Azure · v-atulyadav · Oct 25, 2023 · Oct 23, 2023 · Oct 23, 2023 · Oct 23, 2023
@@ -2,7 +2,7 @@
     "id": "AtlassianBeaconAlerts",
     "title": "Atlassian Beacon Alerts",
     "publisher": "DEFEND Ltd.",
-    "descriptionMarkdown": "Custom Data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon into Microsoft Sentinel.",
+    "descriptionMarkdown": "Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.",
     "graphQueries": [
         {
             "baseQuery": "atlassian_beacon_alerts_CL",

@@ -2,7 +2,7 @@
   "Name": "Atlassian Beacon",
   "Author": "DEFEND Ltd.",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/AtlassianBeacon_Logo.svg\" width=\"75px\" height=\"75px\">",
-  "Description": "Custom Data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon into Microsoft Sentinel.",
+  "Description": "Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.",
   "Analytic Rules": [
     "Analytic Rules/AtlassianBeacon_High.yaml"
   ],

@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/AtlassianBeacon_Logo.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Atlassian%20Beacon/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nCustom Data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon into Microsoft Sentinel.\n\n**Data Connectors:** 1, **Analytic Rules:** 1, **Playbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/AtlassianBeacon_Logo.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \r \n • Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Atlassian%20Beacon/ReleaseNotes.md)\r \n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nAtlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.\n\n**Data Connectors:** 1, **Analytic Rules:** 1, **Playbooks:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",

@@ -58,6 +58,7 @@
     "playbookTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pl-',uniquestring(variables('_playbookContentId1'))))]",
     "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]",
     "_playbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','pl','-', uniqueString(concat(variables('_solutionId'),'-','Playbook','-',variables('_playbookContentId1'),'-', variables('playbookVersion1'))))]",
+    "blanks": "[replace('b', 'b', '')]",
     "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]"
   },
   "resources": [
@@ -98,10 +99,10 @@
                 "status": "Available",
                 "requiredDataConnectors": [
                   {
+                    "connectorId": "AtlassianBeaconAlerts",
                     "dataTypes": [
                       "atlassian_beacon_alerts_CL"
-                    ],
-                    "connectorId": "AtlassianBeaconAlerts"
+                    ]
                   }
                 ],
                 "eventGroupingSettings": {
@@ -113,10 +114,10 @@
                 "incidentConfiguration": {
                   "createIncident": true,
                   "groupingConfiguration": {
+                    "matchingMethod": "AllEntities",
                     "enabled": true,
-                    "lookbackDuration": "5h",
                     "reopenClosedIncident": false,
-                    "matchingMethod": "AllEntities"
+                    "lookbackDuration": "5h"
                   }
                 }
               }
@@ -188,7 +189,7 @@
                   "id": "[variables('_uiConfigId1')]",
                   "title": "Atlassian Beacon Alerts",
                   "publisher": "DEFEND Ltd.",
-                  "descriptionMarkdown": "Custom Data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon into Microsoft Sentinel.",
+                  "descriptionMarkdown": "Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.",
                   "graphQueries": [
                     {
                       "baseQuery": "atlassian_beacon_alerts_CL",
@@ -234,7 +235,7 @@
                         "scope": "Workspace"
                       },
                       {
-                        "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key)",
+                        "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).",
                         "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys",
                         "providerDisplayName": "Keys",
                         "requiredPermissions": {
@@ -338,7 +339,7 @@
         "connectorUiConfig": {
           "title": "Atlassian Beacon Alerts",
           "publisher": "DEFEND Ltd.",
-          "descriptionMarkdown": "Custom Data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon into Microsoft Sentinel.",
+          "descriptionMarkdown": "Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.",
           "graphQueries": [
             {
               "baseQuery": "atlassian_beacon_alerts_CL",
@@ -384,7 +385,7 @@
                 "scope": "Workspace"
               },
               {
-                "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key)",
+                "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).",
                 "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys",
                 "providerDisplayName": "Keys",
                 "requiredPermissions": {
@@ -476,8 +477,6 @@
               "name": "[[parameters('PlaybookName')]",
               "location": "[[variables('workspace-location-inline')]",
               "tags": {
-                "CreatedBy": "iCE Engineering Team",
-                "Description": "Logic app to recieve webhook from Atlassian Beacon and ingest the payload into Microsoft Sentinel's log analytics workspace",
                 "hidden-SentinelWorkspaceId": "[[variables('workspaceResourceId')]"
               },
               "dependsOn": [
@@ -597,7 +596,25 @@
                 }
               }
             }
-          ]
+          ],
+          "metadata": {
+            "title": "Atlassian Beacon Integration",
+            "description": "This Logic App recieves a webhook from Atlassian Beacon and ingest the payload into Microsoft Sentinel's log analytics workspace",
+            "prerequisites": [
+              "1. Log Analytics Workspace ID and Workspace Key. To get these secrets, login into your Microsoft Sentinel instance and navigate to Settings --> Workspace settings --> Agents"
+            ],
+            "postDeployment": [
+              "1. Please refer to the 'Configuration' part of the Data Connector once the solution is installed."
+            ],
+            "lastUpdateTime": "2023-10-10T16:38:49.064Z",
+            "releaseNotes": {
+              "version": "1.0",
+              "title": "[variables('blanks')]",
+              "notes": [
+                "Initial version"
+              ]
+            }
+          }
         },
         "packageKind": "Solution",
         "packageVersion": "[variables('_solutionVersion')]",
@@ -622,7 +639,7 @@
         "contentSchemaVersion": "3.0.0",
         "displayName": "Atlassian Beacon",
         "publisherDisplayName": "DEFEND Ltd.",
-        "descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p>Custom Data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon into Microsoft Sentinel.</p>\n<p><strong>Data Connectors:</strong> 1, <strong>Analytic Rules:</strong> 1, <strong>Playbooks:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "descriptionHtml": "<p><strong>Note:</strong> <em>There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</em></p>\n<p>Atlassian Beacon is a cloud product that is built for Intelligent threat detection across the Atlassian platforms (Jira, Confluence, and Atlassian Admin). This can help users detect, investigate and respond to risky user activity for the Atlassian suite of products. The solution is  a custom data connector from DEFEND Ltd. that is used to visualize the alerts ingested from Atlassian Beacon to Microsoft Sentinel via a Logic App.</p>\n<p><strong>Data Connectors:</strong> 1, <strong>Analytic Rules:</strong> 1, <strong>Playbooks:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
         "contentKind": "Solution",
         "contentProductId": "[variables('_solutioncontentProductId')]",
         "id": "[variables('_solutioncontentProductId')]",

