![](\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/cyberpion_logo.svg\"){kind=logo}
",
- "Description": "The [Cyberpion](https://www.cyberpion.com/) solution for Microsoft Sentinel enables you to ingest vulnerability logs from the Cyberpion platform into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)",
- "Data Connectors": [
- "Data Connectors/CyberpionSecurityLogs.json"
- ],
- "Analytic Rules": [
- "Analytic Rules/HighUrgencyActionItems.yaml"
- ],
- "Workbooks": [
- "Workbooks/CyberpionOverviewWorkbook.json"
- ],
- "BasePath": "C:\\GitHub\\azure\\Solutions\\Cyberpion",
- "Version": "2.0.1",
- "Metadata": "SolutionMetadata.json",
- "TemplateSpec": true,
- "Is1Pconnector": false
-}
\ No newline at end of file
diff --git a/Solutions/Cyberpion/Analytic Rules/HighUrgencyActionItems.yaml b/Solutions/IONIX/Analytic Rules/HighUrgencyActionItems.yaml
similarity index 88%
rename from Solutions/Cyberpion/Analytic Rules/HighUrgencyActionItems.yaml
rename to Solutions/IONIX/Analytic Rules/HighUrgencyActionItems.yaml
index 3e80629ca5e..5de1074ce13 100644
--- a/Solutions/Cyberpion/Analytic Rules/HighUrgencyActionItems.yaml
+++ b/Solutions/IONIX/Analytic Rules/HighUrgencyActionItems.yaml
@@ -1,7 +1,7 @@
id: 8e0403b1-07f8-4865-b2e9-74d1e83200a4
-name: High Urgency Cyberpion Action Items
+name: High Urgency IONIX Action Items
description: |
- 'This query creates an alert for active Cyberpion Action Items with high urgency (9-10).
+ 'This query creates an alert for active IONIX Action Items with high urgency (9-10).
Urgency can be altered using the "min_urgency" variable in the query.'
severity: High
status: Available
@@ -38,5 +38,5 @@ entityMappings:
fieldMappings:
- identifier: DomainName
columnName: DNSCustomEntity
-version: 1.0.0
+version: 1.0.1
kind: Scheduled
\ No newline at end of file
diff --git a/Solutions/Cyberpion/Data Connectors/CyberpionSecurityLogs.json b/Solutions/IONIX/Data Connectors/IONIXSecurityLogs.json
similarity index 80%
rename from Solutions/Cyberpion/Data Connectors/CyberpionSecurityLogs.json
rename to Solutions/IONIX/Data Connectors/IONIXSecurityLogs.json
index 61bd35a45bb..d870cbbf387 100644
--- a/Solutions/Cyberpion/Data Connectors/CyberpionSecurityLogs.json
+++ b/Solutions/IONIX/Data Connectors/IONIXSecurityLogs.json
@@ -1,8 +1,8 @@
{
"id": "CyberpionSecurityLogs",
- "title": "Cyberpion Security Logs",
- "publisher": "Cyberpion",
- "descriptionMarkdown": "The Cyberpion Security Logs data connector, ingests logs from the Cyberpion system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.",
+ "title": "IONIX Security Logs",
+ "publisher": "IONIX",
+ "descriptionMarkdown": "The IONIX Security Logs data connector, ingests logs from the IONIX system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.",
"graphQueries": [
{
"metricName": "Total data received",
@@ -59,15 +59,15 @@
],
"customs": [
{
- "name": "Cyberpion Subscription",
- "description": "a subscription and account is required for cyberpion logs. [One can be acquired here.](https://azuremarketplace.microsoft.com/en/marketplace/apps/cyberpion1597832716616.cyberpion)"
+ "name": "IONIX Subscription",
+ "description": "a subscription and account is required for IONIX logs. [One can be acquired here.](https://azuremarketplace.microsoft.com/en/marketplace/apps/cyberpion1597832716616.cyberpion)"
}
]
},
"instructionSteps": [
{
"title": "",
- "description": "Follow the [instructions](https://www.cyberpion.com/resource-center/integrations/azure-sentinel/) to integrate Cyberpion Security Alerts into Sentinel.",
+ "description": "Follow the [instructions](https://www.ionix.io/integrations/azure-sentinel/) to integrate IONIX Security Alerts into Sentinel.",
"instructions": [
{
"parameters": {
diff --git a/Solutions/IONIX/Data/Solution_IONIX.json b/Solutions/IONIX/Data/Solution_IONIX.json
new file mode 100644
index 00000000000..027b95ca000
--- /dev/null
+++ b/Solutions/IONIX/Data/Solution_IONIX.json
@@ -0,0 +1,20 @@
+{
+ "Name": "IONIX",
+ "Author": "IONIX",
+ "Logo": "![](\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/ionix-logo.svg\"){kind=logo}
",
+ "Description": "The [IONIX](https://ionix.io/) solution for Microsoft Sentinel enables you to ingest vulnerability logs from the IONIX platform into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)",
+ "Data Connectors": [
+ "Data Connectors/IONIXSecurityLogs.json"
+ ],
+ "Analytic Rules": [
+ "Analytic Rules/HighUrgencyActionItems.yaml"
+ ],
+ "Workbooks": [
+ "Workbooks/IONIXOverviewWorkbook.json"
+ ],
+ "BasePath": "https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/IONIX",
+ "Version": "3.0.0",
+ "Metadata": "SolutionMetadata.json",
+ "TemplateSpec": true,
+ "Is1Pconnector": false
+}
\ No newline at end of file
diff --git a/Solutions/Cyberpion/Package/2.0.0.zip b/Solutions/IONIX/Package/2.0.0.zip
similarity index 100%
rename from Solutions/Cyberpion/Package/2.0.0.zip
rename to Solutions/IONIX/Package/2.0.0.zip
diff --git a/Solutions/Cyberpion/Package/2.0.1.zip b/Solutions/IONIX/Package/2.0.1.zip
similarity index 100%
rename from Solutions/Cyberpion/Package/2.0.1.zip
rename to Solutions/IONIX/Package/2.0.1.zip
diff --git a/Solutions/IONIX/Package/3.0.0.zip b/Solutions/IONIX/Package/3.0.0.zip
