From aa2b1f32ba8ac685c43103d4e27033ac6b0497ad Mon Sep 17 00:00:00 2001
From: v-rusraut <v-rusraut@microsoft.com>
Date: Mon, 11 Sep 2023 18:04:02 +0530
Subject: [PATCH] Added Release Notes

---
 .../Data/Solution_ForcepointCSG.json          |   4 +-
 Solutions/Forcepoint CSG/Package/3.0.0.zip    | Bin 8006 -> 10129 bytes
 .../Package/createUiDefinition.json           |   7 +-
 .../Forcepoint CSG/Package/mainTemplate.json  | 387 +++++++++++++++++-
 Solutions/Forcepoint CSG/ReleaseNotes.md      |   5 +
 5 files changed, 394 insertions(+), 9 deletions(-)
 create mode 100644 Solutions/Forcepoint CSG/ReleaseNotes.md

diff --git a/Solutions/Forcepoint CSG/Data/Solution_ForcepointCSG.json b/Solutions/Forcepoint CSG/Data/Solution_ForcepointCSG.json
index 4153c720b27..524d70c216c 100644
--- a/Solutions/Forcepoint CSG/Data/Solution_ForcepointCSG.json	
+++ b/Solutions/Forcepoint CSG/Data/Solution_ForcepointCSG.json	
@@ -2,10 +2,10 @@
   "Name": "Forcepoint CSG",
   "Author": "Forcepoint",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "[Forcepoint Cloud Security Gateway](https://www.forcepoint.com/product/cloud-security-gateway) (CSG) Solution for Microsoft Sentinel exports web and/or email logs so that custom dashboards can be created using Workbooks to visualize events and insights on activities of Forcepoint Cloud Security Gateway.\n\nFor more details about this solution refer to [integration documentation](https://forcepoint.github.io/docs/csg_and_sentinel/). \n\r\n2. **Forcepoint CSG via Legacy Agent** - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n**NOTE:** Microsoft recommends installation of Forcepoint CSG via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024,** and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
+  "Description": "[Forcepoint Cloud Security Gateway](https://www.forcepoint.com/product/cloud-security-gateway) (CSG) Solution for Microsoft Sentinel exports web and/or email logs so that custom dashboards can be created using Workbooks to visualize events and insights on activities of Forcepoint Cloud Security Gateway.\n\nFor more details about this solution refer to [integration documentation](https://forcepoint.github.io/docs/csg_and_sentinel/).\n\r\n1. **Forcepoint CSG via AMA** - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**.\n\r\n2. **Forcepoint CSG via Legacy Agent** - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n**NOTE:** Microsoft recommends installation of Forcepoint CSG via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024,** and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
   "Data Connectors": [
     "Solutions/Forcepoint CSG/Data Connectors/ForcepointCloudSecurityGateway.json",
-	"Solutions/Forcepoint CSG/Data Connectors/Forcepoint CSG.json"
+	"Solutions/Forcepoint CSG/Data Connectors/template_ForcepointCloudSecurityGatewayAMA.json"
   ],
   "Workbooks": [
     "Solutions/Forcepoint CSG/Workbooks/ForcepointCloudSecuirtyGatewayworkbook.json"
diff --git a/Solutions/Forcepoint CSG/Package/3.0.0.zip b/Solutions/Forcepoint CSG/Package/3.0.0.zip
index 3bf53622e76d78ae66a6c08100e4f14df559e394..ca8e4a9f981769a3205744e932431b6db0ae164c 100644
GIT binary patch
literal 10129
zcmZ{Kb8sfWvu$kKHa5048{4+6FSc#lcCxYUWaEu(f3cIhzxS$My{dcf^i*~AOi%wc
zHFbK<QIr9PzyJXOfdP4rrq?(G5VcpsfPgUIgMeWFTQvcg8M&CLS&5pNTiIK=SUK4L
zuy%H^@6oh#IA}-x(l7WnDrk)$90w$|S~i~Q?@@W5flA#pOl<o`1Vb{;qv1<0C8~CB
z+XZ~3eKmh2{Ymg@$!TkK7e*01bmaEozMn?u`?$jf8K{@bxy^xeAQ`V=oXLLOj2Gph
z*PL|LUybmsV~;mZU2!(|!yuHPZc@JY9^krHnaMmN?&UeKQG%gYMb%SZh`PByy%ERk
zgZtH{F&ZTbkn`4y(xfl`%c;%1C4krh6j*`6OavM>d3Bm*9c>n&Nc$9$62z!AVp(wo
zhzx#^2(snw?q*314Y`?*#6-v$;6S6>8#7Al+<Z_cmK(Z!xUCfxuTe>d&Qz(HwT}`q
zl8UajC%^PH(Gy@mraMEx$L1JRsNxDeH)cjp`*tE2lA~qsLHWP<zQPKz{aBc8-7#Q{
zHgocL;WB&89uj$x2bgnP_8#NafMq*r($g-BW6;*TXj>r_F{epMk+VCb)SUiwFswAv
z>hJr0W%9UbAdnrJ@xE?ZG(UD*$XU&Qx+T}1@pS%Et(}?aU+Xe0Lkahuom{+FeeYSj
zMH_!-x{m9d>(tC^p~DZdxru4562M$`jz4fcM?SN;l+7uQPkj|yt_ZNh^&%n6X+VX-
z3;snjHg{w)Og8vl#zrJxT7}lW?^GJPHOSL>7G}pc#F;JEY(GLMU8*jHx#1}*V^OBh
zEAzQPD~l3mWrMq&AI3>k5QzCwu54vvIHVB}$R<IHAV4ZywX|Ei2bvMu&Z>Ttz?@u*
z@zxQTff-_QNk$hqi9#Sm<J+cu{%3CDCbTjGBcBK8y*ZQM6%;@)3!*)2On=Q1$KzMK
zr^QTQP6Nqfl<C+F9x1I+_4^A=8{1}}PuPxsc{-Mgt}eo2QzP6Kd3hZ&G^@BKbByXU
zg45r&+enZS{oyxv+%B-e;bxg9FKu8S5IDdlq99^}W{zvPi^bn+=`w0&1$=qQ2AIIs
z5+WiwekeAmr9#D+X=2FQGv0-Z{7qpv=2*Z`h73!CM{8Fd4{x6!qf85c|KqY}bO&_t
z7VN^ar;+9Lpg4=VOOu?qCs1k=X01o&iGKAO1#nWj@G2}4q?25qvdtVv{J|}BUN3O=
z&?NW1gZYikZ+81v=f(LK!)LFE@UdbY?)}Dv`*4Q$tj<`Mdmkb8jc!>msr8?=T-dc8
zZkeYHkZjpuT!1DzL=+k8UdEs?c1ks4QAdUH%as!hwFGq^{Je71FBfNobXhglfuAXH
zs5T}}Yon-?T47c2W&^5}i4Y28FS`XD!#oQjtRC#aJZO;|f941YScVa<sG3PDrD=`h
zL27sNYs_aL_cUt|I(3DL^4$dVr|Ft50#03;bQN>%t$dk8zFA$ws7Z_FSutV>_^^n?
zrZOlcU<YyME`>t<`!!{<i}Un1%Wz6^tWch!AXIAK)PB|b^-HM+5E0zpG<RZ0)+^Y*
zq0QC%^^T+*UH9v@9{ug!>gc;LfzSLXGrxW<i$oWp9lsH@&~#dRPCZnx!mn^_1BNj3
zc1PqM;$0x2KR`Nk#fJ-;Dtl_+4}@|MkhiYp766neVBO7D4a9!^*`k4Eq5d_QD8N|5
zVJ;*AbGlfAID{1y=!zUH0+|6lB7IlJ?lb&w{A;$QYBKRN#=71;Kg5J1r=|0p-ukQd
z+X};d#Nq<)ldieHq15>RmkEpU9nojbUPh3iM5iqdi`O6p%w*b{GQ2t^X(dP=l{-%#
zUW$_aR_TPlw_(?XYTp*@**6xH8>Qcn7MuJ6!G)ZIs)#nnL0QA^H1bf)x@iJrc!IqM
zU4E$e%#JzaO`_)DQjmHABNaIC+I3NAVN7nw)<%9Ef6a0RO>Iw+1T4TtWI`+uYEqs)
z$2w$0dzimGjc+PG0B85uxoV}l>Kd7WX98k0p}WajXs23eE+Lgr>NrX5zxNcTa3|4b
zzFePAZXq*!m|hSvNji>&L|w-wXzDNYbZsuyU3-RjmdfBv(`Bg7oXYF%0uQ~ZZYQ@O
zk85%~!gF4L83YL6yM}mM$sRB*n;6@EVzil2er%2BU>xUONDh8@zt~z=zRPHsQPWQ3
zk=;_l6s(zeUw%JiFa>i>?UF#CIamMU)`Z$)bxga=_vQY%+{Wi8-OI?XFiJ2lQBz#f
zt9WJEhUjfrttKc#G+brZVf^I1D9=g+Q%fQ9($erJi<<KGoYo<hb?ZmrP1~i1dE*n#
zQMSav0bc2MQ01<DvuLWIO`I}pWw8KWxWjv5XY*a?ru@9L-J0`bm5%${wGG;z%ty@2
