From f1ac03c3e4c00bbea061ed002224c829e52a9a36 Mon Sep 17 00:00:00 2001
From: v-rusraut <v-rusraut@microsoft.com>
Date: Mon, 9 Oct 2023 16:48:56 +0530
Subject: [PATCH 1/4] Repackaging - ISC Bind

---
 .../Connector_Syslog_ISCBind.json             |  2 +-
 .../ISC Bind/Data/Solution_ISC Bind.json      |  4 +-
 Solutions/ISC Bind/Parsers/ISCBind.txt        | 65 -------------------
 3 files changed, 3 insertions(+), 68 deletions(-)
 delete mode 100644 Solutions/ISC Bind/Parsers/ISCBind.txt

diff --git a/Solutions/ISC Bind/Data Connectors/Connector_Syslog_ISCBind.json b/Solutions/ISC Bind/Data Connectors/Connector_Syslog_ISCBind.json
index d7e6f99813d..5ff9587054c 100644
--- a/Solutions/ISC Bind/Data Connectors/Connector_Syslog_ISCBind.json	
+++ b/Solutions/ISC Bind/Data Connectors/Connector_Syslog_ISCBind.json	
@@ -62,7 +62,7 @@
   "instructionSteps": [
     {
       "title": "",
-      "description":"**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias ISCBind and load the function code or click [here](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/ISC%20Bind/Parsers/ISCBind.txt).The function usually takes 10-15 minutes to activate after solution installation/update." ,
+      "description":"**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias ISCBind and load the function code or click [here](https://aka.ms/sentinel-iscbind-parser).The function usually takes 10-15 minutes to activate after solution installation/update." ,
       "instructions": [
       ]
     },
diff --git a/Solutions/ISC Bind/Data/Solution_ISC Bind.json b/Solutions/ISC Bind/Data/Solution_ISC Bind.json
index 17c3788d095..c324e724db2 100644
--- a/Solutions/ISC Bind/Data/Solution_ISC Bind.json	
+++ b/Solutions/ISC Bind/Data/Solution_ISC Bind.json	
@@ -2,12 +2,12 @@
   "Name": "ISC Bind",
   "Author": "Microsoft - support@microsoft.com",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "The [ISC Bind](https://www.isc.org/bind/) solution for Microsoft sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)",
+  "Description": "The [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)",
   "Data Connectors": [
     "Solutions/ISC Bind/Data Connectors/Connector_Syslog_ISCBind.json"
   ],
   "Parsers": [
-    "Solutions/ISC Bind/Parsers/ISCBind.txt"
+    "Solutions/ISC Bind/Parsers/ISCBind.yaml"
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel",
   "Version": "2.0.1",
diff --git a/Solutions/ISC Bind/Parsers/ISCBind.txt b/Solutions/ISC Bind/Parsers/ISCBind.txt
deleted file mode 100644
index 582e5d4ccdd..00000000000
--- a/Solutions/ISC Bind/Parsers/ISCBind.txt	
+++ /dev/null
@@ -1,65 +0,0 @@
-// Title:           ISC Bind
-// Author:          Microsoft
-// Version:         1.0
-// Last Updated:    09/16/2022
-// Comment:         Inital Release
-//  
-// DESCRIPTION:
-// This parser takes raw ISC Bind logs from a Syslog stream and parses the logs into a normalized schema.
-//
-//
-// REFERENCES: 
-// Using functions in Azure monitor log queries: https://docs.microsoft.com/azure/azure-monitor/log-query/functions
-
-//request events
-let request = Syslog 
-| where SyslogMessage has_all ("client", "query:") and SyslogMessage !has "response:"
-| parse SyslogMessage with
-        * "client " * " "
-        SrcIpAddr:string "#" 
-        SrcPortNumber:string " " *
-        "query: "
-        DnsQuery:string " "
-        DnsQueryClassName:string " "
-        DnsQueryTypeName:string " "
-        DnsFlags:string
-| extend ServerIPAddressIndex= indexof(DnsFlags, " ")
-| extend ServerIPAddress = iif(ServerIPAddressIndex != "-1", substring(DnsFlags, ServerIPAddressIndex),"")
-| extend ServerIPAddress = replace_regex(ServerIPAddress,@"[()]","")
-| extend DnsFlags =iif(ServerIPAddressIndex != "-1", substring(DnsFlags, 0, ServerIPAddressIndex), DnsFlags)
-| extend SrcPortNumber = replace_regex(SrcPortNumber,@"[^\d]","")
-| extend EventSubType = "request",DnsResponseCodeName = "NA"
-| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,ServerIPAddressIndex;
-//request (cache) events
-let requestcache = Syslog 
-| where SyslogMessage has_all ("client", "query (cache)") and SyslogMessage !has "response:"
-| parse SyslogMessage with
-        * "client " * " "
-        SrcIpAddr:string "#" 
-        SrcPortNumber:string " " *
-        "query (cache) '"
-        DnsQuery:string "/"
-        DnsQueryTypeName:string "/"
-        DnsQueryClassName:string "' "
-        Action
-| extend EventSubType = "requestcache",DnsResponseCodeName = "NA"
-| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName;
-// response events
-let response =Syslog 
-| where SyslogMessage has_all ("client", "query:", "response:")
-| parse SyslogMessage with
-        * "client " * " "
-        SrcIpAddr:string "#" 
-        SrcPortNumber:string " " * "view " * ": "
-        NetworkProtocol:string ": query: "
-        DnsQuery:string " "
-        DnsQueryClassName:string " "
-        DnsQueryTypeName:string " "
-        "response: " DnsResponseCodeName: string
-        " " DnsFlags: string
-| extend DNSResourceRecordIndex= indexof(DnsFlags, " ")
-| extend DnsResponseName =iif(DNSResourceRecordIndex != "-1", substring(DnsFlags, DNSResourceRecordIndex), "")
-| extend DnsFlags =iif(DNSResourceRecordIndex != "-1", substring(DnsFlags, 0, DNSResourceRecordIndex), DnsFlags)
-| extend EventSubType = "response"
-| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,DNSResourceRecordIndex;
-union request,requestcache,response
\ No newline at end of file

From dadfd8a46c8ea76aaf08f6388a149be13501667d Mon Sep 17 00:00:00 2001
From: Github Bot <noreply@github.com>
Date: Mon, 9 Oct 2023 11:33:34 +0000
Subject: [PATCH 2/4] [skip ci] Github Bot Added package to Pull Request!

---
 .../Data/system_generated_metadata.json       |  31 ++++
 Solutions/ISC Bind/Package/3.0.0.zip          | Bin 0 -> 7235 bytes
 .../ISC Bind/Package/createUiDefinition.json  |   4 +-
 Solutions/ISC Bind/Package/mainTemplate.json  | 145 +++++++++---------
 4 files changed, 108 insertions(+), 72 deletions(-)
 create mode 100644 Solutions/ISC Bind/Data/system_generated_metadata.json
 create mode 100644 Solutions/ISC Bind/Package/3.0.0.zip

