Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TrendMicro V1 Data Connector update document URL #11689

Merged
merged 4 commits into from
Jan 30, 2025
+54 −52
Merged

TrendMicro V1 Data Connector update document URL #11689

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
24c6d2e
update OLH URL
trend-nikov-tsai Jan 21, 2025
2c52447
Merge branch 'Azure:master' into master
V1ManagedServices Jan 21, 2025
64889ef
Solution packaged
v-prasadboke Jan 30, 2025
a84183b
Create ReleaseNotes.md
v-prasadboke Jan 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions Solutions/Trend Micro Vision One/Data Connectors/TrendMicroXDR.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,8 +95,7 @@
},
{
"name": "Trend Vision One API Token",
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://automation.trendmicro.com/xdr/home)."
}
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps)." }
]
},
"instructionSteps": [
Expand All @@ -110,7 +109,7 @@
},
{
"title": "",
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/ObtainingAPIKeys) to create an account and an API authentication token."
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps) to create an account and an API authentication token."
},
{
"title": "",
Expand Down
Binary file added Solutions/Trend Micro Vision One/Package/3.0.1.zip
View file
Open in desktop
Binary file not shown.
98 changes: 49 additions & 49 deletions Solutions/Trend Micro Vision One/Package/mainTemplate.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
},
"variables": {
"_solutionName": "Trend Micro Vision One",
"_solutionVersion": "3.0.0",
"_solutionVersion": "3.0.1",
"solutionId": "trendmicro.trend_micro_vision_one_xdr_mss",
"_solutionId": "[variables('solutionId')]",
"uiConfigId1": "TrendMicroXDR",
Expand Down Expand Up @@ -77,7 +77,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "Trend Micro Vision One data connector with template version 3.0.0",
"description": "Trend Micro Vision One data connector with template version 3.0.1",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('dataConnectorVersion1')]",
Expand Down Expand Up @@ -188,7 +188,7 @@
},
{
"name": "Trend Vision One API Token",
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://automation.trendmicro.com/xdr/home)."
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps)."
}
]
},
Expand All @@ -200,7 +200,7 @@
"description": ">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."
},
{
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/ObtainingAPIKeys) to create an account and an API authentication token."
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps) to create an account and an API authentication token."
},
{
"description": "**STEP 2 - Use the below deployment option to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Trend Vision One connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Trend Vision One API Authorization Token, readily available.",
Expand Down Expand Up @@ -419,7 +419,7 @@
},
{
"name": "Trend Vision One API Token",
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://automation.trendmicro.com/xdr/home)."
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps)."
}
]
},
Expand All @@ -431,7 +431,7 @@
"description": ">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."
},
{
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/ObtainingAPIKeys) to create an account and an API authentication token."
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps) to create an account and an API authentication token."
},
{
"description": "**STEP 2 - Use the below deployment option to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Trend Vision One connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Trend Vision One API Authorization Token, readily available.",
Expand Down Expand Up @@ -474,7 +474,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "TrendMicroXDROverview Workbook with template version 3.0.0",
"description": "TrendMicroXDROverview Workbook with template version 3.0.1",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('workbookVersion1')]",
Expand Down Expand Up @@ -560,7 +560,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "Create Incident for XDR Alerts_AnalyticalRules Analytics Rule with template version 3.0.0",
"description": "Create Incident for XDR Alerts_AnalyticalRules Analytics Rule with template version 3.0.1",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]",
Expand Down Expand Up @@ -588,100 +588,100 @@
"status": "Available",
"requiredDataConnectors": [
{
"connectorId": "TrendMicroXDR",
"dataTypes": [
"TrendMicro_XDR_WORKBENCH_CL"
],
"connectorId": "TrendMicroXDR"
]
}
],
"entityMappings": [
{
"entityType": "Account",
"fieldMappings": [
{
"identifier": "Name",
"columnName": "UserAccountName_s"
"columnName": "UserAccountName_s",
"identifier": "Name"
},
{
"identifier": "NTDomain",
"columnName": "UserAccountNTDomain_s"
"columnName": "UserAccountNTDomain_s",
"identifier": "NTDomain"
}
]
],
"entityType": "Account"
},
{
"entityType": "File",
"fieldMappings": [
{
"identifier": "Name",
"columnName": "FileName_s"
"columnName": "FileName_s",
"identifier": "Name"
},
{
"identifier": "Directory",
"columnName": "FileDirectory_s"
"columnName": "FileDirectory_s",
"identifier": "Directory"
}
]
],
"entityType": "File"
},
{
"entityType": "Process",
"fieldMappings": [
{
"identifier": "CommandLine",
"columnName": "ProcessCommandLine_s"
"columnName": "ProcessCommandLine_s",
"identifier": "CommandLine"
}
]
],
"entityType": "Process"
},
{
"entityType": "RegistryKey",
"fieldMappings": [
{
"identifier": "Key",
"columnName": "RegistryKey_s"
"columnName": "RegistryKey_s",
"identifier": "Key"
}
]
],
"entityType": "RegistryKey"
},
{
"entityType": "RegistryValue",
"fieldMappings": [
{
"identifier": "Name",
"columnName": "ProcessCommandLine_s"
"columnName": "ProcessCommandLine_s",
"identifier": "Name"
},
{
"identifier": "Value",
"columnName": "RegistryValue_s"
"columnName": "RegistryValue_s",
"identifier": "Value"
}
]
],
"entityType": "RegistryValue"
}
],
"eventGroupingSettings": {
"aggregationKind": "AlertPerResult"
},
"customDetails": {
"Provider": "alertProvider_s",
"PriorityScore": "priorityScore_d",
"ImpactScopeSummary": "impactScope_Summary_s",
"WorkbenchID": "workbenchId_s",
"WorkbenchLink": "workbenchLink_s",
"CreatedAt": "createdTime_t",
"PriorityScore": "priorityScore_d",
"WorkbenchName": "workbenchName_s",
"Severity": "severity_s",
"ImpactScopeSummary": "impactScope_Summary_s",
"XDRCustomerID": "xdrCustomerID_g",
"WorkbenchName": "workbenchName_s",
"Provider": "alertProvider_s"
"CreatedAt": "createdTime_t"
},
"alertDetailsOverride": {
"alertDisplayNameFormat": "{{workbenchName_s}}",
"alertDescriptionFormat": "{{description_s}}",
"alertSeverityColumnName": "Severity"
"alertSeverityColumnName": "Severity",
"alertDescriptionFormat": "{{description_s}}"
},
"incidentConfiguration": {
"createIncident": true,
"groupingConfiguration": {
"groupByCustomDetails": [
"WorkbenchID"
],
"lookbackDuration": "5m",
"matchingMethod": "Selected",
"enabled": true,
"reopenClosedIncident": false
"lookbackDuration": "5m",
"reopenClosedIncident": false,
"groupByCustomDetails": [
"WorkbenchID"
]
}
}
}
Expand Down Expand Up @@ -731,7 +731,7 @@
"apiVersion": "2023-04-01-preview",
"location": "[parameters('workspace-location')]",
"properties": {
"version": "3.0.0",
"version": "3.0.1",
"kind": "Solution",
"contentSchemaVersion": "3.0.0",
"displayName": "Trend Micro Vision One",
Expand Down
3 changes: 3 additions & 0 deletions Solutions/Trend Micro Vision One/ReleaseNotes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|-------------|--------------------------------|---------------------------------------------|
| 3.0.1 | 30-01-2025 | Updated hyperlink in **Data Connector** |
Loading