zcIimNM)7o?8W!XMAzj6Z8|lWNLgW{K&lnBGdEJ%*ePRPy862w5>s)Tk`a2EIAaL&c
zvTN&t$u2Cso$s}hDVB4MYu<fN>ED%;0^tGr?8d|4l|yc<7ChgH%^Xef(k<}Yu;0-6
z;UFOx-3YF0pS?b?&`pHF8u7<!0gKXb7JjsnNOqiZ$(0G(>BZ~bCB8AyG~(mb@u`UQ
zwc|CcCh$J#yl5|2GQPi_8P6U}FGmP#zZY$r$mn?(Qt8Xc=3^|chHkMPtd4Y8TzmVt
ztjw*{i)S=kLtbd)bV@BRsl2t}Uz%Nvkp?pCS&a+f&M}J&cKmt4(v2&PTkmmiT)0Qq
zCzvxqq;Cy|xovsK8%koqfv2}7+p5k~QNc83<Q5<xZRx-!mv>Otg^$ZI)t41y>HtVU
z2;HXk#o2xdxfs)TdQn-lU{9Yu4kb=qNFJ#<67>;G(32^v#b7lD@V|4eLJdidnLzv$
zdjDbM64N8PD{63qYrlrRy|?_g1URrXu_i&<ZdmX%s9a(QU))wuJqS{K73;rX9euXd
zUyvWZRhS#N@pZC|vHxvFFDe^i#!=JRC20EhVl+6r<>wIfx7lqhblwLtq(_7pOY8Ow
zoQ5#hhC^qrJDsbB9hU`;>iWR0>CBiZ$-<*3MUzEa*@$z-KJmvVvf}^4H}wDTjV8FL
z_$eU>h{`tz2<kt4V`pS#uWDxJX!{T4{2yd<rRVLuA)fT@U;V^4&7whH8AT$;ySB;O
zYLCg|rkaSJdo=87)<J+mkf<355)3NJroUs+ca4j{3}O!46)CedCae{mZZcS0yua8B
z@B0c(_~XxNA#LGyf_f%fZ25=i@qIsed-~}LHdjgLe9eE9^onPI!E@|w2s+qb6S=pQ
z2;t3y_c@3%&0EaEc{a}S#()9Xckbc|Ex#)Pyyn7V<pMV53*Uf#F?k9VCknKZ6AVCq
zfC&CRu*3_|e9%JSbs=i^qmaITGGE0WT1gMYmYAc9Ov;;ZMM<hb<LU9)9`GU-GjQf>
zE)>FvTFA!ccB2SO^MN21pW+!I(!}We5_O9ka{Y8ZS16+GCNw3EKWicMo_A=)zV~wY
zH5r66ddrWn|GKB7@N}ncSIz!d!gw5V&5x^cazaAJQhe|OcLep8mT-|J5{$JCm)woJ
zspu36rl0KY-E$$*l?Tz-!B$x9!rS`OGTekZz`E}l##1ixqA6nC#5Pq_McU5*Vh=HU
z1F7YZ*`GSP@<KLpYCI$Cn$g9R5Q<Iz<0GU5lNYc_Ji<gwnLR1TS?rLQP&@Gm1%brN
z&+j2ct;-HZMv=ly%b3I!qlsmNQ3@soeL@WlPwc%ku!Gc@xkNxT{tPW4;c#)1mkk)1
zo?iHCIazP!KO7ziAmm1-Ivj56F+1c%@Q@Ob)^C@`Y1ri@OE36YryyX;RIJ2bpEF4V
zV-JPJ*@FkK=KB!jfw0BrbSf@$M{wHPkbda8Ak&k_K|Vg4gg{dVfGg#p3)}mPr00F8
zwEUwx`R=YM!?WB_qjLlh73rOU%S}THpA&n#CHp&&Quk*x*85LnBMZjY4$2Fy6|32_
zA*!Q1u_1>AEdnA_2c$UV<i*IX#r{4wYKsG5zh51%7}Aw9boEPaiR8dR=vdf66(eBv
zdqqXzlLd|Wr4Fa?j);`$=#=R4>}a^r(}i#qT#vyq`yrm4w}qk!YpkZwvVq$iWz|zT
z)6dT?Q7bWNmvvEl)zuhQ+Qq{Txp|d}ICeGm#Ok}F9A279@MUQ{^A&+p4cY4g9gPh<
zzQ4lQA#d>+aPN+*F(49US`?Eb&_d%@8oe#UTkSBxPM0NQsWDu?9W3ohs<K@AJOjvu
zPKjc2!N1^9(c3Z5CD)nNPt@|OOi*jtv)WH*hxK`0!2((B2+~xqAbfaZ#gS+51Zq}J
zv+U{Umg!qMyw`?(RnLt|l{J#fqNv15iLR@Zk@0CB8)}tL%)5%E1#Byp#K5H7M{I$n
zk<)${OK7<a6Fb8rbY7ZP<O{#fF=@*MG`mS2j|vG+kME??3PviVwOhz%&#LmK9jwjs
z^ZAM8%<H66^3<|wmg?(SwX#sLm(5Z+99gur^h#<{Im9Fyl9Dhm3&ye6jGWTwWs^MV
z6_mq>CX*RbDLdOHE|Vr`brM~i;qE=jk9D`5IrPro?wQ+Nji6`WU^`0aSk3CqX7$W&
zSbdm%Xnyhi<u7Ubp+_T@tXJSUPgmJlghqjFd)7T4)tqYAxE$3GUjCKwxo=^*m+$XY
z|8uhNYI7A`+XY_LO7RzzLsKSbw4q^QwY^|6?Fnbg>lL+d6}m)HF2kl}R_K5|B%hQ$
z@g#okS{;*T%1ykj5Ke~MVM<Vtc;Mu8|Hd!!SIh0OkEv#!8NS%4i4&181-1PPteo?s
zs%@ij#@tB|>2;n4BK{?73vDw*w!~*A4!ioQ0V{B>x>>tN=kvumS3iNp6qYklZ4%56
zgXGWXUV;=CnMPEO{z5{sdhCuwYMk#Buu>y&mycEy9jdlExj$#aZfS?6znW-V3u`_3
z?{qm!!!q0on~R>AE`jC*4AO7)$i*Eoj>#bFLWL&#KxNr9WA<)W!kCwJR4JT4hEUUl
z9Yh$X#>+Ga-9H*XSuo%$X>gQ?V2(graI}p+1mL7KM6n8mVwxEv5yL>GM9qaGjLa)o
z(Dzg?sk}r>)U+6|dKfB3VkdNK4txczW#ZPeB06v-Ibg3|AN-9I$a7hzB<OKo47pK7
z6`@}AArr4)hu{#(aUTCZPhEIna0~v>IgX+u&sHM1LbK6(Eg!JOdP#~s891E$c1NrB
zl}^;?6NdgdL#;5bR+vm*u|5BMuk?JYBk-AlD4ta(+&_r-NSBf9FmA&O1_tQE9|l?l
z*dU?Pr(nzeL=iSrBrAlO<AWRDnb?Epbvsy7g1r4o2&pF7pm!JV&=a<!jL%2$Mk5f+
zAZ#JG?X}%Ej2dL-Xn}C?qqP9P`PQ%T#%rR<fb9cFeu3+tENk&+2a3HVCoPgZ6;mU9
z@$-`vm)24Jjo`N06Q~c!4`GI#>+X=rtt1qua$;6=fz11wOwGT)-4!K>Gv()hA)5X|
zBqZKs!`c_MNB`1uO_HjB{LxV#;4I`#rx`&Fc&fefYA;y2Q>pC(kLkw9{RELdOH97S
z$svWh=(k~6=@1}KN7BAIvHU9Bt**RE79NOYaA`*OIbx$rM~!-zhBqX=qsCrc4IsG3
z<uE7sfs$H-zh*>vp`Br>>!%<1-I~Oc_QyIB`H)#*icaKWjbSihWy%zBb2Ex^O1*-T
zlukj>avYttX@~gu@I(>=qqbuj+3^IO(X+5P_H0(5%)AOgr^EujP=3?Z-crHncZ2ad
zJ#72tT27;BG8wG3dA}V1$?h~deT|N(Ims8v7_>*SvceFKd-OXf63uK<u~YLqV`DKK
zc@*<^`&A@fh<&sQ$IQdk8(B63(8tDfUAG9Da7`(uh@Uy3=iqm=Y4KNt?gmkDC&24q
zDNqhLZPxzGWgFs2i#yvc>2|9&Xs^mR=)U#a?_f^2w3&9u|NM7{1(U)2Gb$%B*%wS(
zB78HHC~ZWxWUsfQ2=BETSAGnam5%+vLW8H7*)haD*2q!Bk1R)uT9bn>W;he=d3KCL
zQA<^TtUwkPNBR;RufLJ4-(t|b#V*SHt%6HOT1-U}XcxjfO-G=*GYB!L|70YRr?V7f
zuN?t5OBjV14Vd<A1>qZ+q)~hjw{lj0+78hqH{_CO&t(GC0S5mEt)I4`<Q5IgJI?8_
zro_%DNkWU`K+um>jRBgV-1=0=(alCkRtI5X33@3vMwXkO6?W8X3N>_rZ`j(=b`4Px
z1_&mCaZ?e0GyoJ)-o=$uFbvKvWTM(psOS+AEAczYQ<OtM$P*UnM0Ae`R0<j9-j4nP
z&_i(v-^Pm|b(}!KV_}>`2PlJNjdJW^b5Vww!*HF;UEKKG#GysvJVGZKSg_Ux5rpY^
zTsMQTd$sWt=_WX@J(U?h!jQk3FYAxpD?i47YAzWV@?uXlWanvVy)b%?OlbwE;?zI+
z-;M;l`-O>>kj-}e6XQ>-lG#Cic>W3Qf~e6o_0B^<F~#~lVitcMmfcxEh!qe1J7X?F
zvkxU)zt34Lnf-Dm-O7c%8M_BIfsx3lor8ydZ}cPtpZIGrN%v;9U#Q4PC|udlHzC`v
zF}&|H7TK^jri?jQ`J0%?hk_W2m>$+z|0huD^M28=cldOihx!`Md~mvzfmP`AjD2yh
z@l*5kcJwKT(p%X17_4S&nrM-MA%$R^5p3T$f<w>m=dCAsjkeYRQyq)li)yvCbh(iO
z$QLhE>n}hWzFf;87PW6&p*;V=FeWBGIOcHQa2yF;0>q&!(aSh0e>%{S!vKxe!9<w&
zB{iU5dGu#`B=<pS?}75)uDkjV3qzw|u?2v6-{Bb~P5!Jw9_^N3{2t=1?l;tSFc1=c
zdnp@`d0?B{hm`ACWQ>$u0;78mRjiGQcW)*+UOh+DH5jcO&BL?|3D1BYX4bT*iKeT;
z0<+15p}!wsaY!xA(UePzVk9TN2}%98k#tBu@LXA_&5TF3Bm|Q%4c0wo?0K_T(S#~K
z!Ex8&9nw(9i&W)&6GfvT-5YBVUY>J`#rYG~Un9<#(&Byf=~fE@!2k{74~5_@5HvH8
zM3h9Cg?Zp0c3jvfOca7nz+}H00csFB_pP&gxoNQCgG5^5FQpMf$Z?hmM0lmVmU6KB
z2<&*Iqip|qU%%3CZdoL@LJQUw2igu4c>IrpU?~dC!oYP*gI?l^k-4OVNcs<V1Y^)^
zkjxPVG`XSPi!_P4WyA^6ALSAwUxN5dwkmPUGKj^Y_o|E!)h}ubjZuRnqX%DBD55&|
zwQ#v9Th;qCb0eKx*ULjhuX3!^i|=-8Vq)dNOX0;6)}xQ-0cM6!8%{xv)62Y#{KDLg
zzRwDv{7TY)z-L|4EO`yjcxE}jCbLX-R(o(SoEIgX`qYlHOAlW=sh>R99c;D5rlyF~
zCNTwR7CJ<CT>FKr+|;bz7@32tQV~hZlh!>kI0xx&O^*_01h`la=FlUogpkS9ptPdd
zgOr>-u<|FUq4AIRv|^P}5ZYOjihz@ACdX+Hh*FXoaboL9Z5Je8Nt_TJa_|PcIFWP9
z7XZ3kxqiM}f`AQ(8=q<=-(0QfyX;4Fn)n*4A%;8?*~-=<l}sngj2{&ut0e?)Pnz<0
z%8d<K8Y;kS<Er}_o7%j$a$^oPx_~kO#I*wEN4gn8{~{~zdu?4S!kBgSzKlqZ_N&qb
z#iZwiuZxOxr8dBfBMtFGwR|MkNsyq2j#b$$Bm5d4TAx7=uMcW}tuC-tT}qwNRHj_I
zZH=RSWW8(ArVe+=U@HZSqmK?@4WaG(1MBUPQRHfHTibQ1^DVU79MqxNvCW{tnLg4l
zuueb284(9-zZ0_EeoxPTKn`2E_-s7^(u%^CXT&z|q#@38<|1|BcoM3VEPue(mVgIB
z<!g}Y4ms<H@bVtf`ro`mnDho>-oa@fqT6!Clib)~i;i#xsZ5D#LJPh|8Yb(27yb>m
zyC!XEg<-8l`y~;Hsu3VHli275w8XS@>0;jkZ8&wKemN5^3azk7tyn&kNENeve^u;C
zv~}{oD>!Go8NJVSOA_PDKWQc_=FFIF#`oD6;4h;?*NRQ%Iyk6yy7e@w7#-jm?6Zk?