new file mode 100644
index 00000000000..7007056e06a
Binary files /dev/null and b/Solutions/IONIX/Package/3.0.0.zip differ
diff --git a/Solutions/Cyberpion/Package/createUiDefinition.json b/Solutions/IONIX/Package/createUiDefinition.json
old mode 100644
new mode 100755
similarity index 70%
rename from Solutions/Cyberpion/Package/createUiDefinition.json
rename to Solutions/IONIX/Package/createUiDefinition.json
index 2cc2cda9068..3581e0c262e
--- a/Solutions/Cyberpion/Package/createUiDefinition.json
+++ b/Solutions/IONIX/Package/createUiDefinition.json
@@ -6,7 +6,7 @@
"config": {
"isWizard": false,
"basics": {
- "description": "\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Cyberpion](https://www.cyberpion.com/) solution for Microsoft Sentinel enables you to ingest vulnerability logs from the Cyberpion platform into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)\n\n**Data Connectors:** 1, **Workbooks:** 1, **Analytic Rules:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+ "description": "\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/IONIX/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [IONIX](https://ionix.io/) solution for Microsoft Sentinel enables you to ingest vulnerability logs from the IONIX platform into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution is dependent on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Codeless Connector Platform/Native Microsoft Sentinel Polling](https://docs.microsoft.com/azure/sentinel/create-codeless-connector?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal)\n\n**Data Connectors:** 1, **Workbooks:** 1, **Analytic Rules:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
"subscription": {
"resourceProviders": [
"Microsoft.OperationsManagement/solutions",
@@ -60,7 +60,7 @@
"name": "dataconnectors1-text",
"type": "Microsoft.Common.TextBlock",
"options": {
- "text": "This solution installs the data connector for ingesting Cyberpion logs into Microsoft Sentinel, using Codeless Connector Platform and Native Sentinel Polling. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
+ "text": "This Solution installs the data connector for IONIX. You can get IONIX custom log data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
}
},
{
@@ -100,6 +100,20 @@
"uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data"
}
}
+ },
+ {
+ "name": "workbook1",
+ "type": "Microsoft.Common.Section",
+ "label": "IONIX Overview",
+ "elements": [
+ {
+ "name": "workbook1-text",
+ "type": "Microsoft.Common.TextBlock",
+ "options": {
+ "text": "Gain insights into your IONIX Security Logs."
+ }
+ }
+ ]
}
]
},
@@ -132,13 +146,13 @@
{
"name": "analytic1",
"type": "Microsoft.Common.Section",
- "label": "High Urgency Cyberpion Action Items",
+ "label": "High Urgency IONIX Action Items",
"elements": [
{
"name": "analytic1-text",
"type": "Microsoft.Common.TextBlock",
"options": {
- "text": "This query creates an alert for active Cyberpion Action Items with high urgency (9-10).\n Urgency can be altered using the \"min_urgency\" variable in the query."
+ "text": "Creates an alert for active IONIX Action Items with high urgency (9-10)."
}
}
]
diff --git a/Solutions/Cyberpion/Package/mainTemplate.json b/Solutions/IONIX/Package/mainTemplate.json
old mode 100644
new mode 100755
similarity index 57%
rename from Solutions/Cyberpion/Package/mainTemplate.json
rename to Solutions/IONIX/Package/mainTemplate.json
index 66bfc16b349..71b8cd1bad1
--- a/Solutions/Cyberpion/Package/mainTemplate.json
+++ b/Solutions/IONIX/Package/mainTemplate.json
@@ -2,8 +2,8 @@
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
- "author": "Cyberpion",
- "comments": "Solution template for Cyberpion"
+ "author": "IONIX",
+ "comments": "Solution template for IONIX"
},
"parameters": {
"location": {
@@ -30,7 +30,7 @@
},
"workbook1-name": {
"type": "string",
- "defaultValue": "Cyberpion Overview",
+ "defaultValue": "IONIX Overview",
"minLength": 1,
"metadata": {
"description": "Name for the workbook"
@@ -38,57 +38,49 @@
}
},
"variables": {
+ "_solutionName": "IONIX",
+ "_solutionVersion": "3.0.0",
"solutionId": "cyberpion1597832716616.cyberpion_mss",
"_solutionId": "[variables('solutionId')]",
- "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
"uiConfigId1": "CyberpionSecurityLogs",
"_uiConfigId1": "[variables('uiConfigId1')]",
"dataConnectorContentId1": "CyberpionSecurityLogs",
"_dataConnectorContentId1": "[variables('dataConnectorContentId1')]",
"dataConnectorId1": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
"_dataConnectorId1": "[variables('dataConnectorId1')]",
- "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1')))]",
- "dataConnectorVersion1": "1.0.0",
- "analyticRuleVersion1": "1.0.0",
+ "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1'))))]",
+ "dataConnectorVersion1": "1.0.1",
+ "dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]",
+ "_dataConnectorcontentProductId1": "[variables('dataConnectorcontentProductId1')]",
+ "analyticRuleVersion1": "1.0.1",
"analyticRulecontentId1": "8e0403b1-07f8-4865-b2e9-74d1e83200a4",
"_analyticRulecontentId1": "[variables('analyticRulecontentId1')]",
"analyticRuleId1": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId1'))]",
