Merge pull request #11592 from YohaiCP/add-cloudguard-solution

CloudGuard - Updated connector name + folder name
Azure · Dec 23, 2024 · 5909d37 · 5909d37
2 parents ef2003c + c3f6a08
commit 5909d37
Show file tree

Hide file tree

Showing 12 changed files with 16 additions and 16 deletions.
diff --git a/...ectors/CloudGuard_ccp/CloudGuard_DCR.json → ...ectors/CloudGuard_ccp/CloudGuard_DCR.json b/...ectors/CloudGuard_ccp/CloudGuard_DCR.json → ...ectors/CloudGuard_ccp/CloudGuard_DCR.json
diff --git a/...p/CloudGuard_DataConnectorDefinition.json → ...p/CloudGuard_DataConnectorDefinition.json b/...p/CloudGuard_DataConnectorDefinition.json → ...p/CloudGuard_DataConnectorDefinition.json
@@ -7,7 +7,7 @@
   "properties": {
     "connectorUiConfig": {
       "id": "CloudGuardCCPDefinition",
-      "title": "CloudGuard CNAPP Security Events",
+      "title": "Check Point CloudGuard CNAPP Connector for Microsoft Sentinel",
       "publisher": "CheckPoint",
       "descriptionMarkdown": "The [CloudGuard](https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation) data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries.",
       "graphQueriesTableName": "CloudGuard_SecurityEvents_CL",

diff --git a/...udGuard_ccp/CloudGuard_PollingConfig.json → ...udGuard_ccp/CloudGuard_PollingConfig.json b/...udGuard_ccp/CloudGuard_PollingConfig.json → ...udGuard_ccp/CloudGuard_PollingConfig.json
@@ -32,7 +32,7 @@
         "Accept": "application/json",
         "Content-type": "application/json",
         "User-Agent": "Sentinel-CloudGuard",
-        "Version": "1.0.0"
+        "Version": "[variables('dataConnectorCCPVersion')]"
       }
     },
     "paging": {

diff --git a/...ors/CloudGuard_ccp/CloudGuard_Tables.json → ...ors/CloudGuard_ccp/CloudGuard_Tables.json b/...ors/CloudGuard_ccp/CloudGuard_Tables.json → ...ors/CloudGuard_ccp/CloudGuard_Tables.json
diff --git a/... CloudGuard/Data/Solution_CloudGuard.json → ...Guard CNAPP/Data/Solution_CloudGuard.json b/... CloudGuard/Data/Solution_CloudGuard.json → ...Guard CNAPP/Data/Solution_CloudGuard.json
@@ -1,5 +1,5 @@
 {
-  "Name": "Check Point CloudGuard",
+  "Name": "Check Point CloudGuard CNAPP",
   "Author": "Checkpoint - [email protected]",
   "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/CloudGuardLogo.svg\" width=\"75px\" height=\"75px\">",
   "Description": "The [CloudGuard](https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation) data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries",

diff --git a/Solutions/Check Point CloudGuard CNAPP/Package/3.0.0.zip b/Solutions/Check Point CloudGuard CNAPP/Package/3.0.0.zip
diff --git a/...loudGuard/Package/createUiDefinition.json → ...ard CNAPP/Package/createUiDefinition.json b/...loudGuard/Package/createUiDefinition.json → ...ard CNAPP/Package/createUiDefinition.json
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/CloudGuardLogo.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Check%20Point%20CloudGuard/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [CloudGuard](https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation) data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries\n\n**Data Connectors:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/CloudGuardLogo.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Check%20Point%20CloudGuard%20CNAPP/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [CloudGuard](https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation) data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries\n\n**Data Connectors:** 1\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -60,7 +60,7 @@
             "name": "dataconnectors1-text",
             "type": "Microsoft.Common.TextBlock",
             "options": {
-              "text": "This Solution installs the data connector for Check Point CloudGuard. You can get Check Point CloudGuard data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
+              "text": "This Solution installs the data connector for Check Point CloudGuard CNAPP. You can get Check Point CloudGuard CNAPP data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view."
             }
           },
           {