zQxD*<!JfX_-P9Ot;|c+33;g=Kzj|?d;oANP_~=`jF2m6bmZ?8D!VZ;ih!)ui11|5*
zT*$`({^$=>Egg(stQ5>*aBYKBmRM+@n<|rwDzou>2q0~SxU7*~zdQGPU)=J?f=W`h
zFf<tv61aOCIN^I-Y3H=+i>Z&A-Q2Ds2BNgM7=XI>jOny3oRzho|IO+iQ}FkEIU~Fm
zS9fLSj1B&Z0nWOg*|QIFw6)6c#TnQ~>(s%$E*Vs&W7b0x)Hr3__+;_Pg?obZPmTwE
z=9WQngB!r9SPonGm!CC&M9?v6hI)*Ab}hP8jODfUzm=%{Wk#o(R#<<k!pq@oka5pS
zE2XPVH;U3%b`fxNFNem=?dB#8AG|pr0`<gtAN*w9WLiS7NlDu_i92VOpsl>VCoIo$
zX1{aTqFwt=4E8~W{%FW&3K=&L^5W9&ZL;9>47y$PIPP<<Kl4r(Bl##NE5Hj8f@0Wz
zdA}YQQ2Lu1#G$0UKHOve{;r}!WWP<k8Q}B4mz?U+NtZ`r=ZUS=e%}uEY8#P=Ka5{O
zcm-kLj^a*|&q>t*Rzye4Hnsw4R2GXfka1BLru|n~Yi^uR^G9R&r4_=zH$G*(PvN=6
zKH6LNMo{9bMNyk$vm^R>$Ugeny{v=&r=7;nb-c)KF|_T%w@pM;Irb%8tUv{Pj*T6w
z4H_3!+Ods+H?x`gfL9rMu3&@G5uN^q6yA3}JDYl=EfW}5QLAuD*^8|}MTZM{o#a=S
zm%OSws0O-u#w!^WNz(X>Tc+R7;5%rE8$0?9bufD7<+uAYQl~T^B+a@@V~jkLT5b!g
z+JN@{hL7;HgrbtR@3>1;Z@}Fh<k*TH1U#O;eC3I2lYs%eC%r#d@O55Z{>1ZIJ#etw
zqt2WhE`;-d!EBtsDkEU^P~w%1kt&0^2yU;X`S`qsvNh!NAz7R;TwiCm&<E0bU#H)a
z{%R%*e67QammhCnCoZ=kNFGYczOi?u*!sxC?cm~;=&n-zlIkVCxgknoxJ$9yENE#L
zDt%9P(&F9oNnML-Tf%wYRAHw5c49QHHYu5iXD0TyK44=e_*rW%&Rr;Y<71p`&NfU_
z8UbC>bC+CTo*lLwU&Hqa$q4c1P5zY*cD(Qdh?yB<6T<~JG9o6izzi{AJin+r0A(5F
z7752-Kl(zLkrpXxY_4LdLT5PEBN#cblYpISSIcJ#<S7k^2$h#1AmE!RHK7^mGc^L6
zV;=6k7lAHn>^ecaqG*hs|HA`59F`(;W!SSfM!;)0kR-9>5f|DyY|V(sElm?kG{2+C
zLmaASukGxN=V1&HGkmqRnLl=>n_CN8UB6pmyz?rt*fdqD!2<Vc^mfzvHV$0SH5;@x
z(&QazFwG4jpXQjRYubB_8d;WvQ$@y!cBII(1u<i+mD(6Y&J_+Lt<u0J9-JxQN;xf)
z;ImHu_AH)aW@mvXWQ>nvCD-O!adx*D!2EK^;DK-G`no1ki!bSeo;h01@!oIRHfoWc
zFJRpDfz!skW)i_>rXaA0&)jV|F8`P@y`DFzyDjJQ;u{$5fJ>P7VuBwMW&=_5dQ9q#
zC&?gK%ZahpBmm>_%0iJZrSV4CF0ug`9{uUiS2e`1*bT76vUkAGY^4g5;*T{tI<g>t
zYU=!H_IXZgK4uVVckEnn-fbK-N}7p8h%jUsQ@ZNZ?89rjOlcL6l^*}4SoUG0_XP08
z8vOUOI(yrCvzP9-(FW=yw{8GsJ&3wu0GE|!>%>#h$W_)u!S37Bch%Ku<|6yt=9@kO
zoNB-7s?e<7dFm<53FL72{xMU2b+uCpwXRL8<%*AMmp^p1^Ty#(y3yzSpnf-{F1Pv`
z^Dm3><3cBDJ+!ywyu$Sn{{8FehUwtxCaAr297cDn`}k4X%GoUV_v1z%SMzyN7_Qg*
zbocsncWy7Dk6y-=I!iO-HO|jBpZ)C770M%OXkYr-r`@kd(yI57T)yFC`dO@3l|s`v
zz%Y>3UU>%#`9^l=nu@$Ybcr$P8foO)K0>2Jj}*?Jl<0k9hl3T+_q+W<qdeBa=7u8L
zO;E;LOx%tc-<#{DHCSs^jSArZ?rqmP8-;5`Zx+NMn`V_vp^|;8mVc&}zNaRLOvlkg
z3w7<_?~vEA%xPkSKiGDCbtBfKlIU5A-soGVb|71A&ij63s)|Y3XzW|907vI7@<<}l
z^NRzN*`5u(YQVH<j9Jj<n)Sdc|Ezh|W!-`|lPzbuVCfjHTbXK+(1N*TT(>HNTM&O-
zb=`tS4Xm{~a3OZBNuO##5S-SVPVq*3_?-$t=6$-zSA1TuSQ6$}Pjaq+D^+RaK`lmK
za7-Z+vr5Ge5zEl&g4D~buh7<Rzwuf&Uuiw8*#Wq%rO_RC{@`-EV|lfNuCLC=8V`YC
zd&HNlrk0zo{%dhzN0pDN=z*{5ADmxm*aSl12aZFQnFS{lp9a+53JV5;<xB$!O|tsP
za0$B$bXpO~c9-u=lm8lc8iJy08?q{l6IC#sspNfEjpdwXP*`?M3#2SCUWhAy&<l34
zMFwzRG+kkUznSG<&xcU|dm2q3&Mdr96O2BL5Qo?b3cq*>75!T(BH75Jr{{=n3K?V~
zBse^-=`^{BWAe$D)R@A^G#_yth2Lk@eMG*yifx(DsX+U=OFi!oOTu6chXN95gb&_;
zcy!e8zFp@fQ2qDn`tfzg_-gu{-!;{LBu*jA2l3<jf1yPq+#cAHAV-5MS==oWZ{x-Y
z<ic2>`l|@8aT3~9TWny4Z)lVr*u9jf3JdJ@qOFGbG@=ES5d9j&m&CJ*B%db;vH^k1
zaY4Y78=t9skxuvq{a|F2znfR1hNpm9Q$9*dr`rbBP8nlJ=*MWxKEiKsc}bBY{AL|6
z1Uh5y1S5-yykzHR+#By6=2QVlfLctK<C%Br25?Frk4HQX8iqyW+v6Zd)5R-FX5c}B
zrJX|$!3Ls-vP*dzL^0ZPLvh6<sK*|hMTIcJ(SVHYfEgcn2k@4_%ugbbj`Ztc_j<jt
zr{eM-w(OdNA%~AmiUbH{H(|tkfzJe4xzxHTjR+aNSd9b~QbTIvuH~W`Yxn%HhGsnX
z_27d2&V0PcA5wH%(o(JuFXyJLuxAv>b5kCpJFvEI@Nw2ms_6BynDa$>Q2Hp=JTA+b
z%6vfs_rH<S*f<WMO(yZZj+GsBaYPm-L&>7%;2@FFrQzU8|EksKQ{HzX@_i!%UdS_o
zr0Kt}(oK)P8{6)@>HCrbH*{XFw<qh3kM@LOE^AFMv-bk~bcqE+aj4yNf@1DVrMVBP
z$rfI!wl`1uN3X6v3c7sxm>QcQr4o`}8d_lLVqEHy#_NU1BQeIU^n}qpvKGq<3!H$>
z>Py$!zft&DVf$$|h+x*tKVevQnxcEKl`h0EL=U#T(6sL#5P|!QakL2LtlQpH>V}@{
z4jk~7_mz};7WxLxp2B!xSNYSB+;HMn6A3kxB6~GLcR`8#G8l4Yx9fQg8N~I2^jCYm
zUTPyhzs-C`ZOD~Vr~lB%DvgTrc;ZEts1mX_f1TRJk{5HPcO%|*pZ;L-OwQrhVI*Ih
zIykr4x>Sd;{=N^keWUL5DM~aW0FX@qGIsX<2zo$`VyWp@KKv<<c7LfGv!~ucEv=@u
zftu|jw<7ycfed&&1i(r&UwpC-nvQchh&3)gSoU<<4(_lap(HQPr^u)tPk<n2_mca(
zDw^AM!jO@t^S63Q?Uj4WFkM<!6}ODqJNkYh{XI@Red3EWflGxFd{V7De_(O1jhCuh
z-%eivPD}7KCsI^4$<`uGC7sK9$IHKY`3vjYO_lSx3+LH$(t#{;Q|>7Ntli}O{H$>*
zk`Le9)nBaBa<o(U{n^fG+_N$8*cX>8!?5t;BpZLE8mQFuZCJmH@Mc=2?KkUJE1e1c
z{TXo%D0ymQEIY7s-Y~u*Bf0oeZG@`vt7FvZW8N;Jsm6v+8?6lF;;8$#oAj?wh)E*J
zvyHHGRI2{PK8;eaK{sEeouMOXDI7F?;qLaWL7K19Ra5zO7e7Be6cm3l7O#Z?^>vtG
zam0U3?VmX2;`R|Gp^K8tUv$_gS4P_7mvr@vHkY@FA$4TR<<|flk@i^TIrc}rJvr$0
zje*gZ)sagG-b_w|xJc@dunU_zv*`v$Fj&NW@MFCG-k(5FY<zA<9`fGICpLKH4qcej
z-hqY!uXPQ6Jw?7%FLvqYXOv047uzY$9vlyfW45V4E~P=fcOu|~hp^TzsS7HeEi3Lv
z8jC4M1g#aLDuReB?=p)+mM@Y>QJe-tcQ2n%ME_N2huRD|KXMtoF7>EPCz$+P6KfQF
z=EX2j;0z_TZ5~6rs9Wg1Pt^gc;60KO<jy?pZlzA8s3R9SexyL2dQ<?0?C*8mNLKFY
znxLhexvPDM8P}e`!BM)MW7G?Qk`g7`_Ddv(4JZL-K4bD>Amd#~vc|F^cL>&p0&7af
z*dXyIdTmE5zomu4#V-E{?(iR(n?jLfpP5od>&`%kjKVOnDg%?Ypz^y2S=Vwf+L^a8
zw=`p#+AxZ`a~AtB(l<2nA=H-k=_Xx6h~`N_rfwJvwvy2@9pGsqJ(5Qu!FiHFIq@rt
zG-+hXwT$0irb0hp6vPdd8Nwb}d@3cE`Zk20zy-F(-@v`eC^{R<WNy_8#art5TymyF
zKF-ZBgWsElY$6YiZN>k{#V3)%$^>`%BS4IDMAPOTkB7$taQIHsOv&Y0hi*eRztm=|
zo???=W^-JWSwON_<)mCIIy%&iz!sW2WG~&ZltWh!jcFtGd-}F;B5}Y{T3cTq>Luvb
z;eImHhE-2+0Pj32T?Q$?6URQ)LHj5;LqL`%!gv4*$^4)y4(LtP)dXu)Se#(if`Oq}
z5)kQrbI2F7uID;FNGPFly1U_Ue6u%8JEF$=`QE<Q+uwb`JW@ngb!x)*&X?5YDFN7q
z<s8$kGGWAINdx%wJr!M*<Y=7(_I9$`O|x~npgnQ>%fH%<br$FSB_y-Y5LPndcp|#w
zGf1qALSvgf@IoExwi3j!jlZ8&DIzGK1$Q)qKm1s?RIwp7>X)pmRK3`1mC_nPB-2_7
zldoB72Fu8~lw8g4R&1lPc{8eJKlgH@rQ8h*bH@_L#a}NBc6YwP6=gudFhKry;oCoM
z7z7lA<Uj7;_+Mmj|9_GHiCzBB(f?ay_n)Tjzj4iqGLTUJNdfz3A^-d{)qkS@0)5AV
AKmY&$

literal 8006
zcmZ{pRZtuNv!xj<Sb)JLKyV-2-7Waw4DKEX?(V_e-Q9v)a0Yh>?wa7v{&!z?_txI-
zhpz7GI?rF7qoM!@j{^e(g9LM|%cw=6b@Q_Q2?pj10SpZOf3Bv^=EgtFHLNAgEvy}^
ze^@&@fNWeG9iZCwj{B{^_e(=I6%>zUZEJfTv1kdF{-vG{z<F_mFEUD<u@iOe?@TO>
z#KtN2fBw^GceRVTSBa%anEFi4yd2q{7Kb~2yfA;?%?3isCcP01Oza&Dn9~;J;~Qg!
