From c8b595051409abea61c553613b2af32c81c5a262 Mon Sep 17 00:00:00 2001
From: nipun-crestdatasystem <nipun.brahmbhatt@crestdatasys.com>
Date: Mon, 18 Sep 2023 19:31:11 +0530
Subject: [PATCH] Added shorten url for function app and azure deploy

---
 .../MimecastAudit_API_AzureFunctionApp.json   |   2 +-
 ...deploy_MimecastAudit_AzureFunctionApp.json |   2 +-
 Solutions/MimecastAudit/Package/3.0.0.zip     | Bin 10729 -> 10721 bytes
 .../MimecastAudit/Package/mainTemplate.json   |   4 ++--
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Solutions/MimecastAudit/Data Connectors/MimecastAudit_API_AzureFunctionApp.json b/Solutions/MimecastAudit/Data Connectors/MimecastAudit_API_AzureFunctionApp.json
index ed04ce5fac1..1bff46e8f39 100644
--- a/Solutions/MimecastAudit/Data Connectors/MimecastAudit_API_AzureFunctionApp.json	
+++ b/Solutions/MimecastAudit/Data Connectors/MimecastAudit_API_AzureFunctionApp.json	
@@ -115,7 +115,7 @@
     },
     {
       "title": "Deploy the Mimecast Audit & Authentication Data Connector:",
-      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-mimecastauditdataconnector-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy. \n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> Audit checkpoints ---> Upload*** and create empty file on your machine named checkpoint.txt and select it for upload (this is done so that date_range for SIEM logs is stored in consistent state)\n"
+      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-MimecastAudit-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy. \n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> Audit checkpoints ---> Upload*** and create empty file on your machine named checkpoint.txt and select it for upload (this is done so that date_range for SIEM logs is stored in consistent state)\n"
     }
   ],
   "metadata": {
diff --git a/Solutions/MimecastAudit/Data Connectors/azuredeploy_MimecastAudit_AzureFunctionApp.json b/Solutions/MimecastAudit/Data Connectors/azuredeploy_MimecastAudit_AzureFunctionApp.json
index 927f64bc8dc..f19ffa6e12b 100644
--- a/Solutions/MimecastAudit/Data Connectors/azuredeploy_MimecastAudit_AzureFunctionApp.json	
+++ b/Solutions/MimecastAudit/Data Connectors/azuredeploy_MimecastAudit_AzureFunctionApp.json	
@@ -206,7 +206,7 @@
             "active_directory_tenant_id": "[concat('@Microsoft.KeyVault(SecretUri=https://', variables('functionAppName'), '.vault.azure.net/secrets/', 'active-directory-tenant-id', '/)')]",