- "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId1')))]",
- "workbookVersion1": "1.0.0",
+ "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId1'))))]",
+ "analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-',variables('_analyticRulecontentId1'),'-', variables('analyticRuleVersion1'))))]",
+ "_analyticRulecontentProductId1": "[variables('analyticRulecontentProductId1')]",
+ "workbookVersion1": "1.0.1",
"workbookContentId1": "CyberpionOverviewWorkbook",
"workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]",
- "workbookTemplateSpecName1": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1')))]",
- "_workbookContentId1": "[variables('workbookContentId1')]"
+ "workbookTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1'))))]",
+ "_workbookContentId1": "[variables('workbookContentId1')]",
+ "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
+ "workbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId1'),'-', variables('workbookVersion1'))))]",
+ "_workbookcontentProductId1": "[variables('workbookcontentProductId1')]",
+ "solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]",
+ "_solutioncontentProductId": "[variables('solutioncontentProductId')]"
},
"resources": [
{
- "type": "Microsoft.Resources/templateSpecs",
- "apiVersion": "2021-05-01",
+ "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+ "apiVersion": "2023-04-01-preview",
"name": "[variables('dataConnectorTemplateSpecName1')]",
"location": "[parameters('workspace-location')]",
- "tags": {
- "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
- "hidden-sentinelContentType": "DataConnector"
- },
- "properties": {
- "description": "Cyberpion data connector with template",
- "displayName": "Cyberpion template"
- }
- },
- {
- "type": "Microsoft.Resources/templateSpecs/versions",
- "apiVersion": "2021-05-01",
- "name": "[concat(variables('dataConnectorTemplateSpecName1'),'/',variables('dataConnectorVersion1'))]",
- "location": "[parameters('workspace-location')]",
- "tags": {
- "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
- "hidden-sentinelContentType": "DataConnector"
- },
"dependsOn": [
- "[resourceId('Microsoft.Resources/templateSpecs', variables('dataConnectorTemplateSpecName1'))]"
+ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
- "description": "Cyberpion data connector with template version 2.0.1",
+ "description": "IONIX data connector with template version 3.0.0",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('dataConnectorVersion1')]",
@@ -104,9 +96,9 @@
"properties": {
"connectorUiConfig": {
"id": "[variables('_uiConfigId1')]",
- "title": "Cyberpion Security Logs",
- "publisher": "Cyberpion",
- "descriptionMarkdown": "The Cyberpion Security Logs data connector, ingests logs from the Cyberpion system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.",
+ "title": "IONIX Security Logs",
+ "publisher": "IONIX",
+ "descriptionMarkdown": "The IONIX Security Logs data connector, ingests logs from the IONIX system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.",
"graphQueries": [
{
"metricName": "Total data received",
@@ -163,14 +155,14 @@
],
"customs": [
{
- "name": "Cyberpion Subscription",
- "description": "a subscription and account is required for cyberpion logs. [One can be acquired here.](https://azuremarketplace.microsoft.com/en/marketplace/apps/cyberpion1597832716616.cyberpion)"
+ "name": "IONIX Subscription",
+ "description": "a subscription and account is required for IONIX logs. [One can be acquired here.](https://azuremarketplace.microsoft.com/en/marketplace/apps/cyberpion1597832716616.cyberpion)"
}
]
},
"instructionSteps": [
{
- "description": "Follow the [instructions](https://www.cyberpion.com/resource-center/integrations/azure-sentinel/) to integrate Cyberpion Security Alerts into Sentinel.",
+ "description": "Follow the [instructions](https://www.ionix.io/integrations/azure-sentinel/) to integrate IONIX Security Alerts into Sentinel.",
"instructions": [
{
"parameters": {
@@ -198,7 +190,7 @@
},
{
"type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
- "apiVersion": "2022-01-01-preview",
+ "apiVersion": "2023-04-01-preview",
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]",
"properties": {
"parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
@@ -207,26 +199,38 @@
"version": "[variables('dataConnectorVersion1')]",
"source": {
"kind": "Solution",
- "name": "Cyberpion",
+ "name": "IONIX",
"sourceId": "[variables('_solutionId')]"
},
"author": {
- "name": "Cyberpion"
+ "name": "IONIX"
},
"support": {
- "name": "Cyberpion",
+ "name": "IONIX",
+ "email": "support@ionix.io",
"tier": "Partner",
- "link": "https://www.cyberpion.com/contact/"
+ "link": "https://www.ionix.io/contact-us/"
}
}
}
]
- }
+ },
+ "packageKind": "Solution",
+ "packageVersion": "[variables('_solutionVersion')]",
+ "packageName": "[variables('_solutionName')]",
+ "packageId": "[variables('_solutionId')]",
+ "contentSchemaVersion": "3.0.0",
+ "contentId": "[variables('_dataConnectorContentId1')]",
+ "contentKind": "DataConnector",
+ "displayName": "IONIX Security Logs",
+ "contentProductId": "[variables('_dataConnectorcontentProductId1')]",