z1P?Mkue^xgd<9!~Tc(cm%Q>AMWs0B}fTlSuQ+wa;vmK>qs#SEHG-Mh5z6E~}r1<VI
zkAeppWt|mEYbDE5RP~6fvrlt_<nI$~gKcEpj4Icl85Z<ybiuG>P6*55DfUtuetS`@
zB9RZ@WPY`p&;6BZYA}`#DW#3F1@aW&wb#VHD;Bd6kn|X|8P8UunHVRTs1wxAW|z#U
zsBDl_`oG!g;}E7P#9;CN>H;^gFK+ra;ir#yT!_(AWaS6;`lR#@PKQMEHe5U`pV{S*
zkocA{`Mdsrf8ar0{-SmdPmJD%k-@-$IgGQh0VTp;g)4<JDcX<F>CA-2B-Mr-#k<%O
zmeNP}Gt@`2IzdoDU(>P)(K8*}Yg;{|5Zh4fqbId#s7cW-$J*EZ=}4~iBPRzkz*6wb
zf=tcz%1(i+OsncgIy$NSt+?*06D?6uGaw26)2!!mGA)@SR)Nl*^tM_+ZWtc-ObFIv
zr@pmq{ywp&53?!?fPqRDmzebjoCP^kj0U~rBo%RJJS%2n3@jo4wv-A%)QGaYh+VQ5
z>yJAbV-%VpZ}eAS4WXJcTRsz^Xq>jy5M^P`-ZGv6nzSgJ1idVMI&g$a7Tlp4TGKdF
zTowJ!Y_r#3;lQP4EVg*u(=mEqs9V5+X%pFKL74eS>f7VEU7!6aK=|0zji_%{b!+Dg
zwF?xiK-%;dS(7bSbn?kb!cS_FU9`(mu=&_;z}$fq^U-iJw&YhVxP4|XJcw4qst+qb
zV|YJlsM3Xvn-A5K#6^-|bo^2!J^^10g0QvKRlslzlh0>@GziQ<Ow&k~&M0ST?a=Ml
zaS6_Ew{)kiw%QZSZ~}}=h9EELCNWC&Me@28&lp?Ygv{#Wvb{c;0m??o3_&yMu&5Sr
zO_}B5(h>M43~g?BaVfR=V;tZddeqWU<OxBP?HW`l?qvdLVt*Ckx#tSZ0DRKPUt;##
ztisQ#2?{_>U_SP1&SJG3W^L%W_OA=LIyg+tuBo8ri&1cv;0<ci5BuH=8iiDL5nOl~
z;kp}Vr5P(YTRJI%;G&||_>CxAyfm}Y0YBW4KPH>jW>bN~?_d1FAk2#XD;Gh*gZ7NS
z$J4!|Yp=3Q<{e-ENcIT{{(SuW)Z6TZqsnFP;0-%NX0~N&=!(p$b+N7AYT-@ukYjqi
z-qFr9Q7Vn*IyQcvxO3htf|KYkxhfj0(C4QU(t(t-tywweA=KV^e|2O~UR;UEjgGBk
zA}wUntb}bS33R`?&7+`@<YB;DsUttc3kj_mo;vS<fz4=XSsu>6T5<W{CUvuFNa)JA
zN>bwC>zb(?9mzE%ue^o|>~s(~=t6FrzubNpo}K@afD0iFAFUTXY4m8A&{#iuwrW!5
zBfHMS>+P2>tI{`O)2Z3tj#s;uj=#x08_^?=d{)^y2~dObDY+MHe*5=Y(8K?$Gk6E9
zDp|&NaRop*>y*2`@>xPCNif=;ojAmS8{^pPX6WDR6!Gte-cg2gcp5CJ$%#%67mmKK
zi9A`nE>>S=S<ke->H=qX>%*UwnUfv0L9dxyJ;O9U=VTv?BEo!<j_w>CD|wyQ^K))t
zgP(LR+clr~oU3~3&4@vAURZ$k-=UIY<rD+UAo@O|wM)7iU}kj0V~RM%V1a&T`yA<I
zL7xvP8X7uUcDhBQq{l5~Qo2Q2Yw|%8N>EcJfkn7PAK6r}43?oNGf()k;e0*ynze-{
zq)-}iW!!UwYPCc|&Lb0;Q7`D~75_pkT-D(6Xbc(hzUbEV4oCgU=57NBw{>i|&!(O4
zoDMI4c0f`JYMK#TvqtQ;a<wm`RWm-Ty~L7zyTQ+dcb!ZPNSA|&EwweYpw#*87~<;S
z^9{2}G094>Lps)Ltpa<CB7s0TzI(_ic)))I{exAw;MxZ9=Mfw|CEVvOy;{Sh;;6*f
zW7=-GFf^6`|Ed8XMJ65Pz1Gu`)AvGmC9<Wky;5wJsMd5?ZF^urw|m^pNON4t>6i{C
zKKWD%o1~P~fsC+e*(L)6)f^C?!bC?FjLA?r!{+a`i@5n!cDlQ+|M8_5=lS@4@Z>5}
zypgqG^V2oDZ52te(=Qbb4G|hfCFH}Jk3INqJ83glNp;&l!u0pVLzLaqFA^K?f8z7g
zN{7-dK7Z<)0{!fq&^4N|`o|Zjh*vNhv)6<N3F)vFKRS>-4<DJ*SStE9?d?5W?2@<4
ztef{f?K^OO8#$bmkum=glUokn!sK{Rs@Xcfl#}mozRcB}$5zqYo6*=);_zrd*luj?
zPP5w^y#jAQenS@DjK`n-)qb`1{iII6oiz{ie_kkn5c*3$`AK6c3-kFcFI0iKQyt;{
z?K+BFuqc?~dZRcjznl<%!`&RIYs5ggT=3%s%b!vB*q*YL@x2*|;cA)vUSfud`Cu3s
zpHOi0jsB{jvFFhoS^aY4^6Kl(+A`mI1o$_wlZX$8x6bC(`w(#F&<6XK^Cr(8{gC~J
zDBdZW8p*PB7-Cu+`_$MZXwvhuo7?@EL(9>r;m~v`?Kl^oiru)%k4BX<4<i@D51{h@
zK*66elxQnF7?{^27#QGxpupbP+5v2C?_~EMH2B{*Z~^glS#M4K=*@$zy3}9iNHyad
zyWox#I$Kjbjhy!|Ez8ImO%kVK`j<(i9n@TS_}sbW0uuzkmCRHYY0D$Wj1?DrGtl3U
zF>`c<bn@0#Z!uZaT~^E!T_`F@g1(p(DC5g-PI^-Wc;i4{?b|iDRzh=kmlnBqCw*|2
zmdHW?85*^_93p^XSGEm<UbY@u8+@Z*fL+hAp#wX@ZX87C+y195BNR6CNG~5~c{|9l
zMT8g)+o+_vOxr)n#u^*hFkXO<_c5K{;T03<PEz!*<IP-0cUC7z!JP?j@SMdn_$mo^
z`_9qQQFM3kxl+*q#%B~LB>tJV(Lea#k#EXo(F}ghm2r0#HxR!`|IuE0#$@j|&EGa3
z-7|8r&F}ohs>|?`*IG`y0Gn$6*6#oqiO|$GM)fmdIvr|<^&Lxv9O-kn9}c9yPfF5H
zM6TmF59)Eg=3Bn@5qaldP+<SP{Qe~%{vn39CxW1*K?4g)@Z>u+$Ou%4zT-;hO?sMa
zu=ox9ZBgLz8DbE&ku;=?E~{IR7Vk^>;h!{Gx?zCdgU9!aDo;4TOUyEh*l`tn3QH?b
z5;=2PAVneDs|+t8B?{>ev=-lKm|%LfHx*D%hJJqYGqpV{G@m)tJ{tj7K_J7=1`kp`
z`6@Oq$a#ryc^%QC4e+vYp)p-<)$yo)gb5t1xFePz6mUHq`soPk&a2JBh?^EL)A|P}
z&i;5cN`h85KCSPJ4-)?%M`n+>2<5%~tIEc87urw~=C3FbuB30V(ybY5O00Lo*(*5!
