From 6de072391d72afeb1e0f7fb069ae8be68c4d1372 Mon Sep 17 00:00:00 2001
From: JP Bourget <jp@bluecycle.net>
Date: Thu, 14 Sep 2023 12:01:11 -0400
Subject: [PATCH] zip and azuredeploy

---
 .../GreyNoiseAPISentinelConn.zip              | Bin 0 -> 9193 bytes
 ...or_GreyNoiseAPISentinel_AzureFunction.json | 238 ++++++++++++++++++
 2 files changed, 238 insertions(+)
 create mode 100644 Solutions/GreyNoiseThreatIntelligence/Data Connectors/GreyNoiseAPISentinelConn.zip
 create mode 100644 Solutions/GreyNoiseThreatIntelligence/Data Connectors/azuredeploy_Connector_GreyNoiseAPISentinel_AzureFunction.json

diff --git a/Solutions/GreyNoiseThreatIntelligence/Data Connectors/GreyNoiseAPISentinelConn.zip b/Solutions/GreyNoiseThreatIntelligence/Data Connectors/GreyNoiseAPISentinelConn.zip
new file mode 100644
index 0000000000000000000000000000000000000000..3b1cd87e9e101d732dd3ec85b2220763f703c37b
GIT binary patch
literal 9193
zcmc&(by(DC*B-jNK^le<7`i2;yCejLW@zaa2Bf6ByF<D}kQM|ar4ghB0YL@nkJ<Ng
zmv499-F?4*-ZR&4;-BZ9b6@xKob#MpT?qk^5CDremh6vy`SQPSQ~(-)oQtKmsuRT3
zQc_((%hJ&e;%I3v?d0faY3}Ca!l|Q;1whf=hO^YaePEyNUKjv4#P4tbz%Og6|FSkJ
z02RP$_1oHYx9hY0?b=rEj^=I<Cr1ujS0~3`fbe$UEMX7P?ejYzl^8DU9uVfk)2yDi
zdbHpzKvp0YR}urd2^~<e2Un-Vm(mlUe?58X8%!c?QOP#AAL&_3QV&6<c5Mj@$^qlV
z=yVwgPZY3(Y&Y(8&^{}837u(x7h6F$yDX(*Yz@W1LApeE-vPZj;LL)IxFr-1Rn#dy
z7_sG7S3*HuwQEK6x=jg|)}JTre9H&_ZNerdDw5J_T6&y+%_@h<zt7$NkGY$JiOj9R
zX5cR>%DP{0bi>sH;p0dVm~bh$K%fOU2u*HXU=Z^vDLy`;X^?vrV2!{=krZ!@b?B_k
zr!9Tx;aUF~gwcnk98&JhQvT3~MF`2KE#l#P`NOyGXt0<_=Yq(oR9SZq&16V>;LT*-
zKygvSr5~fG>W0=!nhnUG@E|<lPO9#T(^-v6(#ptqoSv1Kk!nzonj7YfGwu$u3+xK*
z9+~Tz>l$C0>*<;9nVanC>XVoqnVw{RPs7eKKi<_t%A8_lo0Me%wt<*hnL%uGlFZD^
z((NrA?a{bll%k*_GxZ~_+|mmp@;8d_>XiT$0AT)GO}V;3yyPq$Ih?(JRW3}mf1=!I
z9mCj6LBfFTM_y#n0KT|Aw+#6zk0f0kDvuJ)W}L+eseuO!FS=x#)A<d*zdqzjjEl42
z6b-C<?JB<AP-a`q{&5;gMC7%$c~hxzT<b{QEmkvLK{pV2NKn6GqQF7gr0DwrYu>;x
zv)_4+4j(INk=?mpnQj_)qgDoC09&98BeaT3S7&HOcXM>t;g$BJZM=Z)pvt9WC3zze
zcune)*SysFCI<?o_$Kl<o>3)`&G9GG4g&%#WgQ}U>@3kqbY&GXTtY@_@fRP+505^c
zdhX%i411<uFhM9(*JeyX<P-P29z18sR#}_ho4udYFd@hhs8%v{M47#PD!JiZRWuNH
zO70P>NUCQZbtnn-=;joK;)Fph(&Kup^lkF)7o_^1wyyMTGWsGrge2^Qh${>PP-|$}
zNe+)3*gB&!Jwc8q%@x@d?Isr_tF;&{lZhSNg?IzMDJyk1$Qo!A*n5?^O|p{@7o8K!