+ "id": "[variables('_dataConnectorcontentProductId1')]",
+ "version": "[variables('dataConnectorVersion1')]"
}
},
{
"type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
- "apiVersion": "2022-01-01-preview",
+ "apiVersion": "2023-04-01-preview",
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]",
"dependsOn": [
"[variables('_dataConnectorId1')]"
@@ -239,16 +243,17 @@
"version": "[variables('dataConnectorVersion1')]",
"source": {
"kind": "Solution",
- "name": "Cyberpion",
+ "name": "IONIX",
"sourceId": "[variables('_solutionId')]"
},
"author": {
- "name": "Cyberpion"
+ "name": "IONIX"
},
"support": {
- "name": "Cyberpion",
+ "name": "IONIX",
+ "email": "support@ionix.io",
"tier": "Partner",
- "link": "https://www.cyberpion.com/contact/"
+ "link": "https://www.ionix.io/contact-us/"
}
}
},
@@ -260,9 +265,9 @@
"kind": "GenericUI",
"properties": {
"connectorUiConfig": {
- "title": "Cyberpion Security Logs",
- "publisher": "Cyberpion",
- "descriptionMarkdown": "The Cyberpion Security Logs data connector, ingests logs from the Cyberpion system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.",
+ "title": "IONIX Security Logs",
+ "publisher": "IONIX",
+ "descriptionMarkdown": "The IONIX Security Logs data connector, ingests logs from the IONIX system directly into Sentinel. The connector allows users to visualize their data, create alerts and incidents and improve security investigations.",
"graphQueries": [
{
"metricName": "Total data received",
@@ -319,14 +324,14 @@
],
"customs": [
{
- "name": "Cyberpion Subscription",
- "description": "a subscription and account is required for cyberpion logs. [One can be acquired here.](https://azuremarketplace.microsoft.com/en/marketplace/apps/cyberpion1597832716616.cyberpion)"
+ "name": "IONIX Subscription",
+ "description": "a subscription and account is required for IONIX logs. [One can be acquired here.](https://azuremarketplace.microsoft.com/en/marketplace/apps/cyberpion1597832716616.cyberpion)"
}
]
},
"instructionSteps": [
{
- "description": "Follow the [instructions](https://www.cyberpion.com/resource-center/integrations/azure-sentinel/) to integrate Cyberpion Security Alerts into Sentinel.",
+ "description": "Follow the [instructions](https://www.ionix.io/integrations/azure-sentinel/) to integrate IONIX Security Alerts into Sentinel.",
"instructions": [
{
"parameters": {
@@ -354,33 +359,15 @@
}
},
{
- "type": "Microsoft.Resources/templateSpecs",
- "apiVersion": "2021-05-01",
+ "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+ "apiVersion": "2023-04-01-preview",
"name": "[variables('analyticRuleTemplateSpecName1')]",
"location": "[parameters('workspace-location')]",
- "tags": {
- "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
- "hidden-sentinelContentType": "AnalyticsRule"
- },
- "properties": {
- "description": "Cyberpion Analytics Rule 1 with template",
- "displayName": "Cyberpion Analytics Rule template"
- }
- },
- {
- "type": "Microsoft.Resources/templateSpecs/versions",
- "apiVersion": "2021-05-01",
- "name": "[concat(variables('analyticRuleTemplateSpecName1'),'/',variables('analyticRuleVersion1'))]",
- "location": "[parameters('workspace-location')]",
- "tags": {
- "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
- "hidden-sentinelContentType": "AnalyticsRule"
- },
"dependsOn": [
- "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName1'))]"
+ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
- "description": "HighUrgencyActionItems_AnalyticalRules Analytics Rule with template version 2.0.1",
+ "description": "HighUrgencyActionItems_AnalyticalRules Analytics Rule with template version 3.0.0",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('analyticRuleVersion1')]",
@@ -389,13 +376,13 @@
"resources": [
{
"type": "Microsoft.SecurityInsights/AlertRuleTemplates",
- "name": "[variables('AnalyticRulecontentId1')]",
+ "name": "[variables('analyticRulecontentId1')]",
"apiVersion": "2022-04-01-preview",
"kind": "Scheduled",
"location": "[parameters('workspace-location')]",
"properties": {
- "description": "This query creates an alert for active Cyberpion Action Items with high urgency (9-10).\n Urgency can be altered using the \"min_urgency\" variable in the query.",
- "displayName": "High Urgency Cyberpion Action Items",
+ "description": "This query creates an alert for active IONIX Action Items with high urgency (9-10).\n Urgency can be altered using the \"min_urgency\" variable in the query.",
+ "displayName": "High Urgency IONIX Action Items",
"enabled": false,
"query": "let timeframe = 14d;\nlet time_generated_bucket = 1h;\nlet min_urgency = 9;\nlet maxTimeGeneratedBucket = toscalar(\n CyberpionActionItems_CL\n | where TimeGenerated > ago(timeframe)\n | summarize max(bin(TimeGenerated, time_generated_bucket))\n );\nCyberpionActionItems_CL\n | where TimeGenerated > ago(timeframe) and is_open_b == true\n | where bin(TimeGenerated, time_generated_bucket) == maxTimeGeneratedBucket\n | where urgency_d >= min_urgency\n | extend timestamp = opening_datetime_t\n | extend DNSCustomEntity = host_s\n",
"queryFrequency": "P1D",
@@ -408,22 +395,26 @@
"status": "Available",
"requiredDataConnectors": [
{
+ "connectorId": "CyberpionSecurityLogs",