z`oZ3SvB222ygdEVVer9D;<$yC$<iJ7<R(%q<mh1L$lVH(Kk(PEyTbL+YDnJ^Co4h6
zLHRvJ{=kxR(jYY6X2PvTXNG0j#a=E!-{(Sh9uyuv9?5e*qtbs~Q>qP_?m)OlM%n$l
zMRVw5=NPtHM_jRlu?f$Vtf}zFw45zR$|OCrVr7M<G_;JR?{{0|Y}C?rbL1C|l^C|t
zjs}HZ)v-M8VNNGW<wi?DlZuOUDOok)`u%Xdu@&*UealPh;?@dc(IchBIH8>z@w+DU
zD;9*b<ew;4R^s*!=f0a=$y%}s@hoF1<zRE;1+9SW!|;8Wz5S?R1jWa<guG@|J&2|d
zyR~Y~52Du7I;B>xbI*G#5zPrgNd6Mu?2XMTjbGcg+dMZXZ51<}CAW50{-wD*Hv{5z
z+VP3cTya@SNEWv)bPt2sbow)7E|ISSE2~>t=B_8Yh+)1HT_8hQvlY9>!W_H8L~D#c
zs?rcM>avb^6nB_zBW0vKjrf2qbv&`MZEQQSp=3vnC}+S*codLUSXZmQ&WiNZ0+-N9
zKvO+OL)TazjrbENbAEX)tXB2Q53|uW9NLs9$EqzNlY%DL6!N-T`B0#i^rGY8Ydo9^
zxUv5?tV~Ej_HhRY&=j$O^f&$@0Hn*uGvk5gj05cgsz=#&XDVm7$zZYec^Wte$2KA@
zR-GSo#}d-}^HB;b_H1|dy*ghG{MM8`R}HIVGFA=u*GKDC9i6Y7jeXxWR*P?^k2Yx4
zM;v*WnekDG-qNbSFKl^&&10=&^>{;l;Po85q@oqi4EcI)$5=9^#Yeo{^+9T;2&GGO
z*PGO~iQ^_JGxW?2!kQq{s0|kiE#%h-K(sOIWDnhb%xH_m7;=`Htr&VKlcF$gIF_=$
zOkY$dySfIQo%WM0k-@5uLF4_YD@XN42^@@G9($H{WAaQ1JZc>Y>J1+!MPxq03`=(8
zo_L^rHBsosADV@>0_{<7zpS~yJ_Uc6W{6K5N@GnU(hON`Eq+K4r6?jWE<9Z_h$weF
z!-!{Ay|8=KN0`j)%;ZE6mP;LjdeK+W)xUCB6Ix*{8@&24lrM^VU*%s37GFY)MS#wq
zow$&yYCWmMa}9=QnwK?JPKYkKU9fi*4u_zGC4=hcRz&u5M|_$4v4u%qK9tnhWzdFh
ziJLKEHr6Tk#K}y{H>=JMOLtGCsQ2IzEGIP&^^HmSj{u(Hn@z}0O2c#cJ~Cfu@d_-+
z)0D;DL={yq3XoX&clYzmZn&CqR@N&m*U2)?Kcfk_3)1{SBBJx`kvUFwy!6nUXy7#D
zjwIGFCdkl%<rkR`4t)4vS`vzp`YnVDx=j2SzyrGiy-6SQMF{!!8^|tn9<L7ZGMFlD
zOk!o7@ir$=9;rga0@@MKn=CkEY;X!P^Cl*4ayZ@T2V>z<ZYKBJ{$YDOGFmwL=<N=E
z*QaeHen@0XN0>4b4UiBKR@)tf7w9hi89gsk#RPr!Z^4`fD~klPb?o=Gl5YUF@3yJ}
z5f>;e@t#l9j?W9WpJJZPk}-h2(i!7`lnFXGuN~)f*VhwzZf=SfXVIL{Fl_On6&g-E
zEImuw7#Ap?q!lBt5lK|4q$u}|ot;w+2p4!*y-Cyb=h=c5(%Mge%vKV3Dt;d!BVvEZ
zX{mq<uHhRv`js7t*EqA}ReiXAU}gjBJ~A;?nH{n_S4TP^YwTRiSl(h#_a)lwq`*^W
z;`z)>tD=KaXMdvV2KgB7ws5gPj0p4g9W_iY1|V@_^5%OYOm?wy$M3PcSFPGA@WmP`
z%HmK_F~$kf6689Qiix8n8XDNJW5RLzZQXe6Cl9J%)Rt<H*IEdst~o-|AJSs6H7CzW
z;Z<DP`%GkD`OOAUW9zO2;IvK`drqK)O#@A>mLch30GR@+2Kb0X*id#eRY0iO@vFhZ
zOV~C^rFR`niq1TXxOf;HX-oUrZkSTKp}Wp3D5jcQtTcDuUm+-KljhcAYe5=b%z4W#
z-4^x)C`doj-=dfuiU>;i`#Qv0<ZAP0H-@`{824{OeRxe#0!>^PhdB%7X+;@9MFn+O
zpMMPOjatF#^{gzkBbL)6u1cdE5}A#wy{&(WJCPLpV&aT-gDVkbo&CN6(Bi}2x{-rF
zTk%U>bUqiR^CEj*(Ur<s*Y-Th{8nQYTA#VAAzbG?zPO1IC}qqf#~ZC(AGR?#352I%
z<JPdLc9o&~nz%QTH@YfrgeZ=Jr!le%qVO1n^<g@Jkugpx&=nP93=$;+U{GG0-KJ-g
z<zg{JWO|HEFR%2YX53O_g^TpABnktYZImP?%h@nGSxg;HamUQGg_<%6X!I&znio^M
zf9OASQx<UFbyJ(GQw!B9r<Q~&OMDs#L(mrevtR4SK<iLMlHQXM-T2|3Ooq5g1qIvc
zOz1NK;_y_LHKGE=#lQ3JTBFujgIBQ|pkqGc6m$L(Om0uJs?3c}m`rna7P3dd^iE8<
zMqZq&lkq<fMfr)I91T&ukHuyN2aM5KzJ}$422C(N9>b}=YD;nuh*o?|3-IjU9G6CB
zwP1&SDf`)m;aT6eFdVsmKBrWmX{3YV%URwirEs`yYToXigpkpY?G9tPqnc&Dnr)V4
zHx(I7Kl>vJAdnUtA-x_#(6$=OHJf=fb7=&hz(Z3c?wn0oqN*1SC)__t<-oTa6KNj^
z-J!)@lR<C`_=&h7qq@Br7~OOiWJS`1>$t52D?c6rvqx<+lJb-~_}l0_?hSwY+moO*
z-;IV>IN%(b#u69nU^x6Y?AK3!ge$RwM}6+Q0(}dStPvIoM%l@6ta%(Otxh#7@Ov%$
zD)qi#acdDp@jB9B4IfJ&<p7mUtAPBYd6Lstc8L;dJV_xx6FJfri@pFolpR!AW7oO{
z0Xipr;)9&WD1MrO<j>earhD8SXoQn?BkE>^@UwmZgJ|R77#*$OszE6Q!BO@}Ee=dy
z{28`VT$IN^0<GQtUjobV;l&u`iaR?c1XTi&lIaoeI~#$DIIzi-tY*sPP^PbvSUJ-5
zjf;D*8p3gE<E?T8jIQm;U&Pp<<hBl@wN!A_*!Rf1Ps_3;5rbw~Krb2&FX(7R=D>Cw
z70oOp_>+Z}bFN=yS$9tuDCXa^@G<=4%kOBZ;>@tng_ds|Sraje*}QF0Z-2sBZG{Tv
z*HMtG{+8>kYei)LIK~MT9RBk_cr=?Mr5vg>4ge>hpcVFn!ko?qyp|3nW<2LSiVcQ&
z5*0R>Z6>-kle23BT9`=J=3=mw2M6izazt?N2k8i%mK*Sn8H^J7#!|0_&&BJG`>-WW
zPzXW!M1^(9TydXlpu^Wa=8@TMCprz_cbC9k>iijIBc79lFt=M}5<Hfg2AZx!Va}u`
zUU<-M>qse*K5gZQJ1xPKF?xyh%u3ilKqfWSsX^bf3uV)fNG$G(yBUdElF!BCk!6+J
zcg!=ca@bLeuB?oTk%+yTrf#pLH;gH78ufJklBIS%xXop>2#nS&>WeiRz)$IDHn#UF
zd03SanH9};3T$YLicF=MTxVtSNMR<LK*lx?o;~$L!r1;`ReA7Pm6zuk1y{rr`_xlm
z;dLEu`tAl>`Ke9KsR>vv=I^(#buO9G$)GCTs@jjrA#HCrVZAPjYZdo2ncihJ2tTIE
z*B)4rcJQ0I(6oCg1x-{NdcL={GX!D#{Z6s8h3@e%jKS%sYT)nL-_r+&`<@mutE?JF
zHU+KeDQJ^(+N#Hi&Pp}|gXN#$)un2PP-p98C3DkBjpb~X^usMa3D&V6?>0I*LiIV%
zDF$GnBbj^VgGl8iXXY7$?u|RykAuIr*~)-4c8es`zwG!$zbjiSK{vqiVzm(0DB=Na
zbTw7~>7LisT@>oIc!oGy4b^XfWhD+sdmwT0oDNLIC*i7oLQ<7$x_lj-S^f^%$>L*J
zIJ8*yr8=&{nO^q8v7#ogxf-2bCU2^{Dp&4Sx06g;E*vMG-GACURXqL&D*so>oO+l4
z`wEey2Zf=FILr<C+>ZFU6Zh^<&^_p2FWSCZ&IW3A`3c7z!Mn4dZMp6{l<wm2b9S`u
z)ofIcLyqw!?OF%PyE=U_x>FvAHBX7|RP*-7=dk_DnYjlTYKX6N0cClaRR}d;1NN=U
zZrlA6-4XW>mlCP!C<{MPHuoUn=6^n(&DUF`C0!x7?vj)&)}0vTd%Yy5kBlfhnyA!E
zF{C{r<vT36DnG>FSWd!w92Tw;t+t-g6ki}tTe!qJ0_Z2TppEM8Zx1`QP_E6E41=8W
zkdwu+%$sM2^;?ve7Z+5^r_DbsegMnW{qZzqp1y4XgGoCuWSKgRL2Kzkdinzpn4+NR
zw<z}9nqPIb-{#h*OJ~OJ4h!NR{=v-@VHA}r=Zn_*6;VPs%A{B`J3~H6m(iv-!i2dI
z^a2~npU-!x)j5?nDXbQJ=}T&Bwejl#>@dh`XU<D>9^<{fmkY;Dv%UC<F2W18_viNa
z!uh|*xkXbGYg_)x4&4Ag(w8?s|BcQ-11GA+9i(jXlO%{wHt@P!Hi9ov%m3Gis5d_*
zJ?T?v*NIx&nTbOu=Xqz0f&k0kVsQV44`CH^lTX83sl`iesohs=v#}az)LTZBFUJ@^
zAeQDlRbNo+d@FEzZGtLpcop9h&4Zhf??6Y6+vg&JU{Mt>Y0>3vz$7B40qLP21dA0u
z>L%~2s0q1GssMi@K?rMjDXBIqkLSBBkq*b|sa{Fc)n@Lf8!jtjVr-1cw7wf57kB=n
zdSz#put$+*b)}mqBwzPm@Gww0neU#43GAt%fi9N3GKujwHS4p-ZPMP*W(LPyj>1Tx
z-;aG!6%ZCVRh?l7Lsm}DdUqh12MfT&b66^4RP?ybBo%>6=NC$64;{83(Y_80$9RMP
z7<C{mC;!en=b}SVv7As3f4Y(cH<a_1>3&}TA<>(8)-}}TR0AS)TOPh~U|bS1+)Y>n
z#AKP!)vm22&s+b-eLG-W3&|(9K3GtZvI-SrMW)6LSG%gTs7>_lMiu#>Tzy5*7b{Bp
z*tyz2@b~$9jbZTKKOy4r#By}7!(uV1>3si3#m0Y&Kv=4W+E34P>$*h#Z`*eu%yR#q
zBUY!0m#10$zc)mO8Z+=Uk#VV-{V8l7ibPM3q}Ii-cN)0WgLiV9Ou=VW;1-q|9gkP5
z@qT)B{A9cC?;%82|4t-uW{IS5z<XJ-R1AOSvEzpj=5U;qkKE%H(X#!Bt=n!}zUU@8
zXg2vj#h7LKkdVR$o>3XnR%18#<~-sJMo!RrZ7FhPSXh4=H{Fb>5=A})uBaa10~c~-
zYaZphGvQ55(y%tFGr;5Cpq89_bCB=q5Hz2~<0Kl-@(t*^r$^!FI<G(;{??o4I#{=2
zQn!w;B|JDJ=nr_ut=TBQowdA)dvy3(TQ(gryST~haxg9HHF`DLhjWp`EPB=5pM{(|
z^yE|!WiBucHOJl|RhUd7Rg!A|t#ZH5<1b9<JiKxiQ2%YU<e_AfUGfdmq)r5_^nmOz
z6eEiSpLi5@_?D^)7R>fR`;u*NCzrau<||dCb_tiQZ~kl$P=D^QF8T)j{@MzyFTNl2
z<)cRF9eZ(RKs2F1I+HG<kRJQJ*<UBKD5*PkGO7Dp>7vD+51TIZ?oQU^1|8*A|EygS
zB%`>P=GUf@_$Tc9$o?0PgGe{(D27~+Z&G%o`d9$%fkG_lrS9qOTJ$oLhR1!%L+Sbz
zxbn^K;QlPRLla`c-(mVUQF^^P2%`JIC9(W@e1Ub$ZFw|kYC&me6-plJBB6nuLiq0;
z%M(lcNpQs<R2cs<?<>hG=qvn9IN@k=T_nvKE95|lz*A|A$t=x#m4Z2N_T(UjTk`wC
zO?%y8>vu;(KZ?`68}dIgFpQ)><?DUe@s=jnXaXn7MIZlCZ;}oyR%9Y~f_cJaLxjLz
z1j%4Mr^EZ-S4PN_W%ZtEfM1)r;!_qJcNH<{`>&~VpMGN)=dqq*noZGo$XX$lXuA!|
zI)xIqnw=txyRv0D5v>LFoqqAOALGnHR4!A{k91R16OLgOj4O74%s!Dz!m6iOBa}$p
z`kdt>(&Nt)>)L6P^4H25t*D9Wwq_WO3-UbXzzd_NjT~cQeE>&a%el;vHn_>(+SR>A
z%@uLnks}0S^3x#YaLW3$8Y`)cZtNPD*q$-fe_a<j4iP<C(cS~}`Z<;V&5_bGKE}f+
z-HblqEZF6DLKb~{@&&!&;9$oC-^tyva~3Tg4qq(?&)Fd;geKWQKn1P{ADokpYx_+9
zS@3!Kq9_Liu|3mmMmzg=GhvtN48e&)swve^7q{G$la@Bl7`ybIoNF}O4rGp&W>r;z
zCMwB<aS-C$nG~f#UYw#<K)|=-Pv0Nq%zln=ZONhcgt@Pvr;1Gq{c6Oqk9IRwB?#FN
zZrkGoQrXrktID=~IRFBI8g%7?FFL&QW3PTpiAgyXUTSgoLZ4ca0+%wljTtOy24Bf}
zj3cmlOHfNR?Rp%Xj3eDsimk^3GLv=zON|c+ey3Y^=mN`Tr!D<RRhi4VO6ZV;bxatp
zNw2%_F*F6*^+GWxy7Ou`=Pn~zSU_Dw1<l~QVBq(HP2X?Io>6Bfzhn-7l0fr=$#UWI
zw)bKROqE2g+@l3-P1ibJrF>(<6`mK)I(v#)@GTcXi^OTicM3OZ*KO<6lV|NWo{MK-
zg&6BEa`tNHOBrprcx=cgHPHtOv^cXBQT=f^iNbQ3A}4XqK;MpB`q5Ukb(U|m33kUR
z8e^K}jfsu7bC`985l>!=aC3}p*E(_Q2e*20QbyCx)k5jkLA+{KZ&waIFBmEc09YKj
w|2eJxk2n2))&G!P|96r9?r#4d1ze>6kJqiDfPna4FR=gVkpIkT(*N527YH+HE&u=k

diff --git a/Solutions/Forcepoint CSG/Package/createUiDefinition.json b/Solutions/Forcepoint CSG/Package/createUiDefinition.json
index 628ef9bbf1e..7adf10d7b48 100644
--- a/Solutions/Forcepoint CSG/Package/createUiDefinition.json	
+++ b/Solutions/Forcepoint CSG/Package/createUiDefinition.json	
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\n[Forcepoint Cloud Security Gateway](https://www.forcepoint.com/product/cloud-security-gateway) (CSG) Solution for Microsoft Sentinel exports web and/or email logs so that custom dashboards can be created using Workbooks to visualize events and insights on activities of Forcepoint Cloud Security Gateway.\n\nFor more details about this solution refer to [integration documentation](https://forcepoint.github.io/docs/csg_and_sentinel/). \n\r\n2. **Forcepoint CSG via Legacy Agent** - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n**NOTE:** Microsoft recommends installation of Forcepoint CSG via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024,** and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).\n\n**Data Connectors:** 1, **Workbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Forcepoint%20CSG/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Forcepoint Cloud Security Gateway](https://www.forcepoint.com/product/cloud-security-gateway) (CSG) Solution for Microsoft Sentinel exports web and/or email logs so that custom dashboards can be created using Workbooks to visualize events and insights on activities of Forcepoint Cloud Security Gateway.\n\nFor more details about this solution refer to [integration documentation](https://forcepoint.github.io/docs/csg_and_sentinel/).\n\r\n1. **Forcepoint CSG via AMA** - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**.\n\r\n2. **Forcepoint CSG via Legacy Agent** - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n**NOTE:** Microsoft recommends installation of Forcepoint CSG via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024,** and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).\n\n**Data Connectors:** 2, **Workbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -60,9 +60,10 @@
             "name": "dataconnectors1-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Solution installs the data connector for Forcepoint CSG. You can get Forcepoint CSG CommonSecurityLog data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
+              "text": "This solution installs the data connector for ingesting Forcepoint CSG logs in the CEF format into Microsoft Sentinel. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
             }
           },
+        
           {
             "name": "dataconnectors-link2",
             "type": "Microsoft.Common.TextBlock",
@@ -88,7 +89,7 @@
             "name": "workbooks-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This solution installs workbook(s) to help you gain insights into the telemetry collected in Microsoft Sentinel. After installing the solution, start using the workbook in Manage solution view."
+              "text": "This Microsoft Sentinel Solution installs workbooks. Workbooks provide a flexible canvas for data monitoring, analysis, and the creation of rich visual reports within the Azure portal. They allow you to tap into one or many data sources from Microsoft Sentinel and combine them into unified interactive experiences."
             }
           },
           {
diff --git a/Solutions/Forcepoint CSG/Package/mainTemplate.json b/Solutions/Forcepoint CSG/Package/mainTemplate.json
index 2fae175a76a..2c82d3e1d10 100644
--- a/Solutions/Forcepoint CSG/Package/mainTemplate.json	
+++ b/Solutions/Forcepoint CSG/Package/mainTemplate.json	
@@ -38,10 +38,10 @@
     }
   },
   "variables": {
-    "solutionId": "microsoftsentinelcommunity.azure-sentinel-solution-forcepoint-csg",
-    "_solutionId": "[variables('solutionId')]",
     "_solutionName": "Forcepoint CSG",
     "_solutionVersion": "3.0.0",
+    "solutionId": "microsoftsentinelcommunity.azure-sentinel-solution-forcepoint-csg",
+    "_solutionId": "[variables('solutionId')]",
     "uiConfigId1": "ForcepointCSG",
     "_uiConfigId1": "[variables('uiConfigId1')]",
     "dataConnectorContentId1": "ForcepointCSG",
@@ -51,6 +51,15 @@