zZs^P+NBBNrX2)u&m;h#v6fon-ni{j&8dlwW8o}+YFkIE|9Of-Sxau<~)Ng;jeip7O
zcjiUjO9-0s1jV?fZ5(~Z@=qK)JPg|WtXS*7#q)?ud$y)%w%{pGia|GPtzmz=qP=k>
z0vU1)m9<nI=G3^vTs86BurS?G&4F)K^5MnBTljp3c7iHG$%_|-Wo~DT)lkIz>@=<R
zQ~dYO9G<t$8qGb7KUt>6^-S=%W+*;K7LF<?)2is^H%Oqv4U>GnPK}}@9!%`XxPj2>
z&<i&|=%`A9NODrd<1|Qa7{;RCs`znE@8K3b9lDuqF}i>a0ykBYh~~U`Yk&EI1p+^&
za0Cq<MDcnY%S!!N2`r*q;A|*}5q^y%!id7cKPmolD~I5X=C?|b;K{DnG!q{SOHmeE
zSI+QGERfU|11`2p+E68@B?+;743?%#0<7O1=4O!3nVwH!JlHW`?A!t7Jss!<vD>D$
zHok$M9rZY9EHaxMyU~y0^hfelRlFK22$0R#c+9zw1r`pb77ykOsJ9NeNi5U~RpJz^
ziS;*S_xx0p8ug4vx4pmky_AhP4?<uaX86+!Yd^#OmZih^*~(Qd=TU><_)kKRlX(9G
zr5aolYLhiAt&DFy8cG5{!QrvG=Tqy)s1dIcyZc25+TXm4aF<qD*qb*}p2Mu#G&)Xt
ziexqRsc-qSJbzMVtz9f)jZP5W4U)XXhZWfV7mS-Ji$nkbV7vU!_y0LO0KoLO``^XV
z)WX4%!@=V3w!e{PcjO`nw*%!ECwA1*^GSAxJ&qDfl93`#F^fZ9STV1GuNhW6<D-QA
zABQ4|xCzL?{ZUpQGEaFis@jTMW0rUckFZxt?Spg2wi=ok?KzwTY(``71%v&G%C`gr
zf|N7j5UR*fwRY&6J8HO5awU8#&XxI~VUiX1-**(^+YO@)HD=RKPb)%VfEbO0N3@Gf
zQkEMe%`U=kI?t%@@v3Ki2~X)zFVd7VzW;?WN_drYjRUgl8V>a-mL7Nym7<;K2RW;d
zAVi8<XuQU%dk=?cTv?WM!J(<xbA2(hwNzZXncydM93%3iH;I;CDLQ3Lv(xLk?)+qX
z$<^~BaVL<?)&rfxEQ<i4-Zb?<(XWRH>jzjNhV|)&{Sj4!aG{k^5@S>f+jIF0+T7yu
zk3pCE6J5yJL+J%-yW-h&QF0Ca39c8(Ey4p^aHqp^OVqDNkFYS@D_mu-3j8_76OKNi
z3B0aK&?55l-zj<B@#O81`eW#fsB;24-77SsCtv!0py?XFlyCsLn@}ba4K)i=l915H
zixxJjSgegg&^i@Yi-i+_52_w<R>pdv>8wNw7w+-oULnAw60rFOwfVM8zy$H<QfcP`
z02u#PDh{TQe^Mu!3~!tkoAGZtByLbtADWW65|;LU0hu32r}+2}Ebu;Gc9d2pjgnb3
zu+*S0FFL5bxmu1-k{L>xI@pKwnrVn0cLp59OimhgKchp_Q7#ra`JrKp%-uO(bXL;2
zU4PATI_f0dK<p=HmScHemt~BxPR;eDc?9co%&ln#5ru|x*;;W$U~;3Kb_*NarNt)>
z9cAt39o#J#K*rA+H4@^<(1&~6ErwbOUj{f@@$7TIYS-H)r-Ga#5Im$9bk2_$hjDT^
zM+6a6TP04Y#b4%JU3vtF`PO9^b!M8pZu1jsfBfP@w#nGoQ!hTlIF>f=%kVCuSFdue
zJkG2-)2ah9u85;P@AOv+;g6WO$q_d^-<z+eGJ3}`w)i!`+x2Q{ZTHe_3$s%$hTM^?
