdz&b9beEe74|PS3JIjy2;YW;8!I3J=QHxsJdt&I%?i;383{ zK&;4_rNsJU=<3q%gR%N;Dwg+SQZpmMKemEniFl|vQYH*uD?$Enyk(xVxR>P<_n(t> z6eITmpj)`t!kHk_1cH%6RaS}%s#~DIb5QO z5ME%2al1H<7+XF%3%cyLxM(=;vOJ68l}J1^rLC?*oJ64lY%od2a(I%w3Tk1x0frkY zV1?D_jMXD;KDCL&D7An9;UXR$hb4ziAJOyEl1WU}7LYAk3LI~2{hhv$ z(cm~nM!v2+6Nw{joMp_pq20H|hg@=&&SbFl(=yzSqU(xr1v6TZKBwiim{p9k570mP z6l*zq*xR|kv#!|i(}%tKo!-fpb7-~CEU3}xv7IE<=O!V|Zjl$RTLKpXCEEnY9-A3w zWN&~UU}h9c^F81HCSqV95DLpE44NglDf+d4&BEJ0ixf(wbsYO=BQ!k93MfW^MuF*gL%M2@xpPV=uQRR`o|91PNR*3*xZ)DQ97dEaXonV zMP^YixBg@BJIVu5=T-)Pzp|{e9JA{B8?4m~`;%WNjVyaNNA!Q26IloxCU)0J&&?8` z8j#C$aZVb>;N6@~`4>rp=e&P-!~7Ax$OX2=ihH;id1^=sSx6oOxvthP);SWH0g@L! zd@>gQSQ28)ki21+o6DlF{x%bA7&sgczwl|;`gz1b(574U1TJ?d2`ZTixJ#1d|7M|o zHFtbf$UpG>;agHs?0`TUc3`q_6j(#3nQUnHm$%3$MX<`;x<{CmSv@)ak}w6Ub63>W zKWZda`>0Jp=~m*W(mY&NjJ-bSQ~He@%0})?y-T(D%hVk0%GOHc0p<6$Vm6>#r9MTJ zKj5Q{TTtS|;N)ofEXV6nA0t*2wtMr)`dDgj^4GZ2)tpuHAta(x=f^GcPEtnm@RT@} z0rAE-l=w?{zerU0z-_L0@wisf+KIk;^MFg47)kME(Paa>YVnFsqn9`ABm<*$Z+Lp6 z>GQ{0AhJs?zs2)4zl@zE*|co$*U1!QRy85L&;>U8CmdaAH&`Ap5yUb>%fr_rwkEdW z*SeQ}$CsXMQY?oLimDPHc`yEHIDo63Uh?_8i{;GS?ECgU!tCoeeOfyElfUG`L>o27 zQVs&XfwHE51OL&VR+Dx~bR1||Ss3Uu^?2k!EuHo2b!MFsTUsRf1)*Fm1~vtCj`GeZ z=-y@NOD<|p=@+EHvYK~B`rW7KUt;bG#K7o;Iynuju%el`5p-@Z>V_CNu62FTkO(_u zGrVG7i+z&6uCCWlQnY^n;;q&pc_Kw2;x0>cDBswKzivG$38ebqAZ1b4{N2ckckMuF z6i)U>K*^3+pdAZ$*q+XEX-dPw_tl7i<79;Z%#T#d+%=wQ5@r{AGSu&3@}=qTZ=9g! zS`T6em0n#M)w+Mcjm1B?gHZR;wZv$=!x z4zDf=c*orTOTR+A^Ekn1b-;*APqzWF`)e`SF;fof9eFZk?pvW;1bH^$;@Q|!!8yJ6 zN!S5=&&w})foG|QP^5y=+k245Px|4M3sFsfIXn-%d)b zD+DFUR#GY95l&-YmMX#sIcLML*N$EeQbnmljD?>}9tlj{&kXAG!(BDGXxZ zPljnSYkrj@BV*o*y0V-cfG(?!>BW@IvM_5ie|A)wOtynp5ky+z`<7&53EzSugOxu% z;=uR5v~`V@bh6+em^w)nl(o&~RGqzcbiSedPX!>Jah4H zI|r?!4pORH-y^jGX!XW0|pl9kA!^J&1vXKHA#3a!!^y?s^(t0MiD*pHL*N&Z`s z;YGpZ_M~Sj0~?RnxL*Sn18+@K(M!JZdBFN_2|m^@5vQ5Ry0SZWYrKJLy9xGjNV~i% zC_l94^2VFhot;PXP15d8emVFFENpA%k5>c5>!D(30dO^Lji?f9irIdNT&e`GvT+ zpl}gE14-#?qI!10@4snUSMvD`Ir_4nEPX(6!n5h~znyZfhDBZ1<;1xQEa42h!#Zj_+*ykvMmC42 zBGK0Pp-p{Vw9_Wmi^nAfNj%pC@c@Y?8NF|F*KeTfC_f1`&TNcB=%u4aoK+EXGWPVo zW_NvUV@h+JVqJ+rBO6hpx&)82jOU>oiBN;{`b7XGCc$yl`)8{P|4MS=3 zaZ2C5q-2zf(*z3ogy|hrIxg$+7MP77<`NGz<{qBGQ;*7#)PN`3Y>_+*x@4YFY~U6w zq5o_W%`SQf&3W{xSJa=*uJp|ETNAk&Sex2ZJ)8qYcH*#O+LzxCE?>;g+ z;?+o_>da^Lz)U;s)Ns!Q5{vOk>c)h3wj2$fALJ{mZCzFzbZdW(W%%dDsnoOY5RjvU zboN{}1+w0HP~Hd}b`_Sb8G7M@ScS>klT3|_N_1Y}r%g!@WgJuNPy(MxzNq>T-htoB zX{<2>q4{iuzuNyh)62tHyS3Q3woSjbjkYXWW3mjZ66TqY`w4U&eqfi40fDE5wh#3#%!FKYBp&ZND`}+|5~Jv*nxI z9^S>tzUK+pkbj38X+z9S`9oPBGWr1J3yzq_72drUL)4_=eN&X5?K~7<&~4^hLA}!U zV?xMsEgegu?*@HF9qJGi^=lMk^rvsy2wi7>hs5JK5Z(@lYRk=qDOUHYbGX06lq^o= z-tm1!br1O>shPbBXP?W1j%OH85A#F1eP+0KkB2Tx%#*<|*mRZV)Y|b}Ti%U*fPz|Q zx7a7QecJ$qXj?&6ZQCZPm9?b8(!ptPTMG=n zx^^)09A)1*xdhrwyr6?fU3wwUzL(!2DcaVj+V;-plQDPAiQxt4ZAdU$fC3ya04cD% zOPZGx)x6vAXX%!g7eaSpb`vSDd}G&xG0>)US?Ga$Gq|LePI73I;%>0rhXHdERN-(- zF}6Dfm-mqQT~&4BsS2shEqSXyOT5fyzgB795T>HhA8O!A5X=ri)$FKbu4xICT%d&|*!joQzu zYwM#`|E!(eV!Ou&r+jypQo{%DX}|nTN>GEg;n%iP><#S7k`#HMkWdi9JJINCM&Vl{ z?6fKA7FOj=g6AwVQ*3?l5F{h)o#oaWU!?CW~X{LWThVFLLCel7>5hNqJ(bM zFnOcpm^Siuf#aVzq>UfOR(v&NSCFFn!;`=$Qx_`-)BJd2Kz0K(5> z%bK__txJn6$00ciM{;#cgwY|~aoL>Wmom{mubBNrs@m}*M)N0nhr&3628ygI|0XxR z3!pMi%UK~8`{-UC9%=s_?C{31W!Nj!Ik}>)PpgcXP>h7}8T2t&MjIQNv=Bue|NR#! zJ~xwB=pp2_>c+2#m7n2mR>MLa?xE3@tb73>LbpKrt3HNR?2a%9XP}YrMp&md{vNrz z-~{WFe&w*I6qK*5Z_1NUlq&O7r$d(H8K1~PXbl;$odF&mwtfu>R&4D`RGCTPr{q(B zB{h2mmWK{CraG)VrAsuvVyF7j#bG_#tqZmBd=woL14fA##5P2uN_F-C9&W!U*!}cm zM>FAaOdr3544`q2Xd~j>=Y-BlsHJOxxNh)wYl`JsYY!gUxjoe$_UaREOz!?8mqz+! zJ1kFhN=HpA&)=anqM2FYdv{6ymv;Xhtwm$cY!{DU$E!TDa&o@h@*P}HVNrrzCaPT~ zf~jQxv>4ysN8Iog{SqvZgT%Ak9cf%UqemVv1V1RnMO8Gz6-4@+ajuBG^CZEN38yO? zNFV+{{JshOQo8gLd)SHmu1s+i%iZ)f+_Q!Q^G4*lGX7E{9`lMlD9^V0eU`jvH;d?$ zaol=SOm|aCk;q85@xo_@P5VL?&m;#A@sHe*N(XZE-j+&aPxZZGKgFPYKjA;(IjlO^ zE_P+-mCpK^`O4K0{^UmN!@Li86iJukS}DBxm2!H_wh}@Swr}ucx}H&JRo%V=#hT+< zCA`{2IelbXxqR=^dNN&b?|Nn5@rO0%`2H50a(dOavNK+UzfMG=ti!qS&DH()ma z-{W$mneqqjHb{@>?&H%H&23oBnwG0X=q}^lQIC#x#HL`%z2o|Hg4DfUsXm5=XcmW9PnIDdx!|#a88T&vp^0bcXgnjK zLIKn;x#;BP<|ft&89UnXcdsIF-7v|RGv#&`&&Lg|eEOM-IYFVy=rkxt5E_lRGNwPm z&DHP8{)t-`8t|iqP~r2DEC7kq;YE3a^OFFG@n=1U@huT3hpr>K{aKY`4Oip^Gvz}8 z?4d-zB8<>SwF{(ltsDeADc-kNZ_{YnOWX=#G(@)$f(j;jHc5w@sOiTP`GrZV%Pi^6 z%xNxO;%$e;Zy^OcbLftCU#A$!BVOwdOB`XyV!lw8`R7~hdHB^iaM%_L1fW3#uPB$|gwgxs14c7lpPrYY`{LA=%SgQY?G zQ3ezY4G0Jb3P?jwUUS%vn*?=vA}M>E7Tv}?oaay& zF&be0kfR)3P9dabrfGdjzHuYGxh>UbbA2I*Vt;9`2Xjo4TuE%|fK~GFqV6pVFt=mv zI>5G{KmZlf7F%4J0{H!BjbxP!%I>y#76NE*7lwHS&v{BDp^p&r4w7A{sI)K;7ae|< zbgI2;Z#`@T7%{r+gwNORkNNoTf;o(l1!j5NGZizm!*{;ud}B zgkkXvB9{piJu<= z^o3EUdxIy`$Z`1mCKQ3Y;*4|^DFQVvoR=2Ef zTt2qo;~rwZV^_BC-fAcyHXk_Q)~*rU+}+-P=Tr-s7Y#yo;%(o&Z{+S=yL^6+u)_(7 z+P?Z*`+B>(8=E(FuU*@@EVr)IAE=7rfagt5=Z$=s_hx=~^pcPZmh zzk2ji#6A0cgKy}$|9*TuM(P#dN($2sQ_n#bAUJsW@#}VPbH!~YsJa2|dve2>TNe<( z)OwG~8)o#K^_}N?_4U^d`+@ms#|i7~6?O8z&_B5=Q3`x_rFlCW!RbwfI) zY3m;8vtiPQ9wbf)aPky7hqcIN1e@vu6Rm5O&LW4QcP0mh&p`U(K! zs5a!93p!fUQKJIl`Na+JG!FGO$I!U>O-2 zlmx~>L`WA2da8pRWI|F^e`&n~RSJ|l!AKhCkXI2Na`d%2&zYCjVa?NA_*V%w|4y`i z@08&GBSx3uw)#C1-N4G(j~~_J7>|M97OGYeb+`xjjMm};*QFKE0QU;v3copY{CWIV z9qhv=@vTE@TwEK#r&nRhY&g>-eQ@MR)o>dFDj<65jwN$w2h{FO0_^QyXp&4Tm>pJR zjJrw8KV8V`DHDcdOH6FZ3*NAz4K!uMdy7QO@oD@eI-n*$P(S-Ajn3oj0MC-v$`Z^* ziVF)zwBC}yK6?lR8VwG0*HCY8&z;4C)7i5 zYy%194WrT*A3PUkKHCfw5>;=tE4a`rlHPhNSZIe)HZiCQ0bCL8!#Knu*Ng<{M{K)N(4q7Afon=w7CtZ$FH(vPmH2hZ0001wj~n5D@U{2cWH_Si_;e!wV| zDWZXB!|fa4RciGbA19PS&HP?Ls(g}t2@~CtMEEg@ZYMtp zuivIoX*CF1Q!FqtFBW5#wDgr_as1RI^N@Q@=}R8PV6w736q3Z2E6y|ZTcWaJ-}Tqo zh4M7z#{fV}Ay>=X6Ke3+zw!MZW2pyFcp-;p%3&+APWk3p!SV*!ix`H}!