     "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1'))))]",
     "dataConnectorVersion1": "1.0.0",
     "_dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]",
+    "uiConfigId2": "ForcepointCSGAma",
+    "_uiConfigId2": "[variables('uiConfigId2')]",
+    "dataConnectorContentId2": "ForcepointCSGAma",
+    "_dataConnectorContentId2": "[variables('dataConnectorContentId2')]",
+    "dataConnectorId2": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId2'))]",
+    "_dataConnectorId2": "[variables('dataConnectorId2')]",
+    "dataConnectorTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId2'))))]",
+    "dataConnectorVersion2": "1.0.0",
+    "_dataConnectorcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId2'),'-', variables('dataConnectorVersion2'))))]",
     "workbookVersion1": "1.0.0",
     "workbookContentId1": "ForcepointCloudSecurityGatewayWorkbook",
     "workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]",
@@ -416,6 +425,371 @@
         }
       }
     },
+    {
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+      "apiVersion": "2023-04-01-preview",
+      "name": "[variables('dataConnectorTemplateSpecName2')]",
+      "location": "[parameters('workspace-location')]",
+      "dependsOn": [
+        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
+      ],
+      "properties": {
+        "description": "Forcepoint CSG data connector with template version 3.0.0",
+        "mainTemplate": {
+          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+          "contentVersion": "[variables('dataConnectorVersion2')]",
+          "parameters": {},
+          "variables": {},
+          "resources": [
+            {
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId2'))]",
+              "apiVersion": "2021-03-01-preview",
+              "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors",
+              "location": "[parameters('workspace-location')]",
+              "kind": "GenericUI",
+              "properties": {
+                "connectorUiConfig": {
+                  "id": "[variables('_uiConfigId2')]",
+                  "title": "[Recommended] Forcepoint CSG via AMA (using Azure Functions)",
+                  "publisher": "Forcepoint",
+                  "descriptionMarkdown": "Forcepoint Cloud Security Gateway is a converged cloud security service that provides visibility, control, and threat protection for users and data, wherever they are. For more information visit: https://www.forcepoint.com/product/cloud-security-gateway",
+                  "graphQueries": [
+                    {
+                      "metricName": "Total data received",
+                      "legend": "Forcepoint CSG",
+                      "baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)"
+                    }
+                  ],
+                  "sampleQueries": [
+                    {
+                      "description": "Top 5 Web requested Domains with log severity equal to 6 (Medium)",
+                      "query": "CommonSecurityLog\n| where TimeGenerated <= ago(0m)\n| where DeviceVendor == \"Forcepoint CSG\"\n| where DeviceProduct == \"Web\"\n| where LogSeverity == 6\n| where DeviceCustomString2 != \"\"\n| summarize Count=count() by DeviceCustomString2\n| top 5 by Count\n| render piechart"
+                    },
+                    {
+                      "description": "Top 5 Web Users with 'Action' equal to 'Blocked'",
+                      "query": "CommonSecurityLog\n| where TimeGenerated <= ago(0m)\n| where DeviceVendor == \"Forcepoint CSG\"\n| where DeviceProduct == \"Web\"\n| where Activity == \"Blocked\"\n| where SourceUserID != \"Not available\"\n| summarize Count=count() by SourceUserID\n| top 5 by Count\n| render piechart"
+                    },
+                    {
+                      "description": "Top 5 Sender Email Addresses Where Spam Score Greater Than 10.0",
+                      "query": "CommonSecurityLog\n| where TimeGenerated <= ago(0m)\n| where DeviceVendor == \"Forcepoint CSG\"\n| where DeviceProduct == \"Email\"\n| where DeviceCustomFloatingPoint1 > 10.0\n| summarize Count=count() by SourceUserName\n| top 5 by Count\n| render barchart"
+                    }
+                  ],
+                  "dataTypes": [
+                    {
+                      "name": "CommonSecurityLog (Forcepoint CSG)",
+                      "lastDataReceivedQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Web'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n            | summarize Time = max(TimeGenerated)\n            | where isnotempty(Time)"
+                    },
+                    {
+                      "name": "CommonSecurityLog (Forcepoint CSG)",
+                      "lastDataReceivedQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Email'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n            | summarize Time = max(TimeGenerated)\n            | where isnotempty(Time)"
+                    }
+                  ],
+                  "connectivityCriterias": [
+                    {
+                      "type": "IsConnectedQuery",
+                      "value": [
+                        "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Web'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)",
+                        "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Email'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)"
+                      ]
+                    }
+                  ],
+                  "availability": {
+                    "status": 1,
+                    "isPreview": false
+                  },
+                  "permissions": {
+                    "resourceProvider": [
+                      {
+                        "provider": "Microsoft.OperationalInsights/workspaces",
+                        "permissionsDisplayText": "read and write permissions are required.",
+                        "providerDisplayName": "Workspace",
+                        "scope": "Workspace",
+                        "requiredPermissions": {
+                          "read": true,
+                          "write": true,
+                          "delete": true
+                        }
+                      },
+                      {
+                        "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys",
+                        "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).",
+                        "providerDisplayName": "Keys",
+                        "scope": "Workspace",
+                        "requiredPermissions": {
+                          "action": true
+                        }
+                      }
+                    ],
+                    "customs": [
+                      {
+                        "description": "To collect data from non-Azure VMs, they must have Azure Arc installed and enabled. [Learn more](https://docs.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-install?tabs=ARMAgentPowerShell,PowerShellWindows,PowerShellWindowsArc,CLIWindows,CLIWindowsArc)"
+                      },
+                      {
+                        "description": "Common Event Format (CEF) via AMA and Syslog via AMA data connectors must be installed [Learn more](https://learn.microsoft.com/azure/sentinel/connect-cef-ama#open-the-connector-page-and-create-the-dcr)"
+                      }
+                    ]
+                  },
+                  "instructionSteps": [
+                    {
+                      "instructions": [
+                        {
+                          "parameters": {
+                            "title": "1. Kindly follow the steps to configure the data connector",
+                            "instructionSteps": [
+                              {
+                                "title": "Step A. Configure the Common Event Format (CEF) via AMA data connector",
+                                "description": "_Note:- CEF logs are collected only from Linux Agents_\n\n1. Navigate to Microsoft Sentinel workspace ---> configuration ---> Data connector blade .\n\n2. Search for 'Common Event Format (CEF) via AMA' data connector and open it.\n\n3. Check If there is no existing DCR configured to collect required facility of logs, Create a new DCR (Data Collection Rule)\n\n\t_Note:- It is recommended to install minimum 1.27 version of AMA agent [Learn more](https://learn.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-portal ) and ensure there is no duplicate DCR as it can cause log duplicacy_\n\n4. Run the command provided in the CEF via AMA data connector page to configure the CEF collector on the machine"
+                                
+                              },
+                              {
+                                "title": "Step B. Implementation options",
+                                "description": "The integration is made available with two implementations options.",
+                                "innerSteps": [
+                                  {
+                                    "title": "1.  Docker Implementation",
+                                    "description": "Leverages docker images where the integration component is already installed with all necessary dependencies.\n\nFollow the instructions provided in the Integration Guide linked below.\n\n[Integration Guide >](https://frcpnt.com/csg-sentinel)"
+                                  },
+                                  {
+                                    "title": "2.  Traditional Implementation",
+                                    "description": "Requires the manual deployment of the integration component inside a clean Linux machine.\n\nFollow the instructions provided in the Integration Guide  linked below.\n\n[Integration Guide >](https://frcpnt.com/csg-sentinel)"
+                                  }
+                                ]
+                              },
+                              {
+                                "title": "Step C. Validate connection",
+                                "description": "Follow the instructions to validate your connectivity:\n\nOpen Log Analytics to check if the logs are received using the CommonSecurityLog schema.\n\nIt may take about 20 minutes until the connection streams data to your workspace.\n\nIf the logs are not received, run the following connectivity validation script:\n\n 1. Make sure that you have Python on your machine using the following command: python -version\n\n2. You must have elevated permissions (sudo) on your machine",
+                                "instructions": [
+                                  {
+                                    "parameters": {
+                                      "label": "Run the following command to validate your connectivity:",