zj7-pmmkN15tUG)Ou~GgJ^&C|IN}f&rQ|5T?2yu(^2&BWXSn3Yrtk=ivda-*=gu{>*
zx)5mNla%^{Xp1^9I?6%Y4;l<|o~%HTKC)zdcOwI2*W|7HzJ__!k#Q^6*g3pedPl)v
zxS1i+Hj+l>E_%$iH4CM$hy&&zzcvI<#;<H>QyP5o>9u_N)svz+l{(D&%~X8YaG!%1
z2qtF|bR74j!m6!iS<BLTl~TI2=a@#rSKsxPSy|}Sl|nx1PlJl9;cX9V$vzz!vo>ah
zp@#WF8t27id|pWx^QkXVgp()Be6Niy@p#U!BIXw|;1!$tPV{)<Wy}oFJ@?*@3Ar*{
z<N`%cGyPmwx<`}c8xhCEtw;xeAb6Ard7O8gnX%eDi}b1G+Qz|saun>NTDup1&wey6
zXiIF=&q*<_>qIX)r5UhX2W>7K8aX}t;Wb1EuvE3V$3rO(!s#9Q@b$ZJG?_Ea!K%}A
zT+Z|8tj329ujrB#F_~l>(kU5U_#fH6>Q1*qzSuJ0blzIT)3d<Zwb8X1tm)>aJLL9p
z>~G|TP86i5W>93F7x0>V#dR;n)yHi5prs^0`!wbTosM))gUF}HVuw^K!at1C8Lt0<
z?lq;+7r$)a4mEH4_;D7=!<2!AFex>Ov%p;*PJ;?|lJW&L6vJY4At5oO_$kqa;=0v@
z8Y1e;tM`?5an`GQ8Y7;i2**u0a@Qz$Rpea+Rqsl~esF#Es^njrc9vcjf2$3m0M5`*
z!sq)Bjq|C^y-6cdIl@o(y)Ry1$HQMKTT5k1x!6K!4@4Avzm@CEGs@L(8`d<D$6hfM
zlH6s2h$VuC7EEkdpOx71Z~$`b4Kfwrp^d^0x8nI=BzCb4uQ%|j%a2t1prcS|xt8)X
zS-J~e2RD5GIJZ_%CN?$#5tstlZJRRMyeP3d3ZDNWdw6#3)XE#)JN#IM)BBxpiSjJN
z_FET_(BpHsnJ#O4P)LS|P{&b&wU<*eqsK*%Mzg*%z`Hs(-B1>Zppvy`<W=Sg{GmVh
z4#2g1F;NfLepDF7Wvk1jrq`j5$VG^JE(!WvI0q-Nit(U8r^n*HCS`LclAoy^?*YbR
zm)r_=N#sS^CD4cHrC>3Gd%nO-^`~+T2@pqY)a#n?_nbb{?~S7s-b(~47bD{_M-zk~
zaE$Bd>f~F*E7pk9sv|_n^E{EN*Y@~0492HP3qVbdk`4rU#C%k%K+nG40@Zl9h5JB1
zMJky{METuu(W?5}coNaj<(xQSLuiBWyk;TVu$rQG#l&W#+08Vn=VYxj{P#5iyO2b~
zoX?9sE;Qe49m$Pxkw_m<#2QJ~qSRLcbeYbdSQ=d6`s8c2#Z}FUhFHFe`ksY8{Or2-
z6E;OYS0M1Xa*;W&Bb<7fFPJnD=?4RS2||=X?ZM1|PREA_gs74y$?^W@%dJF!;=!dT
z_4KkNAbp-`K~}jI>U*u?4m$TNGZ(OenxcmxCKI4J3aAXO{BCWy(T&vO@j^A_0*VC$
zG^-4Gp0{tD<t3^jZ<n}S6qVBS<B;>?nIIF1FWA33dCDh_!MgMA4JztW7ZlM2o!sbL
zF%hzxJqthn9ewK>o|}(S7{-xl>?fLalrOYTSy2jXrlBm+vWA9Yaq-cK%4~AsRbRup
z-)Hu7ljb+cZH#xHbJ!J>UtJ*SFO|93Ui-mOW_a3u_fmHuKcb7y5Pq)oP=`g@+KgoE
zrs1)%zTSbHQ#MskH^xr($twn41-Bg!5MGC7Q46C-Ce#{powVe6#W+1uU_cfz@5L$D
z%bq?i55Hea-!tuHp3sai@Lde_1T{phPB-S|;;<O7S^JrF?}Nupo3f*%3;Bz}iwAzm
z#K(Ewj*LAgz-}pxd^@j(K!p-Oggb7l*{9vEtP{~>N#Ej9hHsP@LQ-wjjE@4vz)Eon
zy9C*F6rx*kOrtuU3Ri<-PJ#9*kSMp-pb=dQWz(`Nd7h!AE<Y(_PKjm@o<MK53zV-j
z1n^i958U^*3U%3LvpfXxm!0zYXNlYxWluk^0SvxC>t{V*om?e}QpCQYf`3IW?}n2!