@@ -1,6 +1,27 @@
 {
     "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
     "contentVersion": "1.0.0.0",
+    "metadata": {
+        "title": "Atlassian Beacon Integration",
+        "description": "This Logic App recieves a webhook from Atlassian Beacon and ingest the payload into Microsoft Sentinel's log analytics workspace",
+        "prerequisites": [
+            "1. Log Analytics Workspace ID and Workspace Key. To get these secrets, login into your Microsoft Sentinel instance and navigate to Settings --> Workspace settings --> Agents"
+        ],
+        "postDeployment": [
+            "1. Please refer to the 'Configuration' part of the Data Connector once the solution is installed."
+        ],
+        "lastUpdateTime": "2023-10-10T16:38:49.064Z",
+        "entities": [],
+        "tags": [],
+        "support": {
+            "name": "DEFEND Ltd.",
+            "tier": "Partner",
+            "link": "https://www.defend.co.nz/"
+        },
+        "author": {
+            "name": "DEFEND Ltd."
+        }
+    },
     "parameters": {
         "PlaybookName": {
             "defaultValue": "Atlassian-Beacon-Integration",
@@ -47,10 +68,7 @@
             "apiVersion": "2017-07-01",
             "name": "[parameters('PlaybookName')]",
             "location": "[resourceGroup().location]",
-            "tags": {
-                "CreatedBy": "iCE Engineering Team",
-                "Description": "Logic app to recieve webhook from Atlassian Beacon and ingest the payload into Microsoft Sentinel's log analytics workspace"
-            },
+            "tags": {},
             "dependsOn": [
                 "[resourceId('Microsoft.Web/connections', variables('azureloganalyticsdatacollectorConnectionName'))]"
             ],

@@ -0,0 +1,3 @@
+| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                       |
+|-------------|--------------------------------|--------------------------------------------------------------------------|
+| 3.0.0       | 24-10-2023                     | Initial solution release                                                 |