             "log_analytics_workspace_id": "[concat('@Microsoft.KeyVault(SecretUri=https://', variables('functionAppName'), '.vault.azure.net/secrets/', 'log-analytics-workspace-id', '/)')]",
             "log_analytics_workspace_key": "[concat('@Microsoft.KeyVault(SecretUri=https://', variables('functionAppName'), '.vault.azure.net/secrets/', 'log-analytics-workspace-key', '/)')]",
-            "WEBSITE_RUN_FROM_PACKAGE": "https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/MimecastAudit/Data%20Connectors/MimecastAuditAzureConn.zip"
+            "WEBSITE_RUN_FROM_PACKAGE": "https://aka.ms/sentinel-MimecastAudit-functionapp"
           }
         }
       ]
diff --git a/Solutions/MimecastAudit/Package/3.0.0.zip b/Solutions/MimecastAudit/Package/3.0.0.zip
index ff5715d96b6d694bd7a15c77e52b4422fabe58e4..1fc3bfb26647fbbdbc6a5f549bd21a13be05c50a 100644
GIT binary patch
delta 2171
zcmV->2!!|PQ{ht$P)h>@6aWAK2ml?MGO-O+2o0u%GFOX<^eDg}007;yZwSK}f4Tm)
zZ36-PU*Y;?u@OJgJX&O~v33ct09jh(fqh7VRq-P+8pnoZZyC1!@4Gvak|^<MDN7&f
zr^+EIk|OVpr~Bz}rs>nAmIiIjJ=gq-l?e;8vgyq%_WyNuO@A^u&C3cIG7iDo6IMvG
zDMXF*jesP%SuK|{-0iTl+YDvRf7SBxhf7iLTolZhD4(MCG!~&D%Nc1)-bSNPNFUqZ
zqB^{R2HC1-^u>AV;+)hfTD%}2Gv<7=xe31{X9;3FgbHakk41<=vxy@BbN3KAmYlbO
z5(CEjR}Ua@L202MZ=YRIK21=L3ob-4BQNR^5PqOnhA7=8sZRlq;fdWMe;tj~;EY15
z$&XM}pWL3uS4$&yFj<gP{+s`ed`aj%;g|B$xUCjl@<4460kYH5w<`y{G32~PV;_Vu
zX!sRIT2Nt^lO;V4)A=_!UWlXQgx)<n9W81rN)72&QC%vDDhYOSFpV=M=SZoh@lY2^
zVdQ4-iBIjsX_EL#wEh9Ue<Em2B}+<9`ML(2@~jRFci=-RaTlAJn3Vm4|9p+|i1qRF
z2>a}4%(B5bshKUCz$uO%5{DW;2cW0+&(S8?=kV*tpHuHMv_K7P@G)I1CU5?c!CtUf
zM<S)?=f+1K8;5%zc0Gt6aR(tb<bmT9MHkA}%d~IlDM587SAGP+f5DGe3+PsQB*fW+
z<35HPQGW+`9=(}8GE#&jW5HOvU5v<B#uBhQru@^)U_bKHZOrgRE6PHgNG@V`rB-P+
zKddl6K#Zyc+Tc>1>yf=Svm7c^w~+GurIUw$LR>5xb}5AR^#-b4*jun5;qc7F7mFIa
znEdtd5jwJfxu9R)e;vPn$9{Q#a{l({<nZ)NtXB$mp*fk)CJ%BAUO>fYm^+_Pr~xC{
z%w0<hHjOYP=!l^YXqaiHy?o?hQ9O?do;~o{tf*PG!KEy&h6g;^aGf)RdvMg4%AOq^
z{w5p}F+b%}7!y2_7zG#}qVSP4^vs$t1(NfO)cJ~)t`GIWe;|(Z=wUqj=zi84UykHN
zRD{R$jkmXNUUkRa*6U$+x3x2P-EBoXJ2$QEXxQE9?r!bvZEc%Io1^sfoE{aF;fhLN
zq_MOe(V-$qA}1@RLq!V^N|@2-0B)#A*;_a`8Y<%jyiiF$>V}H0LEcck>bM&Gr(M`z
zbB<nP<bP77f1-eBQTxY(?7lMdnQG8<c}i2k1)m)uP@}GM1VK=^IJ5CM#+K|%<AF=`
znGhGhKz`9iO*b-D(~ZGW*eO}Fmo>WQi|+Y}iaft(loXB>!0SL2Zn{qyL%y^R;uqFH
zs1TG@p91zPs{8;||3#~KGYDvJN{imD3p1ISy>HL1e<&{`oOVR;*2&h@+YJtT!N*Pr
zw+|GZqPGVes@GrtEB7+!d+(dM^}AiKSD?=mJ#7?+6-gzp1*~j#e*&|N$X54irp>j5
zl!df33$TIgf{CoGn2huxB5M+|CLzm{kPZT}=yIu!cnl&Pg9u0Uc$3>TkrC=E4%Q#y
z`|{vDf7>L8)#8Hm%nmm<lxKtS0_NmdAiQh;nRI}$#Tg6+VJiY)ZG*6rf@VU{P6nz@
z7&{5*MF47DmTPca#W_~H_mrgHT7;h`1Qh~5xk)}J!RI3PicY9PGgUoN2bt%3xZf3#
