From cf79ae6f987f163c0efeb117e9edfd0c38e83d04 Mon Sep 17 00:00:00 2001
From: nipun-crestdatasystem <nipun.brahmbhatt@crestdatasys.com>
Date: Mon, 18 Sep 2023 18:28:03 +0530
Subject: [PATCH] Added shorten url for function app and azure deploy

---
 .../MimecastTTP_API_FunctionApp.json          |   2 +-
 ...redeploy_MimecastTTP_AzureFunctionApp.json |   2 +-
 Solutions/MimecastTTP/Package/3.0.0.zip       | Bin 13393 -> 13391 bytes
 .../MimecastTTP/Package/mainTemplate.json     |   4 ++--
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Solutions/MimecastTTP/Data Connectors/MimecastTTP_API_FunctionApp.json b/Solutions/MimecastTTP/Data Connectors/MimecastTTP_API_FunctionApp.json
index fb8758c95cb..b408483a971 100644
--- a/Solutions/MimecastTTP/Data Connectors/MimecastTTP_API_FunctionApp.json	
+++ b/Solutions/MimecastTTP/Data Connectors/MimecastTTP_API_FunctionApp.json	
@@ -143,7 +143,7 @@
     },
     {
       "title": "Deploy the Mimecast Targeted Threat Protection Data Connector:",
-      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-mimecastttp-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy.\n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> TTP checkpoints ---> Upload*** and create empty files on your machine named attachment-checkpoint.txt, impersonation-checkpoint.txt, url-checkpoint.txt and select them for upload (this is done so that date_range for TTP logs are stored in consistent state)\n"
+      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-MimecastTTP-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy.\n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> TTP checkpoints ---> Upload*** and create empty files on your machine named attachment-checkpoint.txt, impersonation-checkpoint.txt, url-checkpoint.txt and select them for upload (this is done so that date_range for TTP logs are stored in consistent state)\n"
     }
   ],
   "metadata": {
diff --git a/Solutions/MimecastTTP/Data Connectors/azuredeploy_MimecastTTP_AzureFunctionApp.json b/Solutions/MimecastTTP/Data Connectors/azuredeploy_MimecastTTP_AzureFunctionApp.json
index 9c351d85c08..9c31dfe37c6 100644
--- a/Solutions/MimecastTTP/Data Connectors/azuredeploy_MimecastTTP_AzureFunctionApp.json	
+++ b/Solutions/MimecastTTP/Data Connectors/azuredeploy_MimecastTTP_AzureFunctionApp.json	
@@ -205,7 +205,7 @@
                     "active_directory_tenant_id": "[concat('@Microsoft.KeyVault(SecretUri=https://', variables('functionAppName'), '.vault.azure.net/secrets/', 'active-directory-tenant-id', '/)')]",