-Wt{9MlXd zlQYGo!xJi)1zAIt*oN+e)g`?wH9Pd<9-hn_^Tz%aT_59y7pXad4{U++p)$}G)&Olj z+PgOlI@^UBgC`fP#W5Cf+@*9p+Z$AdR6z1DaEdjtt%(L1BPb>IDN~fQ{FNSN zude?wY*dtQtp2(^)Bz#v)T>;Q0Vha$p7@ogLUma`VoYz`ZA*+ucqd%WK?hT8j6l5=$#O}j@*4cS3pz_pXh9&rn0}ZmjvyEzSIv8C zdw1lUVH!Vj*M12jHUMZT<*9q5@KyAoE&n3*P0oOm#B0!D2eXE1;G2zSSBfnUHQ=wB z6vED~FBIPT7%#M1iSK^~O-OmOBjVdoluj}`J+T-=*bdwU37O40ZGxlxIOR79h!QrU z$3BWQ8WQXnm?jYAfNVF<53Yta3OagNIXP~z4S;fSbPS~G?l;e*&C^CG~oK;9frL~;S zo>q7FbBmfOo5ruCNz}xI0VkWQwSG-iW@{z|@nGcJ-yT(|DX2(Ny**0vp<=&ICGaOg zX($A)TRN}Ay-Vk=tAP3++&CyKx9MXsHv9N)fvK&ot$*EAI;vpd-S$8^y!u!IneRp< z!1!oW2^4<;&v?V0Q&HUl7sWj(IiXnu_bWh>B~VHQw--rbLbVZYGO~C}N0NN5Xe=`| z1ro)nR}0o?J!$BcQ}>N)B~=Kz9*Wu30Wg&5aXaq@G|jOJFpoa1R=?R!*zYTRlZ#1DJbXzF-3Uc*sg?5>IBXLCc0aR>G>U;Kq4azOJ$TQm~gs!~mR?)hv!7Z;fJ;GJ%>A3=@f!ZS@^ zAnv!EWu;$gP~)D@=2NM^Gt^78C9^DSIursOOTDcREWU&gV_DeUQODu`os%=nbEwN2V2Q_xFe{yg{)ap@ zSEbw#OW&(6$vWK9fOa@T!4wD`zb!YbRBzYbi&QDjU#NCl z>}Rxx(T7H}Q(ftwJ80Dt>^Er!Z>W<7AIBq-_b;qV{gR@(mdZLehK2AiWm(K>Fte7} z6ouj9b_4z;$3vR8j@Y7#Ah(Gt;Lhn+L&VY)Gxa{S878uci8wBX-B*Cs1HM|e4 zi4*QQ&$S_Rtg+nmZUNWwp+}HaUcSVh#@tX-^2Ohi&M2M;W%svzm%=#)Zug2NszYmi z8I2GJ_@2!-L@}Dq5 zu7OPTWiv6W>j42n${q%Ln(XyJZ$m8nbcA{ywttWSWd~q}`)03JUa~!(uP)1D7e7J{C(RkRpSg4B}*+D=dGk6Qd|bfjz8l zoF1|3d@>F3aefod)s67@^^snADf3%?thL<@9hO$NkfT>DqNk`bZ(oNWwMZsWbYi^R zk)XNCr5l1&OUIe_HQjB^!z<2R{qB-88N$s9to#Fmy+!+lB8*SA;{lf2#R1;R9E);U)^^@jFlxDozd1oq+8 zUMr?ax(9q}O)?1i>w?TDo#?f44ivvgp;0Ujbun=X$Zd@y?y)4}!Q4VN&ziy!OAr8_ z9x|_zj2l!6nZItS;&Lu@694rJ&=TbUtUK2Z%3)SD`-jK2{5yrT4hc@SI6iXv&R*c3 zoAKpFz|x(aIE#Q=;8XZmKdW+?WRz~M`Zy?4!5>AO9mYM^0BPu;eRLKk59yg>+G#!J zAqjRuV5`eKa_lnianLc~hKHmk>$6@NK1yZlY(_|h6z?l-Gm{oBV7TQav+xJqlbB613qFV>Z zz6?J0uf!xy56F4r!!GTH3B{RO9i8r_w;*Y=h`IdTsAIqgM#4ie^yPS#RB;r4s4YK# zckB7o8fRy~R6L%aCH?(RKG;)du$BDZ zp^>6TC=_Rfs+IebW3~5@jZhxv5RMZpEn3IB>+UI^jg^PYh=h^ni3`2m#0Op}DY6a3 z3ttvH9Nv$L9jU_o)^A!%vRr@Bo=B@%^U%bK9aM&ZYXO-<-2f2UAM1gNgD8`+tYxOsdqUBxm9%DqKL=6*YTg|8w*b z{smS_$IANxY|jH16=omW4*C#jS}ldZcL9%<&CH{b_nzGD%wP(HO-RomX6DbMGVpKK zGE|nWI~;x<2FgslN(?Z_R zm$uLQTH#3`M}aqW1Bj>bZM*H6Zr~3h|IPAwQu#_mvnYz8n0b-+^(^2ruZH)C8#AE` zb%BE`8$6Ez(4?up5wB1`9fMpi6B$I)Mm81vzsuA#6FpUGp=dK1j+3}HYZo^ARG;Af z-|&k6Uq|Bprz6$hllPvA0s(nPf&d}^(~)cqE$viHZ5?d>sY(B%AYJD8I&W|~_x;?+ z_JWRFMPDvAJ=xLZxJ;jLVkn?cDE!em&h+p>g4XnrP2f&!IFQ+z(W8}&Cj^(yC)JV% z*^VJe=reM!2fDjQeY?{C0WZk$N1SBJ*v&DwFvksD*j?K*bU8K%()E!eAA(1`-C@bY zP2VQ%LC0mkh{*-m<2;QNh?T^;Bc4H+FuOWPB79?cT=!mGHiF2`z@IhmL=ddz!XB|A zoZssE_zDZ#>>;tfLQtGi@xqSgB1-M7m)wAFQ;I^sm@Sl_g!Rh4aw$@x3`AxGzyKef zdr#B;2`OMygNorL=pLTNdxrM9@g`zgduk-i_q4eL;~_jInzxAbm2EDBf#v4PjTjsY zctzvG+E#!@!wl}Z(sS1BqulTn*}QO&t!1BIK*!q4K>d!*!J2qkqX^`9kh{;inJVe@ zhU`j~0W4?#Hqs0{+gQ*j&4FbQZ4A)(u;7GEkO>!~Mf0+V{0(I2Zxp--|0ID_D6lgW zg85a?;Y|D6jLna1gyvGaM56J_Ghmh?$c6(7x1t9 zY+8%Rbk96L=zElbXOU9lcailETal10(;$%`YB9$0?CgUbHiU-_TPOMpHxBc4kUC`} z&9c`t?JLFgzFocjL4n8+e(du_%b<YN_g89#-RoAsrM?G3Zs$i|%5Avc@EpS9o* zv8Zi2Y$=%BU0e{`u&sv!>!vq z6&(^(%>AcT2uY-^$KdxK6x5NIG3O|<<|?mFq4gmPq+59jr!no&ask9{P8V4u%vyv1jLT(M6-8P~72vhU<{ z#TWSc&R;x#|NK;5U9BKsSZHqOr*8E105yLq;muSUk5JM1*}r z+(Hc6QHo4^l_86*KG-f-Rw2>Omg8KaOwr8DHIw|XTq6FIt)czWFb2lJO21e>7HMmz z4bD0znoPt;o*<^Hw0(@_;VX){a5Y}F2H4{8O*A-^E?A+5IXHhIsZr_k1!rl)7_!kw z2Rk@_5LKBhzz}U}p%2jE55yGzTO+orz;gNTtVOHDqryu#X4^s?+@`fg(fgbu9svi8 zNL#ZXRAq84{y;TdNL}VHGU2x7f2%e~LG6VaLA9oZIB0icm`P>jhC3q_$?TL}iF*{f$^-BUvxB=~|g z=K)1qc6$dT2dAs&m{%QZ%%M;6gP6^oqebs!Ql;9%pb^vWL{&;XUQq5WXaiPi$xwUK z&mtOsOMVHrb z|GSmW|F&Xj2^D8vx9Rv5hjn*jN`tch6hebyG(h^#C&SLA^X4!NGy~Zf->SYH?NfdBfQ!azg6`jwr^!(H9W9FA}^9iMwhCf^E1zH9bfJWVC-g7S_RKuHD4OT~XPmYH8#7Plr6-MsK*8C8$VZ1J(K#LX>m5pm>- z0HZ|^cFnPJ)_+d7B{IaNHY<&S3cWWbHfi!qCI8K7p=*p~vc%b120)gGxQOpq;Ngs# zb*^16g|%tkQ2(rgQQWW$x!q2Ze?P2E2t&0@(No=tM5ECdTPDCrs0G94*Prjxr z)|Sb8b<@xr*zZpKBk$paDFgdFc>&l+!fZ&{o7rL{AlYA4sc0|jBo*snH)U=ZVX@^W zt;u1cnollE!Rj?EbwQ_unN=`vkIo|H4H_)J*;+@Z zyI^!vXQo0o?@-oWwXj>xs)n*+F5z!){+koeDh|XvW#IP|u)Nk^c;+mUod+{HF>P*{ zj6)?wY}PcE+@^LrEyp)J?N8pNE~mX+)8(&y*$rMDJ1vIsD9_7U@AiAwrPs0#cH85ri1*>t{+6)IVL0r>PIAkF&)3v1 zYTJ4kST#+#4BV$s^*$9H>ELl}Kjrn?BwCJ^39ohjYK16t1F89{^+Hr&vAaCdvF6|X zs|ZLOIB!S?=z&Z~+1(O;oBS3uE@oh!{2fFuV~)7s!X_Kwvk)%J*DjA%^spa1N7o zS>4CXa}Vqb4@|bJ)oSLzp^*H53aq(3`~yknpQ()qIU5# z;m4)5>iox0Z?mNWmwo>TbyHjTR2HBfI;HGq+u0`R`Ood!B~ACi`%v6O^#JbCzI0X? zJ;Xinnd@k0EWbY-6yD&*o^kRL0qUscOjy)--~}6!U;B%`{$^!T4`2H}-|ZTm-1qR; zPP&?zKBUVZ;FpH*<4_g2-m4@eH~CjCFLgtXU&4@ikNl=Ydmz{cyD)a?orwtkh>=Ac zW|(H8OlP)W6~(8xr#ZQ$sEpi2MKMI2ttRFS z%u4eQrQ5-=Jk|f+I|FR!(KKW4*fey7$#icY5yZpV(15T3(eIeN1s>C`7D4+Hw>Fy0 zI4j8J?wO|vKB5y?4v)S5I_@O4$FrC(m=FG*9aH~Wko9oMgh}7URS9uphIjJF6Z+!$ zt2qk}D#Pg=@6$JDl>?!cJPs0V^D+ozDO*dOd1jWCp#cVn2uoEoJ$(%isR@CeUJbol zhAtJ$z#E45#<{WYjx&^uBx|;MTI{IWOKqvP2%=n9v~Cc1ExvJ+!eGHD`O5-^`#B06 zt)55duNAg6%!jZ1y9&-T?{yjPY!8*zJC0+16UBJJEz`jcnADzq^j| zr0L}JXfEIitrlT9M1B>Ve4iUUgvRIvJx#rS(ZMx?^~ae<{7r;GjWHI+}mhv z5vlpBX<$_9;0V186*EumOm?0G-pwf3ht}u@q?~V z>e8h2{>|PHVN5pxClLt5>1G3)oL{&alN)z`G%~CyJCh-osQ*Hy8R<0k8yCT~JCREi zdU&2!)oR2Xhzw1p0qtD1VNTqTHC%nGK$v}YLj_5fj3i0{g}S=eL|$3Eo>U zn@P^TC4t8Yyg#KXKlxVO?y7kH91Y!CZAlRgAO}AR&Nqb}`V@dt6QzzsUA?$+*pn?D zUyxaWiq4X2_LOq@#S)c}qGqHr5SiJJBKEXiFRcdP-X@&pe23*(KB0N=(B zJ;-_e$8WuVWre@p%=l-;$3EB0L2^zwtcuu;k< z@TpFfYu>k{^}}b<$a^!T{N%?3VfDW(A!sQPdD?$!;JKfCGL7fX6V^o%oH7PpOS&g* zM&0ZQb%l||O>s>oGzuzz_3D-Ai`LGSOdw6IzzWBfQUM{IL~P4w+VSHin1w`vzom|p zrBm3w`HpD8ytg#;f|Zx}?=kB$T?#*>^hV8p^%hun2?5Zn0)Fo|>_)M$GdMf>iz;?$u9lxnnG5^NEAkQz z@d@PqD!F_?(?Yv-nEiA5M0x@10YXbMY3%no?S^~kv1*je^(Jl27VIU&30zqeiXH)1 zk}Gk61&)mN{))tXLG#MG_VD|01UIY1#aNg<;RUgR)uA#;9`@Vfn7LtT zb%Fv>lsJE$bQ*R>3MYBU@ zSUIfq5y>Pns9DZo9e$as$;C7WLUJ}{2y!-sQ!0hz>?g5_OfSl)Ss@>EXJ#{Tz>Zpf zd$Nx?@7Ot~Kixjsmo~9S*OF^GE1a`Yw3m-LCv5)~Nps4JkrJa-kAPdQq}I@9mW zWBz(j8E~w4X1H+5&f1euGvJAWlNCL@R59e47~d3Bm?