diff --git a/...oint CloudGuard/Package/mainTemplate.json → ...loudGuard CNAPP/Package/mainTemplate.json b/...oint CloudGuard/Package/mainTemplate.json → ...loudGuard CNAPP/Package/mainTemplate.json
@@ -3,7 +3,7 @@
   "contentVersion": "1.0.0.0",
   "metadata": {
     "author": "Checkpoint - [email protected]",
-    "comments": "Solution template for Check Point CloudGuard"
+    "comments": "Solution template for Check Point CloudGuard CNAPP"
   },
   "parameters": {
     "location": {
@@ -46,7 +46,7 @@
   "variables": {
     "email": "[email protected]",
     "_email": "[variables('email')]",
-    "_solutionName": "Check Point CloudGuard",
+    "_solutionName": "Check Point CloudGuard CNAPP",
     "_solutionVersion": "3.0.0",
     "solutionId": "checkpoint-cloudguard.checkpoint-sentinel-solutions-cloud-guard",
     "_solutionId": "[variables('solutionId')]",
@@ -72,7 +72,7 @@
       ],
       "properties": {
         "contentId": "[variables('_dataConnectorContentIdConnectorDefinition1')]",
-        "displayName": "CloudGuard CNAPP Security Events",
+        "displayName": "Check Point CloudGuard CNAPP Connector for Microsoft Sentinel",
         "contentKind": "DataConnector",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
@@ -89,7 +89,7 @@
               "properties": {
                 "connectorUiConfig": {
                   "id": "CloudGuardCCPDefinition",
-                  "title": "CloudGuard CNAPP Security Events",
+                  "title": "Check Point CloudGuard CNAPP Connector for Microsoft Sentinel",
                   "publisher": "CheckPoint",
                   "descriptionMarkdown": "The [CloudGuard](https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation) data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries.",
                   "graphQueriesTableName": "CloudGuard_SecurityEvents_CL",
@@ -744,7 +744,7 @@
       "properties": {
         "connectorUiConfig": {
           "id": "CloudGuardCCPDefinition",
-          "title": "CloudGuard CNAPP Security Events",
+          "title": "Check Point CloudGuard CNAPP Connector for Microsoft Sentinel",
           "publisher": "CheckPoint",
           "descriptionMarkdown": "The [CloudGuard](https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation) data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based [ingestion time transformations](https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview) which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries.",
           "graphQueriesTableName": "CloudGuard_SecurityEvents_CL",
@@ -898,14 +898,14 @@
       ],
       "properties": {
         "contentId": "[variables('_dataConnectorContentIdConnections1')]",
-        "displayName": "CloudGuard CNAPP Security Events",
+        "displayName": "Check Point CloudGuard CNAPP Connector for Microsoft Sentinel",
         "contentKind": "ResourcesDataConnector",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('dataConnectorCCPVersion')]",
           "parameters": {
             "connectorDefinitionName": {
-              "defaultValue": "CloudGuard CNAPP Security Events",
+              "defaultValue": "Check Point CloudGuard CNAPP Connector for Microsoft Sentinel",
               "type": "string",
               "minLength": 1
             },
@@ -1004,7 +1004,7 @@
                     "Accept": "application/json",
                     "Content-type": "application/json",
                     "User-Agent": "Sentinel-CloudGuard",
-                    "Version": "1.0.0"
+                    "Version": "[variables('dataConnectorCCPVersion')]"
                   }
                 },
                 "paging": {
@@ -1039,9 +1039,9 @@
         "version": "3.0.0",
         "kind": "Solution",
         "contentSchemaVersion": "3.0.0",
-        "displayName": "Check Point CloudGuard",
+        "displayName": "Check Point CloudGuard CNAPP",
         "publisherDisplayName": "Check Point",
-        "descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Check%20Point%20CloudGuard/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p>The <a href=\"https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation\">CloudGuard</a> data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based <a href=\"https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview\">ingestion time transformations</a> which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries</p>\n<p><strong>Data Connectors:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Check%20Point%20CloudGuard%20CNAPP/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p>The <a href=\"https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/Overview/CloudGuard-CSPM-Introduction.htm?cshid=help_center_documentation\">CloudGuard</a> data connector enables the ingestion of security events from the CloudGuard API into Microsoft Sentinel™, using Microsoft Sentinel’s Codeless Connector Platform. The connector supports DCR-based <a href=\"https://docs.microsoft.com/azure/azure-monitor/logs/custom-logs-overview\">ingestion time transformations</a> which parses incoming security event data into custom columns. This pre-parsing process eliminates the need for query-time parsing, resulting in improved performance for data queries</p>\n<p><strong>Data Connectors:</strong> 1</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
         "contentKind": "Solution",
         "contentProductId": "[variables('_solutioncontentProductId')]",
         "id": "[variables('_solutioncontentProductId')]",
@@ -1050,7 +1050,7 @@
         "parentId": "[variables('_solutionId')]",
         "source": {
           "kind": "Solution",
-          "name": "Check Point CloudGuard",
+          "name": "Check Point CloudGuard CNAPP",
           "sourceId": "[variables('_solutionId')]"
         },
         "author": {

diff --git a/...nt CloudGuard/Package/testParameters.json → ...udGuard CNAPP/Package/testParameters.json b/...nt CloudGuard/Package/testParameters.json → ...udGuard CNAPP/Package/testParameters.json
diff --git a/...ns/Check Point CloudGuard/ReleaseNotes.md → ...ck Point CloudGuard CNAPP/ReleaseNotes.md b/...ns/Check Point CloudGuard/ReleaseNotes.md → ...ck Point CloudGuard CNAPP/ReleaseNotes.md
diff --git a/...ck Point CloudGuard/SolutionMetadata.json → ...nt CloudGuard CNAPP/SolutionMetadata.json b/...ck Point CloudGuard/SolutionMetadata.json → ...nt CloudGuard CNAPP/SolutionMetadata.json
diff --git a/Solutions/Check Point CloudGuard/Package/3.0.0.zip b/Solutions/Check Point CloudGuard/Package/3.0.0.zip