diff --git a/Solutions/ISC Bind/Data/system_generated_metadata.json b/Solutions/ISC Bind/Data/system_generated_metadata.json
new file mode 100644
index 00000000000..9418200408f
--- /dev/null
+++ b/Solutions/ISC Bind/Data/system_generated_metadata.json	
@@ -0,0 +1,31 @@
+{
+  "Name": "ISC Bind",
+  "Author": "Microsoft - support@microsoft.com",
+  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
+  "Description": "The [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)",
+  "BasePath": "C:\\GitHub\\Azure-Sentinel",
+  "Metadata": "SolutionMetadata.json",
+  "TemplateSpec": true,
+  "Is1PConnector": false,
+  "Version": "3.0.0",
+  "publisherId": "azuresentinel",
+  "offerId": "azure-sentinel-solution-iscbind",
+  "providers": [
+    "ISC"
+  ],
+  "categories": {
+    "domains": [
+      "Networking"
+    ],
+    "verticals": []
+  },
+  "firstPublishDate": "2022-09-20",
+  "support": {
+    "tier": "Microsoft",
+    "name": "Microsoft Corporation",
+    "email": "support@microsoft.com",
+    "link": "https://support.microsoft.com/"
+  },
+  "Data Connectors": "[\n  \"Connector_Syslog_ISCBind.json\"\n]",
+  "Parsers": "[\n  \"ISCBind.yaml\"\n]"
+}
diff --git a/Solutions/ISC Bind/Package/3.0.0.zip b/Solutions/ISC Bind/Package/3.0.0.zip
new file mode 100644
index 0000000000000000000000000000000000000000..491339b3fd6f5659c5fbee9cf697853b8cfe177f
GIT binary patch
literal 7235
zcmZ{pRa6`dbA}gN+!uFuSY#m(Ah;#CySux)1b24}?rw_)2u^SbuxM~kAOz{x_M+|I
zc4p2QxtQDMocC4vh=2$J001Zeuz|cb<wm&SJrDq3!v_F}{<)gFS(<uSYT8O!TG=|;
zde}NUaoV{%J3)0Eoj3V$Ubl_KZ4exgTk;8s`9b!d+gLi_9kuyv<7lwZ^hzx`LDeZ5
z2AxyEJMQK5Q;D0NjmD&L!rK&Ag}wf3N#4XC`@Q}sXb5-DrDi;|_kPG5&8XYU%__y)
zuzr>_m(I+q*>Z2)KX>wS*3)<881?(ThITo6R#|Dr(tf{ieC}J;7ocuAAXGM>pvKd_
z*P}9=TK$u!b1dh}oKo0nXc)6UM_o8+>J~SFx4n}ugRlklH7=XZRD#iD%iCD2hw~w_
z6M7v-w;SyRKjDvwADB|jS}0lix_?)WA6i&*TK|OmQV~wA>ax7l=<+G)WZ!{E(G<EQ
zpS}H}q^l!yX%t*seov>5jY7S*jE)+ne1}(BuGxqmf9E}kh-yn@vh4(a$Uo~A74kFf
z>k9Vxx?Rv1K~T3x)`4@rr;yifwa_ioHRbw~c0gj|$8@__zAC2SH>4A0Vbk`eLOR7B
zi*4{gYGOfq7)xyiObN`EIXvd5Is{u7>{yz0|KbAnmz^D=^SZe|=k}-fZ1yyR8d)zK
z<}@EVgchtvcqW36O#?4=iLin7Ru^kyd=~h?h`YMQ>2wx~`mEs*f~2ZcHW2$~s<lDE
zDU(F|gS_*2^2OoC1gP2e?V;LH9jvhO{C<?=Z#}NpVvu)lS9aDc0s#iKWlK$cHzB8;
z7p-&MJ((3wPjS&<-w}E>z;m}HyK1!uN6V49Zj-DqF5n9$CqNLm29mSHpeWsz9lc|7
zaMy~~6N{TQRZu_1<%<0zw=AYkn(tA8H_a}OMRGQm$^e&5tH7aCZbigp{s*HN@3i6c
z3=HyCUmbhO!DG;F?bxemtC66B*~P*TOww?`I-fBo5w7=Ct}J4Rq-_8O?Y`yc5)DZd
z{BHYwWnge&b6gr;O=Xolu3CcO7b(iwggJh!k7@OrA(hMiPM>S<i;GHlAhXJb!ep)P
zu^z4CuH!ng1fBwxva(#=(%j?DseL{&KpknHpXiH^2rf`f=b_Nq*NB%{C;JoDbFb!0
z@=LZ3@E>~l&Wj01oN4d|Kj-=GJCoeFtid{VGxa`VlqS=Gm+q->|LundU1u+oTlJq^
zej9{4@o3Y_!bDD5-W}HD9NPnS>5uU(6qxAd4We{$K-N3zu5!i{j04WUI|AV<ENOR=
zro)3UjbHv}eAyPElO-K*Y3x;NLIf=Oar0i~)*tO_RMH|;Ba|E^dXLS)9_Lm*c?Wtz
z-72MIlE?*@ZjWUUMd+2UO_K7qdiVn0Zl5Di?-Jv!L#UIk0b$r=$#z<)hn@5H`GMor
z+aTFM_2^~x<xO6}+G%+vGlO%&hM+~fP}V^J-o~aHYwo;5^EwbUFkn;!--GCs5HzQK
zv8>zmzK26|fH|s0b)mU7`8JLx8R@;2L{<=F8+FSk_4_ZzlbZvc^%$;={ySuFGmjKb
zDpgVbl?e{{NMo2FF*51c2wDVzZh0Bp=|G!G5Uf4F<KSory6-=}xPMhK?k#)$+e>Cq
z`KQy1rLDh14VuOIQtlH7WWrqcD8Za68Xcl%YHF#0`)5N}4ozmswAVj}%cOxis3lW@
zTe_QH57PuJ7W&s7?2^5f{pZpoCVCH3Th3ihfAq{X0``t@#HS7Y@jHDl<4t<I8~$$?
z4V@7(y3_d#uT9$p<*f*uq0K6mgcE#d^L;6rpB*XtKH>Yaq&wm(U$@}Gcr_WbU5!bZ
zJNg2qp|p`+0lKRGA4p6?x_YWV?114mj+?V$^k!!*7kDOBzl!)!PqTeL2w=n8ICo%K
z62=nk89c$pej-X+5dST+Z&ao7I_1=v@E`afE~<<16DKGFE4V#)c*zxbIftw!0~GS{
zhBncC<%DGgm_gM;PrNYr%?Co(j|@KRF5GR%Iqivq#9_I}-&~C$B=2=Q4muBahnmhN
z`~%=2QbNT>Hi`GLVFN$O^=>nDGZWamW)YO*^G&8c#Q>}(l=z&0#_!!P<J=&ao~Cbe
z@i7Rf`^}<`4pPS~8#Jbx(-sHyCS{IR*Te6U2{C;e4v@cnSH0ww>2Tuc^mW-<WDr<E
zBPhZ(xr#K{t48_~-*7dImxJkH-b=D#wutInGCXMyw>-L($MOnJ{^VlnAT-35?S9-T
zXY=MIPR@WA()-0>d7k20a<5w@*{`}WrY7q<hXl5sLBc#dx*(^?7u19&FY;GI55SW4
z!>hVMawNjpNRU@tUniDYGsaz$HH2Bb>GN9#Jn2>cdAmexWx<{ZRG<jU^{sb*xEGUh
zdv#{E?FY~2lMrSmqK~!(RBtmSsDtruL$FWWGlTKH_@=j>N2~f%{`mZ#CN8l?P;<@=
z>i!aAGj#ApNnx$ooe)dk9nH=Zd;qBY4^Z-}G`y+)!_Bl<008$NP&%60I%!xsx;XrU
z%l|;+h2fd|CV$7<_5ge>l($3JZ%wHcdgCd4Hnv$`8FNO~y@lQEjFyu86(U`QXe;Y@
zH?R{<gqjMF7g4k3Rj7=S-*a_wF?#n1_xi#XA@nxdN0PHYi+VbpYB8h~CHcn+JdRtK
zDj1Ur_sWqlF<9pQD*-bJJIUxCd*G6a5;L#`<s>z$m*!478lUG;pzOQxdy(ya*)l}Y
zmrrJd^U>b!eD4n4Cg$8zO{kdq-gb6LwqblZ-?NDV@O`)~JyMHB%}&h3_YbbzUlP^n
za&ZEueIMerNxy>?i<#1y&E_M<j@|Cj0?DL;kXZvj6kIOxCGOO0S3>2KO7t1Gn0+5J
z(T6uJ<;kVgm+6><qm9yRa;IVYs=rs5@bjZ4=H7jhuJ`6P<x3E`oy)F>d$|<zcC~KP
zunM({@pWxdIq+z(2~(4KrX;OIjYYYMNy3XI%;t{R_x&J$Y5I*_e4tOu@LrZTH!6s#
z=Jx=@%a!Z7Kd9z~N9@=b5efGr%5UFV<{aGnDY}HKb$I{s#+YX$ky&`>DEO!VJY?+o
zL;4DL)#qP=ldK+~b*j+;s^vP3P5Y5m9%Su<#rMeq#}2_)964w##d4EOW_sZJbnp^#
zH?09qSNe6Rt;DXUobc<S5f@SVi^xl0<0jOexJ^*&Av=Fz*{besA+Q968RYhwtMuJB
zV#E^92g54qE8?LYA3OspE#57vCA~b+7jBEmn~;4#lBC&jl-16cxn4qGX!TLK@A27q
zKj#K^w!o1>rO#de+E{O0)(iA`%1FCb1{p&U2kml+<?U}>_Ik08ZCl2#K%~08NZvRV
zP7|FP>zslxc-!k(nKTo>6RPT`$kQ)#j2vT3;k2UAYf*T?vKuyA1`5Yj5ah2b$o*Hf
zJ~dS_HPx;D7vikfp!~P4tcf|;I8sdH^ZqrS-6v~QGAsDG-+tegGR_g0KVp;A$46(4
ziMLGWGOLW{agQC4_Rfp31?Lj0kKkSm$e{1J3JUUY#F{%mp{6tQzx@>3|Msu$oPANf
zwpS=8SaTM5ZZOAD2uez?ZReHuJv_^Ps?M57Erkp{l#4}F7eIf0&Oe227hYY&P$km`
z(Z^^zzN?L^A!6ic$<PYVeCf8*O6vPY4ilzx<u9<@VhwaEynwHkxqvDZ<<_4uFD9G1
zbkc>HqjcG6)DB`IL$2ZuG+03piGF`PO`WfvHPoo?Cn3*zc&`S}QyG}5$HsBa3{KrM
z4jG9&m7OJqaXyY0sr%J6ni<!zq6FPK2QDk>zCQNxiIMh6O307PH=2{Qo7#|fkPh~P
ziBbvTnfKf<g{lobZzAqM6lyao$x+sNMfRlYYg#aE!v4s<wVNQ4f*2+IZFW|?#@D@j
z8v?@_hL*0XlfKqdqYv2jSJPqv;<QCC#FiMijYXmc^LwA6{yIgO`$+02x7073WQ5b0
z$r*?;4)$^No<7m<DpM+T6DY$iGPyXY4lrnWRnl+XW6_FmL<Whz#J)eP?78()P-(dK
z9_5d%JxGdlj+B<TQP<45FWNy@uJCX^($_*KNqA-R^I7^3V6`|>HwHW^CO*;1Gg8-X
zeR>dX3GI2K$E{n17ID@}lixZkB+y?mwc9llhKGq;;y!Hm%(J+2$w_R&*L|`Q!a@L^
zX=^SSO{#1Nyz75BDKpuci7)o<dFc(Tw@gY(LeNRYvJs}Z^*m{^XXeL}eEK$@S|MyL
z21XzL@;be9BuEchU`dNA?rEbe&LgR7s2oB_Ntm%^cjGW%g&EuE^8xu_%#Vsn43fC=
zkDxO8u{3!YYVD#Vkv1LTHn&lY^-BhWN>U7iD9|rVFblkHjDhZ7O&)DmEk$VrbHxD$
ztRQ<SneAYgBMvYOREV?J&36(<QL!cR(AtDD;zZHNKL8?eJVH`1$mfZ9_of6slw$z@
z8j{8c$4(9p%1-;3R`KKd(mOU%cqp3pWxq6@cba{=r^*Y6-6$3<2Kr3|OX8C&gj3=t
zT?b^gtE)oj)oC-TyUdzEhv7%`oHGk6!&Ds3S9SYV#2D{&{b3BwUXnz|$2f*6ms!NA
zGb{1Os|z;sj`yD@8DI9{jsnsXod?lMv$(!<5c}gc?s!SDWX}FH!3&}*7Pd`4_x|n^
z!%53XOs_znnth{|>2qb0QP4#odmag=jBz(BGfY=9W$$tM7gk(z^pJ)b4D!!H-#%mA
zcjjO<C>9j7kB;%`FJnL`i~7Cn(+jZ+)g9Kpa?XIyIHZ)Z$rK=Q!=Dbdv`PGMen%CV
z6gEG4m02sNgv?$lJg<;h>f^1>&!SH$9O4*&1jN$-G!F4xyl~~X9poY_Wr|d_HA3lB
z%cq5B!r_bNNru&X-lk2~r~<kp6K|~%3t>Ay%t;R5=F;9Vc)h}P@*l7T4T>{wO)cQE
zx%dM)*({HY<g3L78#D(!!x-OLd{vva!xw@b9l`D6=8Kf$MtVs3)tfcv{&7)+VibB@
ztn3!4gJa8$5iw~09AdIJ`kW;hNT|LRRGyok<OKHCvZqvSEcSD4vQ^bi3HR6->!rDG
zg}v3p5)**-ZjYUGb?%Za7z&UaB~F8!35=bHeTsR!^TPCEqR%%`S6Uc|AfJQ2XTL|I
z<Q;KSb~sMK4yctJ%f^P2S>WqUU*%p{=@}7#+t-k?DT`p|PvXPEY6$B4Gd?jC8Xx|#
z);dGohJ<H$j+Qwp8n=tqF{hbk9Y?v8EVfGo*O{qDu^$1=)W@}~ZruEEp|`|x^Bhu?
z?iwAqu%8m?UG$w5!Ig2L-Ha~LJ67@<EVt>!u7$PMIgfB?>3-F<JV(U-NQr&qknLDk
z{nFNdVBqay-jUt{S^<CjY6u?=C=0$Pp9yDHgrUBR=|0;RL>Goz&AN(mLk;m84#HfF
zoJ&J3Vx-mQgilgm!#|^C<gfI6NHtz`5ZpyhLv4bm6cI8m&);+SnIrQY%z*kFIZx2f
zm}93c*p=W^##^4w#0C2fPIr@{Gs&>Ig~1>$CkS$N$2-kpto9!Zx~q7Jy$(WK9Xj-a
zAY~ve6CU=Ele+7R^0C|Wm`3eiUL(x-KGi6bj5qn#P028hC&6g^WTktcKX38@P)&M-
z;e;dx)0g{4x5L*-BpQ*F`DVG3rJ>N+2rR5q^2!8dN1vrc<<dg}#_cKs;P;mVETKc6
zxj!nw@rcd@_7H3R_S5+Th1HlZoBSeO&u*{dlpYOYyE3IQs#0bBEX8N&M@WJ3JgtSl
z2C2+&){!yh^h~-<l$hsuW3DQS17lKsrRj$DxMUdZ2UeFGDD+LGDnbd9xgX{Y4&DtL
zsM90@nHOWC{|<AHHnR-DD}4QVohAj}=rPD9NpoJkR342^**z9wtKFcde;2~UPh~R0
z>6YCDi{yR=4GA&Hme8Ds_xMJPo1!9qg55=45Cz6O9>Iz$lMSyUt+~4vSGV_IVlwD3
z#^OKwaHJ=xKjV-P(anbmR(Ut~J!Z4?26F5Y4jU$k^PbHTVe5br?Mdl`YlP}MWn~<{
z><vt|A98Ni<vRM6ZWp6a-B5vKx9s84@)$5qg@XfPSdrAAIRC)ZxiFiaAIm1A?s`9b
z0NkkmLCrVBR%IWFs-*3kKtTWRZ`#0zeFvtI$|jwmu3(@0=SOG5Dplgn*pL!i9cej&
z)y5?&_y9b2z*Bj0an@?F0<H9<HY4w3Duyw0a?!B)(*X^jAnk9-y1uQbh7Kc<_47WG
zDK$jR`gX<st4Q8g>m!pctP>8BH21s;V7<+h1ZwyC;mgGz0oliE>9=)(Iq2)E@!Nyz
zTcm(599#X(V;<35p>iU261n-QFbFW;pyr3r*ra;Q%Fe3?$<2pUYWq7yk@?1xCJLcU
zP;Vy0966{$^^nm3daDRJnkku6;L;iMz(s>LxUdbq%bKf6=h!(084a%)fwl122&gaH
z4<z{sI|ti4Bl8aQCb7hw-CoSU4se`Hn6VmS6{c`?7V~RuyO@0F0fR)LksR^Uiwvw}
zzY^qjCEjnu8t@S_ERNM<KvWf%HrnD-RSQJyv(he(<?F$f(bA2q4UwmM2x|-59(C`2
zKaeCt321&r@$jZ%rfZ-8smLXJ*JkdtbY9dbC`}1fR9a4pRXlA-e4r<Mg}2f<L+tZD
zq2zyuI6n16BfQrf#oN|pHP&_Uk2FX5ZI^&&tD#CNiig8JK7`Z?>!}c1eJdHl^LXBC
zNRvkJRF}T5N-IT6?~uwyifmJR(NtW~u1IDn*#N4v?PaXOMF#~Lt;NvRJAVt?G$0x~
z9rh1$bqY48aCW;R>+<f^Z}k58%PGL}!BGfM+w0`ASijY}p0Y(D(6vkO<BHYE+tT}Q
z^U8_{u2ZLo(E~orW0haR$)I6T6te3=7Si?$utDMCr4Dlt0k^jp8B;`Wz=v$W`{<!W
z#o@uEFokHI5}1ePfE34+UhhH0ygLigPqpHIMNlWN8W@aEZ^j6M>OOM?DHyn_%Q&Jx
z?lO&H_EvTf7M~zmt-$ldRR*2{vK>RRI?8`|g=Fd@>NFtKIUrXVz{#zn6gvQvR;-m2
z^5`Iga#Qi`ay^dt0Nv6bEO`l4m5h>22z)`VA!C|`L&5AW%_I;L2oHw}ygq=j0bZ^S
z&cvB4<gpR~TRYSfBF3*3=IV&Avj*7KBWXK~((5+SQbJq7EARw_1&e~O-81sN1_$QE
ztm>{dsS0&)yR<JG!lc*9i#toLH{ovd5N<?E*bFIbR@oDsB6Y>lRsr+%%pvcKf8>gF
zCji_oHHPfGg#xg$fB~A6ODo=1AC?J36a729ydNC)FDXqKyUfLJdFr@+ZWrES8Y+96
zD*v);js;j}u-3T!_>2Ta;^^(EAmp6fe9aJ2ycTy0ucTGBQ1sD+fg6^HRm3VZtdcll
za)${#BV&aO-6$s$;(L@@p6^|%TIQm!`}lejBvPqgF2DQ^@O{$j_d)1KL8O=g`_Gv#
zzHBCbO5XAEJJ#Y4cH2Bb`=C*GOH@Udy6phhUm(V^-G!5<Cf`u~r*IB#A#f0T5A~+z
z$vu<iLkbaaczhr>zDE_7J2s&yM1^0LY{Sm=#g?nBUVsR#y{5=GGMig;1oO}*THE-%
z7e_hgX}X)P4gya7YSPHrxZE+q@NOQPi^d})_}IdD^=tyzdl?IE6bG+&LO#C^d(%J3
z22kn>X=QO8DQ=#6_=^Qe26Gb&&o@1A=cHmE7WxMdT=Z>TZHrePW_rvWANGK#dZK4H
zI8~e!<TIS^YKx!VoSXy6wnhyp-P0<OxB4}Q-(sI6@T6jD-M^r@eQZpkx@oDxg`Q=H
zmEiMK1o!tH2Qp>xO>N6@T4grw?le7!NR^b9J3hX-lO5I!Tn)L!csMeO1*}hF9Ur}g
z&xnteK>b?54waWHW`t+W+QbXpO_v-NpXQ$s!x$~lPIB1g)BOIp@qS)li&c0yu|#^s
z)8{_@S-Rhqnhk=PNSGGnYm100Us_?v+$s~A3W{$a9C~V~o)oK$N)EN?b1`q@C5;97
zQ(59rGh~nj`1>m|?ikfhy|2IHJoEI@SuC0v(P`64e8Sfae(zdbYYU3r38i+BnQNnf
z#?zCHeL&}HoFR}I*WwwEq15kZ93+u#*+`*YWW#dL`6*<X^%9GuzfpJFkbm|<j%`YD
z7e8F&gYuCRV&}3m_GK3`-f+$meco#MOGhfmTD@&Ow1KJLA1anjR(#Q~);Av#mC~af
zjuq_{xFEJ%|G{thQbn^DL9e$=`#%d)&sfx5Q}yZST<uPmZTyPOM$}@t!OY&hZR-Fk
z!mySfVZhSa{R>~d<C9sQpb@wG8l!pF6zGyCviH+2r~3aI6LN-+FiJ#tZKhB%v2Y>Q
zfQy`g0CB(0ErKxxB7rU*ANxjX(b{<9S~f}tl71_Lxu2O6`oSDm(?9Cdnm4y9u1B{j
zngm5vB~MpEnVjCI-KeBt)ut@`7HlV6#jt#!N}sjYQl}SLq9?7``6HTxjw@)GUl7(<
z`ThPpmhs@gqpEP8C8uaBdfqcpP>-U(j4y8D;Lvg06-$YYq&Ml<90Udy{_b#REKCj%
zrr6^R(t`|%e+_SsD2*tRU2;HNB*dG3+)YJg|1@gN^Ld-;loTnEH!3!KktW$&$RK}9
z28<X4Yfvyc>_?`SxzoW(rRdmKvHrMF?ZbrVF{Pa{YEKP&Nx$ANLj6EjdFg9XG%Afv
z;(d=8cZa!~dM844j(KB+8`<pQ;yxK&6c;jN^qRK<X+02^$uB8}ei6l`$9{|Uh3H*O
zw4#B+3}gJQ1j9D=p?Er@fV=c;q!h&kM9OxX^z>@dD2v#Uk``d#D?f-@i~P5#l9;IJ
z#xjYE;2G-p>~Q?tXaPAac`@01O*Iig+kHkB{m{l~BpLaJQ9ZtdW)Fz{?dv>JA4+&D
z>k0Los|Kwh2Ge3*$#BoZAq&9fBjElop2}=i%4s%yrL{3|%1|_Yk>(!d1<O_^-xiK!
z);Wl~?WyXs2hGV>bSn20*OQ)N1AMIX{-d(Atb7=^B7PhxYQ@_wKUE|nFWH{@+)5um
z=u=`*nttoLih03S9%{o5_K&{2`Hl*vmmynl5iOxV@T1xDyX-Kb@_oLYEF4<8#L|g@
zzqzd=f`~ozl>HUzlLws->(YGZaP+7mz#yJ*tbX7AM?ezqu%)QKs67#ZkarSVieoKl
zZ}yck$|<SDM23041WF3o<*iM50qFTW-`Frc5ur-oE;r@R#ii}mY<tt0QNE7prwci9
zvCo((AU5ZZtfge$olN4>srDp3M&I!1?OxtWgAGtjTCbsewR;r}!nUegN3C*6T+Un7
z-(+PiiG~=w&&$skCOYuZ6F&R-%$d1RxG2W)r7)@WKRqtLA*g(Wg9jn}|5n{UBIJLI
o|Hrud*C+ofWB%6%7Ucg!)KvM1^p80R0Kor~5&!gRvVY(H4I^X0PXGV_