zQfD-WgK>T~ZT*>E5Bk{+;{2I3g8yLp@>BXYTl!Vg>5befz1Nk{=RNN-vPR9CkT9Ga
z0CLHyKa{OZkYU0J$x*Ui>&ucz2Am$<(`xC7P~r|!8kDQlRP+VXKsy<EDxQ>`Qzj#F
zXU@v@ObO3`ZeQ+adHWNt+n|cjgj_y1J;C9&eJcyBm`-Hb%E5m5T$vg{PF%PBc>2`?
zm+Q*vH$^G4X1pWiG-u9~{<ivfDnrqwU#EI_CXlOkd#ub77l~>QtK3u69|oU_Ex0sS
z=jZ!|kn1GysmSR$ZR#jK%0pd|+ECbu`fk&naJ0uF^mR;rHkz&kHC!y=<99>`_^TC7
zA}5Wj`bSrMvt>c+>?xt68cLm1rkEIBQPs9N6V#6<1Kt*Hy*TrqbEv39j|y2%$plF}
znm+5xbf7fB3Qs&(Ecmo;nTQOBH;#mX?wh8?${a4=Lz`(Pl|L`GtVD2z`;Cj8@oTl$
z*kH;B9nLa6_>lAuRsowDI@!?bhRg;up55oxOd=w2W&_aE2V~3Kw88fC5v*fW%g6Ad
zZJkH^&P5Ux9Ojj!$C6qQ0`*>aVoeFnL&_hsp_An~+`HU|c!zq5@<*hmO6xej&}vGe
z)o$_=eB{d=_?WE_Mv7X_{v1AmP2MDlQ$u73jnT!-z@%ZSyiaq#14Bt4Q0hvvuzp{-
zkYeBKOrl#Qa`m&Nev&*RVxMaB=~gzC?~jV?ng#bfU(-R~T?Gb;gv0NJj!+7^V4<5}
z)j`gcnAc|%d#Wl}i+nrMd)U6?--yXCag3%Gb1K|%k>9g4>g4Dw>?;MT5JbCwU-5GZ
z%&9F=4*?R~KkgPP#?RNE^!$MW<VL!9boD(j-FY%oP1ujUpUS&{0$qskT8v^HgExmM
zAqhWM{$-^EXCyZE!LHF1<#USxJ-nRg*H!BFJkzn;-6Mn?dZG?_nK6TQ=M$0b=B#wD
z!CkcU<S1SG+~})zdb#)bH4c!<0z>FU+T{krSWBD?z)z|OvbHJgpSY1RTT%`y$PC_l
zsR}2q5$+xAv$~|$%UB+TozWdL)$&r}Qtq_MkoalZrf2!8Q0KOn+(Sht9-wr}ijD@D
zdx@O4>(D(nQf4kvYSJ_=4{>T)58bcJzk|4~l6XoiyUMsDb2oL%x5w1Tlw|Tu)diHe
zK!Rzy*lAr}`4L|`Pxl>ir4>Tr*HKZKr)kgBCfsA6`mcNC`a8fE2?s4O%9aH0)Ait4
zRdA1Ss2ftxh)Zn>-T%@SP-~yQ#`EpP={LcblF9V<&c?88TLSp2vUZx48~WVL)p^z@
zI`_oR3p3puaF{2wlS8u)vpI~jIf=hgZ<A~fpJfgs1za`+Q?aUgv#>csT6o1*OUmF~
zNzG2)Hw(ng&o?*2dr?b}24Grz(A{m>RyW?CkZdY!ujms<i>vf}R?%GM5aF)wndm5I
zbx|d0y;hXsV56pZq5YmL!XiFsH&~;ZAjN6gqkpzi+JHLvs$GBhqogV+Z%`6zb1(Dm
z{S6;GPK<r~^%d;hp1i`WK)>o1hlf@-9Ah{x#y6@PqkL#oGjOVu3*Iv!A0n_~4rtUu
z+r_LfxF)FaWtA=+OcJn$hFqaew(O<Fk&gr)vA*oB*{m32E<8sW89ehBj6!7NCU0LM
zDpw<goAP13-X^Gu=Iv!pUdq{N?=shajy~vLS!CfamxvHTB1SZ<m!$$ec@*r!j*7jS
zih!KP9AResIkP%uI}wOX(!h9oXG`-%pcIx1-Wsdg+Mk7Vx0ts=Ly5<d+EoK3tosJ;
zm8-#3xKwa9`lt^>j=`0N&ya8rY`_BzE*HGDjOZyjqg}O|<L~;mH`=*A_E4VZWKoJm
z;f%L~ui#$}PoJdpWeI<Z9qbBdQC{XjF3wbKS&44v%Q&50)QW5J?(Yqyx2*2oYI!Ns
zc(!P(swJ%}j$pmw>HVo3!M}2#Sle$_pD>b6k1wgWLeHb|!+gcQogT&uhBC;pHc);^
zwE5aG@?y)<+bJh>7ppqo#M*A1w85qju@li}t1sANU|=k(R!|up5DO<6=O#m|S|t#z
zXOe_+PKety-#9t$*7}$#=gFe;bT#pbE{bshlPHt$<0kRUuZM-#W;!ih=_aeARyZcJ
z6BiuY4Ud&y6Z5+#LuzPm1Sr#p7f-!IW<_Fr!gW=0!@M?kzN~CrBxDkemL8&c;Ciah
zG0<mrx^afR(Nfu#ILzynvB3_-UNyziCJtE+dRpdC*@LJ<_~We6QK(jxb=321X!F+~
zyFFj6d(OwHrI)>9%VCAP_j-9gem|?J-2Cnrn*31!)Nm#<Ur~ByLDKx<b@R#of*(-a
zt=aZL{b|$!&i*n}wc1`7ADb?jtly2?E~QHJy_tRC%t8NTy_yBp=|^B{QK88;^2u4`
z!lLsPvhc1oVw_>*LXSGQ$}1Asl@?ey)B(l@0ALr_KflsS-ClUnZm+a9POfgh&C7p|
zHr@U>m^X?O$LXQL?LQ5O3{{!Jz2tG9k|97L+27J$Bv8P$6;f{c<as)78;wEo;gIT8
zJAb6PNALoRogR4u3(0-7g`rG%g^_8bsyAIB@=SC@{=v<ftn_G&Zj7`wtksdCY5W5$
z-m<69LW}}v9XF_O%P+YL-c~CIOsgkEHHBG7j1w-Ts#~3+L!a-j?sn7e8NS?c^{4@l
z)1-mMCNnjAan+x_nb#$1az6?2JNm-+#a+B?y;6K#r1#JRo9BV*nh?q3sGd`!>4$1C
zdPInVwg+#A!!Q#5oF3TNnDCaKU+3=}CV$S<e`C6?w}ElqPKp;=8%R1)M}r8zhMU?`
zoSbhTm&TQFH6oFPX~_n%AQEKQOez6B0&W*=6{qZMZqqIyxKWOf)6|-Rc$z`{AYOsy
zT2K?Hxe)~78t3C_;#K66S5oBXtpy=R7N?UlGLexQ7^J1^Wn?fFr={ruDbgtnp_nkj
zP*8WOa1j1DUDqgL{M8L=zonPpmOy(ab5nZ`S4+2BAIRGEH>FVwomxD)btX*y=uT8_
zX#(IG$IND5Z4|tPCQK7DvOR0;%UaW>3|H1OQ-#=asn?Q^phODlCKDHjmIA#unTSwQ