-wWu`#!X-dLNrDeZ=CX%v7h zX|eQf3}9#)vb{Jd;d$7@Ft^b?KKu@MF|VwvoXMIA{swb7Va=5%m!!yQfCS)R?gzMR zgtwKL&rua&(Www~=MzDFtgwW>Qw5}>UW&pqQQ1kJ4zZf?M-+=1-bXOl4<|%gl1L12 zQ*-aFOOd4sF_647(sv>8gH=ggnue>Q=93ArRA>a`7LkD^O5PSQ@I3kh3r6;oYAI?W zIJ!HBTo(L@Kd}Pzz@dEBeZf^!R3`M@m=%rjEhYz|{|<;ha;@j)=RvYkOHv}muAwq1 zW9Cc>M`t+0xudbF1#BF{Y6UGHsmRsU_$GH320igf@0rr2DY-d={|rdei9OjC3PLF+Du=1%kU|9j(MKt#l zAP7#yR04-u`yDCBdv%5$qFE%06J!dmWYhUt1Kj473Y3NIW#^PK=RH$SF4sbNu<_% zF{Nvvq|wB>D4^YzPz4(Brwtw>YDqMKHHSQs6~LNiZy6owNlg@~@{yJjQTX&Ctlk$M zStTuc7_HnNKK_rCm+^n3U;@0M#TS<`6S|?JPt~>hY~F)7!KOuNcV@nW+k7sEu{P4U z+69P37U?fHAC6fH1b{_YVJ&Du&JL9IXBB%T3Qp!S`fQO5tc^N9PVL47W{F_DJI`lH zQ}G61o9Qex!QeGnL`ZP3lTJvSqqnRRBmd~(udUqmd;)Vv`8Bi2dzB>BJzE(jafMcev{s< zw{pxO*SDN%nDJIRr9?U8R8dr6h^MH?q#T_LL6}DnZ|wc)@#nua2NP2u*hry*$3Um~ z{`^s-gJCXFWslOSA0+fLz>WL8+Bo(kC^pu6-svZ%NBy14s4Od;o0Tbm)u?Bd=cx~97!QeG(GZyQ*mwZ~+6k(R+vDYq`BGO5yC_@d!SET$!z*0q3JwfFjO|+y-D-o8SlM1fjEwrRGU1Eg~N#?j>``7yx zTT;5_{P%nyy`cC%hfnB!c^)=A_(i7VIA;HPwQ3s*uYxfA%^dG5Y3&vG<^nX#_3wDu zRWHXtBan|K8pFKjLfu^6o2EY8DFHs1pX8lf?$&kfgS_?m5E9pKsehDxD!0?oszCqz zX$!%OTKY_4%{k6v{rO+Y_VWIt?5!03x~K+7_*X_+_?Tunh;T|ud!S#c%*VD+*)$4L zMUfDtH!7h@7x;&xG-Pye?A;o~*36X9kqE=|YWw8hFJ!JVc|(dkjy&iuXwI@k`|;=v z)JSZV%m;{ETDXVNvWTO3I^WI2Utg&>38$l*Zyb69(b$7Gu4Q|uI3*Rv+|6oUAj&=~ zQ)g4&AgqNTN#@wnM=3%n2#9ky)KV^sG8+``0q2wLR{QO4r*CsOj5kAmkr#s|d=kri z@OB%UUvM_EbDfNq6M<*I-pa+0Bya=UiW#hxlM{4FaRATeuL{z^h@?0;la9^G)8=%^ zZ@oz{5E_?iS_&FjpfP#=9^-1LYsF^R8xwS|`k80URE`%QH;8^#D;j3?chjtYEsIj8 z*GBnYOOJxL)2J$8Ek0u{E~lDm_mMGHnN)@@E?@7hlCh-T$}t5` z6=aUGkrF+WRT5(UFaMPOcdAI5xkD$eElHMi3z0qyId<{LO9b{R&|a8Jusjf9nqTVu zmwhbETIVu^Ilt9u;$Xf zm~u=tD9CBAnVDIjRbNMzOuLTxvI{s;W?T1&^0BChp3?vFZw=l^TYo6X4Jv=3c>gkr#IyNIs9zeVO#?()SAS;E8(=gg=9 zMRm>+f73t80UB#1I3h}oLie`;jF;OaxMpr+=)0Bo*!qu`${gEfo8jzS9%=#ykATxP z-W>-!*H-Zvx8ll@^T(>8)aJ7_CpfT*;9OM`MWg!6+?0}q$Ep(ZlY6=t0FwgQW0loU z1C^H>nVC6wV#`>KsOU8Buf&$BNqCn!o%I*7`B?KhSeGxv)w~#58%5aRM$g2S0x2zT zRMIQ(c9~rAY{3{%+)bTs>25@Z_%HwG8rODP9jRUzg=s_zZI!}G24&ZZSQ47Fh^sQv z6ZV5-SQMfN3AFM(u~goS>aSk=c7=v5Aju#!D#ZrlQLGM>2x1%qP>aVS&{Z@6Hg;@* zC48;s+lZj%+Hx-fD@5DWNl%l&jqPyQ?&Rj*?1M+Oss)G~ZSMmq9g(`_m8&T*M+cEl zv#M%*o&TgXkm3hnP!2oE)p<*t#8lym^h)rnh0Ln(e`S+&b`qIcX(RHFq-e*8_IP)+q;5A#LDPq87vW z1KF(%2a}oFe2pEA zWKL9{q}SJ|B96Foy5d+8r(KyXR|iBQPHizHhdPfu_;k+6Q0g;7R2^#uQcdQ^bkXt5 zS6UL7m?#41Gw}q|GZ``-8{}Wro#?4%qrH|*^K5z#2wAfm;!?1Vm|uXH_VkAqa0WJJ z)0t+8gEtmz>eTd1sud~jAvpy@3N#)1)c}9h>chxDyvNuV#Lz_>C#g)YGufSJACK~^ ziR3}P!J5T#^v=~L?{Ck`*`xHhnOxw;U6^BY;zYPcdmi%(iHfll6tg z(3Vm$-N4I{wmf=n5}%LJO-GLB^wF#}*K$F6v*C_+H{HPjKj+oxCW0HG3Ba4^s|!9q zp)_#ZfHaJ%zXjsoL9=bI=Tqqjr1u&bZtY+-D#+wfYW!qYv<_X8O!njgW@;XoD+IBw zE`!#J#ztEfn%Ib*vC}>-9S#s2JQOy?^T|<=5KA{LVzBGul@}0FadTe|xiWHkiQxNR zaNDfn?iern{di5}mZ!_`b{Q~tnBe4n$TTFb!R0*S@Myl{t6ssM!Wd*vf1iv*9ZI>k zxxv_39Q;+`2f>|=nE)3aE?$PYwMh#=i6Z=I&P_G^LEFy*`XJNE+sk}kfB3>7=Bl zs|%tMAe*EaJj$l)zI~of zfAnu~JdIS}J;SH$U~KC#`k^kRdU*c>qczRr6?>^}#cEY6*-6j-#*ql*;G@R>Z-4 zzUFEr{)_T=x~`#19IQj!WbmeS{jPZ!a%sjhB&924D^C&UU-th?B0NmIip)nKnbSP7hO+j_d+DC0aKQDoYW@P1lZ{4M`!-jIuv*Y%LQz!AIOy$3;J+`$3g4yiU+}}Rd z-Q7NU-3>u>HE)7s{VDf)vug==h0|1$r<6da_y!q$;{f3 z+&a{Tmu$7%JR`RJn9(_VEmkj}#`fni+Jmb&)V&Otod$4Z6?BG|vK=TR^oEzsPSRK@ z6FwN2on>C_WYOKaf4&jgc^?AbqVMD%mXyOTy^L~;}uUKX+rHn zD3|bzH=TmerolE^!!W~$m=dP7u7{PMSJ?x$nir4K6z+kpDLO`=^$hfo-%k3Pj`C^_ zUhnNEaK{8dXHxvJU4UPjG_4ZT#V)x;mzG~Q4nA*jDZG8p>17ooK3A}??61Q%g!SmDlcQjc3WeLt z6lXd<M~4fGnkTX$XHgz=M7M&AO`8fq0+#v%56sS_{Ly_m{X#+BI&WFkrRXIfXC!(P5d1L9hJKVcGwE%owoj|A31E2Om@c*tToL zOR3YNCr5$*FL6=eVoMWr7_iqcaGp97P&nK#00xrF&6+$nEJOYJXu@7jH}kFr9dQqo zUf;dyFQG1W8lRJa9ZxbMI{!k0clhfg=^(6X(o6Hj#*4{lYDEZ6?P}7Yd3st?9(gq! zY5&LZgqv22J~de4UyVJANWHT)sHjqkpZGm!Xpf@-udi&`Sg*~P`I)O(-fZ7&#ycz9 z7IA^MJ6Bf~_vD|V?@u4zpcf;>Ayq#An8R?bce}u4)jSwkAzD_aMalUbtY$#qNm8M))-y{wG_?pA5=@wav(l0#crq>*{S2A@6 zF0X^L4XE5z+=LQQu45-{-`N=sW?uyTR}6MBY?S|x7Tm|^858a#!0^aV|=LBfRn0%4*BOF<97_mKmW`4 zP;Z&n+ONAEye1Ew-S1Gpe|4VU(^u>Go4q8plmJ>;PR+`6T-#WUt{4u?VyaYif~6FT$gyQxLD8e6JX^WkFj ztURjp8&4(Qh?=oxAO%?k697aaa=I0@esnr_i|oFwm2rhH35v$I)UJ4)O{-e9TCYiY z3@lR@#%w6Ym5Rbzzm4G53rTcPH*Bc@+lipI94pX1cbs>?4dtL9YBpJg^IzAj9oHCy zpc)HBmxQ|ad9l+O7bzUk5@W=zCEWgo+vseilxT5AXwTqE{{npUYIsN?cu-y(P#=|C z<@50~O)(-8&2jzrz5uRVWU?!vL0(?YWdR;L<^p%wn0iG?Ijw*HXarjF_u;!prI8Bt z6=#Bug%?mWOb54jA5RcS2;ia;!j^E9zgF=@WF1i8O2?N`&NFIat7;dU&?oWIHU*vE zgyya(o-xUnqdSzXh@5Xlc#M0K#RAt0^L87)M_A#k^aB)oI7vv7cBNu2yf^$ys-VIr zp@rNomez$hyBy!D0_Btc)j}@D-6{Ll9w`av-2+eH7pDzfB@|EhHkCSVG!4LGr&GE= zKzlmc#54?Rp%ew4c^l|IrG08s6@#XwXFGqHx|AJ5f8vBYj;MngolYK=FJ(gh;1?x* zJ-)HrdcbV14tb-1x`N_zTis#5ihQX%UnW=|x!@t7HbPUILr$~RS6#lX*tL3h>$Pqy z39O=re*kpXf{9#(`p<2jRpUGG6V25bIMOgIg2A!Rc{m}gG$(ta}Ji^O6;xDC8Fw zh3^rlaI52L{mc*8Cua{QGa+NX-2$RRZ5l`X@Fy<+$~L%BPh8LgW-*G~Y0WX?A}su> zV3yAS>Zdtiz{I#CfxOMra17+IPX%7S+*#PLv)l(5V7DPLqdTlHtFeq{cX8GGmGex zOgFhU`{i8XWtfCzP;w1|ch52C=}SG5=)jiJk=(@<@!!q#<>2q1D{kQA&g~uM+uE5^ zWkdwtKHo$&X~30NQ^|p>SpKro%W~X09RsuVg)H#gYC7!ZV}A`eBFCtu>`wK8WOJ>+ zHRObnHgk;@`-&hEEtEPYn6JXH214ImtlBp6oVDQ(z5w`x`o&P8S|1}BmMDEVg^XRSPw;>I2LW-GKUwiyJ{HCGDi3qWx$& zNs$|k6uYv`hKMq@Jb(@}`)yO{3-mQ0SmCv_2mEy>x3> z0>vZAK~klO9HSxy_0-oOTqdF;na}C5#?yH)rKdER{!}_kOI^gAT_S)+Kg0wrGYdyW z9-`ZR`raOCp@#7Dqty~Io2&sGT#bQYUHUCEv$5c>Y{+*ko}aLiY57^xDQ`A+ZZGjW z&vP+uxFs=~ChJmmn~C(5T#s6X*UsIe`(@OHz!AI}Jr!p?UCDIIGF~ZK*X$gWI3c%^ zlj$6jQAFu~0GVeD#Bs8uNylpV>=;hrzV1RHKkQyHz;V#gJ ze`wzL@+6dOV~)*`X6edDVIE*b*D{aB96W%p#eoJ?GUi0JU9p9S$vHn%1BQboos!cY ztryEZWX9`C&$g0%ZF=*c_?xGz9G;qv_u2dNwsR$0fCoo+`k^KxfLLM$aDuxX4SWAc zV*jKOv|R^Bwi-37M4;_ZdagN`bQv2&-9XP+nc0_)(pwvNbT&=xasDRbws zg*OB%&UfLd{n(i5<8r0bfl(a9(mh$Nwofh*?T$r!