z7fRwi#o}`icP{s3{w1l6sM9U65(M4%K+gH?f75jcIVZQF#+ub+oIkQwlW|c^#(iaE
zT$rG76L3!P@&x2t*chCIn|lb)PqyW?arQE2^t;J5=LxAM)%-{`ceG4Rqy>kAmL}4I
zpGr-h1(Ii;#M!zJq9)7qWSIw1ra$}n5KdlXlLs-TkEUfIgqS|a)0<h+Re$Pvagtu{
ze`#@%U1et_|5M)M8oF6)LaQdUYC<cl@zA4uO=yMPr6#m+aw<2;YeK746Iv{5_g6+{
z+1`=5Kbf8ucZY422#Fe~nH6jyS>|BYwZo^3AyS!W#bQXcE$%QNGTRU@T?kW5!>11P
zHPlv9Q}Wm4l+54Wyx#+vH+#6{BDvQQe^;zGn)c6mvUxhbvR=gQKs>!kbL-`7LKzns
zQ)<^q9Ir5UX`ikbzwC9QKE66a_ptCa((aMdwF%OAg!*tH1urb>DcpU`tt!|g_xDh-
z-RnU2dYyUy>H&s;zF$owSbmR0)A>*NeNu;XQ8z0N>FV7qSf{^!SXUC&rFmrSf8?=i
zj6%7PVmXJ5<`tIaWXS#B5uKHy0lkCN*_C3Kvir%W{DX-%lN5ZIY#1jWdPV=G2S1w%
zGif3;O6paVes@^B_tIN3<#K;CPlqHoqbk1R%)Z>(WU|ojvM>5SzZLysrz;TS*)r+v
zOnaK_6}hot6CdZ_#}+4!_V&MKe=(snnaB#Tm2}M~&k<YY-PMUwE3zZ?hmjDGoyZsT
zU_-pC4!DT#O{TY)mO3*ni|DWR?F6%v;yx7(k+DdoRWA5c<|D=A@o`7)DNGW1^#T^x
zaCrw!zuKKY!sXovWk7P>*UgGEu3gbGhU|)#Ds^1`w-J}G+7ITef%a^Hf0itPMUR(U
zBT|0FD8Dpjv2i6!!Ho5iLVEJl#GYiE&{13bpWA!qP7GQmfu3l=Fa}w@ivAnn9Z}9a
z2tP_lG!se!<%W~JG{K(Z$s%5U;AS(7iZ&uoO8m0*az~M280qX+GC8#5*SGG=3fc3P
z%;c=wQNtOgYty`Pc#*g?G+OLrw8ZDE%tUtR^1taER7KLb^W4$R`DkB&QlGDuG)VaQ
x^M6oF0Rj{N6aWAK2ml?MGLv2@LJg*cGFOX<^eDg}007;SttmDJM=1aR004HDFWdkC

delta 2179
zcmV-}2z>Y9Q|VI;P)h>@6aWAK2mq>zE3pk#2o0}_D_74e7;wlS008&1ZwSK}f0^~R
zZ3F@MuWa*DORx^dM*>$7n$!krz;yy2=!0!Ev<_Q{WeK9xx@hy?J2SgWa>+eKy3WBo
zh4OOAUGC1s`8YV!^yyMdhqmsXYktMbgoRnz^kx?O|2n&-KbeB&WrYkGhhXgqE2P;J
zqDIC>K$6_7mdhFLcG%f%hO*{re|h=CrD%9A8fHwCPf>dsi`0<ijI<^1qfuy-<n~LS
zgx(pWt&~Wo7InaTYmni3MxURj`<;`HMe`S=WyZE|HaFpy#IYdYL+F!c^H}67G@Cda
zuze2^YRQEzs7heGfAs+37c>|K_4e5X71sn!x!@8N%k!dA0Z9l-W{9G0f070m&?irf
z7#Ve>4ri2KO+kgCF6G8OzGoV-gUNy>;cxyo3M^qLg&)fA<hELL$g{RV9>|-PfnGV_
zjUk6O8v7ubLEWz~?SdM+A}*<KOwMrPYY4w`LNB77Q5Urr<qR2PQR6F#UI~tPFim77
z7gedI^U!!oVdUmeiqF|ee*`57oM?jud_~ZjN|uzI@^!5_<yjpVuE2*>;wm<qF=_h;
z|M?n)6YJx*6872Am}N6{Qkz?Lfm0kkB+)hQ6kyo)&(S6s>+tKxpVLq@^gtbK@G)I1
zCU5?cnP0G2N20#x=f+2#D2IC=c0Gt6aRnhZr1x=(q6-D>WqNO^f6Ji8mMiy1aPZ^R
z0&Xky4{`Ru_s85Ly59jhr#G`lMp}_%ELd*0ixFAQ*aCLPlz*og#5H$yV}@^CQ5NDv
zauK^LRZO$_VTHv4V$>_p2bbzxsqD3x#luizM9TA*5g-0Naj|UJr4ZWJ8>oX}Z^42D
zPnwC(7d3b@`Rm~$f859d=7N5Gcl`bx`{n(~`P-wD!_zadUMcs5=43vbJjgY80VhVo
zoU=lC2aIGhk25XUG{X9zBZdK?VWyk*@{#9A@uDi|h~TqXQMYV^OIchE59sD_odfz&
zaL3g4?C9_}5uJ#+%S$;;@JM15VCYfdBWdUXHenYe&W$txe-x8lpZ9|q9jPB;bcA$2
z>n$-yr6Ov=6a2>8+c&Se<8JHqu)EvZ8NBYcqMe<a)^;@P?sRvz_V%{6O{2{rdwOV(
z8p_;7B}>xS+Rp1xlccJXmD!=D1tKNP0(8(f)THbs98e9l@uFX-r5}PrP1nG1=)CG6
z8~mqT*k5zOe_kU7kepIccC<MA$Aj#?GQ*l`26cI4Q(*_6ohMLJuyZ&;Q0_Rh!8yjB
z?11BeOZ1s|7r(52(MOFsGFGFG!BW^MS+j>V$LGuO`H6}=%x9Doj(WiB5EgFKPZ>kL