literal 0
HcmV?d00001

diff --git a/Solutions/ISC Bind/Package/createUiDefinition.json b/Solutions/ISC Bind/Package/createUiDefinition.json
index a0c9b07ee85..e93809f98f9 100644
--- a/Solutions/ISC Bind/Package/createUiDefinition.json	
+++ b/Solutions/ISC Bind/Package/createUiDefinition.json	
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [ISC Bind](https://www.isc.org/bind/) solution for Microsoft sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -60,7 +60,7 @@
             "name": "dataconnectors1-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Solution installs the data connector for ISC Bind. You can get ISC Bind Syslog data in your Microsoft Sentinel workspace. Configure and enable this data connector in the Data Connector gallery after this Solution deploys. The logs will be received in the Syslog table in your Microsoft Sentinel / Azure Log Analytics workspace."
+              "text": "This Solution installs the data connector for ISC Bind. You can get ISC Bind Syslog data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
             }
           },
           {
diff --git a/Solutions/ISC Bind/Package/mainTemplate.json b/Solutions/ISC Bind/Package/mainTemplate.json
index a756498cee4..4715e172913 100644
--- a/Solutions/ISC Bind/Package/mainTemplate.json	
+++ b/Solutions/ISC Bind/Package/mainTemplate.json	
@@ -34,53 +34,39 @@
     "_solutionId": "[variables('solutionId')]",
     "email": "support@microsoft.com",
     "_email": "[variables('email')]",
-    "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
+    "_solutionName": "ISC Bind",
+    "_solutionVersion": "3.0.0",
     "uiConfigId1": "ISCBind",
     "_uiConfigId1": "[variables('uiConfigId1')]",
     "dataConnectorContentId1": "ISCBind",
     "_dataConnectorContentId1": "[variables('dataConnectorContentId1')]",
     "dataConnectorId1": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
     "_dataConnectorId1": "[variables('dataConnectorId1')]",
-    "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1')))]",
+    "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1'))))]",
     "dataConnectorVersion1": "1.0",
-    "parserVersion1": "1.0.0",
-    "parserContentId1": "ISCBind-Parser",
-    "_parserContentId1": "[variables('parserContentId1')]",
+    "_dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]",
     "parserName1": "ISCBind",
     "_parserName1": "[concat(parameters('workspace'),'/',variables('parserName1'))]",
     "parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), variables('parserName1'))]",
     "_parserId1": "[variables('parserId1')]",
-    "parserTemplateSpecName1": "[concat(parameters('workspace'),'-pr-',uniquestring(variables('_parserContentId1')))]"
+    "parserTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pr-',uniquestring(variables('_parserContentId1'))))]",
+    "parserVersion1": "1.0.0",
+    "parserContentId1": "ISCBind-Parser",
+    "_parserContentId1": "[variables('parserContentId1')]",
+    "_parsercontentProductId1": "[concat(take(variables('_solutionId'),50),'-','pr','-', uniqueString(concat(variables('_solutionId'),'-','Parser','-',variables('_parserContentId1'),'-', variables('parserVersion1'))))]",
+    "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]"
   },
   "resources": [
     {
-      "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2021-05-01",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+      "apiVersion": "2023-04-01-preview",
       "name": "[variables('dataConnectorTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "DataConnector"
-      },
-      "properties": {
-        "description": "ISC Bind data connector with template",
-        "displayName": "ISC Bind template"
-      }
-    },
-    {
-      "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2021-05-01",
-      "name": "[concat(variables('dataConnectorTemplateSpecName1'),'/',variables('dataConnectorVersion1'))]",
-      "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "DataConnector"
-      },
       "dependsOn": [
-        "[resourceId('Microsoft.Resources/templateSpecs', variables('dataConnectorTemplateSpecName1'))]"
+        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "ISC Bind data connector with template version 2.0.1",
+        "description": "ISC Bind data connector with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorVersion1')]",
@@ -157,7 +143,7 @@
                   },
                   "instructionSteps": [
                     {
-                      "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias ISCBind and load the function code or click [here](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/ISC%20Bind/Parsers/ISCBind.txt).The function usually takes 10-15 minutes to activate after solution installation/update."
+                      "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias ISCBind and load the function code or click [here](https://aka.ms/sentinel-iscbind-parser).The function usually takes 10-15 minutes to activate after solution installation/update."
                     },
                     {
                       "description": "Typically, you should install the agent on a different computer from the one on which the logs are generated.\n\n>  Syslog logs are collected only from **Linux** agents.",
@@ -236,7 +222,7 @@
             },
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-              "apiVersion": "2022-01-01-preview",
+              "apiVersion": "2023-04-01-preview",
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]",
               "properties": {
                 "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]",
@@ -261,12 +247,23 @@
               }
             }
           ]
-        }
+        },
+        "packageKind": "Solution",
+        "packageVersion": "[variables('_solutionVersion')]",
+        "packageName": "[variables('_solutionName')]",
+        "packageId": "[variables('_solutionId')]",
+        "contentSchemaVersion": "3.0.0",
+        "contentId": "[variables('_dataConnectorContentId1')]",
+        "contentKind": "DataConnector",
+        "displayName": "ISC Bind",
+        "contentProductId": "[variables('_dataConnectorcontentProductId1')]",
+        "id": "[variables('_dataConnectorcontentProductId1')]",
+        "version": "[variables('dataConnectorVersion1')]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-      "apiVersion": "2022-01-01-preview",
+      "apiVersion": "2023-04-01-preview",
       "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]",
       "dependsOn": [
         "[variables('_dataConnectorId1')]"
@@ -362,7 +359,7 @@
           },
           "instructionSteps": [
             {
-              "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias ISCBind and load the function code or click [here](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/ISC%20Bind/Parsers/ISCBind.txt).The function usually takes 10-15 minutes to activate after solution installation/update."
+              "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected which is deployed as part of the solution. To view the function code in Log Analytics, open Log Analytics/Microsoft Sentinel Logs blade, click Functions and search for the alias ISCBind and load the function code or click [here](https://aka.ms/sentinel-iscbind-parser).The function usually takes 10-15 minutes to activate after solution installation/update."
             },
             {
               "description": "Typically, you should install the agent on a different computer from the one on which the logs are generated.\n\n>  Syslog logs are collected only from **Linux** agents.",
@@ -425,33 +422,15 @@
       }
     },
     {
-      "type": "Microsoft.Resources/templateSpecs",
-      "apiVersion": "2021-05-01",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
+      "apiVersion": "2023-04-01-preview",
       "name": "[variables('parserTemplateSpecName1')]",
       "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "Parser"
-      },
-      "properties": {
-        "description": "ISCBind Data Parser with template",
-        "displayName": "ISCBind Data Parser template"
-      }
-    },
-    {
-      "type": "Microsoft.Resources/templateSpecs/versions",
-      "apiVersion": "2021-05-01",
-      "name": "[concat(variables('parserTemplateSpecName1'),'/',variables('parserVersion1'))]",
-      "location": "[parameters('workspace-location')]",
-      "tags": {
-        "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]",
-        "hidden-sentinelContentType": "Parser"
-      },
       "dependsOn": [
-        "[resourceId('Microsoft.Resources/templateSpecs', variables('parserTemplateSpecName1'))]"
+        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "ISCBind Data Parser with template version 2.0.1",
+        "description": "ISCBind Data Parser with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('parserVersion1')]",
@@ -460,20 +439,21 @@
           "resources": [
             {
               "name": "[variables('_parserName1')]",
-              "apiVersion": "2020-08-01",
+              "apiVersion": "2022-10-01",
               "type": "Microsoft.OperationalInsights/workspaces/savedSearches",
               "location": "[parameters('workspace-location')]",
               "properties": {
                 "eTag": "*",
                 "displayName": "ISCBind",
-                "category": "Samples",
+                "category": "Microsoft Sentinel Parser",
                 "functionAlias": "ISCBind",
-                "query": "\n\r\nlet request = Syslog \r\n| where SyslogMessage has_all (\"client\", \"query:\") and SyslogMessage !has \"response:\"\r\n| parse SyslogMessage with\r\n        * \"client \" * \" \"\r\n        SrcIpAddr:string \"#\" \r\n        SrcPortNumber:string \" \" *\r\n        \"query: \"\r\n        DnsQuery:string \" \"\r\n        DnsQueryClassName:string \" \"\r\n        DnsQueryTypeName:string \" \"\r\n        DnsFlags:string\r\n| extend ServerIPAddressIndex= indexof(DnsFlags, \" \")\r\n| extend ServerIPAddress = iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, ServerIPAddressIndex),\"\")\r\n| extend ServerIPAddress = replace_regex(ServerIPAddress,@\"[()]\",\"\")\r\n| extend DnsFlags =iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, 0, ServerIPAddressIndex), DnsFlags)\r\n| extend SrcPortNumber = replace_regex(SrcPortNumber,@\"[^\\d]\",\"\")\r\n| extend EventSubType = \"request\",DnsResponseCodeName = \"NA\"\r\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,ServerIPAddressIndex;\r\nlet requestcache = Syslog \r\n| where SyslogMessage has_all (\"client\", \"query (cache)\") and SyslogMessage !has \"response:\"\r\n| parse SyslogMessage with\r\n        * \"client \" * \" \"\r\n        SrcIpAddr:string \"#\" \r\n        SrcPortNumber:string \" \" *\r\n        \"query (cache) '\"\r\n        DnsQuery:string \"/\"\r\n        DnsQueryTypeName:string \"/\"\r\n        DnsQueryClassName:string \"' \"\r\n        Action\r\n| extend EventSubType = \"requestcache\",DnsResponseCodeName = \"NA\"\r\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName;\r\nlet response =Syslog \r\n| where SyslogMessage has_all (\"client\", \"query:\", \"response:\")\r\n| parse SyslogMessage with\r\n        * \"client \" * \" \"\r\n        SrcIpAddr:string \"#\" \r\n        SrcPortNumber:string \" \" * \"view \" * \": \"\r\n        NetworkProtocol:string \": query: \"\r\n        DnsQuery:string \" \"\r\n        DnsQueryClassName:string \" \"\r\n        DnsQueryTypeName:string \" \"\r\n        \"response: \" DnsResponseCodeName: string\r\n        \" \" DnsFlags: string\r\n| extend DNSResourceRecordIndex= indexof(DnsFlags, \" \")\r\n| extend DnsResponseName =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, DNSResourceRecordIndex), \"\")\r\n| extend DnsFlags =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, 0, DNSResourceRecordIndex), DnsFlags)\r\n| extend EventSubType = \"response\"\r\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,DNSResourceRecordIndex;\r\nunion request,requestcache,response",
-                "version": 1,
+                "query": "//request events\nlet request = Syslog \n| where SyslogMessage has_all (\"client\", \"query:\") and SyslogMessage !has \"response:\"\n| parse SyslogMessage with\n        * \"client \" * \" \"\n        SrcIpAddr:string \"#\" \n        SrcPortNumber:string \" \" *\n        \"query: \"\n        DnsQuery:string \" \"\n        DnsQueryClassName:string \" \"\n        DnsQueryTypeName:string \" \"\n        DnsFlags:string\n| extend ServerIPAddressIndex= indexof(DnsFlags, \" \")\n| extend ServerIPAddress = iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, ServerIPAddressIndex),\"\")\n| extend ServerIPAddress = replace_regex(ServerIPAddress,@\"[()]\",\"\")\n| extend DnsFlags =iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, 0, ServerIPAddressIndex), DnsFlags)\n| extend SrcPortNumber = replace_regex(SrcPortNumber,@\"[^\\d]\",\"\")\n| extend EventSubType = \"request\",DnsResponseCodeName = \"NA\"\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,ServerIPAddressIndex;\n//request (cache) events\nlet requestcache = Syslog \n| where SyslogMessage has_all (\"client\", \"query (cache)\") and SyslogMessage !has \"response:\"\n| parse SyslogMessage with\n        * \"client \" * \" \"\n        SrcIpAddr:string \"#\" \n        SrcPortNumber:string \" \" *\n        \"query (cache) '\"\n        DnsQuery:string \"/\"\n        DnsQueryTypeName:string \"/\"\n        DnsQueryClassName:string \"' \"\n        Action\n| extend EventSubType = \"requestcache\",DnsResponseCodeName = \"NA\"\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName;\n// response events\nlet response =Syslog \n| where SyslogMessage has_all (\"client\", \"query:\", \"response:\")\n| parse SyslogMessage with\n        * \"client \" * \" \"\n        SrcIpAddr:string \"#\" \n        SrcPortNumber:string \" \" * \"view \" * \": \"\n        NetworkProtocol:string \": query: \"\n        DnsQuery:string \" \"\n        DnsQueryClassName:string \" \"\n        DnsQueryTypeName:string \" \"\n        \"response: \" DnsResponseCodeName: string\n        \" \" DnsFlags: string\n| extend DNSResourceRecordIndex= indexof(DnsFlags, \" \")\n| extend DnsResponseName =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, DNSResourceRecordIndex), \"\")\n| extend DnsFlags =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, 0, DNSResourceRecordIndex), DnsFlags)\n| extend EventSubType = \"response\"\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,DNSResourceRecordIndex;\nunion request,requestcache,response\n",
+                "functionParameters": "",
+                "version": 2,
                 "tags": [
                   {
                     "name": "description",
-                    "value": "ISCBind"
+                    "value": ""
                   }
                 ]
               }
@@ -483,7 +463,7 @@
               "apiVersion": "2022-01-01-preview",
               "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('_parserId1'),'/'))))]",
               "dependsOn": [
-                "[variables('_parserName1')]"
+                "[variables('_parserId1')]"
               ],
               "properties": {
                 "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), variables('parserName1'))]",
@@ -508,21 +488,39 @@
               }
             }
           ]
-        }
+        },
+        "packageKind": "Solution",
+        "packageVersion": "[variables('_solutionVersion')]",
+        "packageName": "[variables('_solutionName')]",
+        "packageId": "[variables('_solutionId')]",
+        "contentSchemaVersion": "3.0.0",
+        "contentId": "[variables('_parserContentId1')]",
+        "contentKind": "Parser",
+        "displayName": "ISCBind",
+        "contentProductId": "[variables('_parsercontentProductId1')]",
+        "id": "[variables('_parsercontentProductId1')]",
+        "version": "[variables('parserVersion1')]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/savedSearches",
-      "apiVersion": "2021-06-01",
+      "apiVersion": "2022-10-01",
       "name": "[variables('_parserName1')]",
       "location": "[parameters('workspace-location')]",
       "properties": {
         "eTag": "*",
         "displayName": "ISCBind",
-        "category": "Samples",
+        "category": "Microsoft Sentinel Parser",
         "functionAlias": "ISCBind",
-        "query": "\n\r\nlet request = Syslog \r\n| where SyslogMessage has_all (\"client\", \"query:\") and SyslogMessage !has \"response:\"\r\n| parse SyslogMessage with\r\n        * \"client \" * \" \"\r\n        SrcIpAddr:string \"#\" \r\n        SrcPortNumber:string \" \" *\r\n        \"query: \"\r\n        DnsQuery:string \" \"\r\n        DnsQueryClassName:string \" \"\r\n        DnsQueryTypeName:string \" \"\r\n        DnsFlags:string\r\n| extend ServerIPAddressIndex= indexof(DnsFlags, \" \")\r\n| extend ServerIPAddress = iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, ServerIPAddressIndex),\"\")\r\n| extend ServerIPAddress = replace_regex(ServerIPAddress,@\"[()]\",\"\")\r\n| extend DnsFlags =iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, 0, ServerIPAddressIndex), DnsFlags)\r\n| extend SrcPortNumber = replace_regex(SrcPortNumber,@\"[^\\d]\",\"\")\r\n| extend EventSubType = \"request\",DnsResponseCodeName = \"NA\"\r\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,ServerIPAddressIndex;\r\nlet requestcache = Syslog \r\n| where SyslogMessage has_all (\"client\", \"query (cache)\") and SyslogMessage !has \"response:\"\r\n| parse SyslogMessage with\r\n        * \"client \" * \" \"\r\n        SrcIpAddr:string \"#\" \r\n        SrcPortNumber:string \" \" *\r\n        \"query (cache) '\"\r\n        DnsQuery:string \"/\"\r\n        DnsQueryTypeName:string \"/\"\r\n        DnsQueryClassName:string \"' \"\r\n        Action\r\n| extend EventSubType = \"requestcache\",DnsResponseCodeName = \"NA\"\r\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName;\r\nlet response =Syslog \r\n| where SyslogMessage has_all (\"client\", \"query:\", \"response:\")\r\n| parse SyslogMessage with\r\n        * \"client \" * \" \"\r\n        SrcIpAddr:string \"#\" \r\n        SrcPortNumber:string \" \" * \"view \" * \": \"\r\n        NetworkProtocol:string \": query: \"\r\n        DnsQuery:string \" \"\r\n        DnsQueryClassName:string \" \"\r\n        DnsQueryTypeName:string \" \"\r\n        \"response: \" DnsResponseCodeName: string\r\n        \" \" DnsFlags: string\r\n| extend DNSResourceRecordIndex= indexof(DnsFlags, \" \")\r\n| extend DnsResponseName =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, DNSResourceRecordIndex), \"\")\r\n| extend DnsFlags =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, 0, DNSResourceRecordIndex), DnsFlags)\r\n| extend EventSubType = \"response\"\r\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,DNSResourceRecordIndex;\r\nunion request,requestcache,response",
-        "version": 1
+        "query": "//request events\nlet request = Syslog \n| where SyslogMessage has_all (\"client\", \"query:\") and SyslogMessage !has \"response:\"\n| parse SyslogMessage with\n        * \"client \" * \" \"\n        SrcIpAddr:string \"#\" \n        SrcPortNumber:string \" \" *\n        \"query: \"\n        DnsQuery:string \" \"\n        DnsQueryClassName:string \" \"\n        DnsQueryTypeName:string \" \"\n        DnsFlags:string\n| extend ServerIPAddressIndex= indexof(DnsFlags, \" \")\n| extend ServerIPAddress = iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, ServerIPAddressIndex),\"\")\n| extend ServerIPAddress = replace_regex(ServerIPAddress,@\"[()]\",\"\")\n| extend DnsFlags =iif(ServerIPAddressIndex != \"-1\", substring(DnsFlags, 0, ServerIPAddressIndex), DnsFlags)\n| extend SrcPortNumber = replace_regex(SrcPortNumber,@\"[^\\d]\",\"\")\n| extend EventSubType = \"request\",DnsResponseCodeName = \"NA\"\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,ServerIPAddressIndex;\n//request (cache) events\nlet requestcache = Syslog \n| where SyslogMessage has_all (\"client\", \"query (cache)\") and SyslogMessage !has \"response:\"\n| parse SyslogMessage with\n        * \"client \" * \" \"\n        SrcIpAddr:string \"#\" \n        SrcPortNumber:string \" \" *\n        \"query (cache) '\"\n        DnsQuery:string \"/\"\n        DnsQueryTypeName:string \"/\"\n        DnsQueryClassName:string \"' \"\n        Action\n| extend EventSubType = \"requestcache\",DnsResponseCodeName = \"NA\"\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName;\n// response events\nlet response =Syslog \n| where SyslogMessage has_all (\"client\", \"query:\", \"response:\")\n| parse SyslogMessage with\n        * \"client \" * \" \"\n        SrcIpAddr:string \"#\" \n        SrcPortNumber:string \" \" * \"view \" * \": \"\n        NetworkProtocol:string \": query: \"\n        DnsQuery:string \" \"\n        DnsQueryClassName:string \" \"\n        DnsQueryTypeName:string \" \"\n        \"response: \" DnsResponseCodeName: string\n        \" \" DnsFlags: string\n| extend DNSResourceRecordIndex= indexof(DnsFlags, \" \")\n| extend DnsResponseName =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, DNSResourceRecordIndex), \"\")\n| extend DnsFlags =iif(DNSResourceRecordIndex != \"-1\", substring(DnsFlags, 0, DNSResourceRecordIndex), DnsFlags)\n| extend EventSubType = \"response\"\n| project-away SyslogMessage,ProcessName,ProcessID,Facility,SeverityLevel,HostName,DNSResourceRecordIndex;\nunion request,requestcache,response\n",
+        "functionParameters": "",
+        "version": 2,
+        "tags": [
+          {
+            "name": "description",
+            "value": ""
+          }
+        ]
       }
     },
     {
@@ -556,13 +554,20 @@
       }
     },
     {
-      "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-      "apiVersion": "2022-01-01-preview",
+      "type": "Microsoft.OperationalInsights/workspaces/providers/contentPackages",
+      "apiVersion": "2023-04-01-preview",
       "location": "[parameters('workspace-location')]",
       "properties": {
-        "version": "2.0.1",
+        "version": "3.0.0",
         "kind": "Solution",
-        "contentSchemaVersion": "2.0.0",
+        "contentSchemaVersion": "3.0.0",
+        "displayName": "ISC Bind",
+        "publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation",
+        "descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p>The <a href=\"https://www.isc.org/bind/\">ISC Bind</a> solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.</p>\n<p><strong>Underlying Microsoft Technologies used:</strong></p>\n<p>This solution takes a dependency on the following technologies, and some of these dependencies either may be in <a href=\"https://azure.microsoft.com/support/legal/preview-supplemental-terms/\">Preview</a> state or might result in additional ingestion or operational costs</p>\n<ol type=\"a\">\n<li><a href=\"https://learn.microsoft.com/azure/sentinel/connect-syslog\">Agent-based log collection (Syslog)</a></li>\n</ol>\n<p><strong>Data Connectors:</strong> 1, <strong>Parsers:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "contentKind": "Solution",
+        "contentProductId": "[variables('_solutioncontentProductId')]",
+        "id": "[variables('_solutioncontentProductId')]",
+        "icon": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
         "contentId": "[variables('_solutionId')]",
         "parentId": "[variables('_solutionId')]",
         "source": {