                     "log_analytics_workspace_id": "[concat('@Microsoft.KeyVault(SecretUri=https://', variables('functionAppName'), '.vault.azure.net/secrets/', 'log-analytics-workspace-id', '/)')]",
                     "log_analytics_workspace_key": "[concat('@Microsoft.KeyVault(SecretUri=https://', variables('functionAppName'), '.vault.azure.net/secrets/', 'log-analytics-workspace-key', '/)')]",
-                    "WEBSITE_RUN_FROM_PACKAGE": "https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/MimecastTTP/Data%20Connectors/MimecastTTPAzureConn.zip"
+                    "WEBSITE_RUN_FROM_PACKAGE": "https://aka.ms/sentinel-MimecastTTP-functionapp"
                 }
             }]
         },
diff --git a/Solutions/MimecastTTP/Package/3.0.0.zip b/Solutions/MimecastTTP/Package/3.0.0.zip
index 465c1bdb038edddc4eca9f9502791052c5590f17..ee14592f60bfdf3cfff12c033447288cb270db45 100644
GIT binary patch
delta 2231
zcmV;o2uSzQXwPV{s0axwg)&zoB<Abrv#|({B7ZX*7;V;rci&(!=o$4`cm@bgnN!6`
z7R+NNK;PWlf+tC^%_=yB1KHesD-Ho}ZX*5=#=gc1`$BeNh?UpT^GhG>Ex0Vq-#sV4
z`R<?SUm$p3Ce(_#7Xi~Z!(&)r+uSsVfXnVAYLN*>1~6dtUo3A>cAh*=$IUxRj@*#h
z<bPZKj^&UrTf+Z52?M;N5&ytHc~u!00Ex8B=}Lmv9XiA~W8*oPV({-XJj=)$*Ckcb
z<u6<BCd&q~bOhKrFq*_l9!jo<OrzveD2XF!oYWwS<VhiMvKZh^Qzj+K_1O}W-bs=q
z$&D!U0bC-OOeG>ESw3(0mYb_1%?O;NJAaH)6(lBYKk>&`XpP7#tlNH0j)x?B^fe8#
zB?x4(<tGU=z6!t$?KRzE(K$T*<6mjk86YqK>zt<FLigog@;G&-VEgOFAN=$=>ON>a
zm>)5MFdK5Yaf+r3E$c;!Te?Qbr;!)F072r1vk=fq7lg<?SjOXFUWTuYtI<L5g?}(N
z$ZRZxYIxOzJSq#?F^PCs9{7B18xh=KMO%oB<R*4c`jpMhlNo+aFG5EGFt}A`13%d&
z6)TE-+9WsqGHdgRy%JJGE`-g#T1TG?ss-{0D`${Uc4NW@Zzi9<{sMS}zzX*C=eHkz
zCWjy1pC25*e|>t!A7WtxW5_gceSax{zd<+4DJ)IcNe*^-F54PKB+10G$6#0prrCit
z$uWX<3UWLC5^v=%9xA<^g<jzq8#qcF;)G4?jG;x=xrs(m@^Mkb9hL()^4l9&TcnGn
zGBBOR7Rc-XG0bO#)(_WTIG-E31Gg-SNR~n}T*wCa73Zn($W6L((Jq}-kAKy%TPvxg
z*KfY_WB0pz&z{-4)NXg_{<HS3<Jj$IyWL^Czi01s_lDixlf7LX#f57M)E5=7hO(j{
zSG%BXU0rv~nn-|AW$iI*TB@yW7Bkk=5wj+D9ipZ@n6)vg<7F+)iiug%ISPtdzr~dc
z<Bw9X6%T7GKnn<$n0c47n|~&EQ)o-`k}eCXSrWb1j<R~Czn~&t*L3%5Dsp!qeDfN=
zd|_0f#II3B7pW?k)k3PisNty2^yz9)&1&rgjMbG5t1BBC+u&Nen*DQCS#MfdZ)PZp
z<@H)SQLM2y2`mk&9_tJ6b95A2n^fU91JKkA%C5_($1gkm2G0ILJAZk7t$sBqWp(_#
z703Fr`o|Yp+}%*rMiPxxC)-yYIn+c9^^rpJ2qEWH)Dc0A^EHnEa${*czVTr79=_VM
zFTkTGo?2@R7i5!+#5bqv=9eVg#bD<(H3M^Q6IF2;g5G@D5(VAm2TQoTz~s_`)nx^%
z%L*ROWd${t6qM69cYnN;pxI>v%`PFR&pj>XvVplS8JO#Gf%zz!>k@%^FAtda(t!Me
zwqPMGZ7p`01B&oRD^4c0wRJ_Hi>;`wpJ4@kb)sfMreXc)1EAJG22BVyuRdKc%@u+!