"dataTypes": [
"CyberpionActionItems_CL"
- ],
- "connectorId": "CyberpionSecurityLogs"
+ ]
}
],
"tactics": [
"InitialAccess"
],
+ "techniques": [
+ "T1190",
+ "T1195"
+ ],
"entityMappings": [
{
"entityType": "DNS",
"fieldMappings": [
{
- "columnName": "DNSCustomEntity",
- "identifier": "DomainName"
+ "identifier": "DomainName",
+ "columnName": "DNSCustomEntity"
}
]
}
@@ -435,58 +426,52 @@
"apiVersion": "2022-01-01-preview",
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId1'),'/'))))]",
"properties": {
- "description": "Cyberpion Analytics Rule 1",
+ "description": "IONIX Analytics Rule 1",
"parentId": "[variables('analyticRuleId1')]",
"contentId": "[variables('_analyticRulecontentId1')]",
"kind": "AnalyticsRule",
"version": "[variables('analyticRuleVersion1')]",
"source": {
"kind": "Solution",
- "name": "Cyberpion",
+ "name": "IONIX",
"sourceId": "[variables('_solutionId')]"
},
"author": {
- "name": "Cyberpion"
+ "name": "IONIX"
},
"support": {
- "name": "Cyberpion",
+ "name": "IONIX",
+ "email": "support@ionix.io",
"tier": "Partner",
- "link": "https://www.cyberpion.com/contact/"
+ "link": "https://www.ionix.io/contact-us/"
}
}
}
]
- }
+ },
+ "packageKind": "Solution",
+ "packageVersion": "[variables('_solutionVersion')]",
+ "packageName": "[variables('_solutionName')]",
+ "packageId": "[variables('_solutionId')]",
+ "contentSchemaVersion": "3.0.0",
+ "contentId": "[variables('_analyticRulecontentId1')]",
+ "contentKind": "AnalyticsRule",
+ "displayName": "High Urgency IONIX Action Items",
+ "contentProductId": "[variables('_analyticRulecontentProductId1')]",
+ "id": "[variables('_analyticRulecontentProductId1')]",
+ "version": "[variables('analyticRuleVersion1')]"
}
},
{
- "type": "Microsoft.Resources/templateSpecs",
- "apiVersion": "2021-05-01",
+ "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+ "apiVersion": "2023-04-01-preview",
"name": "[variables('workbookTemplateSpecName1')]",
"location": "[parameters('workspace-location')]",
- "tags": {
- "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
- "hidden-sentinelContentType": "Workbook"
- },
- "properties": {
- "description": "Cyberpion Workbook with template",
- "displayName": "Cyberpion workbook template"
- }
- },
- {
- "type": "Microsoft.Resources/templateSpecs/versions",
- "apiVersion": "2021-05-01",
- "name": "[concat(variables('workbookTemplateSpecName1'),'/',variables('workbookVersion1'))]",
- "location": "[parameters('workspace-location')]",
- "tags": {
- "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
- "hidden-sentinelContentType": "Workbook"
- },
"dependsOn": [
- "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName1'))]"
+ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
- "description": "CyberpionOverviewWorkbookWorkbook Workbook with template version 2.0.1",
+ "description": "IONIXOverviewWorkbookWorkbook Workbook with template version 3.0.0",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('workbookVersion1')]",
@@ -500,11 +485,11 @@
"kind": "shared",
"apiVersion": "2021-08-01",
"metadata": {
- "description": "Use Cyberpion's Security Logs and this workbook, to get an overview of your online assets, gain insights into their current state, and find ways to better secure your ecosystem."
+ "description": ""
},
"properties": {
"displayName": "[parameters('workbook1-name')]",
- "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Cyberpion Action Items\"},\"name\":\"text - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"title\":\"Current Open Action Items\",\"expandable\":true,\"expanded\":true,\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = 14d;\\nlet bucketTimeSpan = 1h;\\nlet maxTimeGeneratedBucket = toscalar(CyberpionActionItems_CL | where TimeGenerated > ago(lookbackTime)| summarize max(bin(TimeGenerated, bucketTimeSpan)));\\nCyberpionActionItems_CL\\n | where TimeGenerated > ago(lookbackTime) and is_open_b == true\\n | extend TimeGeneratedBucket = bin(TimeGenerated, bucketTimeSpan)\\n | where TimeGeneratedBucket == maxTimeGeneratedBucket\\n | summarize count() by Category\\n | render barchart\\n\\n\",\"size\":0,\"title\":\"Action Items by Category\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"action-items-by-category\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = 14d;\\nlet bucketTimeSpan = 1h;\\nlet maxTimeGeneratedBucket = toscalar(CyberpionActionItems_CL | where TimeGenerated > ago(lookbackTime)| summarize max(bin(TimeGenerated, bucketTimeSpan)));\\nCyberpionActionItems_CL\\n | where TimeGenerated > ago(lookbackTime) and is_open_b == true\\n | extend TimeGeneratedBucket = bin(TimeGenerated, bucketTimeSpan)\\n | where TimeGeneratedBucket == maxTimeGeneratedBucket\\n | summarize count() by solution_s\\n | render piechart\",\"size\":0,\"title\":\"Most Common Solutions\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"most-common-solution\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = 14d;\\nlet bucketTimeSpan = 1h;\\nlet maxTimeGeneratedBucket = toscalar(CyberpionActionItems_CL | where TimeGenerated > ago(lookbackTime)| summarize max(bin(TimeGenerated, bucketTimeSpan)));\\nCyberpionActionItems_CL\\n | where TimeGenerated > ago(lookbackTime) and is_open_b == true\\n | extend TimeGeneratedBucket = bin(TimeGenerated, bucketTimeSpan)\\n | where TimeGeneratedBucket == maxTimeGeneratedBucket\\n | extend Urgency = bin(urgency_d, 1)\\n | summarize count() by Urgency\\n | join kind=rightouter (range Urgency from 1.0 to 10.0 step 1) on Urgency\\n | project Urgency = Urgency1, Count = iff(isnotempty(count_), count_, 0)\\n | sort by Urgency asc\\n | extend Urgency = tostring(Urgency)\\n | render barchart\\n\\n\",\"size\":0,\"title\":\"Action Items Count by Urgency\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"categoricalbar\",\"chartSettings\":{\"createOtherGroup\":0,\"xSettings\":{\"numberFormatSettings\":{\"unit\":0,\"options\":{\"style\":\"decimal\",\"useGrouping\":true}}},\"ySettings\":{\"numberFormatSettings\":{\"unit\":0,\"options\":{\"style\":\"decimal\",\"useGrouping\":true}}}}},\"customWidth\":\"50\",\"name\":\"open-ai-urgency-bars\"}]},\"name\":\"current-ais\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"title\":\"Historical Info\",\"expandable\":true,\"expanded\":true,\"items\":[{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"e8bb48b6-6706-48bd-b8a1-94de288bcb4c\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"type\":4,\"isRequired\":true,\"value\":{\"durationMs\":604800000},\"typeSettings\":{\"selectableValues\":[{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000},{\"durationMs\":5184000000},{\"durationMs\":7776000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000}}],\"style\":\"pills\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = now(-{TimeRange:seconds}s);\\nlet bucketTimeSpan = 1h;\\nCyberpionActionItems_CL\\n | where TimeGenerated > lookbackTime and is_open_b == true\\n | project id_s, TimeGenerated\\n | make-series count() default=long(null) on TimeGenerated from bin(lookbackTime, bucketTimeSpan) to now() step bucketTimeSpan\\n | extend open_action_items=series_fill_forward(count_, long(null))\\n | project TimeGenerated, open_action_items\\n | mv-expand TimeGenerated to typeof(datetime), open_action_items to typeof(int)\\n | where isnotnull(open_action_items)\\n | render timechart\",\"size\":0,\"aggregation\":5,\"title\":\"Open Action Items over time\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"action-items-over-time\"}]},\"name\":\"historical-data\"}],\"fromTemplateId\":\"sentinel-CyberpionOverviewWorkbook\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n",
+ "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## IONIX Action Items\"},\"name\":\"text - 2\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"title\":\"Current Open Action Items\",\"expandable\":true,\"expanded\":true,\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = 14d;\\nlet bucketTimeSpan = 1h;\\nlet maxTimeGeneratedBucket = toscalar(CyberpionActionItems_CL | where TimeGenerated > ago(lookbackTime)| summarize max(bin(TimeGenerated, bucketTimeSpan)));\\nCyberpionActionItems_CL\\n | where TimeGenerated > ago(lookbackTime) and is_open_b == true\\n | extend TimeGeneratedBucket = bin(TimeGenerated, bucketTimeSpan)\\n | where TimeGeneratedBucket == maxTimeGeneratedBucket\\n | summarize count() by Category\\n | render barchart\\n\\n\",\"size\":0,\"title\":\"Action Items by Category\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"action-items-by-category\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = 14d;\\nlet bucketTimeSpan = 1h;\\nlet maxTimeGeneratedBucket = toscalar(CyberpionActionItems_CL | where TimeGenerated > ago(lookbackTime)| summarize max(bin(TimeGenerated, bucketTimeSpan)));\\nCyberpionActionItems_CL\\n | where TimeGenerated > ago(lookbackTime) and is_open_b == true\\n | extend TimeGeneratedBucket = bin(TimeGenerated, bucketTimeSpan)\\n | where TimeGeneratedBucket == maxTimeGeneratedBucket\\n | summarize count() by solution_s\\n | render piechart\",\"size\":0,\"title\":\"Most Common Solutions\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"customWidth\":\"50\",\"name\":\"most-common-solution\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = 14d;\\nlet bucketTimeSpan = 1h;\\nlet maxTimeGeneratedBucket = toscalar(CyberpionActionItems_CL | where TimeGenerated > ago(lookbackTime)| summarize max(bin(TimeGenerated, bucketTimeSpan)));\\nCyberpionActionItems_CL\\n | where TimeGenerated > ago(lookbackTime) and is_open_b == true\\n | extend TimeGeneratedBucket = bin(TimeGenerated, bucketTimeSpan)\\n | where TimeGeneratedBucket == maxTimeGeneratedBucket\\n | extend Urgency = bin(urgency_d, 1)\\n | summarize count() by Urgency\\n | join kind=rightouter (range Urgency from 1.0 to 10.0 step 1) on Urgency\\n | project Urgency = Urgency1, Count = iff(isnotempty(count_), count_, 0)\\n | sort by Urgency asc\\n | extend Urgency = tostring(Urgency)\\n | render barchart\\n\\n\",\"size\":0,\"title\":\"Action Items Count by Urgency\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"categoricalbar\",\"chartSettings\":{\"group\":\"\",\"createOtherGroup\":0,\"xSettings\":{\"numberFormatSettings\":{\"unit\":0,\"options\":{\"style\":\"decimal\",\"useGrouping\":true}}},\"ySettings\":{\"numberFormatSettings\":{\"unit\":0,\"options\":{\"style\":\"decimal\",\"useGrouping\":true}}}}},\"customWidth\":\"50\",\"name\":\"open-ai-urgency-bars\"}]},\"name\":\"current-ais\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"title\":\"Historical