From 3d5a81b7f7a6d066fc46360ac50bf1af237237bf Mon Sep 17 00:00:00 2001
From: v-rusraut <v-rusraut@microsoft.com>
Date: Mon, 9 Oct 2023 17:36:18 +0530
Subject: [PATCH 3/4] updated createUiDefinition and Added Release Notes

---
 Solutions/ISC Bind/Package/3.0.0.zip          | Bin 7235 -> 7491 bytes
 .../ISC Bind/Package/createUiDefinition.json  |   4 ++--
 Solutions/ISC Bind/Package/mainTemplate.json  |   4 ++--
 Solutions/ISC Bind/ReleaseNotes.md            |   5 +++++
 4 files changed, 9 insertions(+), 4 deletions(-)
 create mode 100644 Solutions/ISC Bind/ReleaseNotes.md

diff --git a/Solutions/ISC Bind/Package/3.0.0.zip b/Solutions/ISC Bind/Package/3.0.0.zip
index 491339b3fd6f5659c5fbee9cf697853b8cfe177f..d2df820fd320ea09eee18bf353467e737e74d4e6 100644
GIT binary patch
literal 7491
zcmZ{pWl$VIv#xO`K+wSA&Jx^Rg1bY|1r}J`-5nN!1_|x~f@^Shch}$qcfI-Usk(Km
z&N(wx(>2{a{j;B`epMCV5%6GOU{GKHP&plzC%RZYWEhyA|6GLsyk^c|kSkaV@&#-G
zv4^-q9PC-FT^#J&bx-V9r3v1QbI%>SSSW_$W$DGH!)oNV2c$?Sj*x0rO+cTZIQ)sl
zWX{c;l0bRu+{qc4lcZCRaKePd({ZB~vG_=riOdrZmZZ3x0BO9};Ub%K=wVEL!+nvU
zLgEw6gcPMVM`~DHf5gZLAGepJ%P{1H#$Nzf(Wc>?)K;zT`M5iZ{#!HbY6S1{MBe9C
zgY5lO@luKlvt=QFsJ{N!NrQZalf}{QHAO3Z9;hQ}K^&VCE1CO`x^9937M-K-A8J5x
zv2NM?8H~(Gy9RmaxMMTk$}mJm52ZwX(Q*JpXK1Z;L^2+r_86V1lr!FXs9O`IGg4J9
zwO1G>J&CikgrIWVX_?BW88(L+j7XiNV*xf$diGI(uCH5@O-qCQF%gaZ^g0F)zLw3e
zcx+A{^tbWxKX!Y1xjRcZ)Z-~9epi4DlU&)zDHJp;|1_0C|IMYH$dpO=^%`|HYZ_nB
zRoX@2I@tgHme-ral%HbuR$ouS5`1Q{=565fTn*ijUw-mhMsXP)9VOiSNu@xXCvK5x
znUsa8V}okuQWLiB>ZhNkBtG)HtV(|kE|SG5wsJw6u-RrG_4|xB>{d-D;N#xU1~d6R
zP~TOrSU<pm=*wbt#?nO=X2v+3HcM=*AuYN)q!#+APc;H;Eh!PqxnpI+q>cJG<7G{o
z!~+~W03Ly&WY(5GD!2AxVLMKKoQr~60t-{igx!#sISlL97?dS*Z1*R#_%{~@XwKMY
zoTs35wmFl*(BqMow$<+|w|uQlf`GqoCW`+F_LY}nB#<v~PbeaG79~ip_a0SS_wuBj
zbpvg|JfI-P!zQ~OV&AYZ8Lb5~Gb9y-CR2r#nPQc9&_jr0T<KEHQ^q1f-8}S?5D;*R
zkbr2qei|MjWa<*+!>t`3TeP%N2A;l*exH(?6|?XylQhHi4&Q<|PQqrhiuf=AzqK>f
zrJFQVJ2f3@e>L<WxC%;&QtGtfL?qki>emr`_-O@-QHrExlOFD~J6h2@ZEndk1%V3J
zg#bzSac|P#?ky`j^eqqIj*1Dn`*jD~w}+FJl{ZkJjhX?R2e&|NG5%gdX2rd@uG`$T
zVAzT`)K`fJ^%jYM7iXR7bUFIz`bCIg!(r2k5iSxA9L$_%2duT0Ht*w!2=cAWknyT!
z^WyrLyui3$1(qS+6Ide<l`tJB#bl`7xPlv0v$v`JRfNut!W1<2*KCXkg$XlL!5&{N
z=hEWdX%j1*r<9MF1w*3ywo_#*y_^FNXR`KOYrt(0Eqz8h{6nG8=ZaxTFAf77iFVAa
z0`&f_mggXi=`3gKJg}fKIa|BZp~r&eUeIfvq5pF>iFWty>S`J5&)4M_E5vg;PvqD)
z2G(lw>dlMG`N!6Y?;TqH`Xk#sGu;9rO^;rss-O*G;Wltghx(}$-pYnLWJA)bW?c&7
z)$g;A++9>F3i7=jE<BpJ7~y^;MO~2XocFrD?$a%kt(5yOaLv`pB}L?}+!&d1aY<5!
z6_GUt!a-b+xt%9gbjS0Zb)=%LhCeBngy<Ig86iDhsja}VR&NQx)MCD7okg6_-ObI>
z(do@(-7GydkuP&=mfT=%^J5=E2b<To+v}bmS8%|dKz(S~+?YQAvuI#=<?xr08mpu~
zTR)j<dqgk>F{crTN8V;8(?jEsjK(|C@tuwaFd#qx?-4(%%E$36XH_Uf!$!E*jP$3O
zCGOHn7p6eYckooh`ho7|l>d?p9pC<R94K3liJ6{bQff8vZN~vFyyl7n%UPaGbQejg
zAnsaV|N79DEVj7Mc6%XN`r1k$E|_+(^qxAhW4V{nOkXdZ^e)oB&;4`h<Q&Z3;=g1|
zI->#0Le1sH>&e33irdwMOukwr3<LK<xZ|8hylMH<T%R#to53p8Lv8oS*ZbX1&2aa;
zM2JnuI*NKK;~{E2JGwIH4~<%l`t|6M7Ii=CfTx3hH%MkTtFcP*QOrtK!%x2d?1-#I
zAvsR?-cnwWMjdHs)ZdD7HY!1}e7n+F(q38%T0(8j-H+8{_PQn$BJ@0&vp6yJ&z$q|
zW;j3;rBE+DtDfPOAgS|HeT!U24LkS<+M0dbwu&tPC7(a%^r}5WWYfYv*1uZ{4N*H{
zyYW`L?Mk8p0bB8le5D?c(7ItkBVn0foj_x&TUcLTtp@>i<UvdngXc{7*ar1Q6_Pdv
zj)uMyEQu)itsb0mOrObbL=(pZgd3LWQazLc8D5;dqM`kS&-{_f(ST#Xlc4%$dkMB&
z7@(_(u>yDpD~gxR_6e%fPbx~T-JpkI$Tjz|rk_M83|>2(jp)PfMJF=qMq880yOn2k
zqFJc_wUDPSm-JQH%H&|j4h5oGocFs^7;pG<eF>gIc0=Ml;wBbWc=v{%tNzoQNf05J
z8?exN3trIQDL5&rorrtyO~*uteTV)Q?q}{F*w{b`Y0~OkhHQ{rfMlCQFpyliE`Gfd
zVd=V;<6Q%$7wp3+iyzPf-cVKlAB`jb(fA-KRrd5BiBV!<U~vA?*bW4-*96-++Wuqm
z|K;#sVH=m-#)eJ7+4sP*teU;)-YbiY%9Go<nv8*@*xgp=8LY<EAX!;cr34J|m2#Tr
z&GT+3f?Ob$p1y<oSYwn_+XO$K10cWi?Gg*+_Dv#-R&RTQ^7wNSO@72~jVI^VZ5Y;}
zXoO*u_rwA7KcT>7=|SY@B%R(@*6`<~8U-p*gF1g5bNoj>%7XV9wg(r7E<(p1il9bv
zImLE1lM_Yh=Tp&IKdFzWJE7tiKp)sD#~;kSX>P9*E<5qz*9e$6N(BrtNddp+1d-y?
zLRsrfDO7o^iJu^F(7Z2jq5GhiiIS2-AgiN~Z69)tXQ&wl42<o{mH*+^mo6sb?oo46
z93EaJQ&!!d;7>0`7vTs{bJU8Ymj;D>zS|`7nw%@AMfN-pvEUzLr!?u-*MzTo+BxMC
z==_9krmTr<w=6vfMaj+ZTne~&*gGEyX(^-Gickj2L5XXy$6Vr~?Fmqfl2NwXbxI6U
zf2r`zttB@JqPtm?ya3!kh+LFQ;JSQsxhWMakgp8&X?z~sHT_NXO(yLXgR|V}dT-)2
zpTXssgR&}5Zpqdg#oI$J&rboc;8P0fa=O7{S5WoV*@S-WmLd*ScWoq-h?<Y&H1<Ob
zTcwF&?}bKJk4+BWX;qf^1b3@onP16fr`<q%pfje0yS+`=Rp-1n1B@8|eJ3j6Ax+nt
zz$F09N6s|Z`RGURp(pI+@|}8Op&BB-lGT~h>2|t`Yr0yYkjL_qfw3xo$rPF7t;^4r
z55mV|X+lg)?LcMctctqUq^8pw&Y+_px+`Dh;;-`;EGH!@!^X#T;8A0kaoux8kfyiQ
z$f;E2NUqFrR(SWCer78!zob*Jdh3U{g+j@G9ui`>t#&pM{FXT$A0=ZyS_R&dGHbLe
zGH;HyO?fAN50BlK$*h<x=}j4$ef6MM7or+nI@io$nDtK-hQYN+*m<xs7U>`9W82NM
zl+*&Fl?o`qlG&q0=@LqXr3FzOZnKemF~)Q)#Wg0pOP>}gnmDb9g<Z3@Cnzx6ax|#$
zdhG?_ZtQerMfST?xOiA5Xg@!I0WGCT?8%`#-5!N7;Vfk#sm~Z^S>4}GPA^2`VFH-C
zQeAW-uJbGfm`zi(t)REI8Re?13CNKua+!avr26Fljtd&WXp^*S7;34x<E9g9V9<HV
zJ7RqJ8XJm_VhVp?h?6}MnP?K3szQaMW<ZYv$5ze|xu1w(rLIa=$=-L7*z}#zV)3_@
zD$}2h@HDB*0aH4*vJoBpt7sE^RK0xXM$J#1m{SFB1Baz)xzQ#?tQ-yUr!>w#c#|K$
z1x_|}{XU*=B-my6a4zgveWaVH5QRUVDF*QRf$Urza3K+DO7Y>(1~t~#MX@IiZE77H
z{a8*lN`hlUl0C;XpROk{#~Qh<ne&iL=9kx5ADn2c8W-eCyXDxa-{RMY4lZLRP?+kz
z*;nHz=WbM;GiuWt>2Fkg-WQ2rvh)pT>=#7QL>1&WNUnQH^T($LkWXX02I^+TuVi50
z>I_Xk+p}a%4YqRf3Pw*+wlP%H&B%d+<W{=myNjB10=#O%=&<8^m>NqRWt=Lul*1C+
zeQ|AulH;HOInfL2N3o&v7f1U;v!w7}k^>K-LokDDSl-^>tIxCe8JJ=f+WL5rY>WKW
z1g?eA5~@yZj*6o$J@`6YdXbg8%W1_It;1FgY2C1}u&7bYWk792byn_ci(g2e{U5}p
z1r+rbf=rGdZRW=|_T?D=M4&TiN^&!i=athU?4zG&M-FR)#*%nq1h+QXcylmJx`OVZ
zOKQ<@iPc%saxn)kliS`_ffFpnD7KbuDV<tCB@@8jGAzc0CvX5_+D@d#NXMYL76kxo