zjC);ev_6SmUkhDT1KmXI@1-QSggu!@W*-8o=F)aA*cOp39DmxXlF^!*TFSE7{AQL#
z-N;gJUgo}eWx+SD+yzqud${l$RjLG}y4YP`<X&Cep65_?F}qO_yK?hvj#6Z$=HFAX
z`dmfohIPD6>UZml(QAv)>x$3I8zLnzi<;4z;_|x5{h^A=n--HVL-=Zn#_P7yipO=T
zio#VQmWHT}i+{j>gyL^AJ(WzHr^vgu#4vw+dR5$QUUj`H?#6bj;_mOMxVvcHvws$%
z$ok^#+CcnXinR@kv>UG?9%M1LSrK+)T35x^X2sU?Fm_c`z3igu#<Q|2o^Dt?ZCErt
z??kMMqt(UH21U{8Ri8<bu2FHWLD6$@i70;>6giidL4OQ@Y1yr+`?C2`TdZ8qmb&8P
zyK<%YsF=rYs;sLb<5iLIs>rwr@TN=mRgrPCQC3C9$ee`-<f|g%Rgv+Xi;S04TwJxe
zTK{3Lw0Zr><2#({wew%^OPSN88e{Ggz}i#3ndA25x}d6q^9{<2G(|s!bN1=k-y?PV
zJj^r>{eLx{u-N&<^wkS6nSnpz7X3v>{6${S$*Xg=4xX^JFL_}Rkg?&*%a$gfln48x
z&wg;@yHNxd__Fni{YChnFFMvM+;PHevPecU{gKSt0%K0morcnGGkqKI1uCxMEYE|E
z+b=qR-iyxk)uj(4V5(SgjJb?)!=uW8y@952qJLIrn(zBe^NT@9I<MwG*DS<m=HY)m
z_f_UZ@rw@p&7Ud{wr1X!kMhcw9S(W=N)h`?fsf>55H>-eLaxIT`4(FcS~lBaRfW&O
zmJrYVT%2K;2Q+T@1zVgFoJA0C_N#;WlwcyFL07oWG<7OB5J1U1nG%|C4@IZjiN;Bz
zk$-nGQO16Bw}@=?QR1S0eIW27r!#OinKu1&IGycbVVN{QpssI=+s$RhF?Ic0Z_aWc
z6PpGhp$dF5j|i2ct1|eN)v?mcX$vtW62*oFC78xtZSII(xRViyLOa8j(7M?kfmF-}
zxG)lcnAv2;vS2bh6ARaKowva#h&oa&w|}GS(PayS%ZbMT`sv>E3;a2zXiSp7U#YlK
zTR@ichS};tvo5Rhx5rTamXC6<z!jEYiu)^C0Si4DYg-5Jj|!OB;y856V2f5th_qf2
zS}#TTu9ahHma$*bNPWSBuD~-3LRA{gf9eyI%b}%rS6X@xhnD_bY3bjE7U@8nkbm(>
zMgWKN$(HQC2)WW$E{k@0BFsvp1(>E~&;@d`f9h_#7`kB;pYTN&P{j-+tUi0~onE__
zyD*E@hnTfY7Q98fliJ?&X?CsN!i?Q02vwHO3GjpRirubOl22=s_cX?N&T%43y8Jce
z!J-O@bEWiIpP0-G8=O<yf>3KZiw7Bz@EHF6|C6^fQ3)%BGFKxc=IiK_5i~jmwKD(!