+                                      "value": "sudo wget -O Sentinel_AMA_troubleshoot.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/Syslog/Sentinel_AMA_troubleshoot.py&&sudo python Sentinel_AMA_troubleshoot.py --cef"
+                                    },
+                                    "type": "CopyableLabel"
+                                  }
+                                ]
+                              }
+                            ]
+                          },
+                          "type": "InstructionStepsGroup"
+                        }
+                      ]
+                    },
+                    {
+                      "description": "Make sure to configure the machine's security according to your organization's security policy\n\n\n[Learn more >](https://aka.ms/SecureCEF).",
+                      "title": "2. Secure your machine "
+                    }
+                  ]
+                }
+              }
+            },
+            {
+              "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
+              "apiVersion": "2023-04-01-preview",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId2'),'/'))))]",
+              "properties": {
+                "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId2'))]",
+                "contentId": "[variables('_dataConnectorContentId2')]",
+                "kind": "DataConnector",
+                "version": "[variables('dataConnectorVersion2')]",
+                "source": {
+                  "kind": "Solution",
+                  "name": "Forcepoint CSG",
+                  "sourceId": "[variables('_solutionId')]"
+                },
+                "author": {
+                  "name": "Forcepoint"
+                },
+                "support": {
+                  "name": "Community",
+                  "tier": "Community",
+                  "link": "https://github.com/Azure/Azure-Sentinel/issues"
+                }
+              }
+            }
+          ]
+        },
+        "packageKind": "Solution",
+        "packageVersion": "[variables('_solutionVersion')]",
+        "packageName": "[variables('_solutionName')]",
+        "packageId": "[variables('_solutionId')]",
+        "contentSchemaVersion": "3.0.0",
+        "contentId": "[variables('_dataConnectorContentId2')]",
+        "contentKind": "DataConnector",
+        "displayName": "[Recommended] Forcepoint CSG via AMA (using Azure Functions)",
+        "contentProductId": "[variables('_dataConnectorcontentProductId2')]",
+        "id": "[variables('_dataConnectorcontentProductId2')]",
+        "version": "[variables('dataConnectorVersion2')]"
+      }
+    },
+    {
+      "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
+      "apiVersion": "2023-04-01-preview",
+      "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId2'),'/'))))]",
+      "dependsOn": [
+        "[variables('_dataConnectorId2')]"
+      ],
+      "location": "[parameters('workspace-location')]",
+      "properties": {
+        "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId2'))]",
+        "contentId": "[variables('_dataConnectorContentId2')]",
+        "kind": "DataConnector",
+        "version": "[variables('dataConnectorVersion2')]",
+        "source": {
+          "kind": "Solution",
+          "name": "Forcepoint CSG",
+          "sourceId": "[variables('_solutionId')]"
+        },
+        "author": {
+          "name": "Forcepoint"
+        },
+        "support": {
+          "name": "Community",
+          "tier": "Community",
+          "link": "https://github.com/Azure/Azure-Sentinel/issues"
+        }
+      }
+    },
+    {
+      "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId2'))]",
+      "apiVersion": "2021-03-01-preview",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors",
+      "location": "[parameters('workspace-location')]",
+      "kind": "GenericUI",
+      "properties": {
+        "connectorUiConfig": {
+          "title": "[Recommended] Forcepoint CSG via AMA (using Azure Functions)",
+          "publisher": "Forcepoint",
+          "descriptionMarkdown": "Forcepoint Cloud Security Gateway is a converged cloud security service that provides visibility, control, and threat protection for users and data, wherever they are. For more information visit: https://www.forcepoint.com/product/cloud-security-gateway",
+          "graphQueries": [
+            {
+              "metricName": "Total data received",
+              "legend": "Forcepoint CSG",
+              "baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)"
+            }
+          ],
+          "dataTypes": [
+            {
+              "name": "CommonSecurityLog (Forcepoint CSG)",
+              "lastDataReceivedQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Web'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n            | summarize Time = max(TimeGenerated)\n            | where isnotempty(Time)"
+            },
+            {
+              "name": "CommonSecurityLog (Forcepoint CSG)",
+              "lastDataReceivedQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Email'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n            | summarize Time = max(TimeGenerated)\n            | where isnotempty(Time)"
+            }
+          ],
+          "connectivityCriterias": [
+            {
+              "type": "IsConnectedQuery",
+              "value": [
+                "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Web'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)",
+                "CommonSecurityLog\n |where DeviceVendor =~ 'Forcepoint CSG'\n  |where DeviceProduct =~ 'Email'\n  |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)"
+              ]
+            }
+          ],
+          "sampleQueries": [
+            {
+              "description": "Top 5 Web requested Domains with log severity equal to 6 (Medium)",
+              "query": "CommonSecurityLog\n| where TimeGenerated <= ago(0m)\n| where DeviceVendor == \"Forcepoint CSG\"\n| where DeviceProduct == \"Web\"\n| where LogSeverity == 6\n| where DeviceCustomString2 != \"\"\n| summarize Count=count() by DeviceCustomString2\n| top 5 by Count\n| render piechart"
+            },
+            {
+              "description": "Top 5 Web Users with 'Action' equal to 'Blocked'",
+              "query": "CommonSecurityLog\n| where TimeGenerated <= ago(0m)\n| where DeviceVendor == \"Forcepoint CSG\"\n| where DeviceProduct == \"Web\"\n| where Activity == \"Blocked\"\n| where SourceUserID != \"Not available\"\n| summarize Count=count() by SourceUserID\n| top 5 by Count\n| render piechart"
+            },
+            {
+              "description": "Top 5 Sender Email Addresses Where Spam Score Greater Than 10.0",
+              "query": "CommonSecurityLog\n| where TimeGenerated <= ago(0m)\n| where DeviceVendor == \"Forcepoint CSG\"\n| where DeviceProduct == \"Email\"\n| where DeviceCustomFloatingPoint1 > 10.0\n| summarize Count=count() by SourceUserName\n| top 5 by Count\n| render barchart"
+            }
+          ],
+          "availability": {
+            "status": 1,
+            "isPreview": false
+          },
+          "permissions": {
+            "resourceProvider": [
+              {
+                "provider": "Microsoft.OperationalInsights/workspaces",
+                "permissionsDisplayText": "read and write permissions are required.",
+                "providerDisplayName": "Workspace",
+                "scope": "Workspace",
+                "requiredPermissions": {
+                  "read": true,
+                  "write": true,
+                  "delete": true
+                }
+              },
+              {
+                "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys",
+                "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).",
+                "providerDisplayName": "Keys",
+                "scope": "Workspace",
+                "requiredPermissions": {
+                  "action": true
+                }
+              }
+            ],
+            "customs": [
+              {
+                "description": "To collect data from non-Azure VMs, they must have Azure Arc installed and enabled. [Learn more](https://docs.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-install?tabs=ARMAgentPowerShell,PowerShellWindows,PowerShellWindowsArc,CLIWindows,CLIWindowsArc)"
+              },
+              {
+                "description": "Common Event Format (CEF) via AMA and Syslog via AMA data connectors must be installed [Learn more](https://learn.microsoft.com/azure/sentinel/connect-cef-ama#open-the-connector-page-and-create-the-dcr)"
+              }
+            ]
+          },
+          "instructionSteps": [
+            {
+              "instructions": [
+                {
+                  "parameters": {
+                    "title": "1. Kindly follow the steps to configure the data connector",
+                    "instructionSteps": [
+                      {
+                        "title": "Step A. Configure the Common Event Format (CEF) via AMA data connector",
+                        "description": "_Note:- CEF logs are collected only from Linux Agents_\n\n1. Navigate to Microsoft Sentinel workspace ---> configuration ---> Data connector blade .\n\n2. Search for 'Common Event Format (CEF) via AMA' data connector and open it.\n\n3. Check If there is no existing DCR configured to collect required facility of logs, Create a new DCR (Data Collection Rule)\n\n\t_Note:- It is recommended to install minimum 1.27 version of AMA agent [Learn more](https://learn.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-portal ) and ensure there is no duplicate DCR as it can cause log duplicacy_\n\n4. Run the command provided in the CEF via AMA data connector page to configure the CEF collector on the machine"
+                        
+                      },
+                      {
+                        "title": "Step B. Implementation options",
+                        "description": "The integration is made available with two implementations options.",
+                        "innerSteps": [
+                          {
+                            "title": "1.  Docker Implementation",
+                            "description": "Leverages docker images where the integration component is already installed with all necessary dependencies.\n\nFollow the instructions provided in the Integration Guide linked below.\n\n[Integration Guide >](https://frcpnt.com/csg-sentinel)"
+                          },
+                          {
+                            "title": "2.  Traditional Implementation",
+                            "description": "Requires the manual deployment of the integration component inside a clean Linux machine.\n\nFollow the instructions provided in the Integration Guide  linked below.\n\n[Integration Guide >](https://frcpnt.com/csg-sentinel)"