zryuy(p2!fWn=alW06S?#ON_?mXLN`z;%Ma<x4XIkDDcWX)?)MsKoc4OI#+LU^Uin^
zBcg4mGJJM)LKMKNFWD^|<dU7B{&fv$iE3c_>b<W=Yd)WhI-@qC2qZ?KnZL!PSj{@;
zs|e^xG~0K3)Xiazj4xMr1s#sES(;Sdp6zdtD^@v-A8KF_=Lo^QCziINQFATJSW?#M
z;YCHATs-{_#ce_LPm(JQ*yz1enO(-WlD>K3Zh@ulT7S+UJC~ZBN8{>aML=N0Ok5ZF
zQ8BG2#-HvP_eG3TA4+y^i%=K1h;K7^ue+08!MitrmSvoeyNI|7o*G#;U#08ja-X1X
zw52C@H6b3@#K?~&l3w2b*L{j5TR$H8XJwlFs9t)nz$>i<z+`&|WHIY(prJ%)KfJO$
zC#|wNI<EP9Mdmiigv9fk5C8BucL>r|ANIM=<x&xM2^QOmMJWM<x-i+bQ-x+Z-gD&H
z>Ot=rXH^sO#aLWpE~wW0@}~dt5|rl2y^#c^Kd^FI5(kPs(I`iS#fa4n&Ju2#O%mQ&
z+PN^K<--@GaI~l}|2g)$Q5Ud`u=?gFulPDvmXF-%xTm&%u9r!^q3~FpI^$Bl`Uyx*
zaRw>9tXP*4OvURKy=Dl7IRT<fEZtzmn5k_{d_yz^bsIwEv|QvV_CiM_ERa7ogp}e+
zlePdOSypXB0KM!XMlqr``}-ps^m;lzD%7(JTxpN#5RCohU)HW)ggqD#_0Qo)Cuk)b
zgNvqP^l<lWB*%v0aEE=|i>Uy!K3LRwEfo@Wy-guPHD*J6d)ez;l+)5rwV^8;8~yh>
z??P*<xGb)Wc&T#HDHC)r<FAkl?jRnCSx7`aW;R0$8qO@|%U^@>VP#Nv2rJnnW?F`!
zH*aM);xG7SQW5vzKrhM(L!|PHZAKO3>s`@ChP!Sg%A!YhEP-m9K;$RrQDwT)kQu3O
zgbYw%Liy?s?1rjprD)5Hr91>}dy<$vM7*2uld@6%cfvx{7dUxS3xFOR!elq!zD!LF
zvI#&3vdiVHXS7qm?|3rgLKF{ArlsaDT}gpWqi<dlc`|+=hWT(5TFw9#vqatkb-mH2
z2eofW^uqlJt1T+X*rMZ;R*$~=pnUio{JjU}XMf4sst<gqH<se)VpEt7fL6)E+D)e7
zPHbNu#pZx{N5n9kGSsohBhav7>a1EB>+<&sy5AdD*C5$vAO&dT?kcpXADf>2X&Q>V
zrEx>*p3*g|G<B7(V8FE(1`F8xp4KmmIw1v1*d!LcxRLFees^bGVcqEbJU)>_P;aV2
zk2I8%eU9j%Ga`e}m&4}TiNzO0>xb{Ps$_$EdX*$NxYARxQ2q7qOATM?<17XkooS((
zQCge`!_C4EAt^fyOT74R9qm#a(b7FxuS0)ZjNAd`sKKRs)`5r)OZ&gpaG>2bYjMzj
z-S?umndj~+9FExLx;}2RYK>hVY<?Z>2AdwEN=FULnOcWEC?I*wLEo4~K5ERT^;UC{
zUQIolv*zPz!hsNNOzc{8BAg=B9&wR#AV+DB#O04dAu*z`kL@lFL)rsqL=XaAU^Iib
zY@B4Q92_W4CUe8~zNFdY+754IUodt>cHJOTb7={y<f9lwe*)#79$vHa>DbU-YEDSI
zNEUC?eRah!ioq86j$|8sE?04ToQv6bn0t8j0mqqwf$RI93jFR5zcwWb$@?#>Q>9XN
zji^u86|YG|3F_c;{Im36zt+PCPr41&x?otr^81=3%JENQ>3xGlRxbaBN7ub_+_6u|
z%50|m!bgO4PtS_=wi1DZI9D`@p&@xlNn_NW7(qDI=K*J~kW!s(9ISf@U`Dr0p;W3>
zmo=&#!7Nia6OI>kqRME;U-=^7NR@9EYZ(f6kMcNdS!MQWOKp6(#1^D(DJF2#81KfV
z6G6}tDamtC#oC#<^{UfLXx!l%ZtQ#66tWGpd_yy>Up^hxVKth-x})dm^S%#Lx3}SS
z^Va1nslOxOuN9b{pwp}|#oTMKl_iDPb(td`x|__Q>FI8`Vd~X=ZAGzKGi|9t9P!HD
z;)($wu8Ea}Q>}bZgm~(CX?d#^D~I95@l#9|<^}skp#88NN-0DCb7-nX4HPgPByHt_
zE4QgSPTtemHI4d?WWEa#5*t?_;-gbBioRY7-hi|IcHHA+!=2<sRb)Bw1244_wN<Bo
zi2oSh7-_6t`=~+j{cdhUTUL{~nir)O^~ReUqMBfl8?*O#Ui<Wt(#3T++t}iYE4)%D
zIUbT0H!@&;t8aSxlg-^$qEoK)ShRsng`R`~&gkvV4%4SpBxR+_8uF(CQZE3<@c|s0
z;uNb`7MD;fx(Bvztm3@MCb2=~?ru_&&p#lD>rzZCr2{VXeGOu|uk5n;nS0D5t`k-q
zo+9EoLgU!F-x{*~Ryf|!&e!PAWX6A7tmS_vurN6(<JmUH`-G4sB|~m=2TN=l5Hfyl
ze}aD3ZM&Lb>+Pd&q&sHXnqlissJ}ie?a?%zKHgy6^O><wyG=j-`c7*&ZhAqAeSUvU
zS9D&JeAO*=R?}`x^YfZ2?TZ2F%i-}>_|B>|nn{T1Dvwm7U9=6f(lrXVx`C`VTJrg6
zP^ILo=7U#>p<jV;&aA<tuFl{C*DbW^@6oI($gpTM9DiP)mHJFwZauSoRl5IXLG4tN
z(XeUwR_f>7&g@hEES1&?R8b#4mH0YPpNVeW0_RA&zu+@ex)l$~Lm0(_AHf5*8X4qu
z>(41(w@LcDYMo&D>5bUmuJXWI6L(T7Bgc5!!bAV^`SXOW+O>(ckexN4QO$Q*LiTzP
z4%w&C*!;1RwbHgm?@>b%{jPpRtm2smN}mxu)1qCe`@yT<>@!)NWX&fMJ57W~g#Nf3
zHo^vG`<E{dgKH+I4&lu%PNv{tYo~F7Xl%jN&e;Rg-i7|~&xPkWNFE`kJp{k>s3o%a
zoRg@!C&nHOFq$FkTf5OPC$(6lRih7hEM`O75D`|dKE2TE=}P73F`X>o&Gh<q!KCIL
z6ANTRwD9N5Glgh*-Xh^kDY+*)=_hbtg*~qTk@8(cvB36Ot$uU+lq+3ro-7!bi$FRN
zI5vUi<Fjw@wJ2rqhdVsO5EUM(jpWlot)r6(sBokw^I?a%$UU8zQG{$XnU{+Bld=O`
z4vlQPPeqJbHYXu#2fPcSZ(K@RhuOyInUYH3o`W~MD|NAG+tKasBBl?IxG~%5?!-Zl
z^ixo!iN}(;q$qp;oBD`3;tS;WuqD;`%%VN4eywj)50=>jivkAWPR<FH7GF;K=tq4R
zm(X3xHDY^yT3?sOF@iJJrsBLpZr3~RE`vubq)98ggW_qB5Z(P5u>>c&+d2X;HxOTd
zndfCr@a&*X5$wD9>;2Z^qp6%F_94ffyM$s+ug?}D4G_fum@VF4gduP6{62(9h+f7<
zUKep08@KlF1O%Ta3$>-Ic*8t5kz9E^V4brR${bHB0LSlZYt3}cP#J}%;Tf0|KVbSh
zmn%R01sNf|I$mGG4z}o)n;I2TsuRl7x9ha0=NH?HhRDE$kkUxM1&6K8w=EJ!O)nMP
zr+`jW=jly1iWVxrB($y1akKE&Pn$IYLk#sARRjZn`_`AnbA{c}7_uC1H-ZQGeyMa>
zWtPOR41eSuPOT#EmW|kPh}C*hnFL;7`S(%3vk-qnSEGf;Q<R7-zRrs{93GF6mR&G6
zNs%mMRuz$U$46qanVi4v*F^l}5QRHn??X}qOTqV@(f8U{iD^@)Y?7d&jwR!Bqj6pK
za1T+Tw#lngsIv*u2Xk&rT^bs<0kK8W5Dc1Kdi3;iuhKyhVY9`y%G<8FOc<v!_6Sc~
zRBrr$!|oh*Q1}&9ZZ`j<wx6CHen44HCTVqj@B38}Cyw_VUX{$_-!nJzbiEloy;jO!
z%-^fZ2jdrQG3Kb+1^kj|hIpz*SjF~rp<~p~f6v1{X%5>c#al6QI><5)bz^S+XkY}2
zD}j&nnkH@!j@fA^b2_;-%v$DZEJFkq>&i<?6OSJC>tZ{&ZB$YA;>OCJa;2op9(QYp
zUfu<#cgky1sP%zBZVR6h*pwJkD6>V=&EY_)oR9KaTC{D$wxLE`h5EP2(t!ibU5lvJ
zf2T`XO#zvwGPg(xagIjpe?`uP=9j4Yt>iuvYeX0EwJM=aCko6_EifCc8!f4&qMgRW
ztqGMq)H{d&wQphDM_JXx@^k*(B@_B`w`Tmz_Lcm`x1{eNprns_PNOuxN?Bo9frfWM
zT{~()xBZ7o`R@7$$ZsA(PH>Z0a)(q!u@=(L1Pxc<ty1j{zy*(#Jje$d3Azhqql}O-
zdqgKqn7_ooch^b7pDUn_Nnua#>^RcvIMV2mIS;;|ykJ1w^_>;m?~H%&;u;t{)n7yK
zfxSLY#HKx6m6wvA@)hY$_QT<f&`se@!v7_bnkrX)Wl6**Kn(9GvwQeJ2ZOgX7@~E-
z)MNz17Ci!pKkXIQ4ze54#CI471nX_-wPC<-u%bNYa)Zd9y%HBiqfS^jj(=kA=a@X$
zNZ$jNfji70*p8sR1x8x?2{>Xe5R}6-DvrZRJN56cc}v9|C~Zg8$}jj!ekqi<nxB2e
zUP?{9+O*gYFqbqLUO`c_o^rNoQgZ#=cf)YcW~KPyrxlYYRyCrb!mw|lcBz}cp@u5D
zu&k#K(VL2JcLKM15aAKv?4A*)ZJu!&kn>L<RGt<jLC!voY+|YlXY{b)gzvg_z{e0Y
zF+Kdpf*E)bv9pVi1`Xh4!=pW8zDg!nW%G0o3s|@O35W$r>3RU3`m^@kMoX5t`F?1s
zAj!IYB<Pq*tBX-u;Qxc>7<hx(t88!^Yzg{7)E9~S%G>(HpqPGy&FiW-3zQN^e8VtE
zda4lq_cMrB6-yRu<V&y;p2M-&9@77e9ZMR^%<fP0S&U{z?+3ZPW8?PbWK_The78ZM
zW2BsrKQ4;|)5-=|=W5Dli|%IY_wYx8hb!<6nLi8a?(^xrlfvM%|3@vyfK^PdJG615
zZJFz*A8X@hMxg1Mp?NPv`aBVShz~uXWl<QZmyJqQKQer5)8??hJDt79cy{K%$8)X?
z3C8SwxSV1R=y(Aie}`L_cCf)aL{Kruhh2#!%*UHf#4VvTRHrv2zaYcwc~5x%{>L8c
z4F|w2(#n)UXH8mjFD-k_F!+`ww{SQ2Z7g9~yE6Y#pQfX^s}^~HSswQibDaDg=KVE5
zRRI<b59Z%A^nZ~m{{>)RVJQA%{;mH-xcvW%{7)0s|2+M#BH#Y0p#N>&s;Yp9^q&;C
Oe>?P_Ed~7N_J05;A6Q@j

