Merge pull request #9204 from Azure/v-atulyadav/barracudacloudgen

Repackaged Barracuda Cloudgen
Azure · Oct 30, 2023 · f354c62 · f354c62
2 parents 2f8e75f + c359b63
commit f354c62
Show file tree

Hide file tree

Showing 8 changed files with 142 additions and 264 deletions.
diff --git a/Solutions/Barracuda CloudGen Firewall/Data Connectors/template_BarracudaCloudFirewall.JSON b/Solutions/Barracuda CloudGen Firewall/Data Connectors/template_BarracudaCloudFirewall.JSON
@@ -67,7 +67,7 @@
             {
 
                 "title": "", 
-                "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias CGFWFirewallActivity and load the function code or click [here](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Barracuda%20CloudGen%20Firewall/Parsers/CGFWFirewallActivity.txt).The function usually takes 10-15 minutes to activate after solution installation/update.",
+                "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias CGFWFirewallActivity and load the function code or click [here](https://aka.ms/sentinel-barracudacloudfirewall-parser). The function usually takes 10-15 minutes to activate after solution installation/update.",
                 "instructions": [ 
                 ]    
             }, 
@@ -116,7 +116,7 @@
         },
         {
             "title": "Configure and connect the Barracuda CloudGen Firewall",
-            "description": "[Follow instructions](https://aka.ms/sentinel-barracudacloudfirewall-connector) to configure syslog streaming. Use the IP address or hostname for the Linux machine with the Azure\n    Sentinel agent installed for the Destination IP address.",
+            "description": "[Follow instructions](https://aka.ms/sentinel-barracudacloudfirewall-connector) to configure syslog streaming. Use the IP address or hostname for the Linux machine with the Microsoft Sentinel agent installed for the Destination IP address.",
             "instructions": [
                 {
                     "parameters": {
@@ -140,7 +140,7 @@
         "support": {
             "name": "Barracuda Networks",
             "link": "https://www.barracuda.com/support",
-            "tier": "developer"
+            "tier": "Community"
         }
     }
 }
diff --git a/Solutions/Barracuda CloudGen Firewall/Data/Solution_BarracudaCloudGenFirewall.json b/Solutions/Barracuda CloudGen Firewall/Data/Solution_BarracudaCloudGenFirewall.json
@@ -1,19 +1,16 @@
 {
   "Name": "Barracuda CloudGen Firewall",
   "Author": "Barracuda",
-  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/barracuda_logo.svg\"width=\"75px\" height=\"75px\">",
+  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\"width=\"75px\" height=\"75px\">",
   "Description": "The [Barracuda CloudGen Firewall ](https://www.barracuda.com/products/cloudgenfirewall) (CGFW) Solution for Microsoft Sentinel allows you to easily connect your Barracuda CGFW syslogs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Data collection using Syslog in Microsoft Sentinel](https://docs.microsoft.com/azure/sentinel/connect-syslog)",
   "Data Connectors": [
-    "Data Connectors/template_BarracudaCloudFirewall.JSON"
+    "Data Connectors/template_BarracudaCloudFirewall.json"
   ],
   "Parsers": [
-    "Parsers/CGFWFirewallActivity.txt"
-  ],
-  "Workbooks": [
-    "Workbooks/Barracuda.json"
+    "Parsers/CGFWFirewallActivity.yaml"
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Barracuda CloudGen Firewall",
-  "Version": "2.0.2",
+  "Version": "3.0.0",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
   "Is1PConnector": false

