Update CiscoSEG and Infoblox package templates#14497
Open
v-sabiraj wants to merge 5 commits into
Open
Conversation
Sync and adjust solution templates for CiscoSEG and Infoblox NIOS: update solution/template versions (CiscoSEG -> 3.0.3, Infoblox -> 3.0.4), refresh package zip binaries, and update many resource descriptions to match the new template versions. Also normalize entityMappings order, fix requiredDataConnectors structure (move/keep connectorId with datatypes) and upgrade savedSearches apiVersion to 2025-07-01 where applicable.
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates generated package templates for the CiscoSEG and Infoblox NIOS Microsoft Sentinel solutions to align solution/template versions and adjust resource metadata (descriptions, API versions, connector schema structure).
Changes:
- Updated solution/template version strings across both solutions’
mainTemplate.json. - Normalized some metadata structures (e.g.,
requiredDataConnectors,entityMappingsordering) and refreshed many resource descriptions. - Updated multiple
savedSearchesresources to use a newer ARMapiVersion.
Reviewed changes
Copilot reviewed 2 out of 4 changed files in this pull request and generated 7 comments.
| File | Description |
|---|---|
| Solutions/Infoblox NIOS/Package/mainTemplate.json | Updates solution version references, resource descriptions, required connector schema ordering, and bumps savedSearches apiVersion. |
| Solutions/CiscoSEG/Package/mainTemplate.json | Updates solution version references, resource descriptions, reorders entityMappings, and bumps savedSearches apiVersion for hunting/parsers. |
Bump solution/template versions for CiscoSEG and Infoblox NIOS to 3.0.5. Updated _solutionVersion/version fields and corresponding descriptions for analytic rules, hunting queries, parsers, workbooks and watchlists in each mainTemplate.json, and replaced the packaged 3.0.5 zip blobs.
Rename Analytic Rules/CiscoSEGUnexpextedAttachment.yaml to CiscoSEGUnexpectedAttachment.yaml (fix typo) and remove executable bit; update Solution_CiscoSEG.json to reference the new filename and bump Version to 3.0.5; update packaged 3.0.5.zip and mainTemplate.json description to reflect the corrected rule name and version.
|
Hello how are you I am GitHub bot |
Comment on lines
41
to
44
| "BasePath": "C:\\GitHub\\azure-sentinel\\Solutions\\CiscoSEG", | ||
| "Version": "3.0.3", | ||
| "Version": "3.0.5", | ||
| "TemplateSpec": true, | ||
| "Is1PConnector": false |
| "Metadata": "SolutionMetadata.json", | ||
| "BasePath": "C:\\GitHub\\azure-sentinel\\Solutions\\CiscoSEG", | ||
| "Version": "3.0.3", | ||
| "Version": "3.0.5", |
| { | ||
| "name": "[variables('parserObject1')._parserName1]", | ||
| "apiVersion": "2022-10-01", | ||
| "apiVersion": "2025-07-01", |
Bump analytic rule version and product id from 1.0.2 to 1.0.3 for the DNS solution, update savedSearches resources to apiVersion 2025-07-01, and apply structural/fmt adjustments to entity mappings and requiredDataConnectors ordering in mainTemplate.json. Also update the packaged 3.0.1.zip to include these changes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sync and adjust solution templates for CiscoSEG and Infoblox NIOS: update solution/template versions (CiscoSEG -> 3.0.3, Infoblox -> 3.0.4), refresh package zip binaries, and update many resource descriptions to match the new template versions. Also normalize entityMappings order, fix requiredDataConnectors structure (move/keep connectorId with datatypes) and upgrade savedSearches apiVersion to 2025-07-01 where applicable.
Required items, please complete
Change(s):
Reason for Change(s):
Version Updated:
Testing Completed:
Checked that the validations are passing and have addressed any issues that are present:
Guidance <- remove section before submitting
Before submitting this PR please ensure that you have read the following sections and filled out the changes, reason for change and testing complete sections:
Thank you for your contribution to the Microsoft Sentinel Github repo.
Change(s):
Reason for Change(s):
Version updated:
Testing Completed:
Note: If updating a detection, you must update the version field.
Checked that the validations are passing and have addressed any issues that are present:
Note: Let us know if you have tried fixing the validation error and need help.