literal 7235
zcmZ{pRa6`dbA}gN+!uFuSY#m(Ah;#CySux)1b24}?rw_)2u^SbuxM~kAOz{x_M+|I
zc4p2QxtQDMocC4vh=2$J001Zeuz|cb<wm&SJrDq3!v_F}{<)gFS(<uSYT8O!TG=|;
zde}NUaoV{%J3)0Eoj3V$Ubl_KZ4exgTk;8s`9b!d+gLi_9kuyv<7lwZ^hzx`LDeZ5
z2AxyEJMQK5Q;D0NjmD&L!rK&Ag}wf3N#4XC`@Q}sXb5-DrDi;|_kPG5&8XYU%__y)
zuzr>_m(I+q*>Z2)KX>wS*3)<881?(ThITo6R#|Dr(tf{ieC}J;7ocuAAXGM>pvKd_
z*P}9=TK$u!b1dh}oKo0nXc)6UM_o8+>J~SFx4n}ugRlklH7=XZRD#iD%iCD2hw~w_
z6M7v-w;SyRKjDvwADB|jS}0lix_?)WA6i&*TK|OmQV~wA>ax7l=<+G)WZ!{E(G<EQ
zpS}H}q^l!yX%t*seov>5jY7S*jE)+ne1}(BuGxqmf9E}kh-yn@vh4(a$Uo~A74kFf
z>k9Vxx?Rv1K~T3x)`4@rr;yifwa_ioHRbw~c0gj|$8@__zAC2SH>4A0Vbk`eLOR7B
zi*4{gYGOfq7)xyiObN`EIXvd5Is{u7>{yz0|KbAnmz^D=^SZe|=k}-fZ1yyR8d)zK
z<}@EVgchtvcqW36O#?4=iLin7Ru^kyd=~h?h`YMQ>2wx~`mEs*f~2ZcHW2$~s<lDE
zDU(F|gS_*2^2OoC1gP2e?V;LH9jvhO{C<?=Z#}NpVvu)lS9aDc0s#iKWlK$cHzB8;
z7p-&MJ((3wPjS&<-w}E>z;m}HyK1!uN6V49Zj-DqF5n9$CqNLm29mSHpeWsz9lc|7
zaMy~~6N{TQRZu_1<%<0zw=AYkn(tA8H_a}OMRGQm$^e&5tH7aCZbigp{s*HN@3i6c
z3=HyCUmbhO!DG;F?bxemtC66B*~P*TOww?`I-fBo5w7=Ct}J4Rq-_8O?Y`yc5)DZd
z{BHYwWnge&b6gr;O=Xolu3CcO7b(iwggJh!k7@OrA(hMiPM>S<i;GHlAhXJb!ep)P
zu^z4CuH!ng1fBwxva(#=(%j?DseL{&KpknHpXiH^2rf`f=b_Nq*NB%{C;JoDbFb!0
z@=LZ3@E>~l&Wj01oN4d|Kj-=GJCoeFtid{VGxa`VlqS=Gm+q->|LundU1u+oTlJq^
zej9{4@o3Y_!bDD5-W}HD9NPnS>5uU(6qxAd4We{$K-N3zu5!i{j04WUI|AV<ENOR=
zro)3UjbHv}eAyPElO-K*Y3x;NLIf=Oar0i~)*tO_RMH|;Ba|E^dXLS)9_Lm*c?Wtz
z-72MIlE?*@ZjWUUMd+2UO_K7qdiVn0Zl5Di?-Jv!L#UIk0b$r=$#z<)hn@5H`GMor
z+aTFM_2^~x<xO6}+G%+vGlO%&hM+~fP}V^J-o~aHYwo;5^EwbUFkn;!--GCs5HzQK
zv8>zmzK26|fH|s0b)mU7`8JLx8R@;2L{<=F8+FSk_4_ZzlbZvc^%$;={ySuFGmjKb
zDpgVbl?e{{NMo2FF*51c2wDVzZh0Bp=|G!G5Uf4F<KSory6-=}xPMhK?k#)$+e>Cq
z`KQy1rLDh14VuOIQtlH7WWrqcD8Za68Xcl%YHF#0`)5N}4ozmswAVj}%cOxis3lW@
zTe_QH57PuJ7W&s7?2^5f{pZpoCVCH3Th3ihfAq{X0``t@#HS7Y@jHDl<4t<I8~$$?
z4V@7(y3_d#uT9$p<*f*uq0K6mgcE#d^L;6rpB*XtKH>Yaq&wm(U$@}Gcr_WbU5!bZ
zJNg2qp|p`+0lKRGA4p6?x_YWV?114mj+?V$^k!!*7kDOBzl!)!PqTeL2w=n8ICo%K
z62=nk89c$pej-X+5dST+Z&ao7I_1=v@E`afE~<<16DKGFE4V#)c*zxbIftw!0~GS{
zhBncC<%DGgm_gM;PrNYr%?Co(j|@KRF5GR%Iqivq#9_I}-&~C$B=2=Q4muBahnmhN
z`~%=2QbNT>Hi`GLVFN$O^=>nDGZWamW)YO*^G&8c#Q>}(l=z&0#_!!P<J=&ao~Cbe
z@i7Rf`^}<`4pPS~8#Jbx(-sHyCS{IR*Te6U2{C;e4v@cnSH0ww>2Tuc^mW-<WDr<E
zBPhZ(xr#K{t48_~-*7dImxJkH-b=D#wutInGCXMyw>-L($MOnJ{^VlnAT-35?S9-T
zXY=MIPR@WA()-0>d7k20a<5w@*{`}WrY7q<hXl5sLBc#dx*(^?7u19&FY;GI55SW4
z!>hVMawNjpNRU@tUniDYGsaz$HH2Bb>GN9#Jn2>cdAmexWx<{ZRG<jU^{sb*xEGUh
zdv#{E?FY~2lMrSmqK~!(RBtmSsDtruL$FWWGlTKH_@=j>N2~f%{`mZ#CN8l?P;<@=
z>i!aAGj#ApNnx$ooe)dk9nH=Zd;qBY4^Z-}G`y+)!_Bl<008$NP&%60I%!xsx;XrU
z%l|;+h2fd|CV$7<_5ge>l($3JZ%wHcdgCd4Hnv$`8FNO~y@lQEjFyu86(U`QXe;Y@
zH?R{<gqjMF7g4k3Rj7=S-*a_wF?#n1_xi#XA@nxdN0PHYi+VbpYB8h~CHcn+JdRtK
zDj1Ur_sWqlF<9pQD*-bJJIUxCd*G6a5;L#`<s>z$m*!478lUG;pzOQxdy(ya*)l}Y
zmrrJd^U>b!eD4n4Cg$8zO{kdq-gb6LwqblZ-?NDV@O`)~JyMHB%}&h3_YbbzUlP^n
za&ZEueIMerNxy>?i<#1y&E_M<j@|Cj0?DL;kXZvj6kIOxCGOO0S3>2KO7t1Gn0+5J
z(T6uJ<;kVgm+6><qm9yRa;IVYs=rs5@bjZ4=H7jhuJ`6P<x3E`oy)F>d$|<zcC~KP
zunM({@pWxdIq+z(2~(4KrX;OIjYYYMNy3XI%;t{R_x&J$Y5I*_e4tOu@LrZTH!6s#
z=Jx=@%a!Z7Kd9z~N9@=b5efGr%5UFV<{aGnDY}HKb$I{s#+YX$ky&`>DEO!VJY?+o
zL;4DL)#qP=ldK+~b*j+;s^vP3P5Y5m9%Su<#rMeq#}2_)964w##d4EOW_sZJbnp^#
zH?09qSNe6Rt;DXUobc<S5f@SVi^xl0<0jOexJ^*&Av=Fz*{besA+Q968RYhwtMuJB
zV#E^92g54qE8?LYA3OspE#57vCA~b+7jBEmn~;4#lBC&jl-16cxn4qGX!TLK@A27q
zKj#K^w!o1>rO#de+E{O0)(iA`%1FCb1{p&U2kml+<?U}>_Ik08ZCl2#K%~08NZvRV
zP7|FP>zslxc-!k(nKTo>6RPT`$kQ)#j2vT3;k2UAYf*T?vKuyA1`5Yj5ah2b$o*Hf
zJ~dS_HPx;D7vikfp!~P4tcf|;I8sdH^ZqrS-6v~QGAsDG-+tegGR_g0KVp;A$46(4
ziMLGWGOLW{agQC4_Rfp31?Lj0kKkSm$e{1J3JUUY#F{%mp{6tQzx@>3|Msu$oPANf
zwpS=8SaTM5ZZOAD2uez?ZReHuJv_^Ps?M57Erkp{l#4}F7eIf0&Oe227hYY&P$km`
z(Z^^zzN?L^A!6ic$<PYVeCf8*O6vPY4ilzx<u9<@VhwaEynwHkxqvDZ<<_4uFD9G1
zbkc>HqjcG6)DB`IL$2ZuG+03piGF`PO`WfvHPoo?Cn3*zc&`S}QyG}5$HsBa3{KrM
z4jG9&m7OJqaXyY0sr%J6ni<!zq6FPK2QDk>zCQNxiIMh6O307PH=2{Qo7#|fkPh~P
ziBbvTnfKf<g{lobZzAqM6lyao$x+sNMfRlYYg#aE!v4s<wVNQ4f*2+IZFW|?#@D@j
z8v?@_hL*0XlfKqdqYv2jSJPqv;<QCC#FiMijYXmc^LwA6{yIgO`$+02x7073WQ5b0
z$r*?;4)$^No<7m<DpM+T6DY$iGPyXY4lrnWRnl+XW6_FmL<Whz#J)eP?78()P-(dK
z9_5d%JxGdlj+B<TQP<45FWNy@uJCX^($_*KNqA-R^I7^3V6`|>HwHW^CO*;1Gg8-X
zeR>dX3GI2K$E{n17ID@}lixZkB+y?mwc9llhKGq;;y!Hm%(J+2$w_R&*L|`Q!a@L^
zX=^SSO{#1Nyz75BDKpuci7)o<dFc(Tw@gY(LeNRYvJs}Z^*m{^XXeL}eEK$@S|MyL
z21XzL@;be9BuEchU`dNA?rEbe&LgR7s2oB_Ntm%^cjGW%g&EuE^8xu_%#Vsn43fC=
zkDxO8u{3!YYVD#Vkv1LTHn&lY^-BhWN>U7iD9|rVFblkHjDhZ7O&)DmEk$VrbHxD$
ztRQ<SneAYgBMvYOREV?J&36(<QL!cR(AtDD;zZHNKL8?eJVH`1$mfZ9_of6slw$z@
z8j{8c$4(9p%1-;3R`KKd(mOU%cqp3pWxq6@cba{=r^*Y6-6$3<2Kr3|OX8C&gj3=t
zT?b^gtE)oj)oC-TyUdzEhv7%`oHGk6!&Ds3S9SYV#2D{&{b3BwUXnz|$2f*6ms!NA
zGb{1Os|z;sj`yD@8DI9{jsnsXod?lMv$(!<5c}gc?s!SDWX}FH!3&}*7Pd`4_x|n^
z!%53XOs_znnth{|>2qb0QP4#odmag=jBz(BGfY=9W$$tM7gk(z^pJ)b4D!!H-#%mA
zcjjO<C>9j7kB;%`FJnL`i~7Cn(+jZ+)g9Kpa?XIyIHZ)Z$rK=Q!=Dbdv`PGMen%CV
z6gEG4m02sNgv?$lJg<;h>f^1>&!SH$9O4*&1jN$-G!F4xyl~~X9poY_Wr|d_HA3lB
z%cq5B!r_bNNru&X-lk2~r~<kp6K|~%3t>Ay%t;R5=F;9Vc)h}P@*l7T4T>{wO)cQE
zx%dM)*({HY<g3L78#D(!!x-OLd{vva!xw@b9l`D6=8Kf$MtVs3)tfcv{&7)+VibB@
ztn3!4gJa8$5iw~09AdIJ`kW;hNT|LRRGyok<OKHCvZqvSEcSD4vQ^bi3HR6->!rDG
zg}v3p5)**-ZjYUGb?%Za7z&UaB~F8!35=bHeTsR!^TPCEqR%%`S6Uc|AfJQ2XTL|I
z<Q;KSb~sMK4yctJ%f^P2S>WqUU*%p{=@}7#+t-k?DT`p|PvXPEY6$B4Gd?jC8Xx|#
z);dGohJ<H$j+Qwp8n=tqF{hbk9Y?v8EVfGo*O{qDu^$1=)W@}~ZruEEp|`|x^Bhu?
z?iwAqu%8m?UG$w5!Ig2L-Ha~LJ67@<EVt>!u7$PMIgfB?>3-F<JV(U-NQr&qknLDk
z{nFNdVBqay-jUt{S^<CjY6u?=C=0$Pp9yDHgrUBR=|0;RL>Goz&AN(mLk;m84#HfF
zoJ&J3Vx-mQgilgm!#|^C<gfI6NHtz`5ZpyhLv4bm6cI8m&);+SnIrQY%z*kFIZx2f
zm}93c*p=W^##^4w#0C2fPIr@{Gs&>Ig~1>$CkS$N$2-kpto9!Zx~q7Jy$(WK9Xj-a
zAY~ve6CU=Ele+7R^0C|Wm`3eiUL(x-KGi6bj5qn#P028hC&6g^WTktcKX38@P)&M-
z;e;dx)0g{4x5L*-BpQ*F`DVG3rJ>N+2rR5q^2!8dN1vrc<<dg}#_cKs;P;mVETKc6
zxj!nw@rcd@_7H3R_S5+Th1HlZoBSeO&u*{dlpYOYyE3IQs#0bBEX8N&M@WJ3JgtSl
z2C2+&){!yh^h~-<l$hsuW3DQS17lKsrRj$DxMUdZ2UeFGDD+LGDnbd9xgX{Y4&DtL
zsM90@nHOWC{|<AHHnR-DD}4QVohAj}=rPD9NpoJkR342^**z9wtKFcde;2~UPh~R0
z>6YCDi{yR=4GA&Hme8Ds_xMJPo1!9qg55=45Cz6O9>Iz$lMSyUt+~4vSGV_IVlwD3
z#^OKwaHJ=xKjV-P(anbmR(Ut~J!Z4?26F5Y4jU$k^PbHTVe5br?Mdl`YlP}MWn~<{
z><vt|A98Ni<vRM6ZWp6a-B5vKx9s84@)$5qg@XfPSdrAAIRC)ZxiFiaAIm1A?s`9b
z0NkkmLCrVBR%IWFs-*3kKtTWRZ`#0zeFvtI$|jwmu3(@0=SOG5Dplgn*pL!i9cej&
z)y5?&_y9b2z*Bj0an@?F0<H9<HY4w3Duyw0a?!B)(*X^jAnk9-y1uQbh7Kc<_47WG
zDK$jR`gX<st4Q8g>m!pctP>8BH21s;V7<+h1ZwyC;mgGz0oliE>9=)(Iq2)E@!Nyz
zTcm(599#X(V;<35p>iU261n-QFbFW;pyr3r*ra;Q%Fe3?$<2pUYWq7yk@?1xCJLcU
zP;Vy0966{$^^nm3daDRJnkku6;L;iMz(s>LxUdbq%bKf6=h!(084a%)fwl122&gaH
z4<z{sI|ti4Bl8aQCb7hw-CoSU4se`Hn6VmS6{c`?7V~RuyO@0F0fR)LksR^Uiwvw}
zzY^qjCEjnu8t@S_ERNM<KvWf%HrnD-RSQJyv(he(<?F$f(bA2q4UwmM2x|-59(C`2
zKaeCt321&r@$jZ%rfZ-8smLXJ*JkdtbY9dbC`}1fR9a4pRXlA-e4r<Mg}2f<L+tZD
zq2zyuI6n16BfQrf#oN|pHP&_Uk2FX5ZI^&&tD#CNiig8JK7`Z?>!}c1eJdHl^LXBC
zNRvkJRF}T5N-IT6?~uwyifmJR(NtW~u1IDn*#N4v?PaXOMF#~Lt;NvRJAVt?G$0x~
z9rh1$bqY48aCW;R>+<f^Z}k58%PGL}!BGfM+w0`ASijY}p0Y(D(6vkO<BHYE+tT}Q
z^U8_{u2ZLo(E~orW0haR$)I6T6te3=7Si?$utDMCr4Dlt0k^jp8B;`Wz=v$W`{<!W
z#o@uEFokHI5}1ePfE34+UhhH0ygLigPqpHIMNlWN8W@aEZ^j6M>OOM?DHyn_%Q&Jx
z?lO&H_EvTf7M~zmt-$ldRR*2{vK>RRI?8`|g=Fd@>NFtKIUrXVz{#zn6gvQvR;-m2
z^5`Iga#Qi`ay^dt0Nv6bEO`l4m5h>22z)`VA!C|`L&5AW%_I;L2oHw}ygq=j0bZ^S
z&cvB4<gpR~TRYSfBF3*3=IV&Avj*7KBWXK~((5+SQbJq7EARw_1&e~O-81sN1_$QE
ztm>{dsS0&)yR<JG!lc*9i#toLH{ovd5N<?E*bFIbR@oDsB6Y>lRsr+%%pvcKf8>gF
zCji_oHHPfGg#xg$fB~A6ODo=1AC?J36a729ydNC)FDXqKyUfLJdFr@+ZWrES8Y+96
zD*v);js;j}u-3T!_>2Ta;^^(EAmp6fe9aJ2ycTy0ucTGBQ1sD+fg6^HRm3VZtdcll
za)${#BV&aO-6$s$;(L@@p6^|%TIQm!`}lejBvPqgF2DQ^@O{$j_d)1KL8O=g`_Gv#
zzHBCbO5XAEJJ#Y4cH2Bb`=C*GOH@Udy6phhUm(V^-G!5<Cf`u~r*IB#A#f0T5A~+z
z$vu<iLkbaaczhr>zDE_7J2s&yM1^0LY{Sm=#g?nBUVsR#y{5=GGMig;1oO}*THE-%
z7e_hgX}X)P4gya7YSPHrxZE+q@NOQPi^d})_}IdD^=tyzdl?IE6bG+&LO#C^d(%J3
z22kn>X=QO8DQ=#6_=^Qe26Gb&&o@1A=cHmE7WxMdT=Z>TZHrePW_rvWANGK#dZK4H
zI8~e!<TIS^YKx!VoSXy6wnhyp-P0<OxB4}Q-(sI6@T6jD-M^r@eQZpkx@oDxg`Q=H
zmEiMK1o!tH2Qp>xO>N6@T4grw?le7!NR^b9J3hX-lO5I!Tn)L!csMeO1*}hF9Ur}g
z&xnteK>b?54waWHW`t+W+QbXpO_v-NpXQ$s!x$~lPIB1g)BOIp@qS)li&c0yu|#^s
z)8{_@S-Rhqnhk=PNSGGnYm100Us_?v+$s~A3W{$a9C~V~o)oK$N)EN?b1`q@C5;97
zQ(59rGh~nj`1>m|?ikfhy|2IHJoEI@SuC0v(P`64e8Sfae(zdbYYU3r38i+BnQNnf
z#?zCHeL&}HoFR}I*WwwEq15kZ93+u#*+`*YWW#dL`6*<X^%9GuzfpJFkbm|<j%`YD
z7e8F&gYuCRV&}3m_GK3`-f+$meco#MOGhfmTD@&Ow1KJLA1anjR(#Q~);Av#mC~af
zjuq_{xFEJ%|G{thQbn^DL9e$=`#%d)&sfx5Q}yZST<uPmZTyPOM$}@t!OY&hZR-Fk
z!mySfVZhSa{R>~d<C9sQpb@wG8l!pF6zGyCviH+2r~3aI6LN-+FiJ#tZKhB%v2Y>Q
zfQy`g0CB(0ErKxxB7rU*ANxjX(b{<9S~f}tl71_Lxu2O6`oSDm(?9Cdnm4y9u1B{j
zngm5vB~MpEnVjCI-KeBt)ut@`7HlV6#jt#!N}sjYQl}SLq9?7``6HTxjw@)GUl7(<
z`ThPpmhs@gqpEP8C8uaBdfqcpP>-U(j4y8D;Lvg06-$YYq&Ml<90Udy{_b#REKCj%
zrr6^R(t`|%e+_SsD2*tRU2;HNB*dG3+)YJg|1@gN^Ld-;loTnEH!3!KktW$&$RK}9
z28<X4Yfvyc>_?`SxzoW(rRdmKvHrMF?ZbrVF{Pa{YEKP&Nx$ANLj6EjdFg9XG%Afv
z;(d=8cZa!~dM844j(KB+8`<pQ;yxK&6c;jN^qRK<X+02^$uB8}ei6l`$9{|Uh3H*O
zw4#B+3}gJQ1j9D=p?Er@fV=c;q!h&kM9OxX^z>@dD2v#Uk``d#D?f-@i~P5#l9;IJ
z#xjYE;2G-p>~Q?tXaPAac`@01O*Iig+kHkB{m{l~BpLaJQ9ZtdW)Fz{?dv>JA4+&D
z>k0Los|Kwh2Ge3*$#BoZAq&9fBjElop2}=i%4s%yrL{3|%1|_Yk>(!d1<O_^-xiK!
z);Wl~?WyXs2hGV>bSn20*OQ)N1AMIX{-d(Atb7=^B7PhxYQ@_wKUE|nFWH{@+)5um
z=u=`*nttoLih03S9%{o5_K&{2`Hl*vmmynl5iOxV@T1xDyX-Kb@_oLYEF4<8#L|g@
zzqzd=f`~ozl>HUzlLws->(YGZaP+7mz#yJ*tbX7AM?ezqu%)QKs67#ZkarSVieoKl
zZ}yck$|<SDM23041WF3o<*iM50qFTW-`Frc5ur-oE;r@R#ii}mY<tt0QNE7prwci9
zvCo((AU5ZZtfge$olN4>srDp3M&I!1?OxtWgAGtjTCbsewR;r}!nUegN3C*6T+Un7
z-(+PiiG~=w&&$skCOYuZ6F&R-%$d1RxG2W)r7)@WKRqtLA*g(Wg9jn}|5n{UBIJLI
o|Hrud*C+ofWB%6%7Ucg!)KvM1^p80R0Kor~5&!gRvVY(H4I^X0PXGV_