zH%J&uO5ux>lia}QOHx-^(xO*a(DmM{;8#Y$Yr#@iQlkDwk`?HzO5Dd^ac$$VT$NPr
z!yPZV;7>^sv$kz90ym37w@EBZiM_Xqi*zlvirIqrX5fbme#sZj@yb8;HX~S8zX|4U
zzA(YS+^;)=`McEr8`4Q?CO-A#qQf+W<0>$hL`CeQ<#?vVCOuEXWzKMs9wbQiRu??T
z>MZ}3MMdR>@;il5CH9HoG3i#69pN-S32-mi%HGr-Y~yHeYHDk04>1Ls<=I);LXvFb
zQj+X#z^0glN<4gus@$N)Mi5UOFQ1ws7gwD!Kes?LBH6#Bvnz(a_DAX5HD*A!RN~%J
z>0<fB9pYl?aO)wua=3Z9{W^iQyw%K~oKWu3DoO}kxS@w<L<nL|gC)??`>1Owi_+b$
zBkvBdw+crY=6>u&>v2LyK3V2$`+I)z3QX-qV-_~CM!eAH!B&cXp&lvfS9BTE_B!9b
zuQpDuE_f=`+1^qK&)5kdT|4nYu-7m+?2y>&+##r;#Zp1Y?fd+IZHJS%VE^~mLtqL)
zL$Z9?S2+{OA5=z&^uxttoYOGadC969QwmddjjPBEmHTXz$6N@>tj)|1EX48Ve9UFb
zPc_jv+}<b7uhc57FpF9kj%(#Xy}2t475(5~8%^p5fPMT{bTCeS6W(36V8WxgW$TXc
z{*t)=hU$K7{<jaTyvHi4zo`xmo)F>R8`!sW{}TI>u#dksUVqi(zqPafh4s_WzU%zL
z4DFv$6!iFSvHrcq`zQ9cy3+pzzUzm=jOCwE6r=(N_)R>2o$Y^UGvECWFv;HaWMIzg
z&nOD2y&b*(HS|CCVSkT$cf1etdw#|(D)Qf<{$uy&_n>zhFqm`jGm3&1Zw;xxPW2!9
z2)~EC+tk21yPr`M^nwKN&-=XJFMGGt!#bj$Q4};vdPg|_L4R}?0ailq7FSry@H2{n
zu*m`cp9bRh0C!6ctVaKgqM++rfIA20|D$5x#e!-4?tu*}Vn3rONZ}sfKQ3v%U;XYe
m20QeBMp2L_<^Rd#KP>_3N=Ubx0RX_feGwu70I#WFzy1dex$-ao

literal 0
HcmV?d00001

diff --git a/Solutions/GreyNoiseThreatIntelligence/Data Connectors/azuredeploy_Connector_GreyNoiseAPISentinel_AzureFunction.json b/Solutions/GreyNoiseThreatIntelligence/Data Connectors/azuredeploy_Connector_GreyNoiseAPISentinel_AzureFunction.json
new file mode 100644
index 00000000000..d1d6c9fc23e
--- /dev/null
+++ b/Solutions/GreyNoiseThreatIntelligence/Data Connectors/azuredeploy_Connector_GreyNoiseAPISentinel_AzureFunction.json	
@@ -0,0 +1,238 @@
+{
+    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+    "contentVersion": "1.0.0.0",
+      "parameters": {
+          "FunctionName": {
+              "defaultValue": "GreyNoise",
+              "minLength": 1,
+              "maxLength": 11,
+              "type": "string"
+          },  
+          "WORKSPACE_ID": {
+              "type": "string",
+              "defaultValue": "Workspace ID"
+          },
+          "GREYNOISE_KEY": {
+              "type": "string",
+              "defaultValue": "Greynoise API Key"
+          },
+          "TENANT_ID": {
+              "type": "string",
+              "defaultValue": "Azure Tenand ID"
+          },
+          "CLIENT_ID": {
+              "type": "string",
+              "defaultValue": "Client ID"
+          },
+          "CLIENT_SECRET": {
+              "type": "string",
+              "defaultValue": "Client Secret"
+          },
+          "GREYNOISE_CLASSIFICATIONS": {
+            "type": "string",
+            "defaultValue": "malicious,unknown"
+        }
+      },
+      "variables": {
+          "FunctionName": "[concat(toLower(parameters('FunctionName')), uniqueString(resourceGroup().id))]",
+          "StorageSuffix": "[environment().suffixes.storage]"
+      },
+      "resources": [
+          {
+              "type": "Microsoft.Insights/components",
+              "apiVersion": "2015-05-01",
+              "name": "[variables('FunctionName')]",
+              "location": "[resourceGroup().location]",
+              "kind": "web",