F004sHVTJ$z

delta 2233
zcmV;q2uAnMXwhh}s0ayjT`O1HaX6Cdv#|({B7fy71YWmU58i!)#h_=@W8oPfIAu;1
zBUvzynE-ura|@m%!8WVl6b@u_^Q|}pxVee=Lm2xSE9?u|i6K^AN6#;Pu(#l{Fn{-)
z{N}rVqJM$lftgS%=3WF$-wcmofo*fs90D%8lc+@|7#YBT)qk<PLD_loI2||dC^>RN
zW`C1!`8$?F!fXlu^CS%Ljz;_g|KwF=U;rf2GN&sEUU%pa<BW~xV2Z)N&+sfGYh0I9
zNteHDy_+l>#L^L9=fG$ZD|sln9x{!RPoX4^q;XP%D3T|I#K~fSH%*z8DA#98OnN6t
zk|Z~x%m;9ZU^116lw|q5;ahI5jx-~1l7H?nN>z}UwEe^%U!gT3udr_WIXNDZ?9taW
z$d(|G#g?BW(D*6<Gql%qi$&+~^pAg~S!aO20IYMGehb}~f63$2nS$-F8-MWA=cxOj
z^<aL)2*Pa0<;E$RF0`x{DQ@W+A)iKG_yPopAI?HRD_syG_h1>1hj|&kHm*ho!G9OR
z+#s{D5USx-6Y{7mXvZYtVR_*5wQWRjgB5KdGLoCvJ?T?6H&15xIlTxS3Bcf1oelhC
zn^deQ@@bRY^vkTxC-zE64Y?3D`)VD1E~pmBBdnZ3LfMT88@!o(`uYpt5dtgN)1Tjd
z_?aAjcz=Fy{QmXn8Gnd{4U8evz<>3n0R9HuET^zEVJA7*<+*HY6p<to%N~PaA(&<d
z)+EOW+9}BG_)EN%zj&zhb{2YtXKdgoaflN(u``AiS?4AiMajoS5qDS);K*-pU~Q2u
zmde0%7F!^*1H>?&5n4Z7f8l&?=nmYnC?Z)3$#5YX;8&cd#v?cB%0;_$Qhz;G$8N2p
zl3u_0&X3*i?mc^E?^3(nrTfp?yN+YGpY3*s?f#y<)7=|(dr$Uubrct_DNtWjz#7Vm
zf?Vx_wsm#gF>4|LMwPY4tZAvXwpq+rQ%B62+;xbW@?h4+sE(JlG%F@%P3I^mX8jgd
zE{s1)!B#x1tpF_`Tw>;3%71Q}+)be^%}cs0sAfs@UOUR_mHvW?d|lJsuc^r0f$+_1
z{PKlSg%ZC;6<wsNU{(vM`l5!TI@71CK{czj6EId+Hmt5}Xl#RP?P~VVRb{<tWxbi9
zD3;f2?L@K0-XyRzsCuj~z|YZ9Y;977-wZ%gGbp<*qaMHP^cy()2Y>D4^|kudpp@0|
z^Hv<|%jzFrWN~*xQ5#7#R-J5Lb>vVJG1Ny2%_D@IS5Zd<HO|*O0?3V}@%YAr)qD7A
z&%OYUo_K1lF<g*MG7{gMs+(Vua2JD}*VGKmxlL5XWe9rnWlI!vmme(Q@&c1f3s#pE
ztS&2fIF}XFTvAX@-+$ckQi5ie5j4Ampg#Asn9By{x@2Ik%LV46Xs$~H=Dj>%-b(}W
z3)+H(w6wL@WezC9AFVi<)YjG&fiAY9wtj{c^wo))37LlVqYr>u0~s_S*u465!8BJ0
zx-jl_wbA+{dVMW)RSk3#vA>s++!FR=9+`azsG3XLy<l5JwtsMFt4c;|ZfYsZX7ig_
z7Ih;_y?L4Y=9LBCxN;Xv4ea5<Z&axgkm_Q0eUW>0aeJOa)y3>aMeNGWvpGtUm70G~
z#p-hvsT<buHmTpOFGjB|La!@6FK>vHz$|J;Yl_S3CijObDsNg$z6{~3DH^ZaN-G}M
zsVWLriC7w<Hh(Sx{}GD6&Gb|<ah@XY+7iS3@#$4@w|Uj|s<<25t%|$9r{eCSdC&e?