*1Kt7Fx_%K$?PcVYXCEA$bm?Q z{9V8Ob$j2eWd!Q3!)lVg6Oc)X&HQNf(P%YQ*5a~M*GX4MFe@ekU)4UuYNgtLbz`*b zuZn(w_rksLH$cWtt?wmfeZCU{6Tn*B7tx_5U6r72Iy=|P=N#?XmB(}a>gl26e^ee& zTvky~^un<1uAlw+e)n58_fHU`6NUAp^z&{JA;{JITJjyq45(vk_(=9|Z+lH}_>$2VDH9O_|>3(APxEFu)ht>)+@N`*$b+DYh>sa4$bs;d|{Xu_4q2 zhEscwwob*HgVN09)&dsaLN#u^-D#nIk)0?|(;sgRlJ1|4${?1}yjknfX1E1yuE0*R z^S}=w*yq@rkKrwK0D0ZtpmcP*UvqKQ<6If-@_{MY!vV^t1o}?4`Q`9WLF<7W^8)+o zb2)GX60xx0aOa>Cv%2_?8jkh4;kRcbKlEM;!$$S40`#f0%R02qByw*EZB}AmQ0dg$ zh1PAY-w~_q_a!CxnlfKWmRPm2>eV>>M1?b^$ul$6hbqAp23;RXU9L9mgEh8uXoV4M z+ZB~dNxC_j4(&SV*mxOSw7+)`Qu;yYO^s74vy8F=JdoP%A(!bVlsGo;KB~7q=BM-| zlX3h+i1O*66gD~O!KQonN;9LD7K13STN!TTck(K&d#F~~nD~+@OZxV0v+m?at0e00 zBGM>4d3fyWm+n7`ZTmLham_R3rxj()H0#`apt@vdkoY^11v-!g+V7-XdeHGcWwEe? z=TOqDt=E9@X&;1zqvMCGRA95rWOz2eySFLT+*Zy|RFU`z4&?-0qTzy?EfFhD71DGK*2i2uuu1rQzEk-G zcZ!S`2GfWXeQI_VM)pAO+bm0*=NEF_Y>cl34Jz*7q$uCJ2-{Y6I|LR6G|#F9G&{cY z6$4K$6TRnG#9=z~)#_LBbRw(*UO~wlJVjzqw+9uzyWlv!^!eY8?*DR4dQ}~ZU3os; zNBI49R~anc2}B}8MX+|zk|lcuKXI(7pa1zZU+i5&{NcNDqWihLpRZA&zJ>l7LLwKx z4Z{(frvCQ6$7ssqn~arv?q{_4RUKP;K+i4hp0GK3^Ig}mH`X0;9rMnOuQ0b)(hmcd z1-bOK-UF~q05s3@+Qh?H;x$u0i8T1HvLYZNNX4isp3);H{&fnaF(^k-k)#OvOh>Koi7#fE?-P(*`>^FG1oL(g-vx?LqbA+ z?60e1vO%R~U%2hQO~cW@+X=2|1Q9Z#)<1H@a98SvAC|4#sA_*K!Qd@D)5r%u$ad z`$f79HKz{gym~U)b5))gKOHuxW&076u^g-Vz|R~tntG*zKsG)cb4G9!ytVE+@kArC zhJ+!`y$c5TzMrOwe=c>)mWie2i@xsb!DY`JppD-p?^6g+m2AwQOiS;XNOh?AcY?C| zZt$iey71Vz;Bbbyl@pD9jD$d#X=DwD7TvDQCJ6KS;x4iUG@3DO2;?j>S@_;yot4NQ zp%ASm3)LX`7d_M(EQfk%rJ9^;A@Vk`-iRZJ+Ox6a>FSATSBEZr;4pJwxxhD_a{h{V z%1qTTB>Veed2+RhJrjUiZ&~K5&p* zS+`WzJ}9lH{-fxJA75rEOr8#}s`YHfXMavEJ5Dp35ZR@CZu0|&xp9%dE?;IP7QWG* zc%uWTZ@|391RhFH1r%{?IWoJbGvIeMSyLvoDSwYj(M(YD*in{(x(M=WdwPa`I=kxH z#NJS*bRp`xE%HOf>t@MuC`MZ>gj{F%oY>@&M>K^tjngSl;88e@%FcB>RQHU1h(a8C<65+j9nVHv#?s1e!i=h1{G6|I*A5IL zJ48Ks$YCKJ^wadhz{0DZ4);#?Eo=^;@Dld1$WxBv?W!d^9i-*p;Nb>-FtgzNFuHU( zmc4fUe0Ixm(%a&m`tRGC=(nEaw7J7GW{qE&YpPQ;7^PD=}sQ$gp)=|#`VVdpJQU*it^l_XI;HF89nm~j&ure^@iJXvXtM#Urt19 zUcDT(YsNFr=*j=SQtKR~`Y<@J+MbxpB=NucB_DU?nrI_Z8;j)F~BfcBFb2R>Y013D&K86k-NoVWfI*$i@e2N0B_UcAp5DN|-i48c9tEuM-8JM7sgUvdAtkq6izkHkCkqlW zh~LlVCI~pZA`dS4UA`bwH$>SGEqldRU$4AxX@A3(-_u{Cti86iwchm6n>V`(?OImK z`|k&sjfE%`(=LiNkZ6bVa@Mk{?|9~_O!lQGGivxo?>1|}x#gQ898CR%6RfYZ(AE60 zW=h~2m{>^0KTpOz_jP;CoL3!%I#kX=8BuWegvQ`LWed>DCV!~1ZM>e>zD5X`)TZoE zlktyOrNIEh(garPNbXQ2tjZKyf8O@nW9KU1vyN7~$KqBe;Z-d5q8d^45#^D-`h#6l zbGX4MNwfys5_*@Vk0yH0)pK>O6aA7(jIw2V0y+MZ#X51$t=#?S>Ic6Ei(+!)4DJg6 zoLqI48gVzcz3<9a%=B-1-xqkM)BOwPs^Lv2wL%kzZd$f}DnpEKCKFZmp_N#^^%iWb zPU=H9i$m40P>lPlA7=|cT)^9@;Me|Y(Bz-Jyum|i$`IWg7xp1O{nDS`F$ozf? z-L2Y>%{4QeW9p=}o&DMs37E5LN+$scNGX`|NODyXgsOjb2N`+>B7AXMqP#WHL5Zyc zmF!Inrr=Mmc<#1vu)#jP=^W$u{Oyloff3!#{f#>jfVSLX9!8W6P0}datz57cd9(?r1@b( zM7>x!3!6|T*?ba`FNisv*IEOOM4ubWu8#Y1^YknT$hO^ivSOEQvt3ivQ-=5RCGW&UY)5%Xzeu3z}oQ_w?Ao$t;P97@9Ys6_RxE3o>5N z=5_eL!E07}rT8JTu@3%VXu1o*>ItRd4x_Dk7EX-c$HZ*#SONqrGh#=PIqV z(u^8Ah#z6{^nbjW zS3#+v6VE9pq)|j43wo0m8JofAmrHz+Q(m5KJLy6shgIH}W6U)-*8iKEU%S7`<;xM5 z=XGhR7X$BT8d8eZJ(4DVhEHu)b`RFT;B6fA@$#0cg*F?wY1J-!S9V)xn8t2Pw<|y3Ek7I z@8A9~$BtYd^k<7&7_qwAswNt%mXLCfF-WK8*UsVG#&EB5xjOiz= z9R`wYbO^_j0F{h6#pWUbPH%xT%n851t@)TqA=I<6z=H&{%z!QVSv5Sz_4m!HBFz#* z#lgKoEFD;*)rpc-?c}7z(!f*A*jpBWBD(Qc`4OQ)lkN9wlQDfC+s3ZpIz4WMkapqfQ;O@3SC6jk^ zIh8&rg1Zn*Q)3((SG(IN#?`N^)$t`lB^mU~J%48*AIW2z)O< z3o6F0mdKBxS^$ssAEEERwBuDJTTwqX;FFNUhku4itlz`RW)PLqog0u4w52-Q7twM^ zWI?Gyrq)Ag96aRw7iEUS2imeE;Aov4PR zJ)!7lL0{12Fl#*ST*;G_{>Cytw|PRv32c!O!QE`#lNc(QXhpAgswljnn3ubjw38v) z36PT15(R5ECgpT%#d9|>di83hzpcXurG~l(HSZROe~5wPt5?pz`>&(*ry8d|buDz2 zASV&2`2tkLQxx=<3M;IYSoUNbkGqm_HI%z*jcNdSv4Tvq-Z;3sjTG1KB=*`-X7I%F}#QOdva1<|~pShka*oIKvXlKBPh>#o$v*wFsr|~#a z$;br`=GGnA&$H&%OtQqW)zAD-;Z$_vQ~49~p%J%*d1I*5WG&FR5F>)%-<(niPTs7B z{}i-E6B)Rc8WA(G$`pmI2Dz!j1AlWrtOqK=Sg)E+d;ZU;^{~%BkVCV8jN->2nh3ncPnmpDV2^z)IP*kT2mq--H3kECkJkJf} z1Y~5ZV{V71q1#snIaFtT8q14QXpPI7|3@m3D39b2R71FA-61ySkKIU;93`JS&EAYe zVZkKktfF)azCYFF6}XHGF_<=qp`qTrWkP|K*4o=+(jFv=*`cv!B-hDK%NDjra)l49 z;+6z9Xl@6CF6G%vB}K{ZFy$HSI?@=!Dw!=Ur!$#!rv*)+V;Rb&ol9WWA{K!-pES2M z6~Z%0Ut%b&AZCpUL{~T0=nt=F)a+-K>;5(y1V-$lbsn-3eR0-7h-v%a0qK`VCl-nEz-W7a|s5Rm|!BG)Pn(ky#RzrvHPZxYIAspc@#x)Ixw zdVr66#y=rBl**it@m;aLp#xt=$)(NJxD91^rUt#riF^GrO$!cIVGX)RgGbx-^za*V z@Nksd3wSh6kMmYiL&(FRn#x`-Evi9jCT5;xHd zAnYZT!EdIM8|T1!Xyd#rFgY^@0#@>Ty*fn21`tXdKMrBEZtKv6R2QUa-7}+|pz5nr zOkl2;ASSJj4-Hf)$a3*4IYRfwKKg!(E+eg)C*FvgNA7BpRn8JlW<*H%Qp5gZCY2m#O<4q^Zssj?&%KIBxuOZIO zx+A4SMeLUOFiy=oMV)~&ADv+S#u9zBlG_`SyqP^fG4DRHK1Np=s-@0qIbfmokm#=%;n@QcdItFThBwHH-!K!#6la zG$6f;R;r=aYLhT-YS}(|dUJ39Nx0e7kyMrf4&?lSwV#0)A^qGbG3Q54eOx1I!@>S#i-C;mOl@7bo-sYd^VD>v2lF zzUiYN*JE6JjvRDG{&4ks(pZhTyA#{(2L&74dXVjwoN2~cH4ddxiGY~vKfgFgsLtAg zP)Pur^)b&4J~JI0>#A-ez^OIwc;77eY_;HARpS^?e-CTrIS8K&rb#aE{w_rl2QVCVn)n*1&%b$u&OD(wf(e)C!J?=1`Rvy9 zot)8yAXpWzy`RaLtUKlkv0+@jFo1Y7j&(O{ygeG$Gu3(i#$aC$9Hq7HcpLB{Y-9JM zC<|~H^}&=3>bB_SfNP<)hKMF2X_$s7ds-jf_O|?o66D7l@<${pJ_Wo_3rkKxfR&i-W)X-@%XTban2hLzUn<81=n zwymmZ2N8s;k4$ZJO%4z`d)kwC{-Pqn2ALf1lYPYcN(E>efhbL&orI7F%w*IOFQ#5L zXma*^Me;(-(157lw(mYRC!;hO+w8<~NJ_dB>ZzBN8f@1Oh)-Eeww>`dj3s#%F`&suL1!cUWS+^E%t~`Z%_nA*`92G)OtJ4j3G_XE|~x4EIJ)KtmW;XozFEE5MD17I3<*{i^k_NbwTI72gY_eX50E<;7w7b z48vEsV=FPE;0TL%BoO+*=l;p*~sY(*JHE_sZ`5U#t~1MO3u^NRVD%@M|{K`Ooja E0KabGCjbBd diff --git a/Solutions/Malware Protection Essentials/Package/createUiDefinition.json b/Solutions/Malware Protection Essentials/Package/createUiDefinition.json index b041f5b19ac..19402047074 100644 --- a/Solutions/Malware Protection Essentials/Package/createUiDefinition.json +++ b/Solutions/Malware Protection Essentials/Package/createUiDefinition.json @@ -6,7 +6,7 @@ "config": { "isWizard": false, "basics": { - "description": "\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Malware%20Protection%20Essentials/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution.\n\n[Malware Protection Essentials](https://aka.ms/AboutASIM) is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the [ASIM](https://aka.ms/AboutASIM).\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.\n 1. [Amazon Web Services](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-amazonwebservicesazure-sentinel-solution-amazonwebservices) \n 2. [Azure Firewall](https://portal.azure.com/#create/sentinel4azurefirewall.sentinel4azurefirewallsentinel4azurefirewall) \n 3. [Azure Network Security Groups](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-networksecuritygroupazure-sentinel-solution-networksecuritygroup) \n 4. [Check Point](https://portal.azure.com/#create/checkpoint.checkpoint-sentinel-solutionssentinel-1) \n 5. [Cisco ASA](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-ciscoasaazure-sentinel-solution-ciscoasa) \n 6. [Cisco Meraki Security Events](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-ciscomerakiazure-sentinel-solution-ciscomeraki) \n 7. [Corelight](https://portal.azure.com/#create/corelightinc1584998267292.corelight-for-azure-sentinelcorelight-for-azure-sentinel-solution-template) \n 8. [Fortinet FortiGate](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-fortinetfortigateazure-sentinel-solution-fortinetfortigate) \n 9. [Microsoft Defender for IoT](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-unifiedmicrosoftsocforotazure-sentinel-solution-unifiedmicrosoftsocforot) \n 10. [Microsoft Defender for Cloud](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-microsoftdefenderforcloudazure-sentinel-solution-microsoftdefenderforcloud) \n 11. [Microsoft Sysmon For Linux](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-sysmonforlinuxazure-sentinel-solution-sysmonforlinux) \n 12. [Windows Firewall](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-windowsfirewallazure-sentinel-solution-windowsfirewall) \n 13. [Palo Alto PANOS](https://portal.azure.com/#create/azuresentinel.azure-sentinel-solution-paloaltopanosazure-sentinel-solution-paloaltopanos) \n 14. [Vectra AI Stream](https://portal.azure.com/#create/vectraaiinc.vectra_sentinel_solutionvectra_sentinel_solutions) \n 15. [WatchGuard Firebox](https://portal.azure.com/#create/watchguard-technologies.watchguard_firebox_msswatchguard-sentinel-solution-plan) \n 16. [Zscaler Internet Access](https://portal.azure.com/#create/zscaler1579058425289.zscaler_internet_access_msszia_msentinel_v1) \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n 2. Logic app for data summarization\n\n**Recommendation :-**\n\nIt is highly recommended to use the **Summarize data** logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.\n\n**Workbooks:** 1, **Analytic Rules:** 6, **Hunting Queries:** 6, **Watchlists:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Malware%20Protection%20Essentials/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nMalware Protection Essentials is a [domain solution](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2Fsentinel-solutions-catalog%23domain-solutions&data=05%7C01%7Ckavishbakshi%40microsoft.com%7Cbe2a496082b24caa4b8c08da9cefacca%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637994850502413731%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OJegu%2B2EqD7rmYmK9pm9QniD6YWp5ooloZ6tHzcwVi0%3D&reserved=0) and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the [ASIM](https://aka.ms/AboutASIM).\n\n**Prerequisite :-**\n\n Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.\n 1. Amazon Web Services \n 2. Azure Firewall \n 3. Azure Network Security Groups \n 4. Check Point \n 5. Cisco ASA \n 6. Cisco Meraki Security Events \n 7. Corelight \n 8. Fortinet FortiGate \n 9. Microsoft Defender for IoT \n 10. Microsoft Defender for Cloud \n 11. Microsoft Sysmon For Linux \n 12. Windows Firewall \n 13. Palo Alto PANOS \n 14. Vectra AI Stream \n 15. WatchGuard Firebox \n 16. Zscaler Internet Access \n\n**Underlying Microsoft Technologies used:** \n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs: \n 1. Product solutions as described above \n 2. Logic app for data summarization\n\n**Recommendation :-**\n\nIt is highly recommended to use the **Summarize data** logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.\n\n**Workbooks:** 1, **Analytic Rules:** 6, **Hunting Queries:** 6, **Watchlists:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", "subscription": { "resourceProviders": [ "Microsoft.OperationsManagement/solutions", diff --git a/Solutions/Malware Protection Essentials/Package/mainTemplate.json b/Solutions/Malware Protection Essentials/Package/mainTemplate.json index ce74f166913..32235a2ac84 100644 --- a/Solutions/Malware Protection Essentials/Package/mainTemplate.json +++ b/Solutions/Malware Protection Essentials/Package/mainTemplate.json @@ -228,16 +228,16 @@ { "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostName" + "columnName": "HostName", + "identifier": "HostName" }, { - "identifier": "DnsDomain", - "columnName": "DnsDomain" + "columnName": "DnsDomain", + "identifier": "DnsDomain" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Host" @@ -245,16 +245,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "Username" + "columnName": "Username", + "identifier": "Name" }, { - "identifier": "UPNSuffix", - "columnName": "UPNSuffix" + "columnName": "UPNSuffix", + "identifier": "UPNSuffix" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Account" @@ -262,12 +262,12 @@ { "fieldMappings": [ { - "identifier": "ProcessId", - "columnName": "ActingProcessId" + "columnName": "ActingProcessId", + "identifier": "ProcessId" }, { - "identifier": "CommandLine", - "columnName": "ActingProcessCommandLine" + "columnName": "ActingProcessCommandLine", + "identifier": "CommandLine" } ], "entityType": "Process" @@ -275,12 +275,12 @@ { "fieldMappings": [ { - "identifier": "Hive", - "columnName": "RegHive" + "columnName": "RegHive", + "identifier": "Hive" }, { - "identifier": "Key", - "columnName": "RegKey" + "columnName": "RegKey", + "identifier": "Key" } ], "entityType": "RegistryKey" @@ -288,16 +288,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "RegistryValue" + "columnName": "RegistryValue", + "identifier": "Name" }, { - "identifier": "Value", - "columnName": "RegistryValueData" + "columnName": "RegistryValueData", + "identifier": "Value" }, { - "identifier": "ValueType", - "columnName": "RegistryValueType" + "columnName": "RegistryValueType", + "identifier": "ValueType" } ], "entityType": "RegistryValue" @@ -444,16 +444,16 @@ { "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostName" + "columnName": "HostName", + "identifier": "HostName" }, { - "identifier": "DnsDomain", - "columnName": "DnsDomain" + "columnName": "DnsDomain", + "identifier": "DnsDomain" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Host" @@ -461,16 +461,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "Username" + "columnName": "Username", + "identifier": "Name" }, { - "identifier": "UPNSuffix", - "columnName": "UPNSuffix" + "columnName": "UPNSuffix", + "identifier": "UPNSuffix" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Account" @@ -478,12 +478,12 @@ { "fieldMappings": [ { - "identifier": "ProcessId", - "columnName": "ActingProcessId" + "columnName": "ActingProcessId", + "identifier": "ProcessId" }, { - "identifier": "CommandLine", - "columnName": "ActingProcessCommandLine" + "columnName": "ActingProcessCommandLine", + "identifier": "CommandLine" } ], "entityType": "Process" @@ -491,12 +491,12 @@ { "fieldMappings": [ { - "identifier": "Hive", - "columnName": "RegHive" + "columnName": "RegHive", + "identifier": "Hive" }, { - "identifier": "Key", - "columnName": "RegKey" + "columnName": "RegKey", + "identifier": "Key" } ], "entityType": "RegistryKey" @@ -504,16 +504,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "RegistryValue" + "columnName": "RegistryValue", + "identifier": "Name" }, { - "identifier": "Value", - "columnName": "RegistryValueData" + "columnName": "RegistryValueData", + "identifier": "Value" }, { - "identifier": "ValueType", - "columnName": "RegistryValueType" + "columnName": "RegistryValueType", + "identifier": "ValueType" } ], "entityType": "RegistryValue" @@ -596,7 +596,7 @@ "description": "This analytic rule detects process creation events with base64 encoded command line arguments. This could be an indication of a malicious process being executed.", "displayName": "Process Creation with Suspicious CommandLine Arguments", "enabled": false, - "query": "_ASim_ProcessEvent\n| where EventType == 'ProcessCreated'\n| extend CommandLineArgs = strcat_array(array_slice(split(CommandLine, \" \"), 1, -1), \" \")\n| where strlen(CommandLineArgs) > 0\n| where CommandLineArgs contains \"base64\"\n| project\nTimeGenerated,\nDvcHostname,\nDvcIpAddr,\nDvcDomain,\nTargetUsername,\nTargetUsernameType,\nTargetProcessName,\nTargetProcessId,\nCommandLine\n| extend Username = iff(tostring(TargetUsernameType) == 'Windows', tostring(split(TargetUsername, '\\\\')), TargetUsername)\n| extend NTDomain = iff(tostring(TargetUsernameType) == 'Windows', tostring(split(TargetUsername, '\\\\')), TargetUsername)\n| extend Username = iff(tostring(TargetUsernameType) == 'UPN', tostring(split(TargetUsername, '@')), Username)\n| extend UPNSuffix = iff(tostring(TargetUsernameType) == 'UPN', tostring(split(TargetUsername, '@')), '')\n", + "query": "_ASim_ProcessEvent\n| where EventType == 'ProcessCreated'\n| extend CommandLineArgs = strcat_array(array_slice(split(CommandLine, \" \"), 1, -1), \" \")\n| where strlen(CommandLineArgs) > 0\n| where CommandLineArgs contains \"base64\"\n| project\nTimeGenerated,\nDvcHostname,\nDvcIpAddr,\nDvcDomain,\nTargetUsername,\nTargetUsernameType,\nTargetProcessName,\nTargetProcessId,\nCommandLine\n| extend Username = iff(tostring(TargetUsernameType) == 'Windows', tostring(split(TargetUsername, '\\\\')[1]), TargetUsername)\n| extend NTDomain = iff(tostring(TargetUsernameType) == 'Windows', tostring(split(TargetUsername, '\\\\')[0]), TargetUsername)\n| extend Username = iff(tostring(TargetUsernameType) == 'UPN', tostring(split(TargetUsername, '@')[0]), Username)\n| extend UPNSuffix = iff(tostring(TargetUsernameType) == 'UPN', tostring(split(TargetUsername, '@')[1]), '')\n", "queryFrequency": "PT1H", "queryPeriod": "PT1H", "severity": "Medium", @@ -661,16 +661,16 @@ { "fieldMappings": [ { - "identifier": "HostName", - "columnName": "DvcHostname" + "columnName": "DvcHostname", + "identifier": "HostName" }, { - "identifier": "DnsDomain", - "columnName": "DvcDomain" + "columnName": "DvcDomain", + "identifier": "DnsDomain" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Host" @@ -678,8 +678,8 @@ { "fieldMappings": [ { - "identifier": "Address", - "columnName": "DvcIpAddr" + "columnName": "DvcIpAddr", + "identifier": "Address" } ], "entityType": "IP" @@ -687,16 +687,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "Username" + "columnName": "Username", + "identifier": "Name" }, { - "identifier": "UPNSuffix", - "columnName": "UPNSuffix" + "columnName": "UPNSuffix", + "identifier": "UPNSuffix" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Account" @@ -704,12 +704,12 @@ { "fieldMappings": [ { - "identifier": "ProcessId", - "columnName": "TargetProcessId" + "columnName": "TargetProcessId", + "identifier": "ProcessId" }, { - "identifier": "CommandLine", - "columnName": "CommandLine" + "columnName": "CommandLine", + "identifier": "CommandLine" } ], "entityType": "Process" @@ -855,16 +855,16 @@ { "fieldMappings": [ { - "identifier": "HostName", - "columnName": "DvcHostname" + "columnName": "DvcHostname", + "identifier": "HostName" }, { - "identifier": "DnsDomain", - "columnName": "DvcDomain" + "columnName": "DvcDomain", + "identifier": "DnsDomain" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Host" @@ -872,8 +872,8 @@ { "fieldMappings": [ { - "identifier": "Address", - "columnName": "DvcIpAddr" + "columnName": "DvcIpAddr", + "identifier": "Address" } ], "entityType": "IP" @@ -881,16 +881,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "Username" + "columnName": "Username", + "identifier": "Name" }, { - "identifier": "UPNSuffix", - "columnName": "UPNSuffix" + "columnName": "UPNSuffix", + "identifier": "UPNSuffix" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Account" @@ -898,12 +898,12 @@ { "fieldMappings": [ { - "identifier": "ProcessId", - "columnName": "TargetProcessId" + "columnName": "TargetProcessId", + "identifier": "ProcessId" }, { - "identifier": "CommandLine", - "columnName": "CommandLine" + "columnName": "CommandLine", + "identifier": "CommandLine" } ], "entityType": "Process" @@ -1049,16 +1049,16 @@ { "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostName" + "columnName": "HostName", + "identifier": "HostName" }, { - "identifier": "DnsDomain", - "columnName": "DnsDomain" + "columnName": "DnsDomain", + "identifier": "DnsDomain" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Host" @@ -1066,16 +1066,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "Username" + "columnName": "Username", + "identifier": "Name" }, { - "identifier": "UPNSuffix", - "columnName": "UPNSuffix" + "columnName": "UPNSuffix", + "identifier": "UPNSuffix" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Account" @@ -1083,12 +1083,12 @@ { "fieldMappings": [ { - "identifier": "ProcessId", - "columnName": "ActingProcessId" + "columnName": "ActingProcessId", + "identifier": "ProcessId" }, { - "identifier": "CommandLine", - "columnName": "ActingProcessCommandLine" + "columnName": "ActingProcessCommandLine", + "identifier": "CommandLine" } ], "entityType": "Process" @@ -1096,12 +1096,12 @@ { "fieldMappings": [ { - "identifier": "Hive", - "columnName": "RegHive" + "columnName": "RegHive", + "identifier": "Hive" }, { - "identifier": "Key", - "columnName": "RegKey" + "columnName": "RegKey", + "identifier": "Key" } ], "entityType": "RegistryKey" @@ -1109,16 +1109,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "RegistryValue" + "columnName": "RegistryValue", + "identifier": "Name" }, { - "identifier": "Value", - "columnName": "RegistryValueData" + "columnName": "RegistryValueData", + "identifier": "Value" }, { - "identifier": "ValueType", - "columnName": "RegistryValueType" + "columnName": "RegistryValueType", + "identifier": "ValueType" } ], "entityType": "RegistryValue" @@ -1264,16 +1264,16 @@ { "fieldMappings": [ { - "identifier": "HostName", - "columnName": "HostName" + "columnName": "HostName", + "identifier": "HostName" }, { - "identifier": "DnsDomain", - "columnName": "DnsDomain" + "columnName": "DnsDomain", + "identifier": "DnsDomain" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Host" @@ -1281,16 +1281,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "Username" + "columnName": "Username", + "identifier": "Name" }, { - "identifier": "UPNSuffix", - "columnName": "UPNSuffix" + "columnName": "UPNSuffix", + "identifier": "UPNSuffix" }, { - "identifier": "NTDomain", - "columnName": "NTDomain" + "columnName": "NTDomain", + "identifier": "NTDomain" } ], "entityType": "Account" @@ -1298,12 +1298,12 @@ { "fieldMappings": [ { - "identifier": "ProcessId", - "columnName": "ActingProcessId" + "columnName": "ActingProcessId", + "identifier": "ProcessId" }, { - "identifier": "CommandLine", - "columnName": "ActingProcessCommandLine" + "columnName": "ActingProcessCommandLine", + "identifier": "CommandLine" } ], "entityType": "Process" @@ -1311,12 +1311,12 @@ { "fieldMappings": [ { - "identifier": "Hive", - "columnName": "RegHive" + "columnName": "RegHive", + "identifier": "Hive" }, { - "identifier": "Key", - "columnName": "RegKey" + "columnName": "RegKey", + "identifier": "Key" } ], "entityType": "RegistryKey" @@ -1324,16 +1324,16 @@ { "fieldMappings": [ { - "identifier": "Name", - "columnName": "RegistryValue" + "columnName": "RegistryValue", + "identifier": "Name" }, { - "identifier": "Value", - "columnName": "RegistryValueData" + "columnName": "RegistryValueData", + "identifier": "Value" }, { - "identifier": "ValueType", - "columnName": "RegistryValueType" + "columnName": "RegistryValueType", + "identifier": "ValueType" } ], "entityType": "RegistryValue" @@ -2016,7 +2016,7 @@ "contentSchemaVersion": "3.0.0", "displayName": "Malware Protection Essentials", "publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation", - "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

