Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release #189

Draft
wants to merge 74 commits into
base: master
Choose a base branch
from
Draft

Release #189

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
74 commits
Select commit Hold shift + click to select a range
6ccb3ef
Release '0.6.2' (#31)
pkhabazi Jan 29, 2020
6f80f4d
Release Update Incident function (#37)
pkhabazi Feb 20, 2020
acc8b21
Release Feature playbook configuration (#33)
pkhabazi Feb 22, 2020
a9e559b
Fix/smallconflicts (#40)
pkhabazi Feb 24, 2020
2c138a5
fixing Subscribtion parameter for playbook (#43)
pkhabazi Feb 26, 2020
973b4c2
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Feb 26, 2020
bf07860
fixing Subscribtion parameter for playbook (#45)
pkhabazi Feb 26, 2020
19395a7
Fix- get-Azsentinalhuntingrule - Cannot validate argument on paramete…
pkhabazi Mar 15, 2020
6406bde
Fix - new-azsentinelalertrule playbook property (#49)
pkhabazi Mar 15, 2020
9007362
Feature - get all incidents (#51)
pkhabazi Mar 26, 2020
4d423a1
fixing logicapp sas token (#52)
pkhabazi Mar 26, 2020
8b1e50d
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Mar 27, 2020
10331af
Add support for day time periods (#61)
pemontto Apr 16, 2020
969cf29
Add missing dot to yml file extension (#59)
NVolcz Apr 16, 2020
4ecb7ea
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Apr 20, 2020
d79f8d5
adding support for resource provider in set-azsentinel (#69)
pkhabazi May 7, 2020
1f38c8c
New function for enabling and disabling Alert rules (#71)
pkhabazi May 7, 2020
19a63bd
New feature change the displayName of an alert (#68)
pkhabazi Jun 10, 2020
472e064
Handle nextLink for Playbooks (#78)
stehod Jun 26, 2020
3272c3c
adding support for alert aggregation (#65)
pkhabazi Jun 26, 2020
c4b3a00
Merge branch 'master' into development
pkhabazi Jun 26, 2020
2bd5ff5
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Jun 29, 2020
eb36838
Update groupingConfiguration.ps1 (#87)
ThijsLecomte Aug 27, 2020
4d9376a
Fix bug that causes loss of certain incident properties, add option t…
jholtmann Sep 7, 2020
f86f8d3
Feature - Adding support for all alert rule types (#90)
pkhabazi Sep 15, 2020
88b234b
New Functionality to get alert rule templates provided by Microsoft (…
ramirezversion Sep 16, 2020
ddc9c0a
Update/get az sentinel alert rule templates (#95)
pkhabazi Sep 18, 2020
ec36613
Feature/add az sentinel incident comment (#96)
pkhabazi Sep 18, 2020
d869e7f
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Sep 21, 2020
e69f329
fixing class error (#99)
pkhabazi Sep 22, 2020
dbc5514
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Sep 22, 2020
1fdb1ff
updating example files, ncluding multi rule yaml file (#104)
pkhabazi Sep 24, 2020
e4c37e8
Fix - Get-AzSentinelAlertRuleAction doesn't return playbookName (#102)
pkhabazi Sep 24, 2020
c3cfca2
init release Get-AzSentinelDataConnector function (#103)
pkhabazi Sep 24, 2020
91ea0e3
Fix - get-azsentinelhuntingrule updated get and remove function (#106)
pkhabazi Sep 24, 2020
2a19b51
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Sep 29, 2020
c1a5db0
Add filtering by lastModified (#107)
pemontto Sep 30, 2020
6be4a6e
updating AggregationKind class and enum (#111)
pkhabazi Oct 5, 2020
b7816d4
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Oct 5, 2020
83c4013
Release of Import-AzSentinelDataConnector function (#116)
pkhabazi Oct 8, 2020
417b86c
extra check for Import-AzSentinelDataConnector
pkhabazi Oct 8, 2020
c8e1f51
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Oct 8, 2020
46a8417
fixing class issue (#118)
pkhabazi Oct 16, 2020
94af32c
New function: Export-AzSentinel (#121)
pkhabazi Oct 20, 2020
7c6a0fe
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Oct 20, 2020
a4cd0be
fixing SeveritiesFilter issue for MicrosoftSecurityIncidentCreation (…
pkhabazi Oct 21, 2020
82062b4
updating Get-AzSentinelAlertRule function and docs (#125)
pkhabazi Oct 21, 2020
f467cd7
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Oct 22, 2020
c804870
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Nov 10, 2020
1bc9c89
modified token expiration logic (#135)
john-crouch Nov 10, 2020
8fa4c6a
fixing small issues (#136)
pkhabazi Nov 10, 2020
b321bfe
Fixing issue when switching from subscription (#140)
pkhabazi Nov 17, 2020
f8a4cbe
Fixing issue with Fusion rules (#143)
pkhabazi Nov 18, 2020
ee34dcf
MSSP Playbook (#142)
pkhabazi Nov 19, 2020
6328aca
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Nov 19, 2020
418581a
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Nov 19, 2020
19844eb
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Dec 3, 2020
7a1bf34
Prevent null reference of non-required argument; fixes #148 (#149)
lukiffer Dec 3, 2020
6e9c232
Add support for FileHash entity (#147)
pemontto Dec 3, 2020
b42e8a6
update enums folder name (#156)
pkhabazi Dec 9, 2020
acb3126
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Dec 9, 2020
f21cc7d
Updating alertrule output format (#157)
pkhabazi Dec 14, 2020
8e3fe1b
adding support for AlertRuleTemplate property (#160)
pkhabazi Dec 14, 2020
389ca1b
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Dec 16, 2020
d370c18
Follow official api schema (#162)
wadstromtech Dec 22, 2020
9b38eb6
fixing playbook reference (#163)
pkhabazi Dec 22, 2020
b714ad7
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Dec 30, 2020
789d44d
Add Office 365 Data Connector (#154)
wez3 Dec 30, 2020
9f6143b
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Jan 23, 2021
ce51766
Typo xported -> exported (#169)
nodauf Feb 2, 2021
8058e5a
Hunting rules function updated (#170)
pkhabazi Feb 2, 2021
8b2903e
Merge branch 'master' of github.com:wortell/AZSentinel into development
pkhabazi Feb 18, 2021
17e0704
updating the group entity properties (#188)
pkhabazi Aug 2, 2021
da54820
Error when multiple rules with the same name is found (#178)
pkhabazi Aug 2, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added .DS_Store
View file
Open in desktop
Binary file not shown.
4 changes: 4 additions & 0 deletions AzSentinel/Public/New-AzSentinelAlertRule.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,10 @@ function New-AzSentinelAlertRule {

try {
$content = Get-AzSentinelAlertRule @arguments -RuleName $DisplayName -ErrorAction Stop

if ($content.count -gt 1) {
Write-Error "Multiple Rules with the name: '$($DisplayName)' found on workspace: '$($WorkspaceName)' "
}
}
catch {
Write-Error $_.Exception.Message
Expand Down
18 changes: 16 additions & 2 deletions AzSentinel/enums/GroupByEntities.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,21 @@
enum GroupByEntities {
Account
Ip
Host
Url
IP
Malware
File
Process
CloudApplication
DNS
AzureResource
FileHash
RegistryKey
RegistryValue
SecurityGroup
URL
IoTDevice
Mailbox
MailCluster
MailMessage
SubmissionMail
}