zh$8EYw`&9Odnwj7EYfbgig=L4*k(o8jcHvKTbmVI&%@YNQT4KmsvFPBs(89#@w8#l
z^t=<XDvnkcM;jDHt5<y{MY=}Cxduhg#U-NrX;9=`UVjEL0H$TPs_x6?OKq`oJzMIE
zlkduv;-g|7yQ#9Sii}r9#;YRZCcv96-B(4%%|=-j86$HR9+0n!j8{d*cP=tsQgLzB
z=4$<ixzgtKCy(!Ns@Kkcy)R`>lWL5)PXKFA`DTvWm+OM64$e0yFVYnK6wcYFXMc~>
z?ej3xIDholc*0`m7t>cSz+?vgh+Fg*9q|`=K_{=y**bW_*1qJ0ML@=eFE3k~fKndp
zk3RdsjqgSgSm4XnEA|)Rf4=BguW-i+v&kYE$@E7uYYU7yMRyuXyUp}%z!#{vinBZq
zI&Qz{0D3Pv(^r>1kbtRT#WChG#tn}u1NH`*#(#-gooT-BGtDmsA?duD|6H>WpP7gM
z_1ssP6U8q&@Hc;|JlL9fUp~q!Uv@a;=_^I-D+NB1lR?-7feN_}Pvl!{L1@`*i&Ygq
z3tK`w_j7TEVII)9;TLRiN^llIyxFe~=2L=+hz4EZI@8pt+&};&^JGeB!aWq7ZYLTi
zjekbo$wV3Z(cL1l(MO4k`t^apkDSiH*<{-E)8TZshlOR*0D-!`Ep9iL8OPN1Z@oFo
zflO=~goG;a$vh%dj;_k!S60VLFQ+ZUlt>gC8kArfceS}Adf`q+Bns^eTSDt*djwK3
z8{oo70Agm78Owsn>`W|N&vo7gqaf-?wSU}>u1A+G5H2Sk1L&uF(=YJnn4&RB{(hz6
zN^JpI&KqW{2hF;y%HJMC`CC59!2(xUf+_B=Xay|vWUOr+ygw>nVvFO@ErTsuDIwB&
zMQFVg;k#CjrCG*)Nh9?I54r-+EC^L;H2<kjP%ej--d$<wJsev4ccrC&7h0qPZGS?>
zCm8`8&L>;4`y%8@Te&RS>4`8akrrT@mO&TD$^NOk?PBPLQGCJ|T|gBxkg)pfwRd{$
zUhcvyRv%*4GFk8z?M`ZY)2G?BdJ8jlqaajSIw!yn$}4ueT1h^wP2STO=Q+oTEa~#s
zln09{B+ix6XMJKaFKlp5Z3{xJ=?N@mM8aeE_x}TvwKGu(b6qP}+i^IO>XQ#NItI5h
H00000&cRPc

diff --git a/Solutions/MimecastTTP/Package/mainTemplate.json b/Solutions/MimecastTTP/Package/mainTemplate.json
index 304012f93f3..18f641b1857 100644
--- a/Solutions/MimecastTTP/Package/mainTemplate.json
+++ b/Solutions/MimecastTTP/Package/mainTemplate.json
@@ -743,7 +743,7 @@
                       ]
                     },
                     {
-                      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-mimecastttp-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy.\n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> TTP checkpoints ---> Upload*** and create empty files on your machine named attachment-checkpoint.txt, impersonation-checkpoint.txt, url-checkpoint.txt and select them for upload (this is done so that date_range for TTP logs are stored in consistent state)\n",
+                      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-MimecastTTP-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy.\n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> TTP checkpoints ---> Upload*** and create empty files on your machine named attachment-checkpoint.txt, impersonation-checkpoint.txt, url-checkpoint.txt and select them for upload (this is done so that date_range for TTP logs are stored in consistent state)\n",
                       "title": "Deploy the Mimecast Targeted Threat Protection Data Connector:"
                     }
                   ],
@@ -986,7 +986,7 @@
               ]
             },
             {
-              "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-mimecastttp-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy.\n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> TTP checkpoints ---> Upload*** and create empty files on your machine named attachment-checkpoint.txt, impersonation-checkpoint.txt, url-checkpoint.txt and select them for upload (this is done so that date_range for TTP logs are stored in consistent state)\n",
+              "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-MimecastTTP-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy.\n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> TTP checkpoints ---> Upload*** and create empty files on your machine named attachment-checkpoint.txt, impersonation-checkpoint.txt, url-checkpoint.txt and select them for upload (this is done so that date_range for TTP logs are stored in consistent state)\n",
               "title": "Deploy the Mimecast Targeted Threat Protection Data Connector:"
             }
           ],