diff --git a/Solutions/ISC Bind/Package/createUiDefinition.json b/Solutions/ISC Bind/Package/createUiDefinition.json
index e93809f98f9..d494707607d 100644
--- a/Solutions/ISC Bind/Package/createUiDefinition.json	
+++ b/Solutions/ISC Bind/Package/createUiDefinition.json	
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/ISCBind/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -60,7 +60,7 @@
             "name": "dataconnectors1-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Solution installs the data connector for ISC Bind. You can get ISC Bind Syslog data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
+              "text": "This Solution installs the data connector for ISC Bind. You can get ISC Bind Syslog data in your Microsoft Sentinel workspace. Configure and enable this data connector in the Data Connector gallery after this Solution deploys. The logs will be received in the Syslog table in your Microsoft Sentinel / Azure Log Analytics workspace."
             }
           },
           {
diff --git a/Solutions/ISC Bind/Package/mainTemplate.json b/Solutions/ISC Bind/Package/mainTemplate.json
index 4715e172913..a2deb61d28c 100644
--- a/Solutions/ISC Bind/Package/mainTemplate.json	
+++ b/Solutions/ISC Bind/Package/mainTemplate.json	
@@ -212,8 +212,8 @@
                       "name": "Microsoft"
                     },
                     "support": {
-                      "tier": "microsoft",
-                      "name": "Microsoft",
+                      "tier": "Microsoft",
+                      "name": "Microsoft Corporation",
                       "email": "support@microsoft.com"
                     }
                   }
diff --git a/Solutions/ISC Bind/ReleaseNotes.md b/Solutions/ISC Bind/ReleaseNotes.md
new file mode 100644
index 00000000000..fedd8f71d41
--- /dev/null
+++ b/Solutions/ISC Bind/ReleaseNotes.md	
@@ -0,0 +1,5 @@
+| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                 |
+|-------------|--------------------------------|--------------------------------------------------------------------|
+| 3.0.0       | 09-10-2023                     |	 Corrected the links in the solution                            |
+         
+                                                                                                                 

