MS 365 packaged

Solutions/Microsoft 365/Data/Solution_Office365.json

@@ -52,7 +52,7 @@
        "Analytic Rules/sharepoint_file_transfer_above_threshold.yaml"
   ],
   "BasePath": "C:\\GitHub\\Azure-Sentinel\\solutions\\Microsoft 365",
-  "Version": "3.0.3",
+  "Version": "3.0.5",
   "Metadata": "SolutionMetadata.json",
   "TemplateSpec": true,
   "StaticDataConnectorIds": [

Solutions/Microsoft 365/Package/createUiDefinition.json

@@ -208,7 +208,7 @@
                 "name": "analytic3-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies anomalous increases in Exchange mail items accessed operations.\nThe query leverages KQL built-in anomaly detection algorithms to find large deviations from baseline patterns.\nSudden increases in execution frequency of sensitive actions should be further investigated for malicious activity.\nManually change scorethreshold from 1.5 to 3 or higher to reduce the noise based on outliers flagged from the query criteria.\nRead more about MailItemsAccessed- https://docs.microsoft.com/microsoft-365/compliance/advanced-audit?view=o365-worldwide#mailitemsaccessed"
+                  "text": "Identifies anomalous increases in Exchange mail items accessed operations.\nThe query leverages KQL built-in anomaly detection algorithms to find large deviations from baseline patterns.\nSudden increases in execution frequency of sensitive actions should be further investigated for malicious activity.\nManually change scorethreshold from 1.5 to 3 or higher to reduce the noise based on outliers flagged from the query criteria.\nRead more about MailItemsAccessed- https://learn.microsoft.com/en-us/purview/audit-log-investigate-accounts"
                 }
               }
             ]