Skip to content

Commit

Permalink
Merge pull request #11689 from V1ManagedServices/master
Browse files Browse the repository at this point in the history 
TrendMicro V1 Data Connector update document URL
  • Loading branch information
@v-prasadboke
v-prasadboke authored Jan 30, 2025
2 parents 7c63b63 + a84183b commit 7c20a61
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 52 deletions.
5 changes: 2 additions & 3 deletions Solutions/Trend Micro Vision One/Data Connectors/TrendMicroXDR.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,8 +95,7 @@
},
{
"name": "Trend Vision One API Token",
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://automation.trendmicro.com/xdr/home)."
}
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps)." }
]
},
"instructionSteps": [
Expand All @@ -110,7 +109,7 @@
},
{
"title": "",
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/ObtainingAPIKeys) to create an account and an API authentication token."
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps) to create an account and an API authentication token."
},
{
"title": "",
Expand Down
Binary file added Solutions/Trend Micro Vision One/Package/3.0.1.zip
View file
Binary file not shown.
98 changes: 49 additions & 49 deletions Solutions/Trend Micro Vision One/Package/mainTemplate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
},
"variables": {
"_solutionName": "Trend Micro Vision One",
"_solutionVersion": "3.0.0",
"_solutionVersion": "3.0.1",
"solutionId": "trendmicro.trend_micro_vision_one_xdr_mss",
"_solutionId": "[variables('solutionId')]",
"uiConfigId1": "TrendMicroXDR",
Expand Down Expand Up @@ -77,7 +77,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "Trend Micro Vision One data connector with template version 3.0.0",
"description": "Trend Micro Vision One data connector with template version 3.0.1",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('dataConnectorVersion1')]",
Expand Down Expand Up @@ -188,7 +188,7 @@
},
{
"name": "Trend Vision One API Token",
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://automation.trendmicro.com/xdr/home)."
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps)."
}
]
},
Expand All @@ -200,7 +200,7 @@
"description": ">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."
},
{
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/ObtainingAPIKeys) to create an account and an API authentication token."
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps) to create an account and an API authentication token."
},
{
"description": "**STEP 2 - Use the below deployment option to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Trend Vision One connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Trend Vision One API Authorization Token, readily available.",
Expand Down Expand Up @@ -419,7 +419,7 @@
},
{
"name": "Trend Vision One API Token",
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://automation.trendmicro.com/xdr/home)."
"description": "A Trend Vision One API Token is required. See the documentation to learn more about the [Trend Vision One API](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps)."
}
]
},
Expand All @@ -431,7 +431,7 @@
"description": ">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."
},
{
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/ObtainingAPIKeys) to create an account and an API authentication token."
"description": "**STEP 1 - Configuration steps for the Trend Vision One API**\n\n [Follow these instructions](https://docs.trendmicro.com/documentation/article/trend-vision-one-api-keys-third-party-apps) to create an account and an API authentication token."
},
{
"description": "**STEP 2 - Use the below deployment option to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Trend Vision One connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Trend Vision One API Authorization Token, readily available.",
Expand Down Expand Up @@ -474,7 +474,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "TrendMicroXDROverview Workbook with template version 3.0.0",