+                          }
+                        ]
+                      },
+                      {
+                        "title": "Step C. Validate connection",
+                        "description": "Follow the instructions to validate your connectivity:\n\nOpen Log Analytics to check if the logs are received using the CommonSecurityLog schema.\n\nIt may take about 20 minutes until the connection streams data to your workspace.\n\nIf the logs are not received, run the following connectivity validation script:\n\n 1. Make sure that you have Python on your machine using the following command: python -version\n\n2. You must have elevated permissions (sudo) on your machine",
+                        "instructions": [
+                          {
+                            "parameters": {
+                              "label": "Run the following command to validate your connectivity:",
+                              "value": "sudo wget -O Sentinel_AMA_troubleshoot.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/Syslog/Sentinel_AMA_troubleshoot.py&&sudo python Sentinel_AMA_troubleshoot.py --cef"
+                            },
+                            "type": "CopyableLabel"
+                          }
+                        ]
+                      }
+                    ]
+                  },
+                  "type": "InstructionStepsGroup"
+                }
+              ]
+            },
+            {
+              "description": "Make sure to configure the machine's security according to your organization's security policy\n\n\n[Learn more >](https://aka.ms/SecureCEF).",
+              "title": "2. Secure your machine "
+            }
+          ],
+          "id": "[variables('_uiConfigId2')]"
+        }
+      }
+    },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
@@ -443,7 +817,7 @@
               },
               "properties": {
                 "displayName": "[parameters('workbook1-name')]",
-                "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Top 5 Web requested Domains with log severity equal to 6 (Medium)\\n---\"},\"name\":\"text - 2\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Web\\\"\\n| where LogSeverity == 6\\n| where DeviceCustomString2 != \\\"\\\"\\n| summarize Count=count() by DeviceCustomString2\\n| top 5 by Count\\n| render piechart\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"Count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Count\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 2\"},{\"type\":1,\"content\":{\"json\":\"## Top 5 Web requested Domains with log severity equal to 9 (High)\\n---\"},\"name\":\"text - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Web\\\"\\n| where LogSeverity == 9\\n| where DeviceCustomString2 != \\\"\\\"\\n| summarize Count=count() by DeviceCustomString2\\n| top 5 by Count\\n| render piechart\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"Count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Count\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 2 - Copy\"},{\"type\":1,\"content\":{\"json\":\"## Top 5 Web Users with 'Action' equal to 'Blocked'\\n---\"},\"name\":\"text - 2\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Web\\\"\\n| where Activity != \\\"Blocked\\\"\\n| where SourceUserID != \\\"Not available\\\"\\n| summarize Count=count() by SourceUserID\\n| top 5 by Count\\n| render piechart\",\"size\":1,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"name\":\"query - 3\"},{\"type\":1,\"content\":{\"json\":\"## Top 5 Sender Email Addresses Where Spam Score Greater Than 10.0\\n---\"},\"name\":\"text - 4\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Email\\\"\\n| where DeviceCustomFloatingPoint1 > 1.0\\n| summarize Count=count() by SourceUserName\\n| top 5 by Count\\n\",\"size\":1,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"categoricalbar\",\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"SourceIP\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"SourceUserName\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"Count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}}},\"name\":\"query - 5\"}],\"fromTemplateId\":\"sentinel-ForcepointCloudSecuirtyGatewayworkbook\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\n",
+                "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"## Top 5 Web requested Domains with log severity equal to 6 (Medium)\\n---\"},\"name\":\"text - 2\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Web\\\"\\n| where LogSeverity == 6\\n| where DeviceCustomString2 != \\\"\\\"\\n| summarize Count=count() by DeviceCustomString2\\n| top 5 by Count\\n| render piechart\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"Count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Count\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 2\"},{\"type\":1,\"content\":{\"json\":\"## Top 5 Web requested Domains with log severity equal to 9 (High)\\n---\"},\"name\":\"text - 7\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Web\\\"\\n| where LogSeverity == 9\\n| where DeviceCustomString2 != \\\"\\\"\\n| summarize Count=count() by DeviceCustomString2\\n| top 5 by Count\\n| render piechart\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"RequestURL\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"Count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Count\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 2 - Copy\"},{\"type\":1,\"content\":{\"json\":\"## Top 5 Web Users with 'Action' equal to 'Blocked'\\n---\"},\"name\":\"text - 2\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Web\\\"\\n| where Activity != \\\"Blocked\\\"\\n| where SourceUserID != \\\"Not available\\\"\\n| summarize Count=count() by SourceUserID\\n| top 5 by Count\\n| render piechart\",\"size\":1,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\"},\"name\":\"query - 3\"},{\"type\":1,\"content\":{\"json\":\"## Top 5 Sender Email Addresses Where Spam Score Greater Than 10.0\\n---\"},\"name\":\"text - 4\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| where TimeGenerated  <= ago(0m)\\n| where DeviceVendor == \\\"Forcepoint CSG\\\"\\n| where DeviceProduct == \\\"Email\\\"\\n| where DeviceCustomFloatingPoint1 > 1.0\\n| summarize Count=count() by SourceUserName\\n| top 5 by Count\\n\",\"size\":1,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"categoricalbar\",\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"SourceIP\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"SourceUserName\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"Count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}}},\"name\":\"query - 5\"}],\"fromTemplateId\":\"sentinel-ForcepointCloudSecuirtyGatewayworkbook\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n",
                 "version": "1.0",
                 "sourceId": "[variables('workspaceResourceId')]",
                 "category": "sentinel"
@@ -516,7 +890,7 @@
         "contentSchemaVersion": "3.0.0",
         "displayName": "Forcepoint CSG",
         "publisherDisplayName": "Community",
-        "descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p><a href=\"https://www.forcepoint.com/product/cloud-security-gateway\">Forcepoint Cloud Security Gateway</a> (CSG) Solution for Microsoft Sentinel exports web and/or email logs so that custom dashboards can be created using Workbooks to visualize events and insights on activities of Forcepoint Cloud Security Gateway.</p>\n<p>For more details about this solution refer to <a href=\"https://forcepoint.github.io/docs/csg_and_sentinel/\">integration documentation</a>.</p>\n<ol start=\"2\">\n<li><strong>Forcepoint CSG via Legacy Agent</strong> - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the legacy Log Analytics agent.</li>\n</ol>\n<p><strong>NOTE:</strong> Microsoft recommends installation of Forcepoint CSG via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by <strong>Aug 31, 2024,</strong> and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost <a href=\"https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate\">more details</a>.</p>\n<p><strong>Data Connectors:</strong> 1, <strong>Workbooks:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p><a href=\"https://www.forcepoint.com/product/cloud-security-gateway\">Forcepoint Cloud Security Gateway</a> (CSG) Solution for Microsoft Sentinel exports web and/or email logs so that custom dashboards can be created using Workbooks to visualize events and insights on activities of Forcepoint Cloud Security Gateway.</p>\n<p>For more details about this solution refer to <a href=\"https://forcepoint.github.io/docs/csg_and_sentinel/\">integration documentation</a>.</p>\n<ol>\n<li><p><strong>Forcepoint CSG via AMA</strong> - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent <a href=\"https://learn.microsoft.com/azure/sentinel/connect-cef-ama\">here</a>. <strong>Microsoft recommends using this Data Connector</strong>.</p>\n</li>\n<li><p><strong>Forcepoint CSG via Legacy Agent</strong> - This data connector helps in ingesting Forcepoint CSG logs into your Log Analytics Workspace using the legacy Log Analytics agent.</p>\n</li>\n</ol>\n<p><strong>NOTE:</strong> Microsoft recommends installation of Forcepoint CSG via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by <strong>Aug 31, 2024,</strong> and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost <a href=\"https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate\">more details</a>.</p>\n<p><strong>Data Connectors:</strong> 2, <strong>Workbooks:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
         "contentKind": "Solution",
         "contentProductId": "[variables('_solutioncontentProductId')]",
         "id": "[variables('_solutioncontentProductId')]",
@@ -544,6 +918,11 @@
               "contentId": "[variables('_dataConnectorContentId1')]",
               "version": "[variables('dataConnectorVersion1')]"
             },
+            {
+              "kind": "DataConnector",
+              "contentId": "[variables('_dataConnectorContentId2')]",
+              "version": "[variables('dataConnectorVersion2')]"
+            },
             {
               "kind": "Workbook",
               "contentId": "[variables('_workbookContentId1')]",
diff --git a/Solutions/Forcepoint CSG/ReleaseNotes.md b/Solutions/Forcepoint CSG/ReleaseNotes.md
new file mode 100644
index 00000000000..952c81748a0
--- /dev/null
+++ b/Solutions/Forcepoint CSG/ReleaseNotes.md	
@@ -0,0 +1,5 @@
+| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                 |
+|-------------|--------------------------------|--------------------------------------------------------------------|
+| 3.0.0       | 11-09-2023                     |	Addition of new Forcepoint CSG AMA **Data Connector**           | 	                                                            |  
+         
+