diff --git a/Solutions/Recorded Future/Data/Solution_RecordedFuture.json b/Solutions/Recorded Future/Data/Solution_RecordedFuture.json index 7dcb60caf27..316f2dc0006 100644 --- a/Solutions/Recorded Future/Data/Solution_RecordedFuture.json +++ b/Solutions/Recorded Future/Data/Solution_RecordedFuture.json @@ -42,7 +42,7 @@ "Workbooks/RecordedFutureMalwareThreatHunting.json" ], "BasePath": "Users\\emangsten\\git\\github\\Azure-Sentinel\\Solutions\\Recorded Future", - "Version": "3.2.10", + "Version": "3.2.11", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "Is1Pconnector": false diff --git a/Solutions/Recorded Future/Package/3.2.11.zip b/Solutions/Recorded Future/Package/3.2.11.zip new file mode 100644 index 00000000000..f3cea054c12 Binary files /dev/null and b/Solutions/Recorded Future/Package/3.2.11.zip differ diff --git a/Solutions/Recorded Future/Package/mainTemplate.json b/Solutions/Recorded Future/Package/mainTemplate.json index ebb0c602dae..0f623e93e59 100644 --- a/Solutions/Recorded Future/Package/mainTemplate.json +++ b/Solutions/Recorded Future/Package/mainTemplate.json @@ -97,7 +97,7 @@ "email": "support@recordedfuture.com", "_email": "[variables('email')]", "_solutionName": "Recorded Future", - "_solutionVersion": "3.2.10", + "_solutionVersion": "3.2.11", "solutionId": "recordedfuture1605638642586.recorded_future_sentinel_solution", "_solutionId": "[variables('solutionId')]", "analyticRuleObject1": { @@ -198,7 +198,7 @@ "_playbookcontentProductId3": "[concat(take(variables('_solutionId'),50),'-','pl','-', uniqueString(concat(variables('_solutionId'),'-','Playbook','-',variables('_playbookContentId3'),'-', variables('playbookVersion3'))))]", "RecordedFuture-ThreatIntelligenceImport": "RecordedFuture-ThreatIntelligenceImport", "_RecordedFuture-ThreatIntelligenceImport": "[variables('RecordedFuture-ThreatIntelligenceImport')]", - "playbookVersion4": "1.0", + "playbookVersion4": "1.2", "playbookContentId4": "RecordedFuture-ThreatIntelligenceImport", "_playbookContentId4": "[variables('playbookContentId4')]", "playbookId4": "[resourceId('Microsoft.Logic/workflows', variables('playbookContentId4'))]", @@ -254,7 +254,7 @@ "_playbookcontentProductId10": "[concat(take(variables('_solutionId'),50),'-','lc','-', uniqueString(concat(variables('_solutionId'),'-','LogicAppsCustomConnector','-',variables('_playbookContentId10'),'-', variables('playbookVersion10'))))]", "RecordedFuture-ThreatMap-Importer": "RecordedFuture-ThreatMap-Importer", "_RecordedFuture-ThreatMap-Importer": "[variables('RecordedFuture-ThreatMap-Importer')]", - "playbookVersion11": "1.2", + "playbookVersion11": "1.3", "playbookContentId11": "RecordedFuture-ThreatMap-Importer", "_playbookContentId11": "[variables('playbookContentId11')]", "playbookId11": "[resourceId('Microsoft.Logic/workflows', variables('playbookContentId11'))]", @@ -344,7 +344,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureDomainMalwareC2inDNSEvents_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureDomainMalwareC2inDNSEvents_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]", @@ -483,7 +483,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureDomainMalwareC2inSyslogEvents_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureDomainMalwareC2inSyslogEvents_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]", @@ -623,7 +623,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureHashObservedInUndergroundinCommonSecurityLog_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureHashObservedInUndergroundinCommonSecurityLog_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]", @@ -779,7 +779,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureIPMalwareC2inAzureActivityEvents_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureIPMalwareC2inAzureActivityEvents_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]", @@ -910,7 +910,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureIPMalwareC2inDNSEvents_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureIPMalwareC2inDNSEvents_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject5').analyticRuleVersion5]", @@ -1055,7 +1055,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureUrlReportedbyInsiktGroupinSyslogEvents_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureUrlReportedbyInsiktGroupinSyslogEvents_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject6').analyticRuleVersion6]", @@ -1184,7 +1184,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureThreatHuntingHashAllActors_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureThreatHuntingHashAllActors_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject7').analyticRuleVersion7]", @@ -1321,7 +1321,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureThreatHuntingIPAllActors_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureThreatHuntingIPAllActors_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject8').analyticRuleVersion8]", @@ -1452,7 +1452,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureThreatHuntingDomainAllActors_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureThreatHuntingDomainAllActors_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject9').analyticRuleVersion9]", @@ -1583,7 +1583,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureThreatHuntingUrlAllActors_AnalyticalRules Analytics Rule with template version 3.2.10", + "description": "RecordedFutureThreatHuntingUrlAllActors_AnalyticalRules Analytics Rule with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('analyticRuleObject10').analyticRuleVersion10]", @@ -1712,7 +1712,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-IOC_Enrichment Playbook with template version 3.2.10", + "description": "RecordedFuture-IOC_Enrichment Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion1')]", @@ -2386,7 +2386,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-Playbook-Alert-Importer Playbook with template version 3.2.10", + "description": "RecordedFuture-Playbook-Alert-Importer Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion2')]", @@ -2756,7 +2756,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-AlertImporter Playbook with template version 3.2.10", + "description": "RecordedFuture-AlertImporter Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion3')]", @@ -3203,7 +3203,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-ThreatIntelligenceImport Playbook with template version 3.2.10", + "description": "RecordedFuture-ThreatIntelligenceImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion4')]", @@ -3282,7 +3282,7 @@ }, "host": { "connection": { - "name": "@parameters('$connections')['azuresentinel_1']['connectionId']" + "name": "@parameters('$connections')['azuresentinel']['connectionId']" } }, "method": "post", @@ -3301,7 +3301,7 @@ "parameters": { "$connections": { "value": { - "azuresentinel_1": { + "azuresentinel": { "connectionId": "[[resourceId('Microsoft.Web/connections', variables('MicrosoftSentinelConnectionName'))]", "connectionName": "[[variables('MicrosoftSentinelConnectionName')]", "id": "[[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', variables('workspace-location-inline'), '/managedApis/Azuresentinel')]", @@ -3320,7 +3320,7 @@ "location": "[[variables('workspace-location-inline')]", "tags": { "hidden-SentinelTemplateName": "RecordedFuture-ThreatIntelligenceImport", - "hidden-SentinelTemplateVersion": "1.0", + "hidden-SentinelTemplateVersion": "1.2", "hidden-SentinelWorkspaceId": "[[variables('workspaceResourceId')]" }, "identity": { @@ -3381,7 +3381,7 @@ "postDeployment": [ "After deployment, open the playbook to configure all connections and press save." ], - "lastUpdateTime": "2024-01-12T00:00:00Z", + "lastUpdateTime": "2024-10-31T00:00:00Z", "tags": [ "Threat Intelligence" ], @@ -3399,6 +3399,13 @@ "notes": [ "Fixed Api connection" ] + }, + { + "version": "1.2", + "title": "Rename API connection", + "notes": [ + "Rename API connection to 'azuresentinel'" + ] } ] } @@ -3425,7 +3432,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-Domain-IndicatorImport Playbook with template version 3.2.10", + "description": "RecordedFuture-Domain-IndicatorImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion5')]", @@ -3716,7 +3723,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-Hash-IndicatorImport Playbook with template version 3.2.10", + "description": "RecordedFuture-Hash-IndicatorImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion6')]", @@ -4007,7 +4014,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-IP-IndicatorImport Playbook with template version 3.2.10", + "description": "RecordedFuture-IP-IndicatorImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion7')]", @@ -4300,7 +4307,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-URL-IndicatorImport Playbook with template version 3.2.10", + "description": "RecordedFuture-URL-IndicatorImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion8')]", @@ -4591,7 +4598,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-Sandbox_Enrichment-Url Playbook with template version 3.2.10", + "description": "RecordedFuture-Sandbox_Enrichment-Url Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion9')]", @@ -4976,7 +4983,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-CustomConnector Playbook with template version 3.2.10", + "description": "RecordedFuture-CustomConnector Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion10')]", @@ -7604,7 +7611,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-ThreatMap-Importer Playbook with template version 3.2.10", + "description": "RecordedFuture-ThreatMap-Importer Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion11')]", @@ -7662,8 +7669,10 @@ "Fetch_Threat_Map_actors": { "type": "ApiConnection", "inputs": { - "headers": { - "Content-Type": "application/json" + "body": { + "actors": "[variables('TemplateEmptyArray')]", + "categories": "[variables('TemplateEmptyArray')]", + "watchlists": "[variables('TemplateEmptyArray')]" }, "host": { "connection": { @@ -7841,7 +7850,7 @@ "location": "[[variables('workspace-location-inline')]", "tags": { "hidden-SentinelTemplateName": "RecordedFuture-ThreatMap-Importer", - "hidden-SentinelTemplateVersion": "1.2", + "hidden-SentinelTemplateVersion": "1.3", "hidden-SentinelWorkspaceId": "[[variables('workspaceResourceId')]" }, "apiVersion": "2017-07-01", @@ -7923,7 +7932,7 @@ "postDeployment": [ "After deployment, open the playbook to configure all connections and press save." ], - "lastUpdateTime": "2024-03-08T00:00:00Z", + "lastUpdateTime": "2024-10-31T00:00:00Z", "tags": [ "Threat Intelligence" ], @@ -7948,6 +7957,13 @@ "notes": [ "Changed Default Recurrence to 24." ] + }, + { + "version": "1.3", + "title": "API Connection bugfix", + "notes": [ + "Fixed content-type bug in the API connection." + ] } ] } @@ -7974,7 +7990,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuture-MalwareThreatMap-Importer Playbook with template version 3.2.10", + "description": "RecordedFuture-MalwareThreatMap-Importer Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion12')]", @@ -8349,7 +8365,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "ActorThreatHunt-IndicatorImport Playbook with template version 3.2.10", + "description": "ActorThreatHunt-IndicatorImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion13')]", @@ -8585,7 +8601,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "MalwareThreatHunt-IndicatorImport Playbook with template version 3.2.10", + "description": "MalwareThreatHunt-IndicatorImport Playbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('playbookVersion14')]", @@ -8822,7 +8838,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFuturePlaybookAlertOverview Workbook with template version 3.2.10", + "description": "RecordedFuturePlaybookAlertOverview Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion1')]", @@ -8906,7 +8922,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureAlertOverview Workbook with template version 3.2.10", + "description": "RecordedFutureAlertOverview Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion2')]", @@ -8990,7 +9006,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureDomainCorrelation Workbook with template version 3.2.10", + "description": "RecordedFutureDomainCorrelation Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion3')]", @@ -9074,7 +9090,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureHashCorrelation Workbook with template version 3.2.10", + "description": "RecordedFutureHashCorrelation Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion4')]", @@ -9158,7 +9174,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureIPCorrelation Workbook with template version 3.2.10", + "description": "RecordedFutureIPCorrelation Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion5')]", @@ -9242,7 +9258,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureURLCorrelation Workbook with template version 3.2.10", + "description": "RecordedFutureURLCorrelation Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion6')]", @@ -9326,7 +9342,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureThreatActorHunting Workbook with template version 3.2.10", + "description": "RecordedFutureThreatActorHunting Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion7')]", @@ -9410,7 +9426,7 @@ "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "RecordedFutureMalwareThreatHunting Workbook with template version 3.2.10", + "description": "RecordedFutureMalwareThreatHunting Workbook with template version 3.2.11", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion8')]", @@ -9490,7 +9506,7 @@ "apiVersion": "2023-04-01-preview", "location": "[parameters('workspace-location')]", "properties": { - "version": "3.2.10", + "version": "3.2.11", "kind": "Solution", "contentSchemaVersion": "3.0.0", "displayName": "Recorded Future", diff --git a/Solutions/Recorded Future/ReleaseNotes.md b/Solutions/Recorded Future/ReleaseNotes.md index 0dbfdcd2e5b..8fd25085ebb 100644 --- a/Solutions/Recorded Future/ReleaseNotes.md +++ b/Solutions/Recorded Future/ReleaseNotes.md @@ -1,5 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|---------------------------------------------| +| 3.2.11 | 31-10-2024 | Fix API connection bug in RecordedFuture-ThreatMap-Importer, documentation improvements | | 3.2.10 | 01-10-2024 | Updated install README for multiple playbooks, added protocol check for URL enrichments in RecordedFuture-IOC_Enrichment **Playbook**, moved parameters from important to advanced and internal in RecordedFuture-CustomConnector| | 3.2.9 | 23-09-2024 | Updated RecordedFuture-Alert-Importer **Playbook** improved text encoding and added utm links | | 3.2.8 | 23-08-2024 | Updated RecordedFuture-Alert-Importer **Playbook** added text encoding and latest_event_date bugfix |