+              "properties": {
+                  "Application_Type": "web",
+                  "ApplicationId": "[variables('FunctionName')]"
+              }
+          },
+          
+          {
+              "type": "Microsoft.Storage/storageAccounts",
+              "apiVersion": "2019-06-01",
+              "name": "[tolower(variables('FunctionName'))]",
+              "location": "[resourceGroup().location]",
+              "sku": {
+                  "name": "Standard_LRS",
+                  "tier": "Standard"
+              },
+              "kind": "StorageV2",
+              "properties": {
+                  "networkAcls": {
+                      "bypass": "AzureServices",
+                      "virtualNetworkRules": [
+                      ],
+                      "ipRules": [
+                      ],
+                      "defaultAction": "Allow"
+                  },
+                  "supportsHttpsTrafficOnly": true,
+                  "encryption": {
+                      "services": {
+                          "file": {
+                              "keyType": "Account",
+                              "enabled": true
+                          },
+                          "blob": {
+                              "keyType": "Account",
+                              "enabled": true
+                          }
+                      },
+                      "keySource": "Microsoft.Storage"
+                  }
+              }
+          },
+          {
+              "type": "Microsoft.Web/serverfarms",
+              "apiVersion": "2018-02-01",
+              "name": "[variables('FunctionName')]",
+              "location": "[resourceGroup().location]",
+              "sku": {
+                  "name": "Y1",
+                  "tier": "Dynamic"
+              },
+              "kind": "functionapp,linux",
+              "properties": {
+                  "name": "[variables('FunctionName')]",
+                  "workerSize": "0",
+                  "workerSizeId": "0",
+                  "numberOfWorkers": "1",
+                  "reserved": true,
+                  "siteConfig": {
+                  "linuxFxVersion": "Python|3.10"
+                  }
+              }
+          },
+          {
+              "type": "Microsoft.Storage/storageAccounts/blobServices",
+              "apiVersion": "2019-06-01",
+              "name": "[concat(variables('FunctionName'), '/default')]",
+              "dependsOn": [
+                  "[resourceId('Microsoft.Storage/storageAccounts', tolower(variables('FunctionName')))]"
+              ],
+              "sku": {
+                  "name": "Standard_LRS",
+                  "tier": "Standard"
+              },
+              "properties": {
+                  "cors": {
+                      "corsRules": [
+                      ]
+                  },
+                  "deleteRetentionPolicy": {
+                      "enabled": false
+                  }
+              }
+          },