"description": "TrendMicroXDROverview Workbook with template version 3.0.1",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('workbookVersion1')]",
Expand Down Expand Up @@ -560,7 +560,7 @@
"[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
],
"properties": {
"description": "Create Incident for XDR Alerts_AnalyticalRules Analytics Rule with template version 3.0.0",
"description": "Create Incident for XDR Alerts_AnalyticalRules Analytics Rule with template version 3.0.1",
"mainTemplate": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]",
Expand Down Expand Up @@ -588,100 +588,100 @@
"status": "Available",
"requiredDataConnectors": [
{
"connectorId": "TrendMicroXDR",
"dataTypes": [
"TrendMicro_XDR_WORKBENCH_CL"
],
"connectorId": "TrendMicroXDR"
]
}
],
"entityMappings": [
{
"entityType": "Account",
"fieldMappings": [
{
"identifier": "Name",
"columnName": "UserAccountName_s"
"columnName": "UserAccountName_s",
"identifier": "Name"
},
{
"identifier": "NTDomain",
"columnName": "UserAccountNTDomain_s"
"columnName": "UserAccountNTDomain_s",
"identifier": "NTDomain"
}
]
],
"entityType": "Account"
},
{
"entityType": "File",
"fieldMappings": [
{
"identifier": "Name",
"columnName": "FileName_s"
"columnName": "FileName_s",
"identifier": "Name"
},
{
"identifier": "Directory",
"columnName": "FileDirectory_s"
"columnName": "FileDirectory_s",
"identifier": "Directory"
}
]
],
"entityType": "File"
},
{
"entityType": "Process",
"fieldMappings": [
{
"identifier": "CommandLine",
"columnName": "ProcessCommandLine_s"
"columnName": "ProcessCommandLine_s",
"identifier": "CommandLine"
}
]
],
"entityType": "Process"
},
{
"entityType": "RegistryKey",
"fieldMappings": [
{
"identifier": "Key",
"columnName": "RegistryKey_s"
"columnName": "RegistryKey_s",
"identifier": "Key"
}
]
],
"entityType": "RegistryKey"
},
{
"entityType": "RegistryValue",
"fieldMappings": [
{
"identifier": "Name",
"columnName": "ProcessCommandLine_s"
"columnName": "ProcessCommandLine_s",
"identifier": "Name"
},
{
"identifier": "Value",
"columnName": "RegistryValue_s"
"columnName": "RegistryValue_s",
"identifier": "Value"
}
]
],
"entityType": "RegistryValue"
}
],
"eventGroupingSettings": {
"aggregationKind": "AlertPerResult"
},
"customDetails": {
"Provider": "alertProvider_s",
"PriorityScore": "priorityScore_d",
"ImpactScopeSummary": "impactScope_Summary_s",
"WorkbenchID": "workbenchId_s",
"WorkbenchLink": "workbenchLink_s",
"CreatedAt": "createdTime_t",
"PriorityScore": "priorityScore_d",
"WorkbenchName": "workbenchName_s",
"Severity": "severity_s",
"ImpactScopeSummary": "impactScope_Summary_s",
"XDRCustomerID": "xdrCustomerID_g",
"WorkbenchName": "workbenchName_s",
"Provider": "alertProvider_s"
"CreatedAt": "createdTime_t"
},
"alertDetailsOverride": {
"alertDisplayNameFormat": "{{workbenchName_s}}",
"alertDescriptionFormat": "{{description_s}}",
"alertSeverityColumnName": "Severity"
"alertSeverityColumnName": "Severity",
"alertDescriptionFormat": "{{description_s}}"
},
"incidentConfiguration": {
"createIncident": true,
"groupingConfiguration": {
"groupByCustomDetails": [
"WorkbenchID"
],
"lookbackDuration": "5m",
"matchingMethod": "Selected",
"enabled": true,
"reopenClosedIncident": false
"lookbackDuration": "5m",
"reopenClosedIncident": false,
"groupByCustomDetails": [
"WorkbenchID"
]
}
}
}
Expand Down Expand Up @@ -731,7 +731,7 @@
"apiVersion": "2023-04-01-preview",
"location": "[parameters('workspace-location')]",
"properties": {
"version": "3.0.0",
"version": "3.0.1",
"kind": "Solution",
"contentSchemaVersion": "3.0.0",
"displayName": "Trend Micro Vision One",
Expand Down
3 changes: 3 additions & 0 deletions Solutions/Trend Micro Vision One/ReleaseNotes.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|-------------|--------------------------------|---------------------------------------------|
| 3.0.1 | 30-01-2025 | Updated hyperlink in **Data Connector** |

0 comments on commit 7c20a61

Please sign in to comment.