From 75af05ae3a9c9bb236c6baf01bc9629d1a653f3b Mon Sep 17 00:00:00 2001
From: v-rusraut <v-rusraut@microsoft.com>
Date: Tue, 10 Oct 2023 16:13:36 +0530
Subject: [PATCH 4/4] updated createUiDefinition and zip

---
 Solutions/ISC Bind/Package/3.0.0.zip          | Bin 7491 -> 7494 bytes
 .../ISC Bind/Package/createUiDefinition.json  |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/Solutions/ISC Bind/Package/3.0.0.zip b/Solutions/ISC Bind/Package/3.0.0.zip
index d2df820fd320ea09eee18bf353467e737e74d4e6..0f167715fa27329b1ae8522d5b4531e4b9d5c336 100644
GIT binary patch
delta 1911
zcmV--2Z;E?I>tH|P)h>@6aWAK2mq6TN>|k4TI*Z~0060x7a)IaZyPrf{$8N}VX!?w
zk|FIn0g4`sOA0qG+5kx}h}{MU%Q#TGl*F35+#|VGl+-|fOMhB_$vwk;(XJ%>axXm~
zNVMc|UY>b4Gt9@&KO>6%<kGdwMRZ2d+WXR-B}u&!=b{iRnaje*;zMO+oSMAZbIED^
zBz`(8t-Momlf03%8-KReqR6zgZ0og3t#M}Q<MW`qr=bzPlh#2I3lEGn+oiA~mmWfp
z_{d9GOii&=tK9;YlzXQ>2%BMXDYTQ*Zf7B!N?l(Vi<xw(Ri$q%|3&31ayET7@6fSg
z6R(tCSBuI?3yYo+Vr)Vr_208gEUH541Yp6*<ds<&SMUA3-3yD|-D)1uMrD2t1Cv<+
zH-8H6JEJQO=#1u;<^}!!>u>ZnU^&>P>$kGj&c@u$xQ)1u_Tdn{m9mZVvQg%emzOWT
zQAL(CN`uZg&n7z`uGSLH=3)!K>H4-Xn}U>cRo}L_1rc518e6TeE=bqH6Dp<k0>tBZ
z84~5F^<zrqA!7L<P%*;{hv*u96Fa{1VSlsP#LA_yv8!akAx(CeK@D|WrWO(soDoM`
zQ?W_tm(EkGnY39sUSCNMPdspAPdM!kKd^ywmS9d4;4a%4IVz;z7<)_Jise$JlnF1U
zbn(L_{iBk0+kCgXh|4SIL2$yQBbArd+(}n!b~3H3@>?=MF6gIJlwzSY?k=)aQ-AKq
zB9m5c8P#2cS2A4}1_3~hZ~-!qvW5<zcc^%Ai)}%fEG4uQDNGf6T=hLo)8M2txg@h>
zIV7w*%a$Z42$UMGC~);nT@89n33Vjz>Po0qRaqMA6D?OlCrtsF@v07mP3RfG2fro(
zFj$8T&I9P;P{7!d$g)t;gl_W40e?cS!wws%ao(LV4kTi_K3_ri4E05ZTw_~nnTCVo
z%dNxGWal^NX^TC-Lo6NX6BL;O=Vz`yTc_s&`KA~3j<Jr5!;>kUoV*bhb*cVl$?I2a
zfO6)$SeVKm;p@SD3l6mQC-e&)YUytJ<A=K&o0)VHO?#!*Rf~SD?NwoHLVp36n#wnz
zt;*^uf8Cd$eh>L;n+x~4Yg$QXxo`EMgF?S-ZeYT<%#|XQE-72<i9p}-Z!0Yy(>74C
zFy{6#VRQtQ2FWGYil{Gmv-`O3L#9nCj>3gbD7XOZZ*bF98Ez3bv+q^L7q3+^rHu?F
zNO@XXlZX4sbOnTZ8%jq9#ecxN`$16AopNfSW!qpMaJ^0Fch*$pf&Zaie*2y)R>A$-
z+p4dq{n`9z74KSjM~!|jFEAi*+=%hj`MWNZzE^%*%HcTD(K<f2`FW{u!@M<mc*+=k
zr8tTx)V-zBJc!U@yF&~Gel0vnj)}_%gZs9@fC308!(0_)Hqec`UVqmc)_%PTW04(e
zS*-keJOFV#i8;c_^mK9)4WULyaQ+xc)`kb6=(}&PhRnn`<=4R??1LWT{^f)rl}$&z
z+wiFu=xb4`Su@BzdwTlxbawjZ+3AxJ96pxa&ZT2n+<amJUzj|{{CQzbd4U;WAg#qh
zY8F4vhEii?ZFE-8sDGCsKWJkQnBHSS28$WbFdL;cY0kSTbdM4}M!0{I5)OSGlYu+P
zX}CBt`$=e|JR~p|<+vu~xV|3a(eMI{Ch;AMPpOfc(6i^ngDgzAu{W=v(KdU?`~*`)
zvv!n!69|lzmwC`ra{C!KEE;{B*O<?vvw1X{5{rdXQyR^q>3=*5o*du3A3^oa9#5Iu
z%F67pM)VQem88B<L$sT=dSGBJ|7G#us+x9P_BfmNTJb<=p+zRIln>rKDk<xk<e<~-
z7xd$vJ;5aN-XHXv2k*xfq`yHcxIH*x%DQVFv=UawHd?~BrLrBPU0^i3MV((^KyC-$
znEr-=I2A=`JAd6cT#rQcL0pS4q8^#4yL%Kff_UduJd5DGECiBW&;5JWn_D)7oiGe)
z9+}0GNAJOVfyYj5wl3z^Nj<2C>%8C>L@L!CM!H66<F*gRAMrb(@LnP`d^$gDt#LF&
z`M&=-Y_*@pgju+P_W#TWd4vw4t_HR)d?;as10C|3Cx7)Y4LF;;<JofryaMt<s}GRl
zqr%sTIaqE;;M(_8YOIyIe%s(lk*Ot~e^5#cfD21(Hq1S{&9GLNxbQ&BED{dY+02_6
z{viy$n9s54q{v~;p}r&a-Gd59D&zpMO=(?m4EUk&hRImHD(?9Gu&Ui+>Y|{Qz!s12
z6aiReLVsg8#NmHW5<GfupZ?MGU?ayi`o;6$VbM6rqiR1N`-X!SpdR)9=L&BO_i0Zl
z);w!9?<>9^E)2omeRNa$eq%utWi@QpyYXe#8{(turLxYC|HGaQ295uVzCA@R#l+s8
z2#vQjzu8&dYw)2-w=oPFbTo*p{TL5KcB2%_92l|IPKE(f{DnXN1W-!@1QY-O00;nd
xfl9NR2O1R(lYvTC)Z$v}Tn7LEsguGSI0JNnN|XH@8v&7%866}BtQ-IU003StsMr7i

delta 1909
zcmV-*2a5Q{I>R~_P)h>@6aWAK2ml<5NmnlVCXHDK005|w7a)J@Zrer{{$HT)aKJ7g
z$&g4VK+%P<N#Vvt8zAWhvD;u_8H*7)lBOPVxHCg5N@}3b(nsr)?01G2k&^7qUb;Y#
zh;z=I>vt}bkDq@=6#dDiYnhAajH0#or8`TK`XtUpAyzV%g^$ID%E~x3c|&u_Y5XL9
zIxDTbQ*x8Muu_q@8GpLgqR6zgtn0N(t#M}Q<MSZ9C!t}!lh#2HGY^zC<Wg9XOAjV+
zeB>h>rlwe`)$RaC%Dqz`gw1fc6xzvYM_CA`QrBn3VJ2N_Rp}eee^L30oK2t2yXaW4
ziC4<6t3~Ccg+|X2;@AXF>c3}~I8=qy34#S9lUHVCTuu9XOACwL-D)1uMrD2t1(RC=
zH-8D!ozWFLbVhSa^MZc=^*4GOVmTnw^;=m>XJzhY+<IJl`>>1NO4<5(*$8vV%gYzv
zs3J=mp+RPxXOo=`S8EAlbFqcpbbVWxO+m`Js;^tz0*Eegjjq;K7r1NY36;`%0pPK}
z91`WIwPQ-<VZ`#oK*bzp7(~~wo7nK34S$=>CRQ$uja?-Rc4@MU8N^VBWoko0f-~Z1
zYbsU=`O<l6C6hKQ$LA~QVTniF*b+{=!w(Q}&l1#$0@!6eBS(ew8)I+DTd`cKlrrJP
zlrDa_q<>V>Zkz9x3ctK^9snm49jUyu=1#g=vXg0LmEV#<<br%kMJX0aqjr&{8h>&>
z7MZkq%Te8VcqP+yVc-Dx2nCP<ly&G3^e!r1+=479lcj`|B894A539Z>X&Q`lCYNNE
z%!h<^cUhAJ1QDeMD+*YBQ+I<NQbHfeyS@^-RaKV8`b5i>&`HxkW_+qcV-tFY-~(Ti
z5HM(m4$cGM;?TfYlgP5r(S&aD$bSxkuZtZBsd3(M7)Zo)eZGR|8QO~ssRmVRnTC7g
z%dNxFWM?+eX^TCxgDV~86ZDt@_h+uYTW9A2>82Mo#aPF^;mMRvPTmNMwp4#J=k+UA
zKsm!*EKKE(!1bWqf&s1m3H?HcQo2Ha{Bl>YnMo(nwAX1}wdl9nUK0ip0)GJ1RK5Xf
zRaQ6o>plndN625>RJhmO%t|`VeXS2&6#8XTfC(3wD@7_@QnuO?fwAS^R$4wLZ6IP{
z%<W^$7zip2oJ(#MQJ?W<_i^73nKr378ZHb%!S%mS;F+s36cNv|?^VWi*9w`^MurZg
zJT0xsLwPb>5kkEUoudoIz<;{?fm6|)a%!PvJ6|6#y-nzM)>P$z{h?ic`<@$C!Q<Q8
zsxPSh+5Bh)?<RN$js7SvuphAB@bT68yUvxqReoE_;WpC2IzG4gd8trg-Wol;WsJU3
z>_rsX-co7aLuj$xMGXCYEj&r~iMt2~_iYmc3PC^@=B^;Kfo#-z-G6Ra`t>SoMRu%Z
zvGVKjAc*5h%pOjrr<0p#7-|dz=Z}G8ZFmogzWerSh)ir#ejPMIKj1O$7bg^{Y&z;y
z!>1O|*P>LjW{-RJ^z`ZJ?DWsG(<dVsd@Q@2NyoCd`NRaiFnNyk^TL|)0xQCRTZ@I%
z%zhjVrN+tH=&W8*FMmURFvT8Fy@!Gf8Z%yDHcD&KoOe^`9wd5*aQ`MG9L72p19y<q
zP&hLCNob@zBrq4{xCZ37E|2kOSOB9*e8=olYWODf>^bos3l(nc%_~T>4Go!}V5w-%
zj^b|uhOzQ84{}N#KjQ{PqmT1C=JV)m9*w5NY~j|FM)PPokAH$C$Eo)th`!mwDPvn%
znH~0se#CYysn65^?WXM>*jLMc**v(brrnf1j;6g)JYZUAk;yCNgEfzG%6cU^m~{IM
z{kUaMu*kgk2lM8^`nUr3Hy8!C2Ukp4PtAi-!s1v*3;4EGwp+9dh-R~>vn%Y!?cN*H
z->?s-q6lNB+kb}Zm8iamvIraMk(IiuqnIOzXI{m-2=2>5AldcWzo)&avSHW>yP)Qc
zSuA<;9y}L#>(plJVt$;|dwMA61wSBCsqV1SH9{M+eNg_0-3f)~5@F!e`Qd1dqhXZq
z`=7&6`)Np+g%Y&?XFSLwa1eDjuyx}@3o9Jpkk>e=cYkSwv&lPNJx799fM00!0epN_
z_&PBM#|;Qv`<zORwNlql8@wnowZ!WWLWu+5!V#+td(Vy-&gvEy-e;Lb!XY}Fc{9U5
zgvA&8Ifzb*9O@kUJ5t}hrw~bn9Kg3Jtt<8cKNOxY8H-oN9X}sdwOI^ZG}IEY#Tz_@
z16G+Z7=I4q@V^HM-n_R@|7duyl4FE^^E`N1G)D5O+Rw+n;vfZ4k9z-cg*S%#w5JqH
zp0$$q1>X-3hQZ!_bX)rVV1XB9H5}Hv^<~yu;-l-Ovd)kH!<h{PjsJ_eJ;f}=#@^lt
zgSS<`*=gPz@L@=|J`4tQH1Mqb7!O!>s}%Db(HGWkh9Rc-3xECzP)h>@6aWAK2mpwS
vNwb~@8Wjy3i%C~5`X-H82LJ%5lf@i31Bi=Bk{ufXj*}c6BnGJ*00000%#5Sa

diff --git a/Solutions/ISC Bind/Package/createUiDefinition.json b/Solutions/ISC Bind/Package/createUiDefinition.json
index d494707607d..5f5020aa23f 100644
--- a/Solutions/ISC Bind/Package/createUiDefinition.json	
+++ b/Solutions/ISC Bind/Package/createUiDefinition.json	
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/ISCBind/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/ISCBind/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [ISC Bind](https://www.isc.org/bind/) solution for Microsoft Sentinel allows you to ingest ISC Bind logs to get better insights into your organization's network traffic data, DNS query data, traffic statistics and improves your security operation capabilities.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\n a. [Agent-based log collection (Syslog)](https://learn.microsoft.com/azure/sentinel/connect-syslog)\n\n**Data Connectors:** 1, **Parsers:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",