+          {
+              "type": "Microsoft.Storage/storageAccounts/fileServices",
+              "apiVersion": "2019-06-01",
+              "name": "[concat(variables('FunctionName'), '/default')]",
+              "dependsOn": [
+                  "[resourceId('Microsoft.Storage/storageAccounts', tolower(variables('FunctionName')))]"
+              ],
+              "sku": {
+                  "name": "Standard_LRS",
+                  "tier": "Standard"
+              },
+              "properties": {
+                  "cors": {
+                      "corsRules": [
+                      ]
+                  }
+              }
+          },
+          {
+              "type": "Microsoft.Web/sites",
+              "apiVersion": "2018-11-01",
+              "name": "[variables('FunctionName')]",
+              "location": "[resourceGroup().location]",
+              "dependsOn": [
+                  "[resourceId('Microsoft.Storage/storageAccounts', tolower(variables('FunctionName')))]",
+                  "[resourceId('Microsoft.Web/serverfarms', variables('FunctionName'))]",
+                  "[resourceId('Microsoft.Insights/components', variables('FunctionName'))]"
+              ],
+              "kind": "functionapp,linux",
+              "identity": {
+                  "type": "SystemAssigned"
+              },
+              "properties": {
+                  "name": "[variables('FunctionName')]",
+                  "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('FunctionName'))]",
+                  "httpsOnly": true,
+                  "clientAffinityEnabled": true,
+                  "alwaysOn": true,
+                  "reserved": true,
+                  "siteConfig": {
+                    "linuxFxVersion": "Python|3.10"
+                  }
+              },
+              "resources": [
+                  {
+                      "apiVersion": "2018-11-01",
+                      "type": "config",
+                      "name": "appsettings",
+                      "dependsOn": [
+                          "[concat('Microsoft.Web/sites/', variables('FunctionName'))]"
+                      ],
+                      "properties": {
+                          "FUNCTIONS_EXTENSION_VERSION": "~4",
+                          "FUNCTIONS_WORKER_RUNTIME": "python",
+                          "APPINSIGHTS_INSTRUMENTATIONKEY": "[reference(resourceId('Microsoft.insights/components', variables('FunctionName')), '2015-05-01').InstrumentationKey]",
+                          "APPLICATIONINSIGHTS_CONNECTION_STRING": "[reference(resourceId('microsoft.insights/components', variables('FunctionName')), '2015-05-01').ConnectionString]",
+                          "AzureWebJobsStorage": "[concat('DefaultEndpointsProtocol=https;AccountName=', toLower(variables('FunctionName')),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', toLower(variables('FunctionName'))), '2019-06-01').keys[0].value, ';EndpointSuffix=',toLower(variables('StorageSuffix')))]",