diff --git a/Solutions/Barracuda CloudGen Firewall/Data/system_generated_metadata.json b/Solutions/Barracuda CloudGen Firewall/Data/system_generated_metadata.json
@@ -0,0 +1,30 @@
+{
+  "Name": "Barracuda CloudGen Firewall",
+  "Author": "Barracuda",
+  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\"width=\"75px\" height=\"75px\">",
+  "Description": "The [Barracuda CloudGen Firewall ](https://www.barracuda.com/products/cloudgenfirewall) (CGFW) Solution for Microsoft Sentinel allows you to easily connect your Barracuda CGFW syslogs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Data collection using Syslog in Microsoft Sentinel](https://docs.microsoft.com/azure/sentinel/connect-syslog)",
+  "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Barracuda CloudGen Firewall",
+  "Version": "3.0.0",
+  "Metadata": "SolutionMetadata.json",
+  "TemplateSpec": true,
+  "Is1PConnector": false,
+  "publisherId": "microsoftsentinelcommunity",
+  "offerId": "azure-sentinel-solution-barracudacloudgenfirewall",
+  "providers": [
+    "Barracuda"
+  ],
+  "categories": {
+    "domains": [
+      "Security - Network"
+    ]
+  },
+  "firstPublishDate": "2021-05-02",
+  "support": {
+    "name": "Community",
+    "tier": "Community",
+    "link": "https://github.com/Azure/Azure-Sentinel/issues"
+  },
+  "Data Connectors": "[\n  \"Data Connectors/template_BarracudaCloudFirewall.json\"\n]",
+  "Parsers": "[\n  \"CGFWFirewallActivity.yaml\"\n]",
+  "Workbooks": "[\n  \"Workbooks/Barracuda.json\"\n]"
+}
diff --git a/Solutions/Barracuda CloudGen Firewall/Package/3.0.0.zip b/Solutions/Barracuda CloudGen Firewall/Package/3.0.0.zip
diff --git a/Solutions/Barracuda CloudGen Firewall/Package/createUiDefinition.json b/Solutions/Barracuda CloudGen Firewall/Package/createUiDefinition.json
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/Images/Logos/barracuda_logo.svg\"width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Barracuda CloudGen Firewall ](https://www.barracuda.com/products/cloudgenfirewall) (CGFW) Solution for Microsoft Sentinel allows you to easily connect your Barracuda CGFW syslogs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Data collection using Syslog in Microsoft Sentinel](https://docs.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1, **Workbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\"width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Barracuda CloudGen Firewall/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution.\n\nThe [Barracuda CloudGen Firewall ](https://www.barracuda.com/products/cloudgenfirewall) (CGFW) Solution for Microsoft Sentinel allows you to easily connect your Barracuda CGFW syslogs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Data collection using Syslog in Microsoft Sentinel](https://docs.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -81,48 +81,6 @@
             }
           }
         ]
-      },
-      {
-        "name": "workbooks",
-        "label": "Workbooks",
-        "subLabel": {
-          "preValidation": "Configure the workbooks",
-          "postValidation": "Done"
-        },
-        "bladeTitle": "Workbooks",
-        "elements": [
-          {
-            "name": "workbooks-text",
-            "type": "Microsoft.Common.TextBlock",
-            "options": {
-              "text": "This solution installs workbook(s) to help you gain insights into the telemetry collected in Microsoft Sentinel. After installing the solution, start using the workbook in Manage solution view."
-            }
-          },
-          {
-            "name": "workbooks-link",
-            "type": "Microsoft.Common.TextBlock",
-            "options": {
-              "link": {
-                "label": "Learn more",
-                "uri": "https://docs.microsoft.com/azure/sentinel/tutorial-monitor-your-data"
-              }
-            }
-          },
-          {
-            "name": "workbook1",
-            "type": "Microsoft.Common.Section",
-            "label": "Barracuda CloudGen FW",
-            "elements": [
-              {
-                "name": "workbook1-text",
-                "type": "Microsoft.Common.TextBlock",
-                "options": {
-                  "text": "Gain insights into your Barracuda CloudGen Firewall by analyzing firewall operations and events.\nThis workbook provides insights into rule enforcement, network activities, including number of connections, top users, and helps you identify applications that are popular on your network."
-                }
-              }
-            ]
-          }
-        ]
       }
     ],
     "outputs": {