Info\",\"expandable\":true,\"expanded\":true,\"items\":[{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"e8bb48b6-6706-48bd-b8a1-94de288bcb4c\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"type\":4,\"isRequired\":true,\"value\":{\"durationMs\":604800000},\"typeSettings\":{\"selectableValues\":[{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000},{\"durationMs\":5184000000},{\"durationMs\":7776000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000}}],\"style\":\"pills\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 1\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let lookbackTime = now(-{TimeRange:seconds}s);\\nlet bucketTimeSpan = 1h;\\nCyberpionActionItems_CL\\n | where TimeGenerated > lookbackTime and is_open_b == true\\n | project id_s, TimeGenerated\\n | make-series count() default=long(null) on TimeGenerated from bin(lookbackTime, bucketTimeSpan) to now() step bucketTimeSpan\\n | extend open_action_items=series_fill_forward(count_, long(null))\\n | project TimeGenerated, open_action_items\\n | mv-expand TimeGenerated to typeof(datetime), open_action_items to typeof(int)\\n | where isnotnull(open_action_items)\\n | render timechart\",\"size\":0,\"aggregation\":5,\"title\":\"Open Action Items over time\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"action-items-over-time\"}]},\"name\":\"historical-data\"}],\"fromTemplateId\":\"sentinel-CyberpionOverviewWorkbook\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\n",
"version": "1.0",
"sourceId": "[variables('workspaceResourceId')]",
"category": "sentinel"
@@ -515,65 +500,72 @@
"apiVersion": "2022-01-01-preview",
"name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Workbook-', last(split(variables('workbookId1'),'/'))))]",
"properties": {
- "description": "@{workbookKey=CyberpionOverviewWorkbook; logoFileName=cyberpion_logo.svg; description=Use Cyberpion's Security Logs and this workbook, to get an overview of your online assets, gain insights into their current state, and find ways to better secure your ecosystem.; dataTypesDependencies=System.Object[]; dataConnectorsDependencies=System.Object[]; previewImagesFileNames=System.Object[]; version=1.0.0; title=Cyberpion Overview; templateRelativePath=CyberpionOverviewWorkbook.json; subtitle=; provider=Cyberpion}.description",
+ "description": ".description",
"parentId": "[variables('workbookId1')]",
"contentId": "[variables('_workbookContentId1')]",
"kind": "Workbook",
"version": "[variables('workbookVersion1')]",
"source": {
"kind": "Solution",
- "name": "Cyberpion",
+ "name": "IONIX",
"sourceId": "[variables('_solutionId')]"
},
"author": {
- "name": "Cyberpion"
+ "name": "IONIX"
},
"support": {
- "name": "Cyberpion",
+ "name": "IONIX",
+ "email": "support@ionix.io",
"tier": "Partner",
- "link": "https://www.cyberpion.com/contact/"
- },
- "dependencies": {
- "operator": "AND",
- "criteria": [
- {
- "contentId": "CyberpionActionItems_CL",
- "kind": "DataType"
- },
- {
- "contentId": "CyberpionSecurityLogs",
- "kind": "DataConnector"
- }
- ]
+ "link": "https://www.ionix.io/contact-us/"
}
}
}
]
- }
+ },
+ "packageKind": "Solution",
+ "packageVersion": "[variables('_solutionVersion')]",
+ "packageName": "[variables('_solutionName')]",
+ "packageId": "[variables('_solutionId')]",
+ "contentSchemaVersion": "3.0.0",
+ "contentId": "[variables('_workbookContentId1')]",
+ "contentKind": "Workbook",
+ "displayName": "[parameters('workbook1-name')]",
+ "contentProductId": "[variables('_workbookcontentProductId1')]",
+ "id": "[variables('_workbookcontentProductId1')]",
+ "version": "[variables('workbookVersion1')]"
}
},
{
- "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
- "apiVersion": "2022-01-01-preview",
+ "type": "Microsoft.OperationalInsights/workspaces/providers/contentPackages",
+ "apiVersion": "2023-04-01-preview",
"location": "[parameters('workspace-location')]",
"properties": {
- "version": "2.0.1",
+ "version": "3.0.0",
"kind": "Solution",
- "contentSchemaVersion": "2.0.0",
+ "contentSchemaVersion": "3.0.0",
+ "displayName": "IONIX",
+ "publisherDisplayName": "IONIX",
+ "descriptionHtml": "Note: There may be known issues pertaining to this Solution, please refer to them before installing.
\nThe IONIX solution for Microsoft Sentinel enables you to ingest vulnerability logs from the IONIX platform into Microsoft Sentinel.
\nUnderlying Microsoft Technologies used:
\nThis solution is dependent on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:
\n\nData Connectors: 1, Workbooks: 1, Analytic Rules: 1
\nLearn more about Microsoft Sentinel | Learn more about Solutions
\n", + "contentKind": "Solution", + "contentProductId": "[variables('_solutioncontentProductId')]", + "id": "[variables('_solutioncontentProductId')]", + "icon": "",
"contentId": "[variables('_solutionId')]",
"parentId": "[variables('_solutionId')]",
"source": {
"kind": "Solution",
- "name": "Cyberpion",
+ "name": "IONIX",
"sourceId": "[variables('_solutionId')]"
},
"author": {
- "name": "Cyberpion"
+ "name": "IONIX"
},
"support": {
- "name": "Cyberpion",
+ "name": "IONIX",