zwGZzX)<LKcl&3xg`Bzl=0jmCsR`F&k(B74n!&{eZe=-An-=1AjUPw6Yh~TZ0Jy&lx
zIP3)<J0aXYP;`pk9&o5$fBmmq%b@SQFXq<ocD-JKK2P+tQ5;qzmAn?Pvf2G{%rYWd
z-K&{C*A`M1?9wd22J#k6m}SM7qz@ihW05r$SssgY;E=_TOLh2T5cU{^JF4zYZr4Oc
z!ml`3e}AIy%Om-0lOR@$i`X*<+}wnojm!&}lV>6FuKj1yLCF?pFqn$1h=#Qd!j27^
zaX~vKs0Lx|SfCdUs0~@J0d*DUSiQZc#QxU8{XB`N5E9Cb^*M1q7sgi%LKV8H>WMlq
zJ=eqiuJF82Ebl26p98;hg)j3jNo{zYZi$t^f9bvljLvVLu7k@tAr3Xytj6U0`L!C8
zi)u{nE5qc%1dSVqbBdQIz~I8h;KbeBLwJ77Ew7EUhdHC)jj=gBq#9fE!`9r{GButS
zoDNzVPYZr3HHH?5p?TtG>pqAYGt*;c9(bAF_w&J>yf7yZd`zEB%R+E5eUhg)z@$6<
zf2rriiG8`J#f5p5ot6Ag`G{-iX036p8rQ0EtrDGw`t>!g6?T;x*TTuE+&-^ytyYa|
zv8)qN8Kz}>Ve0;vdfMEb!&M?bYM|C!u;pi&Gh5frr84GAWl|T5`PH^0#DFwyL-KSX
zXEDvCI?$h?_L|z2zb>a_3-{*z9>~1ef5R;o$-Ry^V!hF{f6mL$lP}A95xWEN^d_yk
zmopG$l4MLpUng<A!m6fyI%52=*NOW09tmT`BJfDNM^4u!NaGRe!-W*Qu&AeS^)a`q
zV3XY6!-?%)2X3#|nfI?AU<eop)})2y_eeCI|CHY+b$%D!X2tnky_*H=^w-bve@ark
zG>@#EJa&yyC>K&J=aA97!qS`!c`!U8$0-`n3rU?_DRwElpM1(cn0PZO&WB})aq{7=
z=)d&fXH#J&O@u~CLyR&A4~zF+hEAqj?vLi_kmP1m#dn<9ms^`mHu_!Oi~i4V#r?6<
z6^QX{oAh#~Jx%tC+}N;*kMl2Qe~S}Gd;4Frm{7V*WChqty6%(bh`sXL)rnFoza#aB
z5f_m+k#Fb$ig=$o;3B>^nciZ->ddq(qQBa=6RcZ``&4v9#v++kxlB}9sT9k~#~rz+
zuzcjz3s_vk<sEeWYIpt!hj$~C0m*S+H!IF0cSXw>>MmMNsgv}-jU;{5e||966SUV6
zwA2qQhQH(*k@71>`K2+7jVoCSW;`!xq{mQAAWF6i9m2)`xkGvGlA&cv>xmu=W00p;
zasNh=N3=5!!Veh|-GpL6x#46FP2}fzvWS--xY-P&qK(MQ6~An~+)-p0rak+$Oq`bd
z`qq7BA?t6+8qc~NHJo7~JU7kzhZjjmqs2}}OMK4COk{^H|C`Q1RalL?0v=tQkM;#9
z_4#T^gM^<y{|8V@0Rj{N6aWAK2mq>zE0b0!LJhBqD_74e7;wlS008%sr71QBPbmNZ
F003DLNYwxU

diff --git a/Solutions/MimecastAudit/Package/mainTemplate.json b/Solutions/MimecastAudit/Package/mainTemplate.json
index daa85ce117a..c7c6eb01aa9 100644
--- a/Solutions/MimecastAudit/Package/mainTemplate.json
+++ b/Solutions/MimecastAudit/Package/mainTemplate.json
@@ -429,7 +429,7 @@
                       ]
                     },
                     {
-                      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-mimecastauditdataconnector-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy. \n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> Audit checkpoints ---> Upload*** and create empty file on your machine named checkpoint.txt and select it for upload (this is done so that date_range for SIEM logs is stored in consistent state)\n",
+                      "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-MimecastAudit-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy. \n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> Audit checkpoints ---> Upload*** and create empty file on your machine named checkpoint.txt and select it for upload (this is done so that date_range for SIEM logs is stored in consistent state)\n",