+                          "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING": "[concat('DefaultEndpointsProtocol=https;AccountName=', toLower(variables('FunctionName')),';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', toLower(variables('FunctionName'))), '2019-06-01').keys[0].value, ';EndpointSuffix=',toLower(variables('StorageSuffix')))]",
+                          "WEBSITE_CONTENTSHARE": "[toLower(variables('FunctionName'))]",
+                          "WORKSPACE_ID": "[parameters('WORKSPACE_ID')]",
+                          "GREYNOISE_KEY": "[parameters('GREYNOISE_KEY')]",
+                          "TENANT_ID": "[parameters('TENANT_ID')]",
+                          "CLIENT_ID": "[parameters('CLIENT_ID')]",
+                          "CLIENT_SECRET": "[parameters('CLIENT_SECRET')]",
+                          "GREYNOISE_CLASSIFICATIONS": "[parameters('GREYNOISE_CLASSIFICATIONS')]",
+                          "WEBSITE_RUN_FROM_PACKAGE": "https://github.com/Azure/Azure-Sentinel/raw/db458a54839b084eac0e70bbe6e2a41f34f37e2b/Solutions/GreyNoiseThreatIntelligence/Data%20Connectors/GreyNoiseAPISentinelConn.zip"
+                      }
+                  }
+              ]
+          },
+          {
+              "type": "Microsoft.Storage/storageAccounts/blobServices/containers",
+              "apiVersion": "2019-06-01",
+              "name": "[concat(variables('FunctionName'), '/default/azure-webjobs-hosts')]",
+              "dependsOn": [
+                  "[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('FunctionName'), 'default')]",
+                  "[resourceId('Microsoft.Storage/storageAccounts', variables('FunctionName'))]"
+              ],
+              "properties": {
+                  "publicAccess": "None"
+              }
+          },
+          {
+              "type": "Microsoft.Storage/storageAccounts/blobServices/containers",
+              "apiVersion": "2019-06-01",
+              "name": "[concat(variables('FunctionName'), '/default/azure-webjobs-secrets')]",
+              "dependsOn": [
+                  "[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('FunctionName'), 'default')]",
+                  "[resourceId('Microsoft.Storage/storageAccounts', variables('FunctionName'))]"
+              ],
+              "properties": {
+                  "publicAccess": "None"
+              }
+          },
+          {
+              "type": "Microsoft.Storage/storageAccounts/fileServices/shares",
+              "apiVersion": "2019-06-01",
+              "name": "[concat(variables('FunctionName'), '/default/', tolower(variables('FunctionName')))]",
+              "dependsOn": [
+                  "[resourceId('Microsoft.Storage/storageAccounts/fileServices', variables('FunctionName'), 'default')]",
+                  "[resourceId('Microsoft.Storage/storageAccounts', variables('FunctionName'))]"
+              ],
+              "properties": {
+                  "shareQuota": 5120
+              }
+          }
+      ]
+  }
+  
\ No newline at end of file