+ "email": "support@ionix.io",
"tier": "Partner",
- "link": "https://www.cyberpion.com/contact/"
+ "link": "https://www.ionix.io/contact-us/"
},
"dependencies": {
"operator": "AND",
@@ -597,7 +589,7 @@
},
"firstPublishDate": "2022-05-02",
"providers": [
- "Cyberpion"
+ "IONIX"
],
"categories": {
"domains": [
diff --git a/Solutions/IONIX/ReleaseNotes.md b/Solutions/IONIX/ReleaseNotes.md
new file mode 100644
index 00000000000..b6f11b13579
--- /dev/null
+++ b/Solutions/IONIX/ReleaseNotes.md
@@ -0,0 +1,5 @@
+| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
+|-------------|--------------------------------|--------------------------------------------------------------------------------------------------------------------|
+| 3.0.0 | 20-09-2023 | A UI-only update as part of a re-branding from "Cyberpion" to "IONIX" (no change to core functionality) \| v1.0.1 |
+
+
diff --git a/Solutions/Cyberpion/SolutionMetadata.json b/Solutions/IONIX/SolutionMetadata.json
similarity index 65%
rename from Solutions/Cyberpion/SolutionMetadata.json
rename to Solutions/IONIX/SolutionMetadata.json
index 1a81096923b..0303cbc96e5 100644
--- a/Solutions/Cyberpion/SolutionMetadata.json
+++ b/Solutions/IONIX/SolutionMetadata.json
@@ -2,15 +2,16 @@
"publisherId": "cyberpion1597832716616",
"offerId": "cyberpion_mss",
"firstPublishDate": "2022-05-02",
- "providers": ["Cyberpion"],
+ "providers": ["IONIX"],
"categories": {
"domains" : ["Security - Threat Protection"],
"verticals": []
},
"support": {
- "name": "Cyberpion",
+ "name": "IONIX",
+ "email": "support@ionix.io",
"tier": "Partner",
- "link": "https://www.cyberpion.com/contact/"
+ "link": "https://www.ionix.io/contact-us/"
}
}
diff --git a/Solutions/Cyberpion/Workbooks/CyberpionOverviewWorkbook.json b/Solutions/IONIX/Workbooks/IONIXOverviewWorkbook.json
similarity index 99%
rename from Solutions/Cyberpion/Workbooks/CyberpionOverviewWorkbook.json
rename to Solutions/IONIX/Workbooks/IONIXOverviewWorkbook.json
index 744826a7202..5888db9dd25 100644
--- a/Solutions/Cyberpion/Workbooks/CyberpionOverviewWorkbook.json
+++ b/Solutions/IONIX/Workbooks/IONIXOverviewWorkbook.json
@@ -4,7 +4,7 @@
{
"type": 1,
"content": {
- "json": "## Cyberpion Action Items"
+ "json": "## IONIX Action Items"
},
"name": "text - 2"
},
diff --git a/Solutions/IONIX/Workbooks/Images/Logos/ionix-logo.svg b/Solutions/IONIX/Workbooks/Images/Logos/ionix-logo.svg
new file mode 100644
index 00000000000..26f7d3cb422
--- /dev/null
+++ b/Solutions/IONIX/Workbooks/Images/Logos/ionix-logo.svg
@@ -0,0 +1,14 @@
+
+
diff --git a/Solutions/IONIX/Workbooks/Images/Previews/IONIXActionItemsBlack.png b/Solutions/IONIX/Workbooks/Images/Previews/IONIXActionItemsBlack.png
new file mode 100644
index 00000000000..e3eb2a2621b
Binary files /dev/null and b/Solutions/IONIX/Workbooks/Images/Previews/IONIXActionItemsBlack.png differ
diff --git a/Solutions/IONIX/Workbooks/Images/Previews/IONIXActionItemsWhite.png b/Solutions/IONIX/Workbooks/Images/Previews/IONIXActionItemsWhite.png
new file mode 100644
index 00000000000..5887b4bcc5b
Binary files /dev/null and b/Solutions/IONIX/Workbooks/Images/Previews/IONIXActionItemsWhite.png differ
diff --git a/Workbooks/Images/Logos/ionix-logo.svg b/Workbooks/Images/Logos/ionix-logo.svg
new file mode 100644
index 00000000000..26f7d3cb422
--- /dev/null
+++ b/Workbooks/Images/Logos/ionix-logo.svg
@@ -0,0 +1,14 @@
+
+
diff --git a/Workbooks/Images/Preview/IONIXActionItemsBlack.png b/Workbooks/Images/Preview/IONIXActionItemsBlack.png
new file mode 100644
index 00000000000..e3eb2a2621b
Binary files /dev/null and b/Workbooks/Images/Preview/IONIXActionItemsBlack.png differ
diff --git a/Workbooks/Images/Preview/IONIXActionItemsWhite.png b/Workbooks/Images/Preview/IONIXActionItemsWhite.png
new file mode 100644
index 00000000000..5887b4bcc5b
Binary files /dev/null and b/Workbooks/Images/Preview/IONIXActionItemsWhite.png differ
diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json
index 1d56351eaed..4317aa32b16 100644
--- a/Workbooks/WorkbooksMetadata.json
+++ b/Workbooks/WorkbooksMetadata.json
@@ -2367,8 +2367,8 @@
},
{
"workbookKey": "CyberpionOverviewWorkbook",
- "logoFileName": "cyberpion_logo.svg",
- "description": "Use Cyberpion's Security Logs and this workbook, to get an overview of your online assets, gain insights into their current state, and find ways to better secure your ecosystem.",
+ "logoFileName": "ionix-logo.svg",
+ "description": "Use IONIX's Security Logs and this workbook, to get an overview of your online assets, gain insights into their current state, and find ways to better secure your ecosystem.",
"dataTypesDependencies": [
"CyberpionActionItems_CL"
],
@@ -2376,14 +2376,14 @@
"CyberpionSecurityLogs"
],
"previewImagesFileNames": [
- "CyberpionActionItemsBlack.png",
- "CyberpionActionItemsWhite.png"
+ "IONIXActionItemsBlack.png",
+ "IONIXActionItemsWhite.png"
],
- "version": "1.0.0",
- "title": "Cyberpion Overview",
- "templateRelativePath": "CyberpionOverviewWorkbook.json",
+ "version": "1.0.1",
+ "title": "IONIX Overview",
+ "templateRelativePath": "IONIXOverviewWorkbook.json",
"subtitle": "",
- "provider": "Cyberpion"
+ "provider": "IONIX"
},
{
"workbookKey": "SolarWindsPostCompromiseHuntingWorkbook",