                       "title": "Deploy the Mimecast Audit & Authentication Data Connector:"
                     }
                   ],
@@ -644,7 +644,7 @@
               ]
             },
             {
-              "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-mimecastauditdataconnector-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy. \n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> Audit checkpoints ---> Upload*** and create empty file on your machine named checkpoint.txt and select it for upload (this is done so that date_range for SIEM logs is stored in consistent state)\n",
+              "description": "\n1. Click the **Deploy to Azure** button below. \n\n\t[![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinel-MimecastAudit-azuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the following fields:\n - appName: Unique string that will be used as id for the app in Azure platform\n - objectId: Azure portal ---> Azure Active Directory ---> more info ---> Profile -----> Object ID\n - appInsightsLocation(default): westeurope\n - mimecastEmail: Email address of dedicated user for this integraion\n - mimecastPassword: Password for dedicated user\n - mimecastAppId: Application Id from the Microsoft Sentinel app registered with Mimecast\n - mimecastAppKey: Application Key from the Microsoft Sentinel app registered with Mimecast\n - mimecastAccessKey: Access Key for the dedicated Mimecast user\n - mimecastSecretKey: Secret Key for dedicated Mimecast user\n - mimecastBaseURL: Regional Mimecast API Base URL\n - activeDirectoryAppId: Azure portal ---> App registrations ---> [your_app] ---> Application ID\n - activeDirectoryAppSecret: Azure portal ---> App registrations ---> [your_app] ---> Certificates & secrets ---> [your_app_secret]\n\n >Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n\n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy. \n\n6. Go to ***Azure portal ---> Resource groups ---> [your_resource_group] --->  [appName](type: Storage account) ---> Storage Explorer ---> BLOB CONTAINERS ---> Audit checkpoints ---> Upload*** and create empty file on your machine named checkpoint.txt and select it for upload (this is done so that date_range for SIEM logs is stored in consistent state)\n",
               "title": "Deploy the Mimecast Audit & Authentication Data Connector:"
             }
           ],