Malware Protection Essentials is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the ASIM.

\n

Prerequisite :-

\n

Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.

\n
    \n
  1. Amazon Web Services
    2. \n
  2. Azure Firewall
    3. \n
  3. Azure Network Security Groups
    4. \n
  4. Check Point
    5. \n
  5. Cisco ASA
    6. \n
  6. Cisco Meraki Security Events
    7. \n
  7. Corelight
    8. \n
  8. Fortinet FortiGate
    9. \n
  9. Microsoft Defender for IoT
    10. \n
  10. Microsoft Defender for Cloud
    11. \n
  11. Microsoft Sysmon For Linux
    12. \n
  12. Windows Firewall
    13. \n
  13. Palo Alto PANOS
    14. \n
  14. Vectra AI Stream
    15. \n
  15. WatchGuard Firebox
    16. \n
  16. Zscaler Internet Access
    17. \n
\n

Underlying Microsoft Technologies used:

\n

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

\n
    \n
  1. Product solutions as described above
    2. \n
  2. Logic app for data summarization
    3. \n
\n

Recommendation :-

\n

It is highly recommended to use the Summarize data logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.

\n

Workbooks: 1, Analytic Rules: 6, Hunting Queries: 6, Watchlists: 1

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", + "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

Malware Protection Essentials is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the ASIM.

\n

Prerequisite :-

\n

Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.

\n
    \n
  1. Amazon Web Services
    2. \n
  2. Azure Firewall
    3. \n
  3. Azure Network Security Groups
    4. \n
  4. Check Point
    5. \n
  5. Cisco ASA
    6. \n
  6. Cisco Meraki Security Events
    7. \n
  7. Corelight
    8. \n
  8. Fortinet FortiGate
    9. \n
  9. Microsoft Defender for IoT
    10. \n
  10. Microsoft Defender for Cloud
    11. \n
  11. Microsoft Sysmon For Linux
    12. \n
  12. Windows Firewall
    13. \n
  13. Palo Alto PANOS
    14. \n
  14. Vectra AI Stream
    15. \n
  15. WatchGuard Firebox
    16. \n
  16. Zscaler Internet Access
    17. \n
\n

Underlying Microsoft Technologies used:

\n

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

\n
    \n
  1. Product solutions as described above
    2. \n
  2. Logic app for data summarization
    3. \n
\n

Recommendation :-

\n

It is highly recommended to use the Summarize data logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.

\n

Workbooks: 1, Analytic Rules: 6, Hunting Queries: 6, Watchlists: 1

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", "id": "[variables('_solutioncontentProductId')]", @@ -2039,7 +2039,6 @@ "link": "https://support.microsoft.com" }, "dependencies": { - "operator": "AND", "criteria": [ { "kind": "AnalyticsRule", @@ -2110,6 +2109,70 @@ "kind": "Workbook", "contentId": "[variables('_workbookContentId1')]", "version": "[variables('workbookVersion1')]" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-amazonwebservices" + }, + { + "kind": "Solution", + "contentId": "sentinel4azurefirewall.sentinel4azurefirewall" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-networksecuritygroup" + }, + { + "kind": "Solution", + "contentId": "checkpoint.checkpoint-sentinel-solutions" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-ciscoasa" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-ciscomeraki" + }, + { + "kind": "Solution", + "contentId": "corelightinc1584998267292.corelight-for-azure-sentinel" + }, + { + "kind": "Solution", + "contentId": "Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-unifiedmicrosoftsocforot" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-microsoftdefenderforcloud" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-sysmonforlinux" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-windowsfirewall" + }, + { + "kind": "Solution", + "contentId": "azuresentinel.azure-sentinel-solution-paloaltopanos" + }, + { + "kind": "Solution", + "contentId": "vectraaiinc.vectra_sentinel_solution" + }, + { + "kind": "Solution", + "contentId": "watchguard-technologies.watchguard_firebox_mss" + }, + { + "kind": "Solution", + "contentId": "zscaler1579058425289.zscaler_internet_access_mss" } ] }, diff --git a/Solutions/Malware Protection Essentials/ReleaseNotes.md b/Solutions/Malware Protection Essentials/ReleaseNotes.md index 4f2cb921093..94e02e939e5 100644 --- a/Solutions/Malware Protection Essentials/ReleaseNotes.md +++ b/Solutions/Malware Protection Essentials/ReleaseNotes.md @@ -1,3 +1,4 @@ -| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | -|-------------|--------------------------------|--------------------| -|3.0.0 |21-12-2023 |Initial Solution Release| +| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | +|--------------|---------------------------------|----------------------------------------------| +| 3.0.1 | 10-10-2024 | Update **Analytic Rule** SuspiciousProcessCreation.yaml | +| 3.0.0 | 21-12-2023 | Initial Solution Release | From f98bb787826939a0d1105198bce6358a0009e41c Mon Sep 17 00:00:00 2001 From: v-sabiraj Date: Fri, 18 Oct 2024 15:53:11 +0530 Subject: [PATCH 2/5] Update ReleaseNotes.md --- Solutions/Okta Single Sign-On/ReleaseNotes.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Solutions/Okta Single Sign-On/ReleaseNotes.md b/Solutions/Okta Single Sign-On/ReleaseNotes.md index 7a57ff182b8..40ebbe9d170 100644 --- a/Solutions/Okta Single Sign-On/ReleaseNotes.md +++ b/Solutions/Okta Single Sign-On/ReleaseNotes.md @@ -1,5 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|---------------------------------------------------------------| +| 3.0.9 | 17-10-2024 | Updated package to fix connectivity of CCP connector | | 3.0.8 | 14-08-2024 | Data Connector Globally Available | | 3.0.7 | 25-04-2024 | Repackaged for parser issue with old names | | 3.0.6 | 17-04-2024 | Repackaged solution for parser fix | From 5571960ded6f9804458c1084d8ced7a8346dc6f3 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Fri, 18 Oct 2024 16:14:42 +0530 Subject: [PATCH 3/5] update releasenotes --- Solutions/CohesitySecurity/ReleaseNotes.md | 6 ++++-- Solutions/Malware Protection Essentials/ReleaseNotes.md | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/Solutions/CohesitySecurity/ReleaseNotes.md b/Solutions/CohesitySecurity/ReleaseNotes.md index c92998a554c..867322b35c4 100644 --- a/Solutions/CohesitySecurity/ReleaseNotes.md +++ b/Solutions/CohesitySecurity/ReleaseNotes.md @@ -1,3 +1,5 @@ -| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | -|-------------|--------------------------------|---------------------------------------------| +| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | +|-------------|--------------------------------|--------------------------------------------------------------------------------| +| 3.1.1 | 10-10-2024 | Updating Solution with fix for Restore Playbook | +| 3.1.0 | 19-07-2024 | added missing helioID using anomaly strength | | 3.0.0 | 29-06-2023 | Updating Azure Function to Azure Functions in **Data Connector** Description | diff --git a/Solutions/Malware Protection Essentials/ReleaseNotes.md b/Solutions/Malware Protection Essentials/ReleaseNotes.md index 94e02e939e5..28c43343876 100644 --- a/Solutions/Malware Protection Essentials/ReleaseNotes.md +++ b/Solutions/Malware Protection Essentials/ReleaseNotes.md @@ -1,4 +1,4 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |--------------|---------------------------------|----------------------------------------------| -| 3.0.1 | 10-10-2024 | Update **Analytic Rule** SuspiciousProcessCreation.yaml | +| 3.0.1 | 18-10-2024 | **Analytical Rule** [Process Creation with Suspicious CommandLine Arguments] | | 3.0.0 | 21-12-2023 | Initial Solution Release | From a1c702482ec798d3cc9d9e3a0a55924948197c41 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Fri, 18 Oct 2024 16:18:08 +0530 Subject: [PATCH 4/5] Update ReleaseNotes.md --- Solutions/CohesitySecurity/ReleaseNotes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Solutions/CohesitySecurity/ReleaseNotes.md b/Solutions/CohesitySecurity/ReleaseNotes.md index 867322b35c4..0aca5435802 100644 --- a/Solutions/CohesitySecurity/ReleaseNotes.md +++ b/Solutions/CohesitySecurity/ReleaseNotes.md @@ -1,5 +1,5 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------------------------------| -| 3.1.1 | 10-10-2024 | Updating Solution with fix for Restore Playbook | +| 3.1.1 | 10-10-2024 | Updating Solution with fix for Restore **Playbook** | | 3.1.0 | 19-07-2024 | added missing helioID using anomaly strength | | 3.0.0 | 29-06-2023 | Updating Azure Function to Azure Functions in **Data Connector** Description | From 51f176603e77a956d2f0e8ec5dacfb9d1e1c1868 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Mon, 21 Oct 2024 12:26:43 +0530 Subject: [PATCH 5/5] Update ReleaseNotes.md --- Solutions/CohesitySecurity/ReleaseNotes.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Solutions/CohesitySecurity/ReleaseNotes.md b/Solutions/CohesitySecurity/ReleaseNotes.md index 0aca5435802..185c5ee3371 100644 --- a/Solutions/CohesitySecurity/ReleaseNotes.md +++ b/Solutions/CohesitySecurity/ReleaseNotes.md @@ -1,5 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------------------------------| -| 3.1.1 | 10-10-2024 | Updating Solution with fix for Restore **Playbook** | +| 3.1.2 | 21-10-2024 | Corrected Param for JobId for recovery API | +| 3.1.1 | 10-10-2024 | Updating Solution with fix for Restore **Playbook** | | 3.1.0 | 19-07-2024 | added missing helioID using anomaly strength | | 3.0.0 | 29-06-2023 | Updating Azure Function to Azure Functions in **Data Connector** Description |