Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wiz solution fix workbook #9109

Merged
merged 14 commits into from
Oct 5, 2023
Merged

Wiz solution fix workbook #9109

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
8cd7ff5
fixed workbook in main template
yanivblumWiz Sep 27, 2023
44896d7
more fixes
yanivblumWiz Sep 27, 2023
a222172
repackaged
yanivblumWiz Sep 27, 2023
990d04d
added Wiz workbook to workbooks metadata file
yanivblumWiz Sep 28, 2023
cb645f9
Merge branch 'master' into Wiz_solution_fix_workbook
yanivblumWiz Sep 28, 2023
807a3cc
allign metadat with master
yanivblumWiz Sep 28, 2023
986d684
allign format with master
yanivblumWiz Sep 28, 2023
0bc23f4
allign formatting with master
yanivblumWiz Sep 28, 2023
04486ed
Merge branch 'master' into pr/9109
v-prasadboke Sep 29, 2023
3a2ac56
Merge branch 'Wiz_solution_fix_workbook' of https://github.com/yanivb…
yanivblumWiz Sep 29, 2023
0ff6b63
added correct path
yanivblumWiz Sep 29, 2023
a7cb388
Update createUiDefinition.json
v-prasadboke Oct 5, 2023
47f7ec6
Update mainTemplate.json
v-prasadboke Oct 5, 2023
492a46d
Delete Solutions/Wiz/Package/2.0.0.zip
v-prasadboke Oct 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file removed Solutions/Wiz/Package/2.0.0.zip
View file
Open in desktop
Binary file not shown.
2 changes: 1 addition & 1 deletion Solutions/Wiz/Package/createUiDefinition.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"config": {
"isWizard": false,
"basics": {
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Wiz.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Wiz](https://wiz.io/) solution for Microsoft Sentinel enables you to ingest [Wiz Issues](https://docs.wiz.io/wiz-docs/docs/issues), [Wiz Vulnerability Findings](https://docs.wiz.io/wiz-docs/docs/vulnerability-findings), and [Wiz Audit Logs](https://docs.wiz.io/wiz-docs/docs/audit-log-settings) into Microsoft Sentinel using the Wiz REST API.\n\n\n \n **Underlying Microsoft Technologies used:** \n This solution relies on the following technologies, which may be in a [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs: \n a. [Azure Functions](https://azure.microsoft.com/services/functions/#overview) \n b. [Azure Key Vault](https://azure.microsoft.com/services/key-vault/#overview) \n\n**Data Connectors:** 1, **Workbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
"description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Wiz.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Wiz/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing. \n\nThe [Wiz](https://wiz.io/) solution for Microsoft Sentinel enables you to ingest [Wiz Issues](https://docs.wiz.io/wiz-docs/docs/issues), [Wiz Vulnerability Findings](https://docs.wiz.io/wiz-docs/docs/vulnerability-findings), and [Wiz Audit Logs](https://docs.wiz.io/wiz-docs/docs/audit-log-settings) into Microsoft Sentinel using the Wiz REST API.\n\n\n \n **Underlying Microsoft Technologies used:** \n This solution relies on the following technologies, which may be in a [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs: \n a. [Azure Functions](https://azure.microsoft.com/services/functions/#overview) \n b. [Azure Key Vault](https://azure.microsoft.com/services/key-vault/#overview) \n\n**Data Connectors:** 1, **Workbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
"subscription": {
"resourceProviders": [
"Microsoft.OperationsManagement/solutions",
Expand Down
4 changes: 2 additions & 2 deletions Solutions/Wiz/Package/mainTemplate.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"author": "Wiz - support@eiz.io",
"author": "Wiz - support@wiz.io",
"comments": "Solution template for Wiz Findings"
},
"parameters": {
Expand Down Expand Up @@ -491,7 +491,7 @@
},
"properties": {
"displayName": "[parameters('workbook1-name')]",
"serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n|summarizecount()byTimeGenerated\",\"title\":\"Issuesovertime\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"linechart\"},\"name\":\"Issuesovertime\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n|summarizecount()byTimeGenerated\",\"title\":\"Vulnerabilitiesovertime\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"linechart\"},\"name\":\"Vulnerabilitiesovertime\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizAuditLogs_CL\\n|summarizecount()byTimeGenerated\",\"title\":\"AuditLogsovertime\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"linechart\"},\"name\":\"AuditLogsovertime\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()byseverity_s\\n\",\"title\":\"Issuesbyseverity\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issuesbyseverity\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()bystatus_s\\n\",\"title\":\"Issuesbystatus\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issuesbystatus\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()byentitySnapshot_cloudPlatform_s\\n\",\"title\":\"Issuesbycloudplatform\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issuesbycloudplatform\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()byentitySnapshot_type_s\\n\",\"title\":\"Issuesbyentitytype\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issuesbyentitytype\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizAuditLogs_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()bystatus_s\\n\",\"title\":\"AuditLogsbystatus\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"AuditLogsbystatus\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizAuditLogs_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()byaction_s\\n\",\"title\":\"AuditLogsbyactions\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"AuditLogsbyactions\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()byvulnerableAsset_type_s\\n\",\"title\":\"VulnerabilitiesbyAssetType\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"VulnerabilitiesbyAssetType\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()byvendorSeverity_s\\n\",\"title\":\"VulnerabilitiesbyVendorSeverity\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"VulnerabilitiesbyVendorSeverity\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n|summarizearg_max(TimeGenerated,*)byid_g\\n|summarizecount()bydetectionMethod_s\\n\",\"title\":\"VulnerabilitiesbyDetectionMethod\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"VulnerabilitiesbyDetectionMethod\"}],\"fromTemplateId\":\"sentinel-Alertsoverview\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}",
"serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n| summarize count() by TimeGenerated\",\"title\":\"Issues over time\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"linechart\"},\"name\":\"Issues over time\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n| summarize count() by TimeGenerated\",\"title\":\"Vulnerabilities over time\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"linechart\"},\"name\":\"Vulnerabilities over time\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizAuditLogs_CL\\n| summarize count() by TimeGenerated\",\"title\":\"Audit Logs over time\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"linechart\"},\"name\":\"Audit Logs over time\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by severity_s\\n\",\"title\":\"Issues by severity\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issues by severity\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by status_s\\n\",\"title\":\"Issues by status\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issues by status\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by entitySnapshot_cloudPlatform_s\\n\",\"title\":\"Issues by cloud platform\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issues by cloud platform\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizIssues_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by entitySnapshot_type_s\\n\",\"title\":\"Issues by entity type\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Issues by entity type\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizAuditLogs_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by status_s\\n\",\"title\":\"Audit Logs by status\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Audit Logs by status\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizAuditLogs_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by action_s\\n\",\"title\":\"Audit Logs by actions\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Audit Logs by actions\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by vulnerableAsset_type_s\\n\",\"title\":\"Vulnerabilities by Asset Type\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Vulnerabilities by Asset Type\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by vendorSeverity_s\\n\",\"title\":\"Vulnerabilities by Vendor Severity\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Vulnerabilities by Vendor Severity\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"WizVulnerabilities_CL\\n| summarize arg_max(TimeGenerated, *) by id_g\\n| summarize count() by detectionMethod_s\\n\",\"title\":\"Vulnerabilities by Detection Method\",\"size\":3,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\"},\"customWidth\":\"33\",\"name\":\"Vulnerabilities by Detection Method\"}],\"fromTemplateId\":\"sentinel-Alertsoverview\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}",
"version": "1.0",
"sourceId": "[variables('workspaceResourceId')]",
"category": "sentinel"
Expand Down
1 change: 1 addition & 0 deletions Workbooks/Images/Logos/Wiz_logo.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Workbooks/Images/Preview/WizFindingsBlack1.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Workbooks/Images/Preview/WizFindingsBlack2.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Workbooks/Images/Preview/WizFindingsBlack3.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Workbooks/Images/Preview/WizFindingsWhite1.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Workbooks/Images/Preview/WizFindingsWhite2.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Workbooks/Images/Preview/WizFindingsWhite3.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Loading